©
This document uses PHP Chinese website manual Release
<?php
$req_url = 'https://fireeagle.yahooapis.com/oauth/request_token' ;
$authurl = 'https://fireeagle.yahoo.net/oauth/authorize' ;
$acc_url = 'https://fireeagle.yahooapis.com/oauth/access_token' ;
$api_url = 'https://fireeagle.yahooapis.com/api/0.1' ;
$conskey = 'your_consumer_key' ;
$conssec = 'your_consumer_secret' ;
session_start ();
// 当 state=1 则下次请求应该包含一个 oauth_token 。
// 如果没有则返回 0
if(!isset( $_GET [ 'oauth_token' ]) && $_SESSION [ 'state' ]== 1 ) $_SESSION [ 'state' ] = 0 ;
try {
$oauth = new OAuth ( $conskey , $conssec , OAUTH_SIG_METHOD_HMACSHA1 , OAUTH_AUTH_TYPE_URI );
$oauth -> enableDebug ();
if(!isset( $_GET [ 'oauth_token' ]) && ! $_SESSION [ 'state' ]) {
$request_token_info = $oauth -> getRequestToken ( $req_url );
$_SESSION [ 'secret' ] = $request_token_info [ 'oauth_token_secret' ];
$_SESSION [ 'state' ] = 1 ;
header ( 'Location: ' . $authurl . '?oauth_token=' . $request_token_info [ 'oauth_token' ]);
exit;
} else if( $_SESSION [ 'state' ]== 1 ) {
$oauth -> setToken ( $_GET [ 'oauth_token' ], $_SESSION [ 'secret' ]);
$access_token_info = $oauth -> getAccessToken ( $acc_url );
$_SESSION [ 'state' ] = 2 ;
$_SESSION [ 'token' ] = $access_token_info [ 'oauth_token' ];
$_SESSION [ 'secret' ] = $access_token_info [ 'oauth_token_secret' ];
}
$oauth -> setToken ( $_SESSION [ 'token' ], $_SESSION [ 'secret' ]);
$oauth -> fetch ( " $api_url /user.json" );
$json = json_decode ( $oauth -> getLastResponse ());
print_r ( $json );
} catch( OAuthException $E ) {
print_r ( $E );
}
?>
[#1] pierre dot mihawk at gmail dot com [2014-06-25 07:09:15]
In the case you're asking an API which gives you a reusable application key, you'll have to use the "verifier" in the getAccessToken() method, but also the "callback" parameter in the getRequestToken().
<?php
$request_token_info = $oauth->getRequestToken($req_url, "<YOU_CALLBACK_URI>");
?>
In my case, once I accepted the form in the Authorize URI, I was redirected to this callback URI with a "oauth_verifier" GET parameter. I injected it into the access token request :
<?php
$access_token_info = $oauth->getAccessToken($acc_url, '', $_GET['oauth_verifier']);
?>
I finally obtained an access token that I hardcoded ; it doesn't need any refresh.
[#2] kayalshri at gmail dot com [2013-04-18 05:28:29]
Please refer the oAuth End Points for Top level service providers http://www.cheatography.com/kayalshri/cheat-sheets/oauth-end-points/
[#3] brianmoreau at uk2 dot net [2013-03-09 00:26:45]
I have just managed to modify this script to work with the Twitter API...
The changes are...
$req_url = 'https://api.twitter.com/oauth/request_token';
$authurl = 'https://api.twitter.com/oauth/authorize';
$acc_url = 'https://api.twitter.com/oauth/access_token';
$api_url = 'https://api.twitter.com/1.1/account';
$conskey = 'YOURAPPconskey';
$conssec = 'YOURAPPconssec';
And change
#$oauth->fetch("$api_url/user.json");
# verify_credentials
# TO
$oauth->fetch("$api_url/verify_credentials.json");