dongyuan1870 2011-07-05 11:57
浏览 111
已采纳

如何用PHP读取OAuth请求参数?

I'm trying to connect an iPhone app to a PHP API using 2-legged OAuth as the Authentication mechanism. I'm using the PHP and Objective-C 2.0 libraries from http://code.google.com/p/oauth/ . The problem is that when I'm trying to issue a GET request with Objective-C, it doesn't include the OAuth parameters in the request URI, like the PHP library does when issuing an OAuth GET request:

http://www.mysite.com/oauth/index.php?oauth_consumer_key=key&oauth_nonce=XXXXXXXX&oauth_signature=XXXXXXXXXXX%3D&oauth_signature_method=HMAC-SHA1&oauth_timestamp=1309863754&oauth_version=1.0

Instead it puts the OAuth parameters in an Authorization header:

Authorization: OAuth realm="", oauth_consumer_key="XXXXX", oauth_token="XXXX-XXXX",
oauth_signature_method="HMAC-SHA1", oauth_signature="XXXXXXXX", 
oauth_timestamp="1309863855", oauth_nonce="XXXX-XXX-XX-XX-XXXXXXX", oauth_version="1.0"

I suppose that both ways are equally valid for the OAuth specs, right?

What's the best way I can read the Authorization header with PHP?

  • 写回答

1条回答 默认 最新

  • doumu4032 2011-07-05 12:34
    关注

    I suppose that both ways are equally valid for the OAuth specs, right?

    Yes, right.

    What's the best way I can read the Authorization header with PHP?

    Request headers in PHP are stored in the $_SERVER superglobal array, each header as an entry of it's own: $_SERVER['HTTP_AUTHORIZATION'] most probably in your case, just do

    var_dump($_SERVER);

    and look for the info. Detailed information how PHP deals with the HTTP request.

    Authorization header missing in PHP

    Unfortunately the Authorization header is filtered by PHP(?), so it's not part of $_SERVER.

    Workaround: apache_request_headers()

    When using PHP as an Apache module, a workaround is to use the apache_request_headers() function to retrieve all request headers.

    Workaround: mod_rewrite

    For F/CGI a workaround is to set the Authorization header with Mod_Rewrite into a environment variable that mimics PHP's scheme converting HTTP request headers:

    RewriteEngine on
RewriteCond %{HTTP:Authorization} ^(.*)$ [NC]
RewriteRule .* - [E=HTTP_AUTHORIZATION:%1]

    The mod_rewrite solution should work for PHP running with mod_php as well. Hat tip Jon Nylander.

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论

报告相同问题?

悬赏问题

  • ¥15 程序不包含适用于入口点的静态Main方法
  • ¥15 素材场景中光线烘焙后灯光失效
  • ¥15 请教一下各位,为什么我这个没有实现模拟点击
  • ¥15 执行 virtuoso 命令后,界面没有,cadence 启动不起来
  • ¥50 comfyui下连接animatediff节点生成视频质量非常差的原因
  • ¥20 有关区间dp的问题求解
  • ¥15 多电路系统共用电源的串扰问题
  • ¥15 slam rangenet++配置
  • ¥15 有没有研究水声通信方面的帮我改俩matlab代码
  • ¥15 ubuntu子系统密码忘记