< WhatWebWhat Search >

Here is the full implementation of OAuth for anyMeta. For now we publish this as a direct export from our svn repository. It includes full server and client code, including database tables for the storage of tokens and consumer keys. It also includes optional request logging and smarty templates. It has been tested with PHP 5.2.

We have successfully tested this implementation against itself (try it on the Mediamatic OAuth Test Server) and Andy's test server and client.

The code is released under the GPL v2.


The repository contains the following files:


This is the anyMeta module. All methods starting with httpRequest_ are controllers for a website.


This directory contains the templates we use. These are Smarty templates and use some tricks provided by anyMeta.


Contains a simple test script. It implements (almost) all tests provided on wiki.oauth.net/TestCases


This directory contains all classes implementing the support for OAuth. In the file OAuth.mod.php you can see how the classes are used.


This is the main class. It wraps either the current request or a request given to the constructor. It provides all basic functionality for calculating the base string, signatures etc.


The storage module for OAuth. This file needs some work before it is portable to other systems than anyMeta. It makes use of our database functions, though replacing those calls shouldn't be too hard.


The exception class for OAuth. Works together with OAuthRequestLogger to enable debugging of OAuth request from and to the server.


Implements methods to sign requests to OAuth servers.


Extends the OAuthRequestSigner class to actually do signed requests to OAuth servers and returning the results. Also implements code to request tokens from OAuth servers.


Logs all incoming and outgoing requests in a database table. Facilitates debugging of the requests.


Implements verification of incoming requests.


Implements support for handling token requests and authorization of request tokens.


2008-01-29 (r33366)
• Added support for body signing using xoauth_body_signature
• Added interface to make a test request

2007-12-10 (r32730)
• Added debug menu and request logging (optional)

2007-12-06 (r32654)
• Added debug setting to show keys and secrets
• Fixed logon when succesfully verfied signed request

2007-12-03 (r32597)
OAuthStore Fixed MySQL 4.1.x incompatibility
OAuthStore Fixed SQL error (missing comma)

Articles Friday, November 30, 2007