diff options
Diffstat (limited to 'tests/oauth')
| -rw-r--r-- | tests/oauth/README | 162 | ||||
| -rwxr-xr-x | tests/oauth/exchangetokens.php | 105 | ||||
| -rwxr-xr-x | tests/oauth/fetch_temp_creds.php | 106 | ||||
| -rwxr-xr-x | tests/oauth/fetch_token_creds.php | 146 | ||||
| -rwxr-xr-x | tests/oauth/getrequesttoken.php | 71 | ||||
| -rw-r--r-- | tests/oauth/oauth.ini.sample (renamed from tests/oauth/oauth.ini) | 2 | ||||
| -rw-r--r-- | tests/oauth/oauth_post_notice.php (renamed from tests/oauth/statusupdate.php) | 77 | ||||
| -rwxr-xr-x | tests/oauth/oauth_verify_creds.php (renamed from tests/oauth/verifycreds.php) | 76 |
8 files changed, 487 insertions, 258 deletions
diff --git a/tests/oauth/README b/tests/oauth/README index dd76feb0c..13f1d0c03 100644 --- a/tests/oauth/README +++ b/tests/oauth/README @@ -1,22 +1,160 @@ Some very rough test scripts for hitting up the OAuth endpoints. -Note: this works best if you register an OAuth application, leaving -the callback URL blank. +These instructions assume you understand the basics of how OAuth +works. You may want to read up about it first. Here are some good +resources for learning about OAuth: -Put your instance info and consumer key and secret in oauth.ini + http://hueniverse.com/oauth/ + http://tools.ietf.org/html/rfc5849 -Example usage: --------------- +To use these scripts (and OAuth in general) first you will need to +register and OAuth client application with your StatusNet instance: -php getrequesttoken.php + http://example.status.net/settings/oauthapps -Gets a request token, token secret and a url to authorize it. Once -you authorize the request token you can exchange it for an access token... +oauth.ini +--------- -php exchangetokens.php --oauth_token=b9a79548a88c1aa9a5bea73103c6d41d --token_secret=4a47d9337fc0202a14ab552e17a3b657 +Using oauth.ini.sample as a guide, put your StatusNet OAuth endpoints +and consumer key and secret in a file called oauth.ini and save it +in the same directory as these scripts. -Once you have your access token, go ahead and try a protected API -resource: +fetch_temp_creds.php +-------------------- -php verifycreds.php --oauth_token=cf2de7665f0dda0a82c2dc39b01be7f9 --token_secret=4524c3b712200138e1a4cff2e9ca83d8 +Will fetch a request token, token secret and a URL to authorize the +token. Once you authorize the request token, you can exchange it +for an access token. + +example usage: + + $ php fetch_temp_creds.php + Request Token + - oauth_token = 89d481e376edc622f08da5791e6a4446 + - oauth_token_secret = 6d028bcd1ea125cbed7da2f254219885 + Authorize URL + http://example.status.net/api/oauth/authorize?oauth_token=89d481e376edc622f08da5791e6a4446 + + Now paste the Authorize URL into your browser and authorize your temporary credentials. + +fetch_token_creds.php +--------------------- + +After you have authorized your request token, you will be presented +with a verifier code, or pin, in your browser, which you will need +to get an access token. Make sure you copy it into a text buffer +or write it down or something. Then call fetch_token_credentials.php +to exchange your temporary credentials for real token credentials. + +example usage: + + $ php fetch_token_creds.php -t 89d481e376edc622f08da5791e6a4446 -s 6d028bcd1ea125cbed7da2f254219885 -v 305162 + Access Token + - oauth_token = 9b354df102d8e2b4621122c85d8d045c + - oauth_token_secret = 1800a88f1574b47d595214a74e5b1ec5 + + +oauth_verify_credentials.php +---------------------------- + +Now you should have real token credentials (an OAuth access token) +and you can access protected API resources. This is an example +script that calls /api/account/verify_credentials.xml. + +example usage: + + $ php oauth_verify_creds.php -t 80305cd15c5c69834364ac02d7f9178c -s 673e3b2978b1b92c8edbfe172505fee1 + <?xml version="1.0" encoding="UTF-8"?> + <user xmlns:statusnet="http://status.net/schema/api/1/"> + <id>23</id> + <name>zach</name> + <screen_name>zach</screen_name> + <location></location> + <description></description> + <profile_image_url>http://example.status.net/theme/default/default-avatar-stream.png</profile_image_url> + <url></url> + <protected>false</protected> + <followers_count>0</followers_count> + <profile_background_color></profile_background_color> + <profile_text_color></profile_text_color> + <profile_link_color></profile_link_color> + <profile_sidebar_fill_color></profile_sidebar_fill_color> + <profile_sidebar_border_color></profile_sidebar_border_color> + <friends_count>0</friends_count> + <created_at>Thu Sep 30 23:11:00 +0000 2010</created_at> + <favourites_count>0</favourites_count> + <utc_offset>0</utc_offset> + <time_zone>UTC</time_zone> + <profile_background_image_url></profile_background_image_url> + <profile_background_tile>false</profile_background_tile> + <statuses_count>4</statuses_count> + <following>true</following> + <statusnet:blocking>false</statusnet:blocking> + <notifications>true</notifications> + <status> + <text>gar</text> + <truncated>false</truncated> + <created_at>Wed Oct 06 23:40:14 +0000 2010</created_at> + <in_reply_to_status_id></in_reply_to_status_id> + <source>web</source> + <id>7</id> + <in_reply_to_user_id></in_reply_to_user_id> + <in_reply_to_screen_name></in_reply_to_screen_name> + <geo></geo> + <favorited>false</favorited> + <statusnet:html>gar</statusnet:html> + </status> + <statusnet:profile_url>http://example.status.net/statusnet/zach</statusnet:profile_url> + </user> + +oauth_post_notice.php +--------------------- + +This is another test script that lets you post a notice via OAuth. + +example usage: + + $ php oauth_post_notice.php -t 80305cd15c5c69834364ac02d7f9178c -s 673e3b2978b1b92c8edbfe172505fee1 -u 'Test test test...' + <?xml version="1.0" encoding="UTF-8"?> + <status xmlns:statusnet="http://status.net/schema/api/1/"> + <text>Test test test...</text> + <truncated>false</truncated> + <created_at>Fri Oct 08 02:37:35 +0000 2010</created_at> + <in_reply_to_status_id></in_reply_to_status_id> + <source><a href="http://banana.com" rel="nofollow">Banana</a></source> + <id>8</id> + <in_reply_to_user_id></in_reply_to_user_id> + <in_reply_to_screen_name></in_reply_to_screen_name> + <geo></geo> + <favorited>false</favorited> + <user> + <id>23</id> + <name>zach</name> + <screen_name>zach</screen_name> + <location></location> + <description></description> + <profile_image_url>http://example.status.net/statusnet/theme/default/default-avatar-stream.png</profile_image_url> + <url></url> + <protected>false</protected> + <followers_count>0</followers_count> + <profile_background_color></profile_background_color> + <profile_text_color></profile_text_color> + <profile_link_color></profile_link_color> + <profile_sidebar_fill_color></profile_sidebar_fill_color> + <profile_sidebar_border_color></profile_sidebar_border_color> + <friends_count>0</friends_count> + <created_at>Thu Sep 30 23:11:00 +0000 2010</created_at> + <favourites_count>0</favourites_count> + <utc_offset>0</utc_offset> + <time_zone>UTC</time_zone> + <profile_background_image_url></profile_background_image_url> + <profile_background_tile>false</profile_background_tile> + <statuses_count>5</statuses_count> + <following>true</following> + <statusnet:blocking>false</statusnet:blocking> + <notifications>true</notifications> + <statusnet:profile_url>http://example.status.net/statusnet/zach</statusnet:profile_url> + </user> + <statusnet:html>Test test test...</statusnet:html> + </status> diff --git a/tests/oauth/exchangetokens.php b/tests/oauth/exchangetokens.php deleted file mode 100755 index 2394826c7..000000000 --- a/tests/oauth/exchangetokens.php +++ /dev/null @@ -1,105 +0,0 @@ -#!/usr/bin/env php -<?php -/* - * StatusNet - a distributed open-source microblogging tool - * Copyright (C) 2008, 2009, StatusNet, Inc. - * - * This program is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License as published by - * the Free Software Foundation, either version 3 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License - * along with this program. If not, see <http://www.gnu.org/licenses/>. - */ - -define('INSTALLDIR', realpath(dirname(__FILE__) . '/../..')); - -require_once INSTALLDIR . '/extlib/OAuth.php'; - -$ini = parse_ini_file("oauth.ini"); - -$test_consumer = new OAuthConsumer($ini['consumer_key'], $ini['consumer_secret']); - -$at_endpoint = $ini['apiroot'] . $ini['access_token_url']; - -$shortoptions = 't:s:'; -$longoptions = array('oauth_token=', 'token_secret='); - -$helptext = <<<END_OF_ETOKENS_HELP - exchangetokens.php [options] - Exchange an authorized OAuth request token for an access token - - -t --oauth_token authorized request token - -s --token_secret authorized request token secret - -END_OF_ETOKENS_HELP; - -require_once INSTALLDIR . '/scripts/commandline.inc'; - -$token = null; -$token_secret = null; - -if (have_option('t', 'oauth_token')) { - $token = get_option_value('oauth_token'); -} - -if (have_option('s', 'token_secret')) { - $token_secret = get_option_value('s', 'token_secret'); -} - -if (empty($token)) { - print "Please specify a request token.\n"; - exit(1); -} - -if (empty($token_secret)) { - print "Please specify a request token secret.\n"; - exit(1); -} - -$rt = new OAuthToken($token, $token_secret); -common_debug("Exchange request token = " . var_export($rt, true)); - -$parsed = parse_url($at_endpoint); -$params = array(); -parse_str($parsed['query'], $params); - -$hmac_method = new OAuthSignatureMethod_HMAC_SHA1(); - -$req_req = OAuthRequest::from_consumer_and_token($test_consumer, $rt, "GET", $at_endpoint, $params); -$req_req->sign_request($hmac_method, $test_consumer, $rt); - -$r = httpRequest($req_req->to_url()); - -common_debug("Exchange request token = " . var_export($rt, true)); -common_debug("Exchange tokens URL: " . $req_req->to_url()); - -$body = $r->getBody(); - -$token_stuff = array(); -parse_str($body, $token_stuff); - -print 'Access token : ' . $token_stuff['oauth_token'] . "\n"; -print 'Access token secret : ' . $token_stuff['oauth_token_secret'] . "\n"; - -function httpRequest($url) -{ - $request = HTTPClient::start(); - - $request->setConfig(array( - 'follow_redirects' => true, - 'connect_timeout' => 120, - 'timeout' => 120, - 'ssl_verify_peer' => false, - 'ssl_verify_host' => false - )); - - return $request->get($url); -} - diff --git a/tests/oauth/fetch_temp_creds.php b/tests/oauth/fetch_temp_creds.php new file mode 100755 index 000000000..bea512a91 --- /dev/null +++ b/tests/oauth/fetch_temp_creds.php @@ -0,0 +1,106 @@ +#!/usr/bin/env php +<?php +/* + * StatusNet - a distributed open-source microblogging tool + * Copyright (C) 2010, StatusNet, Inc. + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + */ + +define('INSTALLDIR', realpath(dirname(__FILE__) . '/../..')); + +require_once INSTALLDIR . '/scripts/commandline.inc'; +require_once INSTALLDIR . '/extlib/OAuth.php'; + +$ini = parse_ini_file("oauth.ini"); + +// Check to make sure we have everything we need from the ini file +foreach(array('consumer_key', 'consumer_secret', 'apiroot', 'request_token_url') as $inikey) { + if (empty($ini[$inikey])) { + print "You forgot to specify a $inikey in your oauth.ini file.\n"; + exit(1); + } +} + +$consumer = new OAuthConsumer($ini['consumer_key'], $ini['consumer_secret']); +$endpoint = $ini['apiroot'] . $ini['request_token_url']; +$parsed = parse_url($endpoint); +$params = array(); + +parse_str($parsed['query'], $params); +$params['oauth_callback'] = 'oob'; // out-of-band + +$hmac_method = new OAuthSignatureMethod_HMAC_SHA1(); + +try { + $req = OAuthRequest::from_consumer_and_token( + $consumer, + null, + "POST", + $endpoint, + $params + ); + $req->sign_request($hmac_method, $consumer, NULL); + $r = httpRequest($endpoint, $req->to_postdata()); +} catch (Exception $e) { + // oh noez + print $e->getMessage(); + print "\nOAuth Request:\n"; + var_dump($req); + exit(1); +} + +$body = $r->getBody(); +$tokenStuff = array(); + +parse_str($body, $tokenStuff); + +$tok = $tokenStuff['oauth_token']; +$confirmed = $tokenStuff['oauth_callback_confirmed']; + +if (empty($tokenStuff['oauth_token']) + || empty($tokenStuff['oauth_token_secret']) + || empty($confirmed) + || $confirmed != 'true') +{ + print "Error! HTTP response body: $body\n"; + exit(1); +} + +$authurl = $ini['apiroot'] . $ini['authorize_url'] . '?oauth_token=' . $tok; + +print "Request Token\n"; +print ' - oauth_token = ' . $tokenStuff['oauth_token'] . "\n"; +print ' - oauth_token_secret = ' . $tokenStuff['oauth_token_secret'] . "\n"; +print "Authorize URL\n $authurl\n\n"; +print "Now paste the Authorize URL into your browser and authorize your temporary credentials.\n"; + +function httpRequest($endpoint, $poststr) +{ + $request = HTTPClient::start(); + + $request->setConfig( + array( + 'follow_redirects' => true, + 'connect_timeout' => 120, + 'timeout' => 120, + 'ssl_verify_peer' => false, + 'ssl_verify_host' => false + ) + ); + + // Turn signed request query string back into an array + parse_str($poststr, $postdata); + return $request->post($endpoint, null, $postdata); +} diff --git a/tests/oauth/fetch_token_creds.php b/tests/oauth/fetch_token_creds.php new file mode 100755 index 000000000..a508c7240 --- /dev/null +++ b/tests/oauth/fetch_token_creds.php @@ -0,0 +1,146 @@ +#!/usr/bin/env php +<?php +/* + * StatusNet - a distributed open-source microblogging tool + * Copyright (C) 2008, 2009, StatusNet, Inc. + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + */ + +define('INSTALLDIR', realpath(dirname(__FILE__) . '/../..')); + +require_once INSTALLDIR . '/extlib/OAuth.php'; + +$ini = parse_ini_file("oauth.ini"); + +// Check to make sure we have everything we need from the ini file +foreach(array('consumer_key', 'consumer_secret', 'apiroot', 'access_token_url') as $inikey) { + if (empty($ini[$inikey])) { + print "You forgot to specify a $inikey in your oauth.ini file.\n"; + exit(1); + } +} + +$consumer = new OAuthConsumer($ini['consumer_key'], $ini['consumer_secret']); + +$endpoint = $ini['apiroot'] . $ini['access_token_url']; + +$shortoptions = 't:s:v:'; +$longoptions = array('oauth_token=', 'oauth_token_secret=', 'oauth_verifier='); + +$helptext = <<<END_OF_ETOKENS_HELP + fetch_token_creds.php [options] + + Exchange authorized OAuth temporary credentials for token credentials + (an authorized request token for an access token) + + -t --oauth_token authorized request token + -s --oauth_token_secret authorized request token secret + -v --oauth_verifier authorized request token verifier + + +END_OF_ETOKENS_HELP; + +require_once INSTALLDIR . '/scripts/commandline.inc'; + +$token = $secret = $verifier = null; + +if (have_option('t', 'oauth_token')) { + $token = get_option_value('t', 'oauth_token'); +} + +if (have_option('s', 'oauth_token_secret')) { + $secret = get_option_value('s', 'oauth_token_secret'); +} + +if (have_option('v', 'oauth_verifier')) { + $verifier = get_option_value('v', 'oauth_verifier'); +} + +if (empty($token)) { + print "Please specify the request token (--help for help).\n"; + exit(1); +} + +if (empty($secret)) { + print "Please specify the request token secret (--help for help).\n"; + exit(1); +} + +if (empty($verifier)) { + print "Please specify the request token verifier (--help for help).\n"; + exit(1); +} + +$rtok = new OAuthToken($token, $secret); +$parsed = parse_url($endpoint); +parse_str($parsed['query'], $params); + +$params['oauth_verifier'] = $verifier; // 1.0a + +$hmac_method = new OAuthSignatureMethod_HMAC_SHA1(); + +try { + + $oauthReq = OAuthRequest::from_consumer_and_token( + $consumer, + $rtok, + "POST", + $endpoint, + $params + ); + + $oauthReq->sign_request($hmac_method, $consumer, $rtok); + + $httpReq = httpRequest($endpoint, $oauthReq->to_postdata()); + $body = $httpReq->getBody(); + +} catch (Exception $e) { + // oh noez + print $e->getMessage(); + print "\nOAuth Request:\n"; + var_dump($oauthReq); + exit(1); +} + +$tokenStuff = array(); +parse_str($body, $tokenStuff); + +if (empty($tokenStuff['oauth_token']) || empty($tokenStuff['oauth_token_secret'])) { + print "Error! HTTP response body: $body\n"; + exit(1); +} + +print "Access Token\n"; +print ' - oauth_token = ' . $tokenStuff['oauth_token'] . "\n"; +print ' - oauth_token_secret = ' . $tokenStuff['oauth_token_secret'] . "\n"; + +function httpRequest($endpoint, $poststr) +{ + $request = HTTPClient::start(); + + $request->setConfig( + array( + 'follow_redirects' => true, + 'connect_timeout' => 120, + 'timeout' => 120, + 'ssl_verify_peer' => false, + 'ssl_verify_host' => false + ) + ); + + parse_str($poststr, $postdata); + return $request->post($endpoint, null, $postdata); +} + diff --git a/tests/oauth/getrequesttoken.php b/tests/oauth/getrequesttoken.php deleted file mode 100755 index fc546a0f4..000000000 --- a/tests/oauth/getrequesttoken.php +++ /dev/null @@ -1,71 +0,0 @@ -#!/usr/bin/env php -<?php -/* - * StatusNet - a distributed open-source microblogging tool - * Copyright (C) 2008, 2009, StatusNet, Inc. - * - * This program is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License as published by - * the Free Software Foundation, either version 3 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License - * along with this program. If not, see <http://www.gnu.org/licenses/>. - */ - -define('INSTALLDIR', realpath(dirname(__FILE__) . '/../..')); - -require_once INSTALLDIR . '/scripts/commandline.inc'; -require_once INSTALLDIR . '/extlib/OAuth.php'; - -$ini = parse_ini_file("oauth.ini"); - -$test_consumer = new OAuthConsumer($ini['consumer_key'], $ini['consumer_secret']); - -$rt_endpoint = $ini['apiroot'] . $ini['request_token_url']; - -$parsed = parse_url($rt_endpoint); -$params = array(); - -parse_str($parsed['query'], $params); - -$hmac_method = new OAuthSignatureMethod_HMAC_SHA1(); - -$req_req = OAuthRequest::from_consumer_and_token($test_consumer, NULL, "GET", $rt_endpoint, $params); -$req_req->sign_request($hmac_method, $test_consumer, NULL); - -$r = httpRequest($req_req->to_url()); - -$body = $r->getBody(); - -$token_stuff = array(); -parse_str($body, $token_stuff); - -$authurl = $ini['apiroot'] . $ini['authorize_url'] . '?oauth_token=' . $token_stuff['oauth_token']; - -print 'Request token : ' . $token_stuff['oauth_token'] . "\n"; -print 'Request token secret : ' . $token_stuff['oauth_token_secret'] . "\n"; -print "Authorize URL : $authurl\n"; - -//var_dump($req_req); - -function httpRequest($url) -{ - $request = HTTPClient::start(); - - $request->setConfig(array( - 'follow_redirects' => true, - 'connect_timeout' => 120, - 'timeout' => 120, - 'ssl_verify_peer' => false, - 'ssl_verify_host' => false - )); - - return $request->get($url); -} - diff --git a/tests/oauth/oauth.ini b/tests/oauth/oauth.ini.sample index 16b747fe4..927620e2f 100644 --- a/tests/oauth/oauth.ini +++ b/tests/oauth/oauth.ini.sample @@ -1,5 +1,5 @@ ; Setup OAuth info here -apiroot = "http://YOURSTATUSNET/api" +apiroot = "https://YOURSTATUSNET/api" request_token_url = "/oauth/request_token" authorize_url = "/oauth/authorize" diff --git a/tests/oauth/statusupdate.php b/tests/oauth/oauth_post_notice.php index 4aa230e28..5e9d2a7ab 100644 --- a/tests/oauth/statusupdate.php +++ b/tests/oauth/oauth_post_notice.php @@ -22,16 +22,16 @@ define('INSTALLDIR', realpath(dirname(__FILE__) . '/../..')); require_once INSTALLDIR . '/extlib/OAuth.php'; -$shortoptions = 'o:s:u:'; +$shortoptions = 't:s:u:'; $longoptions = array('oauth_token=', 'token_secret=', 'update='); $helptext = <<<END_OF_VERIFY_HELP - statusupdate.php [options] - Update your status using OAuth + oauth_post_notice.php [options] + Update your status via OAuth - -o --oauth_token access token - -s --token_secret access token secret - -u --update status update + -t --oauth_token access token + -s --oauth_token_secret access token secret + -u --update status update END_OF_VERIFY_HELP; @@ -42,12 +42,12 @@ $update = null; require_once INSTALLDIR . '/scripts/commandline.inc'; -if (have_option('o', 'oauth_token')) { - $token = get_option_value('oauth_token'); +if (have_option('t', 'oauth_token')) { + $token = get_option_value('t', 'oauth_token'); } -if (have_option('s', 'token_secret')) { - $token_secret = get_option_value('s', 'token_secret'); +if (have_option('s', 'oauth_token_secret')) { + $token_secret = get_option_value('s', 'oauth_token_secret'); } if (have_option('u', 'update')) { @@ -69,47 +69,56 @@ if (empty($update)) { exit(1); } -$ini = parse_ini_file("oauth.ini"); - -$test_consumer = new OAuthConsumer($ini['consumer_key'], $ini['consumer_secret']); - +$ini = parse_ini_file("oauth.ini"); +$consumer = new OAuthConsumer($ini['consumer_key'], $ini['consumer_secret']); $endpoint = $ini['apiroot'] . '/statuses/update.xml'; -print "$endpoint\n"; - -$at = new OAuthToken($token, $token_secret); +$atok = new OAuthToken($token, $token_secret); $parsed = parse_url($endpoint); -$params = array(); parse_str($parsed['query'], $params); $params['status'] = $update; $hmac_method = new OAuthSignatureMethod_HMAC_SHA1(); -$req_req = OAuthRequest::from_consumer_and_token($test_consumer, $at, 'POST', $endpoint, $params); -$req_req->sign_request($hmac_method, $test_consumer, $at); +try { -$r = httpRequest($req_req->to_url()); + $oauthReq = OAuthRequest::from_consumer_and_token( + $consumer, + $atok, + 'POST', + $endpoint, + $params + ); -$body = $r->getBody(); + $oauthReq->sign_request($hmac_method, $consumer, $atok); -print "$body\n"; + $httpReq = httpRequest($endpoint, $oauthReq->to_postdata()); -//print $req_req->to_url() . "\n\n"; + print $httpReq->getBody(); -function httpRequest($url) +} catch (Exception $e) { + print "Error! . $e->getMessage() . 'HTTP reponse body: " . $httpReq->getBody(); + exit(1); +} + +function httpRequest($endpoint, $poststr) { $request = HTTPClient::start(); - $request->setConfig(array( - 'follow_redirects' => true, - 'connect_timeout' => 120, - 'timeout' => 120, - 'ssl_verify_peer' => false, - 'ssl_verify_host' => false - )); - - return $request->post($url); + $request->setConfig( + array( + 'follow_redirects' => true, + 'connect_timeout' => 120, + 'timeout' => 120, + 'ssl_verify_peer' => false, + 'ssl_verify_host' => false + ) + ); + + // Turn signed request query string back into an array + parse_str($poststr, $postdata); + return $request->post($endpoint, null, $postdata); } diff --git a/tests/oauth/verifycreds.php b/tests/oauth/oauth_verify_creds.php index 873bdb8bd..7eea6e7e7 100755 --- a/tests/oauth/verifycreds.php +++ b/tests/oauth/oauth_verify_creds.php @@ -22,15 +22,15 @@ define('INSTALLDIR', realpath(dirname(__FILE__) . '/../..')); require_once INSTALLDIR . '/extlib/OAuth.php'; -$shortoptions = 'o:s:'; -$longoptions = array('oauth_token=', 'token_secret='); +$shortoptions = 't:s:'; +$longoptions = array('oauth_token=', 'oauth_token_secret='); $helptext = <<<END_OF_VERIFY_HELP - verifycreds.php [options] - Use an access token to verify credentials thru the api + oauth_verify_creds.php [options] + Access /api/account/verify_credentials.xml with OAuth - -o --oauth_token access token - -s --token_secret access token secret + -t --oauth_token access token + -s --oauth_token_secret access token secret END_OF_VERIFY_HELP; @@ -39,63 +39,69 @@ $token_secret = null; require_once INSTALLDIR . '/scripts/commandline.inc'; -if (have_option('o', 'oauth_token')) { - $token = get_option_value('oauth_token'); +if (have_option('t', 'oauth_token')) { + $token = get_option_value('t', 'oauth_token'); } if (have_option('s', 'token_secret')) { - $token_secret = get_option_value('s', 'token_secret'); + $token_secret = get_option_value('s', 'oauth_token_secret'); } if (empty($token)) { - print "Please specify an access token.\n"; + print "Please specify an access token (--help for help).\n"; exit(1); } if (empty($token_secret)) { - print "Please specify an access token secret.\n"; + print "Please specify an access token secret (--help for help).\n"; exit(1); } -$ini = parse_ini_file("oauth.ini"); - -$test_consumer = new OAuthConsumer($ini['consumer_key'], $ini['consumer_secret']); - +$ini = parse_ini_file("oauth.ini"); +$consumer = new OAuthConsumer($ini['consumer_key'], $ini['consumer_secret']); $endpoint = $ini['apiroot'] . '/account/verify_credentials.xml'; -print "$endpoint\n"; - -$at = new OAuthToken($token, $token_secret); - +$atok = new OAuthToken($token, $token_secret); $parsed = parse_url($endpoint); -$params = array(); + parse_str($parsed['query'], $params); -$hmac_method = new OAuthSignatureMethod_HMAC_SHA1(); +try { -$req_req = OAuthRequest::from_consumer_and_token($test_consumer, $at, "GET", $endpoint, $params); -$req_req->sign_request($hmac_method, $test_consumer, $at); + $hmac_method = new OAuthSignatureMethod_HMAC_SHA1(); -$r = httpRequest($req_req->to_url()); + $oauthReq = OAuthRequest::from_consumer_and_token( + $consumer, + $atok, + "GET", + $endpoint, + $params + ); -$body = $r->getBody(); + $oauthReq->sign_request($hmac_method, $consumer, $atok); -print "$body\n"; + $httpReq = httpRequest($oauthReq->to_url()); -//print $req_req->to_url() . "\n\n"; +} catch (Exception $e) { + print "Error! HTTP response body: " . $httpReq->getBody(); + exit(1); +} + +print $httpReq->getBody(); function httpRequest($url) { $request = HTTPClient::start(); - $request->setConfig(array( - 'follow_redirects' => true, - 'connect_timeout' => 120, - 'timeout' => 120, - 'ssl_verify_peer' => false, - 'ssl_verify_host' => false - )); + $request->setConfig( + array( + 'follow_redirects' => true, + 'connect_timeout' => 120, + 'timeout' => 120, + 'ssl_verify_peer' => false, + 'ssl_verify_host' => false + ) + ); return $request->get($url); } - |