PHP extension—OAuth

1. Overview and installation

This extension provides binding between OAuth consumers and providers. OAuth is an authorization protocol built on HTTP to allow applications to securely access data without storing usernames and passwords.

PECL/oauth requires PHP 5.1 or higher, and ext/hash and ext/pcre.

Optionally requires libcurl if PECL/oauth is selected when building. If using the libcurl configuration, you must build HTTPS support.

Information related to installing this PECL extension can be found in the manual chapter titled Installation of PECL Extensions.

2. Usage examples

<?php
$req_url = &#39;https://fireeagle.yahooapis.com/oauth/request_token&#39;;
$authurl = &#39;https://fireeagle.yahoo.net/oauth/authorize&#39;;
$acc_url = &#39;https://fireeagle.yahooapis.com/oauth/access_token&#39;;
$api_url = &#39;https://fireeagle.yahooapis.com/api/0.1&#39;;
$conskey = &#39;your_consumer_key&#39;;
$conssec = &#39;your_consumer_secret&#39;;
session_start();
//  当 state=1 则下次请求应该包含一个 oauth_token 。
//  如果没有则返回 0
if(!isset($_GET[&#39;oauth_token&#39;]) && $_SESSION[&#39;state&#39;]==1) $_SESSION[&#39;state&#39;] = 0;
try {
    $oauth = new OAuth($conskey,$conssec,OAUTH_SIG_METHOD_HMACSHA1,OAUTH_AUTH_TYPE_URI);
    $oauth->enableDebug();
    if(!isset($_GET[&#39;oauth_token&#39;]) && !$_SESSION[&#39;state&#39;]) {
        $request_token_info = $oauth->getRequestToken($req_url);
        $_SESSION[&#39;secret&#39;] = $request_token_info[&#39;oauth_token_secret&#39;];
        $_SESSION[&#39;state&#39;] = 1;
        header(&#39;Location: &#39;.$authurl.&#39;?oauth_token=&#39;.$request_token_info[&#39;oauth_token&#39;]);
        exit;
    } else if($_SESSION[&#39;state&#39;]==1) {
        $oauth->setToken($_GET[&#39;oauth_token&#39;],$_SESSION[&#39;secret&#39;]);
        $access_token_info = $oauth->getAccessToken($acc_url);
        $_SESSION[&#39;state&#39;] = 2;
        $_SESSION[&#39;token&#39;] = $access_token_info[&#39;oauth_token&#39;];
        $_SESSION[&#39;secret&#39;] = $access_token_info[&#39;oauth_token_secret&#39;];
    }
    $oauth->setToken($_SESSION[&#39;token&#39;],$_SESSION[&#39;secret&#39;]);
    $oauth->fetch("$api_url/user.json");
    $json = json_decode($oauth->getLastResponse());
    print_r($json);
} catch(OAuthException $E) {
    print_r($E);
}
?>

3. Related functions

oauth_get_sbs — Generate a signature character base string

oauth_urlencode — Encode URI into RFC 3986 specification

4. Related classes and their member functions

OAuth class

OAuth::__construct — Create a new OAuth object

OAuth::__destruct — Destructor

OAuth::disableDebug — Turn off detailed debugging

OAuth::disableRedirects — Turn off redirection

OAuth::disableSSLChecks — Turn off SSL checking

OAuth::enableDebug — Enable verbose debugging

OAuth::enableRedirects — Enable redirects

OAuth::enableSSLChecks — Enable SSL checks

OAuth::fetch — Get an OAuth protected resource

OAuth::generateSignature — Generate a signature

OAuth::getAccessToken — Get an access token

OAuth::getCAPath — Get CA information

OAuth::getLastResponse — Get the last response

OAuth::getLastResponseHeaders — Get the last response Header information

OAuth::getLastResponseInfo — Get HTTP information about the last response

OAuth::getRequestHeader — Generate an OAuth header string signature

OAuth::getRequestToken — Get a request token

OAuth::setAuthType — Set the authorization type

OAuth::setCAPath — Set the CA path and information

OAuth::setNonce — Set the nonce flag for subsequent requests

OAuth::setRequestEngine — Set the target request engine

OAuth::setRSACertificate — Set the RSA certificate

OAuth::setSSLChecks — Adjust specific SSL request checks

OAuth::setTimestamp — Set timestamps

OAuth::setToken — Set tokens and secrets

OAuth::setVersion — Set OAuth version

OAuthProvider class

OAuthProvider::addRequiredParameter — Add required parameters

OAuthProvider::callconsumerHandler — Call consumerNonceHandler callback function

OAuthProvider::callTimestampNonceHandler — Call timestampNonceHandler callback function

OAuthProvider::calltokenHandler — Call tokenNonce Handler callback function

OAuthProvider::checkOAuthRequest — check An oauth request

OAuthProvider::__construct — Create a new OAuthProvider object

OAuthProvider::consumerHandler — Set the consumerHandler handle callback function

OAuthProvider::generateToken — Generate a random token

OAuthProvider::is2LeggedEndpoint — LeggedEndpoint

OAuthProvider: :isRequestTokenEndpoint — Set isRequestTokenEndpoint

OAuthProvider::removeRequiredParameter — Remove a required parameter

OAuthProvider::reportProblem — Report a problem

OAuthProvider::setParam — Set a parameter

OAuthProvider::setRequestTokenPath — Set Request token path

OAuthProvider::timestampNonceHandler — Set timestampNonceHandler handle callback function

OAuthProvider::tokenHandler — Set tokenHandler handle callback function

OAuthException class

OAuthException — OAuthException class