doudundian9558
2011-03-20 02:35
浏览 154
已采纳

使用PHP / PECL OAuth扩展通过POST传递参数

I'm fairly new to the concept of OAuth and I'm trying to interact with the new Rdio API. I've managed to figure out the authentication using the PECL OAuth functions, but Rdio requires arguments to be passed in via POST and I can't figure out how that is done. The authentication works: the user is bounced to Rdio's site and asked to approve the application, and they are then returned to the site. After that, though, the request making calls to the API fails.

Here's some info on the Rdio API: http://developer.rdio.com/docs/REST/

Here's the code I have for authentication... the lines in italics are what I believe should make the call to the API requesting the method named "currentUser"

$req_url = 'http://api.rdio.com/oauth/request_token';
$authurl = 'https://www.rdio.com/oauth/authorize';
$acc_url = 'http://api.rdio.com/oauth/access_token';
$callback = 'http://localhost/test.php';
$api_url = 'http://api.rdio.com/1';
$conskey = 'vmu7x6u4rk8vae8dn28h';
$conssec = 'GrY7gF';

session_start();

if(!isset($_GET['oauth_token']) && $_SESSION['state']==1) $_SESSION['state'] = 0;
try {
  $oauth = new OAuth($conskey,$conssec,OAUTH_SIG_METHOD_HMACSHA1,OAUTH_AUTH_TYPE_URI);
  $oauth->enableDebug();
  if(!isset($_GET['oauth_token']) && !$_SESSION['state']) {
    $request_token_info = $oauth->getRequestToken($req_url);
    $_SESSION['secret'] = $request_token_info['oauth_token_secret'];
    $_SESSION['state'] = 1;
    header('Location: '.$authurl.'?oauth_token='.$request_token_info['oauth_token'].'&oauth_callback='.urlencode($callback));
    exit;
  } else if($_SESSION['state']==1) {
    $oauth->setToken($_GET['oauth_token'],$_SESSION['secret']);
    $access_token_info = $oauth->getAccessToken($acc_url);
    $_SESSION['state'] = 2;
    $_SESSION['token'] = $access_token_info['oauth_token'];
    $_SESSION['secret'] = $access_token_info['oauth_token_secret'];
  } 

  $args = "method=currentUser";

  $oauth->setToken($_SESSION['token'],$_SESSION['secret']);
  $oauth->fetch("$api_url", $args);
  $json = json_decode($oauth->getLastResponse());
  print_r($json);

} catch(OAuthException $E) {
  print_r($E);
}

The message I get back:

Warning: OAuth::fetch(http://api.rdio.com/1?oauth_consumer_key=vmu7x6u4rktv468vae8dn28h&oauth_signature_method=HMAC-SHA1&oauth_nonce=12606272174d85622ad26ce8.80381248&oauth_timestamp=1300587050&oauth_version=1.0&oauth_token=238zec5p4rpcpbfd8j36sjggz3jfsssybhxgcn9kvmmrmdxr3t4f2cnspt4dg5xf&oauth_signature=1mZhJ9AUbi0sm6qhNaAntumAckU%3D) [function.OAuth-fetch]: failed to open stream: HTTP request failed! HTTP/1.0 596

The problem is most likely that the arguments (method=currentUser) aren't being passed via POST properly. Does anyone have any idea how to do this using PECL's OAuth extensions?

  • 写回答
  • 好问题 提建议
  • 追加酬金
  • 关注问题
  • 邀请回答

2条回答 默认 最新

  • double2022 2011-06-06 14:06
    最佳回答

    In case anyone comes across this looking for the answer, here is what I found works:

    To perform a POST OAuth signed request, you need to set the OAuth object to send using POST instead of GET by adding this method before the fetch() method:

    $oauth->setAuthType(OAUTH_AUTH_TYPE_FORM); 
    

    Even if you're using the OAUTH_HTTP_METHOD_POST parameter in the fetch() method, the OAuth instance itself needs to have setAuthType(OAUTH_AUTH_TYPE_FORM) called on it first.

    The code for the specific example I was citing is:

        if(!isset($_GET['oauth_token']) && $_SESSION['state']==1) $_SESSION['state'] = 0;
    
    $oauth = new OAuth($rdio_conskey,$rdio_conssec,OAUTH_SIG_METHOD_HMACSHA1,OAUTH_AUTH_TYPE_URI);
    $oauth->enableDebug();
    if(!isset($_GET['oauth_token']) && !$_SESSION['state']) {
      $request_token_info = $oauth->getRequestToken($rdio_req_url);
      $_SESSION['secret'] = $request_token_info['oauth_token_secret'];
      $_SESSION['state'] = 1;
      header('Location: '.$rdio_auth_url.'?oauth_token='.$request_token_info['oauth_token'].'&oauth_callback='.$callbackurl);
      exit;
    } else if($_SESSION['state']==1) {
      $oauth->setToken($_GET['oauth_token'],$_SESSION['secret']);
      $access_token_info = $oauth->getAccessToken($rdio_acc_url);
      $_SESSION['state'] = 2;
      $_SESSION['token'] = $access_token_info['oauth_token'];
      $_SESSION['secret'] = $access_token_info['oauth_token_secret'];
    }   
    
    $oauth = new OAuth($rdio_conskey, $rdio_conssec, OAUTH_SIG_METHOD_HMACSHA1, OAUTH_AUTH_TYPE_URI);
    $oauth->setToken($access_token_info['oauth_token'],$access_token_info['oauth_token_secret']);
    $oauth->setAuthType(OAUTH_AUTH_TYPE_FORM);
    
    $oauth->fetch($rdio_api_url, array("method" => "currentUser", "extras" => "username"), OAUTH_HTTP_METHOD_FORM);
    $json = json_decode($oauth->getLastResponse());    
    
    print_r($json);
    
    评论
    解决 无用
    打赏 举报
查看更多回答(1条)

相关推荐 更多相似问题