我正在尝试学习和使用PHP定义的here的OAuth实现。我没有使用某种类型的库,只是纯粹的OAuth实现,因为我正在努力学习它。然而,正如我试图做的那样基本上,我似乎无法获得匹配的签名。
在消费者方面,我有:
<?php
$consumer_key = '1234';
$consumer_secret = '1234';
$url = 'http://localhost/oauth/provider/request';
try {
$oauth = new OAuth($consumer_key, $consumer_secret);
$signature = $oauth->generateSignature('POST', $url);
$request_token = $oauth->getRequestToken($url);
var_dump($signature);
print_r($request_token);
} catch (OAuthException $E) {
var_dump($E);
}
在提供者方面,我有:
<?php
function call(){
return OAUTH_OK;
}
$OAuthProvider = NULL;
try{
$OAuthProvider = new OAuthProvider();
$OAuthProvider->consumerHandler('call');
$OAuthProvider->timestampNonceHandler('call');
$OAuthProvider->tokenHandler('call');
$OAuthProvider->isRequestTokenEndpoint(true);
$OAuthProvider->checkOAuthRequest();
}
catch(Exception $ex){
echo $OAuthProvider->signature;
}
非常简单吧?然后,我得到的捕获异常的错误消息是“Signatures_do_not_match”。我检查过,实际上签名不匹配。以下是输出的示例:
Consumer: 8cePFQFqJbL3hY6OjZe6kw63irc=
Provider: 2SPGA0GcC7GLLR1Jte53xz_bWOY
有什么想法吗?
答案 0 :(得分:0)
傻傻的我,我没有正确阅读回调函数的规范。有效的实现是:
消费者:
<?php
$consumer_key = '1234';
$consumer_secret = '1234';
$url = 'http://localhost/oauth/provider/request';
try {
$oauth = new OAuth($consumer_key, $consumer_secret);
$signature = $oauth->generateSignature('POST', $url);
$request_token = $oauth->getRequestToken($url);
} catch (Exception $ex) {
var_dump($ex);
}
提供者:
<?php
$OAuthProvider = NULL;
function consumerHandler(){
return OAUTH_OK;
}
function timestampNonceHandler(){
global $OAuthProvider;
/**
* Here is supposed to be a function to check if
* the consumer secret is legit, and is then used to check if the signatures match.
*/
$OAuthProvider->consumer_secret = '1234';
return OAUTH_OK;
}
try{
$OAuthProvider = new OAuthProvider();
$OAuthProvider->consumerHandler('consumerHandler');
$OAuthProvider->timestampNonceHandler('timestampNonceHandler');
$OAuthProvider->isRequestTokenEndpoint(true);
$OAuthProvider->checkOAuthRequest();
}
catch(Exception $ex){
var_dump($ex);
}
希望这可以帮助那些想要像我一样了解OAuth的人。