Twitter Oauth Lib.... another once

Question

firstly I know there are plenty of oauth libs out there, and I have thought about using them, but decidede not to, so I am writing my own just for the heck of it. I am having an issue with signing the request though... some help?

function signRequest($secret, $baseUrl){
    return base64_encode(hash_hmac('sha1', $baseUrl, $secret, TRUE));
}

function getRequestToken(){
    $urlParams = array(
        "oauth_consumer_key"=>$this->consumer_key,
        "oauth_signature_method"=>$this->oauth_signature_method,
        "oauth_timestamp"=>time(),
        "oauth_nonce"=>time(),
        "oauth_version"=>$this->oauth_version
    );
    uksort($urlParams, 'strcmp');

    foreach($urlParams as $k=>$v){
        $joinedParams[] = $k."=".$v;
    }
    $joinedParams = implode("&", $joinedParams);


    $baseString = "POST&".rawurlencode($this->request_token_url)."&".rawurlencode($joinedParams);
    $secret = $this->consumer_secret."&";

    $urlParams['oauth_signature'] = $this->signRequest($secret, $baseUrl);
    uksort($urlParams, 'strcmp');
    foreach($urlParams as $k => $v){
        $urlPairs[] = $k."=".$v;
    }
    $concatenatedUrlParams = implode('&', $urlPairs);
    $url = $this->request_token_url."?".$concatenatedUrlParams;
    echo $url;

}

I am new to the whole signing of request thing. I was able to connect to the twitter api using the following link though. Mine is essentially a rewritten cody of the following answer...

another twitter oAuth cURL access token request that fails

emrahgunduz · Accepted Answer

It seems like you are trying to force your oauth parameters like a token.

You need to build an "Authorization" header, and send it to twitter for a request token. I've destroyed your code's class functionality, but as a single php file, it works fine.

Check out the differences, and try to embed them into your own class.

Here is the code:

 "5P7F5qtIUujg3KtLxxxxxx", //$this->consumer_key,
        "oauth_signature_method" => "HMAC-SHA1", //$this->oauth_signature_method,
        "oauth_timestamp" => time(),
        "oauth_nonce" => md5 ( uniqid ( rand(), true ) ), // don't use time for nonce :)
        "oauth_version" => "1.0" //$this->oauth_version
    );
    ksort ( $urlParams ); // don't need uksort, ksort is enough


    foreach ( $urlParams as $k => $v ) {
        $joinedParams [] = $k . "=" . $v;
    }
    $joinedParams = implode ( "&", $joinedParams );

    $baseString = "GET&" . rawurlencode ( "https://api.twitter.com/oauth/request_token" ) . "&" . rawurlencode ( $joinedParams );
    $secret = rawurlencode ( "3q017y6ir8Rxxxxxxx" ) . "&"; //$this->consumer_secret."&";

    // We need to use the $baseString, not an url
    $urlParams ['oauth_signature'] = rawurlencode ( signRequest ( $secret, $baseString ) );

    // Another ksort is not needed, it is ok for signature to be at the end, however:
    ksort($urlParams);

    // We need to build an array of headers for CURL
    $urlParts = parse_url ( "https://api.twitter.com/oauth/request_token" );
    $header = array ('Expect:' );
    $oauthHeader = 'Authorization: OAuth realm="' . $urlParts ['path'] . '", ';
    foreach ( $urlParams as $name => $value ) {
        $oauthHeader .= "{$name}=\"{$value}\", ";
    }
    $header [] = substr ( $oauthHeader, 0, - 2 );

    // Ask Twitter for a request token
    $ch = curl_init ( "https://api.twitter.com/oauth/request_token" );
    curl_setopt ( $ch, CURLOPT_HTTPHEADER, $header );
    curl_setopt ( $ch, CURLOPT_RETURNTRANSFER, true );
    curl_setopt ( $ch, CURLOPT_SSL_VERIFYHOST, false );
    curl_setopt ( $ch, CURLOPT_SSL_VERIFYPEER, false );
    $content = curl_exec ( $ch );
    curl_close ( $ch );

    // Create the url from the curl answer
    parse_str($content, $output);
    $url = "https://api.twitter.com/oauth/authorize?oauth_token=" . $output["oauth_token"];
    echo $url ;

}

Twitter Oauth Lib.... another once

Answers (1)

Related Questions