Using OAuth you can send authorized requests to web services. This class implements some of these authorization rules.
Also see the OAuth rfc: 1.0: (http://tools.ietf.org/html/rfc5849).
Example (using bogus values):
$oAuth = new OAuth( "xvz1evFS4wEEPTGEFPHBog", //< consumer key "kAcSOqF21Fu85e7zjz7ZN2U4ZRhfV3WpwPAoE3Z7kBw", //< consumer secret "370773112-GmHxMAgYyLbNEtIKZeRNFsMKPR9EyMZeS9weJAEb", //< access token "LswwdoUaIvS8ltyTt5jkRh4J50vUPVVHtR2YPi5kE" //< access token secret );
// Get the data to use for an authorized request. $oAuthData = $oAuth->getAuthorizationData($requestMethod, "https://api.twitter.com/1.1/statuses/user_timeline.json?count=2");
// This is the autorization header to use in your request: echo $oAuthData->authorisationHeader;
Defined in: Utilities/OAuth.php.
| Attr. | Name / Description |
|---|---|
| public |
OAuth($consumerKey, $consumerSecret, $token, $tokenSecret) Construct an OAuth object: an object that is able to do authenticated requests. |
| Attr. | Type | Name | Description |
|---|---|---|---|
| private | string | $consumerKey | The identifier portion of the client credentials (equivalent to a username). |
| private | string | $consumerSecret | The client shared-secret, after being encoded |
| private | string | $token | The token value used to associate the request with the resource owner. |
| private | string | $tokenSecret | The token shared-secret, after being encoded |
| private | string | $version | The OAuth version (currently we're only supporting 1.0); |
| Attr. | Type | Name / Description |
|---|---|---|
| private |
authorisationHeader($requestMethod, $baseUrl, $param) Get the authorization request data for an OAuth reqeuest. |
|
| private | string |
encode($toEncode) Return a percent encoded string. |
| private | string |
encodeKeyValuePairs($toEncode, $glue, $glue) Percent encode an array of key/value pairs. |
| public | object |
getAuthorizationData($requestMethod, $url, $param) Get the data for an OAuth 1.0 authorized request. |
| private | string |
nonce() A nonce is a random string, uniquely generated by the client to allow the server to verify that a request has never been made before and helps prevent replay attacks when requests are made over a non-secure channel. |
| private | string |
normalizeParam($oauthParam, $param) Normalize the collected parameters into a single string. |
| private | string |
sign($requestMethod, $baseUrl, $oauthParam, $requestParam) Create the OAuth signature for a request. |
| private | string |
signatureBaseString($requestMethod, $baseUrl, $oauthParam, $oauthParam) The signature base string is a consistent, reproducible concatenation of several of the HTTP request elements into a single string. |
Constructor
- public OAuth(string $consumerKey, string $consumerSecret, string $token, string $tokenSecret)
-
Construct an OAuth object: an object that is able to do authenticated requests.
Parameters:
Type Name Def. Description string $consumerKey The identifier portion of the client credentials (equivalent to a username).
string $consumerSecret The client shared-secret.
string $token The token value used to associate the request with the resource owner.
string $tokenSecret The token shared-secret.
View source: Utilities/OAuth.php line 108.
Members
- private string $consumerKey
-
The identifier portion of the client credentials (equivalent to a username).
The parameter name reflects a deprecated term (Consumer Key) used in previous revisions of the specification, and has been retained to maintain backward compatibility.
Inital value: null
View source: Utilities/OAuth.php line 75.
- private string $consumerSecret
-
The client shared-secret, after being encoded
Inital value: null
View source: Utilities/OAuth.php line 81.
- private string $token
-
The token value used to associate the request with the resource owner.
If the request is not associated with a resource owner (no token available), clients MAY omit the parameter.
Inital value: null
View source: Utilities/OAuth.php line 90.
- private string $tokenSecret
-
The token shared-secret, after being encoded
Inital value: null
View source: Utilities/OAuth.php line 96.
- private string $version
-
The OAuth version (currently we're only supporting 1.0);
Inital value: "1.0"
View source: Utilities/OAuth.php line 65.
Methods
- private authorisationHeader(string $requestMethod, string $baseUrl, string[] $param)
-
Get the authorization request data for an OAuth reqeuest.
Parameters:
Type Name Def. Description string $requestMethod The HTTP request method to use in the request.
string $baseUrl The base URL of the Twitter API request (= the request URL including the protocol, host and path but excluding the parameters).
string[] $param An array of request parameter key/value pairs.
View source: Utilities/OAuth.php line 227.
- private string encode(string $toEncode)
-
Return a percent encoded string.
Parameters:
Type Name Def. Description string $toEncode The data to percent encode.
Returns:
string Return a percent encoded string.
View source: Utilities/OAuth.php line 136.
- private string encodeKeyValuePairs(array $toEncode, string[] $glue, string[] $glue="")
-
Percent encode an array of key/value pairs.
The method allow for different glues to glue the encoded sets of key/value pairs together (apmerand and comma for example). It is also possible to supply a quotation mark for the values in the result string.
Parameters:
Type Name Def. Description array $toEncode An array with key/value pairs.
string[] $glue The glue to bind the key/value pairs.
$quote $quote "" Returns:
string Percent encode an array of key/value pairs.
View source: Utilities/OAuth.php line 152.
- public object getAuthorizationData(string $requestMethod, string $url, array $param=array())
-
Get the data for an OAuth 1.0 authorized request.
Parameters:
Type Name Def. Description string $requestMethod The HTTP request method to use in this request (GET or POST).
string $url The URL for the request. Request parameters can be included in the URL. Note: this is an unescaped URL: ampersands should be "&" (not "&") and spaces should be " " (not "%20" or "+"), and this is not limited to ampersands and spaces.
array $param array() Optional extra request parameters given as a set of name/value pairs. These parameters will get preceedence when name conflicts occur with parameters given in the $url parameter itself.
Returns:
object Get the data for an OAuth 1.0 authorized request.
View source: Utilities/OAuth.php line 264.
- private string nonce()
-
A nonce is a random string, uniquely generated by the client to allow the server to verify that a request has never been made before and helps prevent replay attacks when requests are made over a non-secure channel.
The nonce value MUST be unique across all requests with the same timestamp, client credentials, and token combinations.
Returns:
string A nonce is a random string, uniquely generated by the client to allow the server to verify that a request has never been made before and helps prevent replay attacks when requests are made over a non-secure channel.
View source: Utilities/OAuth.php line 125.
- private string normalizeParam(string[] $oauthParam, string[] $param)
-
Normalize the collected parameters into a single string.
Parameters:
Type Name Def. Description string[] $oauthParam An array of OAuth key/value pairs.
string[] $param An array of request parameter key/value pairs.
Returns:
string Normalize the collected parameters into a single string.
View source: Utilities/OAuth.php line 168.
- private string sign(string $requestMethod, string $baseUrl, string[] $oauthParam, string[] $requestParam)
-
Create the OAuth signature for a request.
Parameters:
Type Name Def. Description string $requestMethod The HTTP request method to use in this Twitter API request.
string $baseUrl The base URL of the Twitter API request (= the request URL including the protocol, host and path but excluding the parameters).
string[] $oauthParam An array of OAuth key/value pairs.
string[] $requestParam An array of request parameter key/value pairs.
Returns:
string Create the OAuth signature for a request.
View source: Utilities/OAuth.php line 208.
- private string signatureBaseString(string $requestMethod, string $baseUrl, string[] $oauthParam, string[] $oauthParam)
-
The signature base string is a consistent, reproducible concatenation of several of the HTTP request elements into a single string.
The string is used as an input to the "HMAC-SHA1" and "RSA-SHA1" signature methods.
Parameters:
Type Name Def. Description string $requestMethod The HTTP request method to use in the request.
string $baseUrl The base URL of the request (= the request URL including the protocol, host and path but excluding the parameters).
string[] $oauthParam An array of OAuth key/value pairs.
$requestParam $requestParam Returns:
string The signature base string is a consistent, reproducible concatenation of several of the HTTP request elements into a single string.
View source: Utilities/OAuth.php line 188.
Documentation generated by phpDocumentor 2.0.0a12 and ScrivoDocumentor on August 29, 2013
