OAuth Server And Consumer in PHP

Click to download: OAuth.tar.gz (r33366) 39.5 KB

Click to download: GPL version 2 17.6 KB

Here is the full implementation of OAuth for anyMeta. For now we publish this as a direct export from our svn repository. It includes full server and client code, including database tables for the storage of tokens and consumer keys. It also includes optional request logging and smarty templates. It has been tested with PHP 5.2.

We have successfully tested this implementation against itself (try it on the Mediamatic OAuth Test Server) and Andy's test server and client.

The code is released under the GPL v2.

Files

The repository contains the following files:

`OAuth.mod.php`

This is the anyMeta module. All methods starting with httpRequest_ are controllers for a website.

`templates/`

This directory contains the templates we use. These are Smarty templates and use some tricks provided by anyMeta.

`test/`

Contains a simple test script. It implements (almost) all tests provided on wiki.oauth.net/TestCases

`core/`

This directory contains all classes implementing the support for OAuth. In the file OAuth.mod.php you can see how the classes are used.

`core/OAuthRequest.php`

This is the main class. It wraps either the current request or a request given to the constructor. It provides all basic functionality for calculating the base string, signatures etc.

`core/OAuthStore.php`

The storage module for OAuth. This file needs some work before it is portable to other systems than anyMeta. It makes use of our database functions, though replacing those calls shouldn't be too hard.

`core/OAuthException.php`

The exception class for OAuth. Works together with OAuthRequestLogger to enable debugging of OAuth request from and to the server.

`core/OAuthRequestSigner.php`

Implements methods to sign requests to OAuth servers.

`core/OAuthRequester.php`

Extends the OAuthRequestSigner class to actually do signed requests to OAuth servers and returning the results. Also implements code to request tokens from OAuth servers.

`core/OAuthRequesterLogger.php`

Logs all incoming and outgoing requests in a database table. Facilitates debugging of the requests.

`core/OAuthVerifier.php`

Implements verification of incoming requests.

`core/OAuthServer.php`

Implements support for handling token requests and authorization of request tokens.

Updates

2008-01-29 (r33366)
• Added support for body signing using xoauth_body_signature
• Added interface to make a test request

2007-12-10 (r32730)
• Added debug menu and request logging (optional)

2007-12-06 (r32654)
• Added debug setting to show keys and secrets
• Fixed logon when succesfully verfied signed request

2007-12-03 (r32597)
• OAuthStore Fixed MySQL 4.1.x incompatibility
• OAuthStore Fixed SQL error (missing comma)

Share this page Articles Friday, November 30, 2007