Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- /*
- A lot of this code was modified from Jason Graves' tutorial at:
- http://collaboradev.com/2011/04/01/twitter-oauth-php-tutorial/
- A really good spec sheet for OAuth 1.0a is at:
- http://oauth.net/core/1.0a/
- This file needs to be named ravelry.php (or whatever the filename is specified in oauth_callback) so that the call back URL will send it back here
- Replace 3 things:
- 1) $consumerKey
- 2) $consumerSecret
- 3) oauth_callback
- The flow of OAuth 1.0a for Ravelry is as follows:
- 1) Send a CURL request to:
- https://www.ravelry.com/oauth/request_token
- and get back a request token:
- oauth_token=XXXXX&oauth_token_secret=XXXXX&oauth_callback_confirmed=true
- 2) Do an automatic redirect to:
- https://www.ravelry.com/oauth/authorize?oauth_token={oauth_token that you just got back from request_token above}
- 3) User will now be asked by Ravelry if they authorize your application
- 4) If user approves the access, then Ravelry will direct user back to the URL specified in oauth_callback from step 1
- 5) User will now be back at page specified at oauth_callback and will be provided with the following:
- [username] => XXXX
- [oauth_token] => XXXX
- [oauth_verifier] => XXXX
- 6) Send a CURL request to:
- https://www.ravelry.com/oauth/access_token
- and get back your access token:
- oauth_token=XXXX&oauth_token_secret=XXXX
- */
- session_start();
- $consumerKey = RAVELRY_API_ACCESS_KEY;
- $consumerSecret = RAVELRY_API_SECRET_KEY;
- /**
- * Method for creating a base string from an array and base URI.
- * @param string $baseURI the URI of the request to twitter
- * @param array $params the OAuth associative array
- * @return string the encoded base string
- **/
- function buildBaseString($baseURI, $params){
- $r = array(); //temporary array
- ksort($params); //sort params alphabetically by keys
- foreach($params as $key=>$value){
- $r[] = "$key=" . rawurlencode($value); //create key=value strings
- }//end foreach
- return "POST&" . rawurlencode($baseURI) . '&' . rawurlencode(implode('&', $r)); //return complete base string
- }//end buildBaseString()
- /**
- * Method for creating the composite key.
- * @param string $consumerSecret the consumer secret authorized by Twitter
- * @param string $requestToken the request token from Twitter
- * @return string the composite key.
- **/
- function getCompositeKey($consumerSecret, $requestToken){
- return rawurlencode($consumerSecret) . '&' . rawurlencode($requestToken);
- }//end getCompositeKey()
- /**
- * Method for building the OAuth header.
- * @param array $oauth the oauth array.
- * @return string the authorization header.
- **/
- function buildAuthorizationHeader($oauth){
- $r = 'Authorization: OAuth '; //header prefix
- $values = array(); //temporary key=value array
- foreach($oauth as $key=>$value)
- $values[] = "$key=\"" . rawurlencode($value) . "\""; //encode key=value string
- $r .= implode(', ', $values); //reassemble
- return $r; //return full authorization header
- }//end buildAuthorizationHeader()
- /**
- * Method for sending a request to Twitter.
- * @param array $oauth the oauth array
- * @param string $baseURI the request URI
- * @return string the response from Twitter
- **/
- function sendRequest($oauth, $baseURI){
- $header = array( buildAuthorizationHeader($oauth), 'Expect:'); //create header array and add 'Expect:'
- $options = array(CURLOPT_HTTPHEADER => $header, //use our authorization and expect header
- CURLOPT_HEADER => false, //don't retrieve the header back from Twitter
- CURLOPT_URL => $baseURI, //the URI we're sending the request to
- CURLOPT_POST => true, //this is going to be a POST - required
- CURLOPT_POSTFIELDS => "", // this is the change
- CURLOPT_RETURNTRANSFER => true, //return content as a string, don't echo out directly
- CURLOPT_SSL_VERIFYPEER => false); //don't verify SSL certificate, just do it
- $ch = curl_init(); //get a channel
- curl_setopt_array($ch, $options); //set options
- $response = curl_exec($ch); //make the call
- curl_close($ch); //hang up
- return $response;
- }//end sendRequest()
- //test if this page is being loaded from the callback after authorization
- if ( isset($_GET['oauth_verifier']) && isset($_GET['oauth_token']) ) {
- //get access token
- $baseURI = 'https://www.ravelry.com/oauth/access_token';
- $nonce = time();
- $timestamp = time();
- $oauth = array('oauth_consumer_key' => $consumerKey,
- 'oauth_token' => $_SESSION['oauth_token_request'],
- 'oauth_signature_method' => 'HMAC-SHA1',
- 'oauth_timestamp' => $timestamp,
- 'oauth_nonce' => $nonce,
- 'oauth_version' => '1.0',
- 'oauth_verifier' => $_GET['oauth_verifier']);
- $baseString = buildBaseString($baseURI, $oauth); //build the base string
- $compositeKey = getCompositeKey($consumerSecret, $_SESSION['oauth_token_secret_request']); //first request, no request token yet
- $oauth_signature = base64_encode(hash_hmac('sha1', $baseString, $compositeKey, true)); //sign the base string
- $oauth['oauth_signature'] = $oauth_signature; //add the signature to our oauth array
- $response = sendRequest($oauth, $baseURI); //make the call
- echo $response;
- print_r($response);
- }
- else {
- //get request token
- $baseURI = 'https://www.ravelry.com/oauth/request_token';
- $nonce = time();
- $timestamp = time();
- $oauth = array('oauth_callback' => 'http://YOURDOMAIN.com/oauth/ravelry.php',
- 'oauth_consumer_key' => $consumerKey,
- 'oauth_nonce' => $nonce,
- 'oauth_signature_method' => 'HMAC-SHA1',
- 'oauth_timestamp' => $timestamp,
- 'oauth_version' => '1.0');
- $baseString = buildBaseString($baseURI, $oauth); //build the base string
- $compositeKey = getCompositeKey($consumerSecret, null); //first request, no request token yet
- $oauth_signature = base64_encode(hash_hmac('sha1', $baseString, $compositeKey, true)); //sign the base string
- $oauth['oauth_signature'] = $oauth_signature; //add the signature to our oauth array
- $response = sendRequest($oauth, $baseURI); //make the call
- //parse response into associative array
- $responseArray = array();
- $parts = explode('&', $response);
- foreach($parts as $p){
- $p = explode('=', $p);
- $responseArray[$p[0]] = $p[1];
- }//end foreach
- //get oauth_token from response
- $oauth_token = $responseArray['oauth_token'];
- $_SESSION['oauth_token_request'] = $responseArray['oauth_token'];
- $_SESSION['oauth_token_secret_request'] = $responseArray['oauth_token_secret'];
- //redirect for authorization
- header("Location: https://www.ravelry.com/oauth/authorize?oauth_token=$oauth_token");
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement