dongyuan1870 2011-07-05 11:57
浏览 111
已采纳

如何用PHP读取OAuth请求参数?

I'm trying to connect an iPhone app to a PHP API using 2-legged OAuth as the Authentication mechanism. I'm using the PHP and Objective-C 2.0 libraries from http://code.google.com/p/oauth/ . The problem is that when I'm trying to issue a GET request with Objective-C, it doesn't include the OAuth parameters in the request URI, like the PHP library does when issuing an OAuth GET request:

http://www.mysite.com/oauth/index.php?oauth_consumer_key=key&oauth_nonce=XXXXXXXX&oauth_signature=XXXXXXXXXXX%3D&oauth_signature_method=HMAC-SHA1&oauth_timestamp=1309863754&oauth_version=1.0

Instead it puts the OAuth parameters in an Authorization header:

Authorization: OAuth realm="", oauth_consumer_key="XXXXX", oauth_token="XXXX-XXXX",
oauth_signature_method="HMAC-SHA1", oauth_signature="XXXXXXXX", 
oauth_timestamp="1309863855", oauth_nonce="XXXX-XXX-XX-XX-XXXXXXX", oauth_version="1.0"

I suppose that both ways are equally valid for the OAuth specs, right?

What's the best way I can read the Authorization header with PHP?

  • 写回答

1条回答 默认 最新

  • doumu4032 2011-07-05 12:34
    关注

    I suppose that both ways are equally valid for the OAuth specs, right?

    Yes, right.

    What's the best way I can read the Authorization header with PHP?

    Request headers in PHP are stored in the $_SERVER superglobal array, each header as an entry of it's own: $_SERVER['HTTP_AUTHORIZATION'] most probably in your case, just do

    var_dump($_SERVER);

    and look for the info. Detailed information how PHP deals with the HTTP request.

    Authorization header missing in PHP

    Unfortunately the Authorization header is filtered by PHP(?), so it's not part of $_SERVER.

    Workaround: apache_request_headers()

    When using PHP as an Apache module, a workaround is to use the apache_request_headers() function to retrieve all request headers.

    Workaround: mod_rewrite

    For F/CGI a workaround is to set the Authorization header with Mod_Rewrite into a environment variable that mimics PHP's scheme converting HTTP request headers:

    RewriteEngine on
RewriteCond %{HTTP:Authorization} ^(.*)$ [NC]
RewriteRule .* - [E=HTTP_AUTHORIZATION:%1]

    The mod_rewrite solution should work for PHP running with mod_php as well. Hat tip Jon Nylander.

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论

报告相同问题?

悬赏问题

  • ¥15 乌班图ip地址配置及远程SSH
  • ¥15 怎么让点阵屏显示静态爱心,用keiluVision5写出让点阵屏显示静态爱心的代码,越快越好
  • ¥15 PSPICE制作一个加法器
  • ¥15 javaweb项目无法正常跳转
  • ¥15 VMBox虚拟机无法访问
  • ¥15 skd显示找不到头文件
  • ¥15 机器视觉中图片中长度与真实长度的关系
  • ¥15 fastreport table 怎么只让每页的最下面和最顶部有横线
  • ¥15 java 的protected权限 ,问题在注释里
  • ¥15 这个是哪里有问题啊?