This is some code I use to debug oauth issues.
Note: there is a bug somewhere in this that results in an invalid signature. Please let me know if you spot it.
Usage:
- Upload this file to your server
- Get a key/secret from your oauth data provider. The code currently has Yahoo! hardcoded as the provider, so just change the endpoints to use another one.
<?php // a php script that uses the standard oauth lib (via yos sdk) to do the oauth dance
// error_reporting(E_ALL);
require '../yosdk/yahoo-yos-social-php5-86eef28/lib/OAuth/OAuth.php';
// we've got a stored access token
if ( $_COOKIE['serialized_access_token'] ) {
$access_token = json_decode( stripslashes( $_COOKIE['serialized_access_token'] ) );
printf('<pre>%s</pre>', print_r($access_token, true));
// we're on the callback
} elseif ( $_COOKIE['serialized_request_token'] && $_GET['oauth_verifier'] ) {
//debug - sanity check to see if input is passed correctly
// echo $_GET['oauth_verifier'].$_COOKIE['callback'];die;
$consumer = new OAuthConsumer($_COOKIE['key'], $_COOKIE['secret']);
$parameters = array('oauth_verifier' => $_GET['oauth_verifier'], 'oauth_callback' => $_COOKIE['callback']);
$request_token = json_decode( stripslashes( $_COOKIE['serialized_request_token'] ) );
//debug - make sure the request token decoded properly
// var_dump($request_token); die;
//kludge
$request_token->key = $_GET['oauth_token'];
$request = OAuthRequest::from_consumer_and_token(
$consumer, $request_token, 'GET', 'https://api.login.yahoo.com/oauth/v2/get_token', $parameters);
//debug - see params: useful for debugging empty variable issues
// var_dump($request); die;
$request->sign_request(new OAuthSignatureMethod_HMAC_SHA1(), $consumer, $request_token);
//debug - see base string: useful for debugging encoding issues
var_dump($request); die;
//debug - see url: useful for sanity checking actual request to server
// echo $request->to_url(); die;
$curl = curl_init($request->to_url());
curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
curl_setopt($curl, CURLOPT_HEADER, true);
$response = curl_exec($curl);
//debug - see raw response, incl headers, which can contain additional info
// var_dump($response); die;
curl_close($curl);
parse_str($response, $access_token);
//debug - see parsed data: useful for debugging parsing bugs
// var_dump($token); die;
// clear req token
setcookie('serialized_request_token', '', time()-3600);
// cache access token
setcookie('serialized_access_token', json_encode( $access_token ) );
printf('<pre>%s</pre>', print_r($access_token, true));
exit;
// we just submitted the form
} elseif( $_GET['submit'] ){
$consumer = new OAuthConsumer($_GET['key'], $_GET['secret']);
$parameters = array('oauth_callback' => $_GET['callback']);
$request = OAuthRequest::from_consumer_and_token($consumer, null, 'GET', 'https://api.login.yahoo.com/oauth/v2/get_request_token', $parameters);
$request->sign_request(new OAuthSignatureMethod_HMAC_SHA1(), $consumer, null);
//debug - see base string: useful for debugging encoding issues
// var_dump($request); die;
//debug - see url: useful for sanity checking actual request to server
// echo $request->to_url(); die;
$curl = curl_init($request->to_url());
curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
$response = curl_exec($curl);
curl_close($curl);
//debug - see raw response, incl headers, which can contain additional info
// var_dump($response); die;
parse_str($response, $token);
//debug - see parsed data: useful for debugging parsing bugs
// var_dump($token); die;
// cache params & token for 2nd step
setcookie('key', $_GET['key'] );
setcookie('secret', $_GET['secret'] );
setcookie('callback', $_GET['callback'] );
setcookie('serialized_request_token', json_encode($token));
$params = array('oauth_token'=>$token['oauth_token']);
header("Location: https://api.login.yahoo.com/oauth/v2/request_auth?".http_build_query($params));
exit;
}
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN"
"http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<link rel="stylesheet" type="text/css" href="http://yui.yahooapis.com/2.8.1/build/reset-fonts-grids/reset-fonts-grids.css">
<style>
body {
padding: 20px;
}
button {
float: left;
background-color: #fff;
padding: 1ex;
margin: 2ex 0;
}
label {
display: block;
text-align: left;
width: 10em;
}
input {
float: left;
width: 64em;
padding: 1ex;
margin: 2ex 0;
}
#submit {
width: 7em;
}
</style>
</head>
<body>
<form>
<div>
<label>Consumer key:</label><input name="key" value="">
<div style="clear:both"/>
</div>
<div>
<label>Consumer secret:</label><input name="secret" value="">
<div style="clear:both"/>
</div>
<div>
<label>Callback URL:</label><input name="callback" value="">
<div style="clear:both"/>
</div>
<input value="Authorize" name="submit" type="submit" id="submit">
</form>
</body>
</html>
Like this:
Like Loading...
Related
A software engineering toolkit 🛠 