From 6852995d9537d40430eadb67d42b422af4f382d6 Mon Sep 17 00:00:00 2001 From: Dean Sofer Date: Fri, 17 Jun 2011 17:45:44 -0700 Subject: [PATCH 1/5] Reorganized into a plugin --- http_socket_oauth.php => libs/http_socket_oauth.php | 0 readme.markdown | 6 +++--- 2 files changed, 3 insertions(+), 3 deletions(-) rename http_socket_oauth.php => libs/http_socket_oauth.php (100%) diff --git a/http_socket_oauth.php b/libs/http_socket_oauth.php similarity index 100% rename from http_socket_oauth.php rename to libs/http_socket_oauth.php diff --git a/readme.markdown b/readme.markdown index cdfcc53..a8fbb8a 100644 --- a/readme.markdown +++ b/readme.markdown @@ -10,7 +10,7 @@ Usage instructions (we'll take twitter as an example): public function twitter_connect() { // Get a request token from twitter - App::import('Vendor', 'HttpSocketOauth'); + App::import('Lib', 'HttpSocketOauth.HttpSocketOauth'); $Http = new HttpSocketOauth(); $request = array( 'uri' => array( @@ -38,7 +38,7 @@ Usage instructions (we'll take twitter as an example): 5. Next add the action for the call back: public function twitter_callback() { - App::import('Vendor', 'HttpSocketOauth'); + App::import('Lib', 'HttpSocketOauth.HttpSocketOauth'); $Http = new HttpSocketOauth(); // Issue request for access token $request = array( @@ -69,7 +69,7 @@ Now if you link to the twitter_connect() action or hit it in your browser addres Finally, I guess it's useful to know how to do something with the twitter API with this new found power: - App::import('Vendor', 'HttpSocketOauth'); + App::import('Lib', 'HttpSocketOauth.HttpSocketOauth'); $Http = new HttpSocketOauth(); // Tweet "Hello world!" to the twitter account we connected earlier $request = array( From f987128b79e9e9cafa1b50d5e7b50cc1a0623047 Mon Sep 17 00:00:00 2001 From: Dean Sofer Date: Sun, 20 Nov 2011 15:57:19 -0800 Subject: [PATCH 2/5] Converted plugin to CakePHP 2.0 --- Lib/HttpSocketOauth.php | 295 ++++++++++++++++++++++++++++++++++++ libs/http_socket_oauth.php | 298 ------------------------------------- 2 files changed, 295 insertions(+), 298 deletions(-) create mode 100644 Lib/HttpSocketOauth.php delete mode 100644 libs/http_socket_oauth.php diff --git a/Lib/HttpSocketOauth.php b/Lib/HttpSocketOauth.php new file mode 100644 index 0000000..2a33ebc --- /dev/null +++ b/Lib/HttpSocketOauth.php @@ -0,0 +1,295 @@ + + * @link http://www.neilcrookes.com + * @copyright (c) 2010 Neil Crookes + * @license MIT License - http://www.opensource.org/licenses/mit-license.php + */ +App::uses('HttpSocket', 'Network/Http'); +class HttpSocketOauth extends HttpSocket { + + /** + * Default OAuth parameters. These get merged into the $request['auth'] param. + * + * @var array + */ + public $defaults = array( + 'oauth_version' => '1.0', + 'oauth_signature_method' => 'HMAC-SHA1', + ); + + /** + * Overrides HttpSocket::request() to handle cases where + * $request['auth']['method'] is 'OAuth'. + * + * @param array $request As required by HttpSocket::request(). NOTE ONLY + * THE ARRAY TYPE OF REQUEST IS SUPPORTED + * @return array + */ + public function request($request = array()) { + + // If the request does not need OAuth Authorization header, let the parent + // deal with it. + if (!isset($request['auth']['method']) || $request['auth']['method'] != 'OAuth') { + return parent::request($request); + } + + // Generate the OAuth Authorization Header content for this request from the + // request data and add it into the request's Authorization Header. Note, we + // don't just add the header directly in the request variable and return the + // whole thing from the authorizationHeader() method because in some cases + // we may not want the authorization header content in the request's + // authorization header, for example, OAuth Echo as used by Twitpic and + // Twitter includes an Authorization Header as required by twitter's verify + // credentials API in the X-Verify-Credentials-Authorization header. + $request['header']['Authorization'] = $this->authorizationHeader($request); + + // Now the Authorization header is built, fire the request off to the parent + // HttpSocket class request method that we intercepted earlier. + return parent::request($request); + + } + + /** + * Returns the OAuth Authorization Header string for a given request array. + * + * This method is called by request but can also be called directly, which is + * useful if you need to get the OAuth Authorization Header string, such as + * when integrating with a service that uses OAuth Echo (Authorization + * Delegation) e.g. Twitpic. In this case you send a normal unauthenticated + * request to the service e.g. Twitpic along with 2 extra headers: + * - X-Auth-Service-Provider - effectively, this is the realm that identity + * delegation should be sent to - in the case of Twitter, just set this to + * https://api.twitter.com/1/account/verify_credentials.json; + * - X-Verify-Credentials-Authorization - Consumer should create all the OAuth + * parameters necessary so it could call + * https://api.twitter.com/1/account/verify_credentials.json using OAuth in + * the HTTP header (e.g. it should look like OAuth oauth_consumer_key="...", + * oauth_token="...", oauth_signature_method="...", oauth_signature="...", + * oauth_timestamp="...", oauth_nonce="...", oauth_version="...". + * + * @param array $request As required by HttpSocket::request(). NOTE ONLY + * THE ARRAY TYPE OF REQUEST IS SUPPORTED + * @return String + */ + public function authorizationHeader($request) { + + $request['auth'] = array_merge($this->defaults, $request['auth']); + + // Nonce, or number used once is used to distinguish between different + // requests to the OAuth provider + if (!isset($request['auth']['oauth_nonce'])) { + $request['auth']['oauth_nonce'] = md5(uniqid(rand(), true)); + } + + if (!isset($request['auth']['oauth_timestamp'])) { + $request['auth']['oauth_timestamp'] = time(); + } + + // Now starts the process of signing the request. The signature is a hash of + // a signature base string with the secret keys. The signature base string + // is made up of the request http verb, the request uri and the request + // params, and the secret keys are the consumer secret (for your + // application) and the access token secret generated for the user by the + // provider, e.g. twitter, when the user authorizes your app to access their + // details. + + // Building the request uri, note we don't include the query string or + // fragment. Standard ports must not be included but non standard ones must. + $uriFormat = '%scheme://%host'; + if (isset($request['uri']['port']) && !in_array($request['uri']['port'], array(80, 443))) { + $uriFormat .= ':' . $request['uri']['port']; + } + $uriFormat .= '/%path'; + $requestUrl = $this->_buildUri($request['uri'], $uriFormat); + + // OAuth reference states that the request params, i.e. oauth_ params, body + // params and query string params need to be normalised, i.e. combined in a + // single string, separated by '&' in the format name=value. But they also + // need to be sorted by key, then by value. You can't just merge the auth, + // body and query arrays together then do a ksort because there may be + // parameters with the same name. Instead we've got to get them into an + // array of array('name' => '', 'value' => '') elements, then + // sort those elements. + + // Let's start with the auth params - however, we shouldn't include the auth + // method (OAuth), and OAuth reference says not to include the realm or the + // consumer or token secrets + $requestParams = $this->assocToNumericNameValue(array_diff_key( + $request['auth'], + array_flip(array('realm', 'method', 'oauth_consumer_secret', 'oauth_token_secret')) + )); + + // Next add the body params if there are any and the content type header is + // not set, or it's application/x-www-form-urlencoded + if (isset($request['body']) && (!isset($request['header']['Content-Type']) || stristr($request['header']['Content-Type'], 'application/x-www-form-urlencoded'))) { + $requestParams = array_merge($requestParams, $this->assocToNumericNameValue($request['body'])); + } + + // Finally the query params + if (isset($request['uri']['query'])) { + $requestParams = array_merge($requestParams, $this->assocToNumericNameValue($request['uri']['query'])); + } + + // Now we can sort them by name then value + usort($requestParams, array($this, 'sortByNameThenByValue')); + + // Now we concatenate them together in name=value pairs separated by & + $normalisedRequestParams = ''; + foreach ($requestParams as $k => $requestParam) { + if ($k) { + $normalisedRequestParams .= '&'; + } + $normalisedRequestParams .= $requestParam['name'] . '=' . $this->parameterEncode($requestParam['value']); + } + + // The signature base string consists of the request method (uppercased) and + // concatenated with the request URL and normalised request parameters + // string, both encoded, and separated by & + $signatureBaseString = strtoupper($request['method']) . '&' + . $this->parameterEncode($requestUrl) . '&' + . $this->parameterEncode($normalisedRequestParams); + + // The signature base string is hashed with a key which is the consumer + // secret (assigned to your application by the provider) and the token + // secret (also known as the access token secret, if you've got it yet), + // both encoded and separated by an & + $key = ''; + if (isset($request['auth']['oauth_consumer_secret'])) { + $key .= $this->parameterEncode($request['auth']['oauth_consumer_secret']); + } + $key .= '&'; + if (isset($request['auth']['oauth_token_secret'])) { + $key .= $this->parameterEncode($request['auth']['oauth_token_secret']); + } + + // Finally construct the signature according to the value of the + // oauth_signature_method auth param in the request array. + switch ($request['auth']['oauth_signature_method']) { + case 'HMAC-SHA1': + $request['auth']['oauth_signature'] = base64_encode(hash_hmac('sha1', $signatureBaseString, $key, true)); + break; + default: + // @todo implement the other 2 hashing methods + break; + } + + // Finally, we have all the Authorization header parameters so we can build + // the header string. + $authorizationHeader = 'OAuth'; + + // We don't want to include the realm, method or secrets though + $authorizationHeaderParams = array_diff_key( + $request['auth'], + array_flip(array('method', 'oauth_consumer_secret', 'oauth_token_secret', 'realm')) + ); + + // Add the Authorization header params to the Authorization header string, + // properly encoded. + $first = true; + + if (isset($request['auth']['realm'])) { + $authorizationHeader .= ' realm="' . $request['auth']['realm'] . '"'; + $first = false; + } + + foreach ($authorizationHeaderParams as $name => $value) { + if (!$first) { + $authorizationHeader .= ','; + } else { + $authorizationHeader .= ' '; + $first = false; + } + $authorizationHeader .= $this->authorizationHeaderParamEncode($name, $value); + } + + return $authorizationHeader; + } + + /** + * Builds an Authorization header param string from the supplied name and + * value. See below for example: + * + * @param string $name E.g. 'oauth_signature_method' + * @param string $value E.g. 'HMAC-SHA1' + * @return string E.g. 'oauth_signature_method="HMAC-SHA1"' + */ + public function authorizationHeaderParamEncode($name, $value) { + return $this->parameterEncode($name) . '="' . $this->parameterEncode($value) . '"'; + } + + /** + * Converts an associative array of name => value pairs to a numerically + * indexed array of array('name' => '', 'value' => '') elements. + * + * @param array $array Associative array + * @return array + */ + public function assocToNumericNameValue($array) { + $return = array(); + foreach ($array as $name => $value) { + $return[] = array( + 'name' => $name, + 'value' => $value, + ); + } + return $return; + } + + /** + * User defined function to lexically sort an array of + * array('name' => '', 'value' => '') elements by the value of + * the name key, and if they're the same, then by the value of the value key. + * + * @param array $a Array with key for 'name' and one for 'value' + * @param array $b Array with key for 'name' and one for 'value' + * @return integer 1, 0 or -1 depending on whether a greater than b, less than + * or the same. + */ + public function sortByNameThenByValue($a, $b) { + if ($a['name'] == $b['name']) { + if ($a['value'] == $b['value']) { + return 0; + } + return ($a['value'] > $b['value']) ? 1 : -1; + } + return ($a['name'] > $b['name']) ? 1 : -1; + } + + /** + * Encodes paramters as per the OAuth spec by utf 8 encoding the param (if it + * is not already utf 8 encoded) and then percent encoding it according to + * RFC3986 + * + * @param string $param + * @return string + */ + public function parameterEncode($param) { + $encoding = mb_detect_encoding($param); + if ($encoding != 'UTF-8') { + $param = mb_convert_encoding($param, 'UTF-8', $encoding); + } + $param = rawurlencode($param); + $param = str_replace('%7E', '~', $param); + return $param; + } + +} \ No newline at end of file diff --git a/libs/http_socket_oauth.php b/libs/http_socket_oauth.php deleted file mode 100644 index d0b510d..0000000 --- a/libs/http_socket_oauth.php +++ /dev/null @@ -1,298 +0,0 @@ - - * @link http://www.neilcrookes.com - * @copyright (c) 2010 Neil Crookes - * @license MIT License - http://www.opensource.org/licenses/mit-license.php - */ -class HttpSocketOauth extends HttpSocket { - - /** - * Default OAuth parameters. These get merged into the $request['auth'] param. - * - * @var array - */ - var $defaults = array( - 'oauth_version' => '1.0', - 'oauth_signature_method' => 'HMAC-SHA1', - ); - - /** - * Overrides HttpSocket::request() to handle cases where - * $request['auth']['method'] is 'OAuth'. - * - * @param array $request As required by HttpSocket::request(). NOTE ONLY - * THE ARRAY TYPE OF REQUEST IS SUPPORTED - * @return array - */ - function request($request = array()) { - - // If the request does not need OAuth Authorization header, let the parent - // deal with it. - if (!isset($request['auth']['method']) || $request['auth']['method'] != 'OAuth') { - return parent::request($request); - } - - // Generate the OAuth Authorization Header content for this request from the - // request data and add it into the request's Authorization Header. Note, we - // don't just add the header directly in the request variable and return the - // whole thing from the authorizationHeader() method because in some cases - // we may not want the authorization header content in the request's - // authorization header, for example, OAuth Echo as used by Twitpic and - // Twitter includes an Authorization Header as required by twitter's verify - // credentials API in the X-Verify-Credentials-Authorization header. - $request['header']['Authorization'] = $this->authorizationHeader($request); - - // Now the Authorization header is built, fire the request off to the parent - // HttpSocket class request method that we intercepted earlier. - return parent::request($request); - - } - - /** - * Returns the OAuth Authorization Header string for a given request array. - * - * This method is called by request but can also be called directly, which is - * useful if you need to get the OAuth Authorization Header string, such as - * when integrating with a service that uses OAuth Echo (Authorization - * Delegation) e.g. Twitpic. In this case you send a normal unauthenticated - * request to the service e.g. Twitpic along with 2 extra headers: - * - X-Auth-Service-Provider - effectively, this is the realm that identity - * delegation should be sent to - in the case of Twitter, just set this to - * https://api.twitter.com/1/account/verify_credentials.json; - * - X-Verify-Credentials-Authorization - Consumer should create all the OAuth - * parameters necessary so it could call - * https://api.twitter.com/1/account/verify_credentials.json using OAuth in - * the HTTP header (e.g. it should look like OAuth oauth_consumer_key="...", - * oauth_token="...", oauth_signature_method="...", oauth_signature="...", - * oauth_timestamp="...", oauth_nonce="...", oauth_version="...". - * - * @param array $request As required by HttpSocket::request(). NOTE ONLY - * THE ARRAY TYPE OF REQUEST IS SUPPORTED - * @return String - */ - function authorizationHeader($request) { - - $request['auth'] = array_merge($this->defaults, $request['auth']); - - // Nonce, or number used once is used to distinguish between different - // requests to the OAuth provider - if (!isset($request['auth']['oauth_nonce'])) { - $request['auth']['oauth_nonce'] = md5(uniqid(rand(), true)); - } - - if (!isset($request['auth']['oauth_timestamp'])) { - $request['auth']['oauth_timestamp'] = time(); - } - - // Now starts the process of signing the request. The signature is a hash of - // a signature base string with the secret keys. The signature base string - // is made up of the request http verb, the request uri and the request - // params, and the secret keys are the consumer secret (for your - // application) and the access token secret generated for the user by the - // provider, e.g. twitter, when the user authorizes your app to access their - // details. - - // Building the request uri, note we don't include the query string or - // fragment. Standard ports must not be included but non standard ones must. - $uriFormat = '%scheme://%host'; - if (isset($request['uri']['port']) && !in_array($request['uri']['port'], array(80, 443))) { - $uriFormat .= ':' . $request['uri']['port']; - } - $uriFormat .= '/%path'; - $requestUrl = $this->_buildUri($request['uri'], $uriFormat); - - // OAuth reference states that the request params, i.e. oauth_ params, body - // params and query string params need to be normalised, i.e. combined in a - // single string, separated by '&' in the format name=value. But they also - // need to be sorted by key, then by value. You can't just merge the auth, - // body and query arrays together then do a ksort because there may be - // parameters with the same name. Instead we've got to get them into an - // array of array('name' => '', 'value' => '') elements, then - // sort those elements. - - // Let's start with the auth params - however, we shouldn't include the auth - // method (OAuth), and OAuth reference says not to include the realm or the - // consumer or token secrets - $requestParams = $this->assocToNumericNameValue(array_diff_key( - $request['auth'], - array_flip(array('realm', 'method', 'oauth_consumer_secret', 'oauth_token_secret')) - )); - - // Next add the body params if there are any and the content type header is - // not set, or it's application/x-www-form-urlencoded - if (isset($request['body']) && (!isset($request['header']['Content-Type']) || stristr($request['header']['Content-Type'], 'application/x-www-form-urlencoded'))) { - $requestParams = array_merge($requestParams, $this->assocToNumericNameValue($request['body'])); - } - - // Finally the query params - if (isset($request['uri']['query'])) { - $requestParams = array_merge($requestParams, $this->assocToNumericNameValue($request['uri']['query'])); - } - - // Now we can sort them by name then value - usort($requestParams, array($this, 'sortByNameThenByValue')); - - // Now we concatenate them together in name=value pairs separated by & - $normalisedRequestParams = ''; - foreach ($requestParams as $k => $requestParam) { - if ($k) { - $normalisedRequestParams .= '&'; - } - $normalisedRequestParams .= $requestParam['name'] . '=' . $this->parameterEncode($requestParam['value']); - } - - // The signature base string consists of the request method (uppercased) and - // concatenated with the request URL and normalised request parameters - // string, both encoded, and separated by & - $signatureBaseString = strtoupper($request['method']) . '&' - . $this->parameterEncode($requestUrl) . '&' - . $this->parameterEncode($normalisedRequestParams); - - // The signature base string is hashed with a key which is the consumer - // secret (assigned to your application by the provider) and the token - // secret (also known as the access token secret, if you've got it yet), - // both encoded and separated by an & - $key = ''; - if (isset($request['auth']['oauth_consumer_secret'])) { - $key .= $this->parameterEncode($request['auth']['oauth_consumer_secret']); - } - $key .= '&'; - if (isset($request['auth']['oauth_token_secret'])) { - $key .= $this->parameterEncode($request['auth']['oauth_token_secret']); - } - - // Finally construct the signature according to the value of the - // oauth_signature_method auth param in the request array. - switch ($request['auth']['oauth_signature_method']) { - case 'HMAC-SHA1': - $request['auth']['oauth_signature'] = base64_encode(hash_hmac('sha1', $signatureBaseString, $key, true)); - break; - default: - // @todo implement the other 2 hashing methods - break; - } - - // Finally, we have all the Authorization header parameters so we can build - // the header string. - $authorizationHeader = 'OAuth'; - - // We don't want to include the realm, method or secrets though - $authorizationHeaderParams = array_diff_key( - $request['auth'], - array_flip(array('method', 'oauth_consumer_secret', 'oauth_token_secret', 'realm')) - ); - - // Add the Authorization header params to the Authorization header string, - // properly encoded. - $first = true; - - if (isset($request['auth']['realm'])) { - $authorizationHeader .= ' realm="' . $request['auth']['realm'] . '"'; - $first = false; - } - - foreach ($authorizationHeaderParams as $name => $value) { - if (!$first) { - $authorizationHeader .= ','; - } else { - $authorizationHeader .= ' '; - $first = false; - } - $authorizationHeader .= $this->authorizationHeaderParamEncode($name, $value); - } - - return $authorizationHeader; - - } - - /** - * Builds an Authorization header param string from the supplied name and - * value. See below for example: - * - * @param string $name E.g. 'oauth_signature_method' - * @param string $value E.g. 'HMAC-SHA1' - * @return string E.g. 'oauth_signature_method="HMAC-SHA1"' - */ - function authorizationHeaderParamEncode($name, $value) { - return $this->parameterEncode($name) . '="' . $this->parameterEncode($value) . '"'; - } - - /** - * Converts an associative array of name => value pairs to a numerically - * indexed array of array('name' => '', 'value' => '') elements. - * - * @param array $array Associative array - * @return array - */ - function assocToNumericNameValue($array) { - $return = array(); - foreach ($array as $name => $value) { - $return[] = array( - 'name' => $name, - 'value' => $value, - ); - } - return $return; - } - - /** - * User defined function to lexically sort an array of - * array('name' => '', 'value' => '') elements by the value of - * the name key, and if they're the same, then by the value of the value key. - * - * @param array $a Array with key for 'name' and one for 'value' - * @param array $b Array with key for 'name' and one for 'value' - * @return integer 1, 0 or -1 depending on whether a greater than b, less than - * or the same. - */ - function sortByNameThenByValue($a, $b) { - if ($a['name'] == $b['name']) { - if ($a['value'] == $b['value']) { - return 0; - } - return ($a['value'] > $b['value']) ? 1 : -1; - } - return ($a['name'] > $b['name']) ? 1 : -1; - } - - /** - * Encodes paramters as per the OAuth spec by utf 8 encoding the param (if it - * is not already utf 8 encoded) and then percent encoding it according to - * RFC3986 - * - * @param string $param - * @return string - */ - function parameterEncode($param) { - $encoding = mb_detect_encoding($param); - if ($encoding != 'UTF-8') { - $param = mb_convert_encoding($param, 'UTF-8', $encoding); - } - $param = rawurlencode($param); - $param = str_replace('%7E', '~', $param); - return $param; - } - -} -?> \ No newline at end of file From e9a20533258d4c21731026330d71c561ba174875 Mon Sep 17 00:00:00 2001 From: Dean Sofer Date: Mon, 26 Dec 2011 17:02:10 -0800 Subject: [PATCH 3/5] Added auth to the base array --- Lib/HttpSocketOauth.php | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) diff --git a/Lib/HttpSocketOauth.php b/Lib/HttpSocketOauth.php index 2a33ebc..8a37269 100644 --- a/Lib/HttpSocketOauth.php +++ b/Lib/HttpSocketOauth.php @@ -36,6 +36,30 @@ class HttpSocketOauth extends HttpSocket { 'oauth_signature_method' => 'HMAC-SHA1', ); + public $request = array( + 'method' => 'GET', + 'uri' => array( + 'scheme' => 'http', + 'host' => null, + 'port' => 80, + 'user' => null, + 'pass' => null, + 'path' => null, + 'query' => null, + 'fragment' => null + ), + 'version' => '1.1', + 'body' => '', + 'line' => null, + 'header' => array( + 'Connection' => 'close', + 'User-Agent' => 'CakePHP' + ), + 'raw' => null, + 'cookies' => array(), + 'auth' => array(), + ); + /** * Overrides HttpSocket::request() to handle cases where * $request['auth']['method'] is 'OAuth'. From 2f573b1e78254a8d2b5ff53fd859cab7f4064740 Mon Sep 17 00:00:00 2001 From: JavRok Date: Mon, 12 Mar 2012 02:07:08 +0100 Subject: [PATCH 4/5] Proposed changes for the API to work with Facebook OAuth v2. Instructions on 'CakePHP-Api-Datasources' project --- Lib/HttpSocketOauth.php | 24 +++++++++++++++++++++++- 1 file changed, 23 insertions(+), 1 deletion(-) diff --git a/Lib/HttpSocketOauth.php b/Lib/HttpSocketOauth.php index 8a37269..692bded 100644 --- a/Lib/HttpSocketOauth.php +++ b/Lib/HttpSocketOauth.php @@ -84,7 +84,11 @@ public function request($request = array()) { // authorization header, for example, OAuth Echo as used by Twitpic and // Twitter includes an Authorization Header as required by twitter's verify // credentials API in the X-Verify-Credentials-Authorization header. - $request['header']['Authorization'] = $this->authorizationHeader($request); + if (isset($request['auth']['oauth_version']) && $request['auth']['oauth_version'] == '2.0'){ + $request['header']['Authorization'] = $this->authorizationHeaderV2($request); + }else{ + $request['header']['Authorization'] = $this->authorizationHeader($request); + } // Now the Authorization header is built, fire the request off to the parent // HttpSocket class request method that we intercepted earlier. @@ -247,6 +251,24 @@ public function authorizationHeader($request) { return $authorizationHeader; } + + /** + * Returns the OAuth V2 Authorization Header string for a given request array + * Old V1 params weren't accepted and returned error. + * + * @param array $request As required by HttpSocket::request(). NOTE ONLY + * THE ARRAY TYPE OF REQUEST IS SUPPORTED + * @return String + * @author Javier Rocamora + * @todo Check if other params are needed and build correctly + */ + public function authorizationHeaderV2($request) { + + $authorizationHeader = 'OAuth '; + $authorizationHeader .= $request['auth']['access_token']; + + return $authorizationHeader; + } /** * Builds an Authorization header param string from the supplied name and From 683d0c7940f8cd9591661f34966f846ab3c2e60f Mon Sep 17 00:00:00 2001 From: Pierre Lechelle Date: Wed, 12 Dec 2012 01:16:49 +0100 Subject: [PATCH 5/5] assocToNumericNameValue throw an error if the supplied array is not an array --- Lib/HttpSocketOauth.php | 14 ++++++++------ 1 file changed, 8 insertions(+), 6 deletions(-) diff --git a/Lib/HttpSocketOauth.php b/Lib/HttpSocketOauth.php index 692bded..9c59424 100644 --- a/Lib/HttpSocketOauth.php +++ b/Lib/HttpSocketOauth.php @@ -291,12 +291,14 @@ public function authorizationHeaderParamEncode($name, $value) { */ public function assocToNumericNameValue($array) { $return = array(); - foreach ($array as $name => $value) { - $return[] = array( - 'name' => $name, - 'value' => $value, - ); - } + if (is_array($array) AND !empty($array)) { + foreach ($array as $name => $value) { + $return[] = array( + 'name' => $name, + 'value' => $value, + ); + } + } return $return; }