From 82f05d0a61752d0552bc8029b2a55ab7c5171b33 Mon Sep 17 00:00:00 2001 From: Zach Copley Date: Mon, 4 Oct 2010 16:47:20 -0700 Subject: Somewhat improved test script for fetching an OAuth request token --- tests/oauth/getrequesttoken.php | 43 ++++++++++++++++++++++++----------------- 1 file changed, 25 insertions(+), 18 deletions(-) (limited to 'tests/oauth') diff --git a/tests/oauth/getrequesttoken.php b/tests/oauth/getrequesttoken.php index fc546a0f4..7c0888354 100755 --- a/tests/oauth/getrequesttoken.php +++ b/tests/oauth/getrequesttoken.php @@ -24,47 +24,54 @@ require_once INSTALLDIR . '/scripts/commandline.inc'; require_once INSTALLDIR . '/extlib/OAuth.php'; $ini = parse_ini_file("oauth.ini"); - $test_consumer = new OAuthConsumer($ini['consumer_key'], $ini['consumer_secret']); - $rt_endpoint = $ini['apiroot'] . $ini['request_token_url']; - $parsed = parse_url($rt_endpoint); $params = array(); - parse_str($parsed['query'], $params); $hmac_method = new OAuthSignatureMethod_HMAC_SHA1(); -$req_req = OAuthRequest::from_consumer_and_token($test_consumer, NULL, "GET", $rt_endpoint, $params); -$req_req->sign_request($hmac_method, $test_consumer, NULL); - -$r = httpRequest($req_req->to_url()); +try { + $req_req = OAuthRequest::from_consumer_and_token($test_consumer, NULL, "GET", $rt_endpoint, $params); + $req_req->sign_request($hmac_method, $test_consumer, NULL); + $r = httpRequest($req_req->to_url()); +} catch (Exception $e) { + print $e->getMessage(); + var_dump($req_req); + exit(1); +} $body = $r->getBody(); - $token_stuff = array(); parse_str($body, $token_stuff); -$authurl = $ini['apiroot'] . $ini['authorize_url'] . '?oauth_token=' . $token_stuff['oauth_token']; +if (empty($token_stuff['oauth_token'])) { + print "Error: $body\n"; + exit(1); +} +$authurl = $ini['apiroot'] . $ini['authorize_url'] . '?oauth_token=' . $token_stuff['oauth_token']; +print "\nSuccess!\n\n"; print 'Request token : ' . $token_stuff['oauth_token'] . "\n"; print 'Request token secret : ' . $token_stuff['oauth_token_secret'] . "\n"; print "Authorize URL : $authurl\n"; -//var_dump($req_req); +print "\nNow paste the Authorize URL into your browser and authorize the request token.\n"; function httpRequest($url) { $request = HTTPClient::start(); - $request->setConfig(array( - 'follow_redirects' => true, - 'connect_timeout' => 120, - 'timeout' => 120, - 'ssl_verify_peer' => false, - 'ssl_verify_host' => false - )); + $request->setConfig( + array( + 'follow_redirects' => true, + 'connect_timeout' => 120, + 'timeout' => 120, + 'ssl_verify_peer' => false, + 'ssl_verify_host' => false + ) + ); return $request->get($url); } -- cgit v1.2.3-54-g00ecf From 30537700786967f8fd3c91ff3a7b5fc1acf09fe8 Mon Sep 17 00:00:00 2001 From: Zach Copley Date: Mon, 4 Oct 2010 18:36:02 -0700 Subject: A bit more work on the request token fetching test script --- tests/oauth/getrequesttoken.php | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) (limited to 'tests/oauth') diff --git a/tests/oauth/getrequesttoken.php b/tests/oauth/getrequesttoken.php index 7c0888354..fc6f03379 100755 --- a/tests/oauth/getrequesttoken.php +++ b/tests/oauth/getrequesttoken.php @@ -2,7 +2,7 @@ sign_request($hmac_method, $test_consumer, NULL); $r = httpRequest($req_req->to_url()); } catch (Exception $e) { + // oh noez print $e->getMessage(); var_dump($req_req); exit(1); -- cgit v1.2.3-54-g00ecf From 73a73c936251f4f481eba2ca0264b49064797067 Mon Sep 17 00:00:00 2001 From: Zach Copley Date: Tue, 5 Oct 2010 17:38:03 -0700 Subject: - Update getrequesttoken test script to use 1.0a - Some cleanup --- tests/oauth/getrequesttoken.php | 39 +++++++++++++++++++++++---------------- 1 file changed, 23 insertions(+), 16 deletions(-) (limited to 'tests/oauth') diff --git a/tests/oauth/getrequesttoken.php b/tests/oauth/getrequesttoken.php index fc6f03379..11ec126b7 100755 --- a/tests/oauth/getrequesttoken.php +++ b/tests/oauth/getrequesttoken.php @@ -2,7 +2,7 @@ sign_request($hmac_method, $test_consumer, NULL); - $r = httpRequest($req_req->to_url()); + $req = OAuthRequest::from_consumer_and_token( + $testConsumer, + null, + "GET", + $requestTokenUrl, + $params + ); + $req->sign_request($hmac_method, $testConsumer, NULL); + $r = httpRequest($req->to_url()); } catch (Exception $e) { // oh noez print $e->getMessage(); - var_dump($req_req); + var_dump($req); exit(1); } $body = $r->getBody(); -$token_stuff = array(); -parse_str($body, $token_stuff); +$tokenStuff = array(); +parse_str($body, $tokenStuff); -if (empty($token_stuff['oauth_token'])) { +if (empty($tokenStuff['oauth_token'])) { print "Error: $body\n"; exit(1); } -$authurl = $ini['apiroot'] . $ini['authorize_url'] . '?oauth_token=' . $token_stuff['oauth_token']; +$authurl = $ini['apiroot'] . $ini['authorize_url'] . '?oauth_token=' . $tokenStuff['oauth_token']; print "\nSuccess!\n\n"; -print 'Request token : ' . $token_stuff['oauth_token'] . "\n"; -print 'Request token secret : ' . $token_stuff['oauth_token_secret'] . "\n"; +print 'Request token : ' . $tokenStuff['oauth_token'] . "\n"; +print 'Request token secret : ' . $tokenStuff['oauth_token_secret'] . "\n"; print "Authorize URL : $authurl\n"; print "\nNow paste the Authorize URL into your browser and authorize the request token.\n"; @@ -72,7 +79,7 @@ print "\nNow paste the Authorize URL into your browser and authorize the request function httpRequest($url) { $request = HTTPClient::start(); - + $request->setConfig( array( 'follow_redirects' => true, @@ -82,7 +89,7 @@ function httpRequest($url) 'ssl_verify_host' => false ) ); - + return $request->get($url); } -- cgit v1.2.3-54-g00ecf From 5d5c4e8344ba8a16b7da36977693a3eec912880b Mon Sep 17 00:00:00 2001 From: Zach Copley Date: Wed, 6 Oct 2010 19:05:31 -0700 Subject: Some more cleanup --- tests/oauth/getrequesttoken.php | 28 +++++++++++++++------------- 1 file changed, 15 insertions(+), 13 deletions(-) (limited to 'tests/oauth') diff --git a/tests/oauth/getrequesttoken.php b/tests/oauth/getrequesttoken.php index 11ec126b7..045d59716 100755 --- a/tests/oauth/getrequesttoken.php +++ b/tests/oauth/getrequesttoken.php @@ -33,12 +33,13 @@ foreach(array('consumer_key', 'consumer_secret', 'apiroot', 'request_token_url') } } -$testConsumer = new OAuthConsumer($ini['consumer_key'], $ini['consumer_secret']); +$testConsumer = new OAuthConsumer($ini['consumer_key'], $ini['consumer_secret']); $requestTokenUrl = $ini['apiroot'] . $ini['request_token_url']; -$parsed = parse_url($requestTokenUrl); -$params = array(); +$parsed = parse_url($requestTokenUrl); +$params = array(); + parse_str($parsed['query'], $params); -$params['oauth_callback'] = 'oob'; +$params['oauth_callback'] = 'oob'; // out-of-band $hmac_method = new OAuthSignatureMethod_HMAC_SHA1(); @@ -59,22 +60,24 @@ try { exit(1); } -$body = $r->getBody(); +$body = $r->getBody(); $tokenStuff = array(); + parse_str($body, $tokenStuff); -if (empty($tokenStuff['oauth_token'])) { +$tok = $tokenStuff['oauth_token']; +$confirmed = $tokenStuff['oauth_callback_confirmed']; + +if (empty($tokenStuff['oauth_token']) || empty($confirmed) || $confirmed != 'true') { print "Error: $body\n"; exit(1); } -$authurl = $ini['apiroot'] . $ini['authorize_url'] . '?oauth_token=' . $tokenStuff['oauth_token']; -print "\nSuccess!\n\n"; -print 'Request token : ' . $tokenStuff['oauth_token'] . "\n"; -print 'Request token secret : ' . $tokenStuff['oauth_token_secret'] . "\n"; -print "Authorize URL : $authurl\n"; +$authurl = $ini['apiroot'] . $ini['authorize_url'] . '?oauth_token=' . $tok; -print "\nNow paste the Authorize URL into your browser and authorize the request token.\n"; +print "\nSuccess! "; +print "Authorize URL:\n\n$authurl\n\n"; +print "Now paste the Authorize URL into your browser and authorize your temporary credentials.\n"; function httpRequest($url) { @@ -92,4 +95,3 @@ function httpRequest($url) return $request->get($url); } - -- cgit v1.2.3-54-g00ecf From 9d5224e2b4ae8dc8e8ac8b2328db77a6c01fc232 Mon Sep 17 00:00:00 2001 From: Zach Copley Date: Thu, 7 Oct 2010 11:56:49 -0700 Subject: Change temp credential test script to use POST instead of GET (more useful for testing in general) --- tests/oauth/getrequesttoken.php | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) (limited to 'tests/oauth') diff --git a/tests/oauth/getrequesttoken.php b/tests/oauth/getrequesttoken.php index 045d59716..73f502af3 100755 --- a/tests/oauth/getrequesttoken.php +++ b/tests/oauth/getrequesttoken.php @@ -47,7 +47,7 @@ try { $req = OAuthRequest::from_consumer_and_token( $testConsumer, null, - "GET", + "POST", $requestTokenUrl, $params ); @@ -56,6 +56,7 @@ try { } catch (Exception $e) { // oh noez print $e->getMessage(); + print "OAuth Request:\n"; var_dump($req); exit(1); } @@ -93,5 +94,5 @@ function httpRequest($url) ) ); - return $request->get($url); + return $request->post($url); } -- cgit v1.2.3-54-g00ecf From 82a0a1a74b9452fbc122fed9ee9c4e0a86b7a79e Mon Sep 17 00:00:00 2001 From: Zach Copley Date: Thu, 7 Oct 2010 12:01:00 -0700 Subject: More OAuthy name for temp credentials fetching test script --- tests/oauth/fetch_temp_creds.php | 98 ++++++++++++++++++++++++++++++++++++++++ tests/oauth/getrequesttoken.php | 98 ---------------------------------------- 2 files changed, 98 insertions(+), 98 deletions(-) create mode 100755 tests/oauth/fetch_temp_creds.php delete mode 100755 tests/oauth/getrequesttoken.php (limited to 'tests/oauth') diff --git a/tests/oauth/fetch_temp_creds.php b/tests/oauth/fetch_temp_creds.php new file mode 100755 index 000000000..73f502af3 --- /dev/null +++ b/tests/oauth/fetch_temp_creds.php @@ -0,0 +1,98 @@ +#!/usr/bin/env php +. + */ + +define('INSTALLDIR', realpath(dirname(__FILE__) . '/../..')); + +require_once INSTALLDIR . '/scripts/commandline.inc'; +require_once INSTALLDIR . '/extlib/OAuth.php'; + +$ini = parse_ini_file("oauth.ini"); + +// Check to make sure we have everything we need from the ini file +foreach(array('consumer_key', 'consumer_secret', 'apiroot', 'request_token_url') as $inikey) { + if (empty($ini[$inikey])) { + print "You forgot to specify a $inikey in your oauth.ini file.\n"; + exit(1); + } +} + +$testConsumer = new OAuthConsumer($ini['consumer_key'], $ini['consumer_secret']); +$requestTokenUrl = $ini['apiroot'] . $ini['request_token_url']; +$parsed = parse_url($requestTokenUrl); +$params = array(); + +parse_str($parsed['query'], $params); +$params['oauth_callback'] = 'oob'; // out-of-band + +$hmac_method = new OAuthSignatureMethod_HMAC_SHA1(); + +try { + $req = OAuthRequest::from_consumer_and_token( + $testConsumer, + null, + "POST", + $requestTokenUrl, + $params + ); + $req->sign_request($hmac_method, $testConsumer, NULL); + $r = httpRequest($req->to_url()); +} catch (Exception $e) { + // oh noez + print $e->getMessage(); + print "OAuth Request:\n"; + var_dump($req); + exit(1); +} + +$body = $r->getBody(); +$tokenStuff = array(); + +parse_str($body, $tokenStuff); + +$tok = $tokenStuff['oauth_token']; +$confirmed = $tokenStuff['oauth_callback_confirmed']; + +if (empty($tokenStuff['oauth_token']) || empty($confirmed) || $confirmed != 'true') { + print "Error: $body\n"; + exit(1); +} + +$authurl = $ini['apiroot'] . $ini['authorize_url'] . '?oauth_token=' . $tok; + +print "\nSuccess! "; +print "Authorize URL:\n\n$authurl\n\n"; +print "Now paste the Authorize URL into your browser and authorize your temporary credentials.\n"; + +function httpRequest($url) +{ + $request = HTTPClient::start(); + + $request->setConfig( + array( + 'follow_redirects' => true, + 'connect_timeout' => 120, + 'timeout' => 120, + 'ssl_verify_peer' => false, + 'ssl_verify_host' => false + ) + ); + + return $request->post($url); +} diff --git a/tests/oauth/getrequesttoken.php b/tests/oauth/getrequesttoken.php deleted file mode 100755 index 73f502af3..000000000 --- a/tests/oauth/getrequesttoken.php +++ /dev/null @@ -1,98 +0,0 @@ -#!/usr/bin/env php -. - */ - -define('INSTALLDIR', realpath(dirname(__FILE__) . '/../..')); - -require_once INSTALLDIR . '/scripts/commandline.inc'; -require_once INSTALLDIR . '/extlib/OAuth.php'; - -$ini = parse_ini_file("oauth.ini"); - -// Check to make sure we have everything we need from the ini file -foreach(array('consumer_key', 'consumer_secret', 'apiroot', 'request_token_url') as $inikey) { - if (empty($ini[$inikey])) { - print "You forgot to specify a $inikey in your oauth.ini file.\n"; - exit(1); - } -} - -$testConsumer = new OAuthConsumer($ini['consumer_key'], $ini['consumer_secret']); -$requestTokenUrl = $ini['apiroot'] . $ini['request_token_url']; -$parsed = parse_url($requestTokenUrl); -$params = array(); - -parse_str($parsed['query'], $params); -$params['oauth_callback'] = 'oob'; // out-of-band - -$hmac_method = new OAuthSignatureMethod_HMAC_SHA1(); - -try { - $req = OAuthRequest::from_consumer_and_token( - $testConsumer, - null, - "POST", - $requestTokenUrl, - $params - ); - $req->sign_request($hmac_method, $testConsumer, NULL); - $r = httpRequest($req->to_url()); -} catch (Exception $e) { - // oh noez - print $e->getMessage(); - print "OAuth Request:\n"; - var_dump($req); - exit(1); -} - -$body = $r->getBody(); -$tokenStuff = array(); - -parse_str($body, $tokenStuff); - -$tok = $tokenStuff['oauth_token']; -$confirmed = $tokenStuff['oauth_callback_confirmed']; - -if (empty($tokenStuff['oauth_token']) || empty($confirmed) || $confirmed != 'true') { - print "Error: $body\n"; - exit(1); -} - -$authurl = $ini['apiroot'] . $ini['authorize_url'] . '?oauth_token=' . $tok; - -print "\nSuccess! "; -print "Authorize URL:\n\n$authurl\n\n"; -print "Now paste the Authorize URL into your browser and authorize your temporary credentials.\n"; - -function httpRequest($url) -{ - $request = HTTPClient::start(); - - $request->setConfig( - array( - 'follow_redirects' => true, - 'connect_timeout' => 120, - 'timeout' => 120, - 'ssl_verify_peer' => false, - 'ssl_verify_host' => false - ) - ); - - return $request->post($url); -} -- cgit v1.2.3-54-g00ecf From b8f2cc4e6f121f4ffacefb6fe632beb3b25eb126 Mon Sep 17 00:00:00 2001 From: Zach Copley Date: Thu, 7 Oct 2010 13:51:47 -0700 Subject: Make the verifier pin display a little nicer --- actions/apioauthauthorize.php | 25 ++++++++++++++++--------- actions/apioauthpin.php | 16 +++++++--------- tests/oauth/fetch_temp_creds.php | 2 +- 3 files changed, 24 insertions(+), 19 deletions(-) (limited to 'tests/oauth') diff --git a/actions/apioauthauthorize.php b/actions/apioauthauthorize.php index 6772052f2..d0b621140 100644 --- a/actions/apioauthauthorize.php +++ b/actions/apioauthauthorize.php @@ -449,21 +449,28 @@ class ApiOauthAuthorizeAction extends Action function showAuthorized() { + $title = sprintf( + _("You have successfully authorized %s."), + $this->app->name + ); - if ($this->reqToken->verified_callback == 'oob') { + $msg = sprintf( + _('Please return to %s and enter the following security code to complete the process.'), + $this->app->name + ); - $pin = new ApiOauthPinAction($this->reqToken->verifier); + if ($this->reqToken->verified_callback == 'oob') { + $pin = new ApiOauthPinAction($title, $msg, $this->reqToken->verifier); $pin->showPage(); - } else { + // NOTE: This should probably never happen; trhow an error instead? + $info = new InfoAction( - _("Authorization succeeded."), - sprintf( - _('The request token %s has been authorized. Please exchange it for an access token using this verifier: %s'), - $this->oauthTokenParam, - $this->reqToken->verifier - ) + $title, + $msg, + $this->oauthTokenParam, + $this->reqToken->verifier ); $info->showPage(); diff --git a/actions/apioauthpin.php b/actions/apioauthpin.php index 5a88b5e59..5e6713a54 100644 --- a/actions/apioauthpin.php +++ b/actions/apioauthpin.php @@ -36,6 +36,8 @@ require_once INSTALLDIR . '/lib/info.php'; /** * Class for displaying an OAuth verifier pin * + * XXX: I'm pretty sure we don't need to check the logged in state here. -- Zach + * * @category Action * @package StatusNet * @author Zach Copley @@ -45,16 +47,13 @@ require_once INSTALLDIR . '/lib/info.php'; class ApiOauthPinAction extends InfoAction { - - function __construct($verifier) + function __construct($title, $message, $verifier) { $this->verifier = $verifier; - $title = _('Authorization succeeded.'); - parent::__construct($title, $title); + $this->title = $title; + parent::__construct($title, $message); } - // TODO: Check for logged in state! - /** * Display content. * @@ -62,8 +61,7 @@ class ApiOauthPinAction extends InfoAction */ function showContent() { - // XXX: make this much nicer - $this->element('div', array('class' => 'info'), $this->verifier); + $this->element('div', array('class' => 'info'), $this->message); + $this->element('div', array('id' => 'oauth_pin'), $this->verifier); } - } diff --git a/tests/oauth/fetch_temp_creds.php b/tests/oauth/fetch_temp_creds.php index 73f502af3..63ca351cd 100755 --- a/tests/oauth/fetch_temp_creds.php +++ b/tests/oauth/fetch_temp_creds.php @@ -56,7 +56,7 @@ try { } catch (Exception $e) { // oh noez print $e->getMessage(); - print "OAuth Request:\n"; + print "\nOAuth Request:\n"; var_dump($req); exit(1); } -- cgit v1.2.3-54-g00ecf From 70cad115734f0c34a5a2c7d6c8ce2492056a7a07 Mon Sep 17 00:00:00 2001 From: Zach Copley Date: Thu, 7 Oct 2010 18:33:14 -0700 Subject: Update access token fetching test script to 1.0a --- tests/oauth/exchangetokens.php | 115 ++++++++++++++++++++++++++------------- tests/oauth/fetch_temp_creds.php | 36 +++++++----- 2 files changed, 99 insertions(+), 52 deletions(-) (limited to 'tests/oauth') diff --git a/tests/oauth/exchangetokens.php b/tests/oauth/exchangetokens.php index 2394826c7..049c0cad0 100755 --- a/tests/oauth/exchangetokens.php +++ b/tests/oauth/exchangetokens.php @@ -24,82 +24,121 @@ require_once INSTALLDIR . '/extlib/OAuth.php'; $ini = parse_ini_file("oauth.ini"); -$test_consumer = new OAuthConsumer($ini['consumer_key'], $ini['consumer_secret']); +// Check to make sure we have everything we need from the ini file +foreach(array('consumer_key', 'consumer_secret', 'apiroot', 'access_token_url') as $inikey) { + if (empty($ini[$inikey])) { + print "You forgot to specify a $inikey in your oauth.ini file.\n"; + exit(1); + } +} + +$consumer = new OAuthConsumer($ini['consumer_key'], $ini['consumer_secret']); -$at_endpoint = $ini['apiroot'] . $ini['access_token_url']; +$endpoint = $ini['apiroot'] . $ini['access_token_url']; -$shortoptions = 't:s:'; -$longoptions = array('oauth_token=', 'token_secret='); +$shortoptions = 't:s:v:'; +$longoptions = array('oauth_token=', 'oauth_token_secret=', 'oauth_verifier='); $helptext = <<sign_request($hmac_method, $test_consumer, $rt); +try { -$r = httpRequest($req_req->to_url()); + $oauthReq = OAuthRequest::from_consumer_and_token( + $consumer, + $rtok, + "POST", + $endpoint, + $params + ); -common_debug("Exchange request token = " . var_export($rt, true)); -common_debug("Exchange tokens URL: " . $req_req->to_url()); + $oauthReq->sign_request($hmac_method, $consumer, $rtok); -$body = $r->getBody(); + $httpReq = httpRequest($endpoint, $oauthReq->to_postdata()); + $body = $httpReq->getBody(); -$token_stuff = array(); -parse_str($body, $token_stuff); +} catch (Exception $e) { + // oh noez + print $e->getMessage(); + print "\nOAuth Request:\n"; + var_dump($oauthReq); + exit(1); +} -print 'Access token : ' . $token_stuff['oauth_token'] . "\n"; -print 'Access token secret : ' . $token_stuff['oauth_token_secret'] . "\n"; +$tokenStuff = array(); +parse_str($body, $tokenStuff); -function httpRequest($url) +if (empty($tokenStuff['oauth_token']) || empty($tokenStuff['oauth_token_secret'])) { + print "Error! HTTP response body: $body\n"; + exit(1); +} + +print "Access Token\n"; +print ' - oauth_token = ' . $tokenStuff['oauth_token'] . "\n"; +print ' - oauth_token_secret = ' . $tokenStuff['oauth_token_secret'] . "\n"; + +function httpRequest($endpoint, $poststr) { $request = HTTPClient::start(); - $request->setConfig(array( - 'follow_redirects' => true, - 'connect_timeout' => 120, - 'timeout' => 120, - 'ssl_verify_peer' => false, - 'ssl_verify_host' => false - )); - - return $request->get($url); + $request->setConfig( + array( + 'follow_redirects' => true, + 'connect_timeout' => 120, + 'timeout' => 120, + 'ssl_verify_peer' => false, + 'ssl_verify_host' => false + ) + ); + + parse_str($poststr, $postdata); + return $request->post($endpoint, null, $postdata); } diff --git a/tests/oauth/fetch_temp_creds.php b/tests/oauth/fetch_temp_creds.php index 63ca351cd..bea512a91 100755 --- a/tests/oauth/fetch_temp_creds.php +++ b/tests/oauth/fetch_temp_creds.php @@ -33,10 +33,10 @@ foreach(array('consumer_key', 'consumer_secret', 'apiroot', 'request_token_url') } } -$testConsumer = new OAuthConsumer($ini['consumer_key'], $ini['consumer_secret']); -$requestTokenUrl = $ini['apiroot'] . $ini['request_token_url']; -$parsed = parse_url($requestTokenUrl); -$params = array(); +$consumer = new OAuthConsumer($ini['consumer_key'], $ini['consumer_secret']); +$endpoint = $ini['apiroot'] . $ini['request_token_url']; +$parsed = parse_url($endpoint); +$params = array(); parse_str($parsed['query'], $params); $params['oauth_callback'] = 'oob'; // out-of-band @@ -45,14 +45,14 @@ $hmac_method = new OAuthSignatureMethod_HMAC_SHA1(); try { $req = OAuthRequest::from_consumer_and_token( - $testConsumer, + $consumer, null, "POST", - $requestTokenUrl, + $endpoint, $params ); - $req->sign_request($hmac_method, $testConsumer, NULL); - $r = httpRequest($req->to_url()); + $req->sign_request($hmac_method, $consumer, NULL); + $r = httpRequest($endpoint, $req->to_postdata()); } catch (Exception $e) { // oh noez print $e->getMessage(); @@ -69,18 +69,24 @@ parse_str($body, $tokenStuff); $tok = $tokenStuff['oauth_token']; $confirmed = $tokenStuff['oauth_callback_confirmed']; -if (empty($tokenStuff['oauth_token']) || empty($confirmed) || $confirmed != 'true') { - print "Error: $body\n"; +if (empty($tokenStuff['oauth_token']) + || empty($tokenStuff['oauth_token_secret']) + || empty($confirmed) + || $confirmed != 'true') +{ + print "Error! HTTP response body: $body\n"; exit(1); } $authurl = $ini['apiroot'] . $ini['authorize_url'] . '?oauth_token=' . $tok; -print "\nSuccess! "; -print "Authorize URL:\n\n$authurl\n\n"; +print "Request Token\n"; +print ' - oauth_token = ' . $tokenStuff['oauth_token'] . "\n"; +print ' - oauth_token_secret = ' . $tokenStuff['oauth_token_secret'] . "\n"; +print "Authorize URL\n $authurl\n\n"; print "Now paste the Authorize URL into your browser and authorize your temporary credentials.\n"; -function httpRequest($url) +function httpRequest($endpoint, $poststr) { $request = HTTPClient::start(); @@ -94,5 +100,7 @@ function httpRequest($url) ) ); - return $request->post($url); + // Turn signed request query string back into an array + parse_str($poststr, $postdata); + return $request->post($endpoint, null, $postdata); } -- cgit v1.2.3-54-g00ecf From 46de847ce0b72a85b96fcbea94624db98c265d45 Mon Sep 17 00:00:00 2001 From: Zach Copley Date: Thu, 7 Oct 2010 18:41:34 -0700 Subject: Rename OAuth token credential fetching script --- tests/oauth/exchangetokens.php | 144 ------------------------------------- tests/oauth/fetch_token_creds.php | 146 ++++++++++++++++++++++++++++++++++++++ 2 files changed, 146 insertions(+), 144 deletions(-) delete mode 100755 tests/oauth/exchangetokens.php create mode 100755 tests/oauth/fetch_token_creds.php (limited to 'tests/oauth') diff --git a/tests/oauth/exchangetokens.php b/tests/oauth/exchangetokens.php deleted file mode 100755 index 049c0cad0..000000000 --- a/tests/oauth/exchangetokens.php +++ /dev/null @@ -1,144 +0,0 @@ -#!/usr/bin/env php -. - */ - -define('INSTALLDIR', realpath(dirname(__FILE__) . '/../..')); - -require_once INSTALLDIR . '/extlib/OAuth.php'; - -$ini = parse_ini_file("oauth.ini"); - -// Check to make sure we have everything we need from the ini file -foreach(array('consumer_key', 'consumer_secret', 'apiroot', 'access_token_url') as $inikey) { - if (empty($ini[$inikey])) { - print "You forgot to specify a $inikey in your oauth.ini file.\n"; - exit(1); - } -} - -$consumer = new OAuthConsumer($ini['consumer_key'], $ini['consumer_secret']); - -$endpoint = $ini['apiroot'] . $ini['access_token_url']; - -$shortoptions = 't:s:v:'; -$longoptions = array('oauth_token=', 'oauth_token_secret=', 'oauth_verifier='); - -$helptext = <<sign_request($hmac_method, $consumer, $rtok); - - $httpReq = httpRequest($endpoint, $oauthReq->to_postdata()); - $body = $httpReq->getBody(); - -} catch (Exception $e) { - // oh noez - print $e->getMessage(); - print "\nOAuth Request:\n"; - var_dump($oauthReq); - exit(1); -} - -$tokenStuff = array(); -parse_str($body, $tokenStuff); - -if (empty($tokenStuff['oauth_token']) || empty($tokenStuff['oauth_token_secret'])) { - print "Error! HTTP response body: $body\n"; - exit(1); -} - -print "Access Token\n"; -print ' - oauth_token = ' . $tokenStuff['oauth_token'] . "\n"; -print ' - oauth_token_secret = ' . $tokenStuff['oauth_token_secret'] . "\n"; - -function httpRequest($endpoint, $poststr) -{ - $request = HTTPClient::start(); - - $request->setConfig( - array( - 'follow_redirects' => true, - 'connect_timeout' => 120, - 'timeout' => 120, - 'ssl_verify_peer' => false, - 'ssl_verify_host' => false - ) - ); - - parse_str($poststr, $postdata); - return $request->post($endpoint, null, $postdata); -} - diff --git a/tests/oauth/fetch_token_creds.php b/tests/oauth/fetch_token_creds.php new file mode 100755 index 000000000..a508c7240 --- /dev/null +++ b/tests/oauth/fetch_token_creds.php @@ -0,0 +1,146 @@ +#!/usr/bin/env php +. + */ + +define('INSTALLDIR', realpath(dirname(__FILE__) . '/../..')); + +require_once INSTALLDIR . '/extlib/OAuth.php'; + +$ini = parse_ini_file("oauth.ini"); + +// Check to make sure we have everything we need from the ini file +foreach(array('consumer_key', 'consumer_secret', 'apiroot', 'access_token_url') as $inikey) { + if (empty($ini[$inikey])) { + print "You forgot to specify a $inikey in your oauth.ini file.\n"; + exit(1); + } +} + +$consumer = new OAuthConsumer($ini['consumer_key'], $ini['consumer_secret']); + +$endpoint = $ini['apiroot'] . $ini['access_token_url']; + +$shortoptions = 't:s:v:'; +$longoptions = array('oauth_token=', 'oauth_token_secret=', 'oauth_verifier='); + +$helptext = <<sign_request($hmac_method, $consumer, $rtok); + + $httpReq = httpRequest($endpoint, $oauthReq->to_postdata()); + $body = $httpReq->getBody(); + +} catch (Exception $e) { + // oh noez + print $e->getMessage(); + print "\nOAuth Request:\n"; + var_dump($oauthReq); + exit(1); +} + +$tokenStuff = array(); +parse_str($body, $tokenStuff); + +if (empty($tokenStuff['oauth_token']) || empty($tokenStuff['oauth_token_secret'])) { + print "Error! HTTP response body: $body\n"; + exit(1); +} + +print "Access Token\n"; +print ' - oauth_token = ' . $tokenStuff['oauth_token'] . "\n"; +print ' - oauth_token_secret = ' . $tokenStuff['oauth_token_secret'] . "\n"; + +function httpRequest($endpoint, $poststr) +{ + $request = HTTPClient::start(); + + $request->setConfig( + array( + 'follow_redirects' => true, + 'connect_timeout' => 120, + 'timeout' => 120, + 'ssl_verify_peer' => false, + 'ssl_verify_host' => false + ) + ); + + parse_str($poststr, $postdata); + return $request->post($endpoint, null, $postdata); +} + -- cgit v1.2.3-54-g00ecf From 474834a332d0bacb4f54eae43d07133a0384d5bc Mon Sep 17 00:00:00 2001 From: Zach Copley Date: Thu, 7 Oct 2010 19:23:43 -0700 Subject: Some fixups to this the OAuth verify credentials test script --- tests/oauth/verifycreds.php | 76 ++++++++++++++++++++++++--------------------- 1 file changed, 41 insertions(+), 35 deletions(-) (limited to 'tests/oauth') diff --git a/tests/oauth/verifycreds.php b/tests/oauth/verifycreds.php index 873bdb8bd..7eea6e7e7 100755 --- a/tests/oauth/verifycreds.php +++ b/tests/oauth/verifycreds.php @@ -22,15 +22,15 @@ define('INSTALLDIR', realpath(dirname(__FILE__) . '/../..')); require_once INSTALLDIR . '/extlib/OAuth.php'; -$shortoptions = 'o:s:'; -$longoptions = array('oauth_token=', 'token_secret='); +$shortoptions = 't:s:'; +$longoptions = array('oauth_token=', 'oauth_token_secret='); $helptext = <<sign_request($hmac_method, $test_consumer, $at); + $hmac_method = new OAuthSignatureMethod_HMAC_SHA1(); -$r = httpRequest($req_req->to_url()); + $oauthReq = OAuthRequest::from_consumer_and_token( + $consumer, + $atok, + "GET", + $endpoint, + $params + ); -$body = $r->getBody(); + $oauthReq->sign_request($hmac_method, $consumer, $atok); -print "$body\n"; + $httpReq = httpRequest($oauthReq->to_url()); -//print $req_req->to_url() . "\n\n"; +} catch (Exception $e) { + print "Error! HTTP response body: " . $httpReq->getBody(); + exit(1); +} + +print $httpReq->getBody(); function httpRequest($url) { $request = HTTPClient::start(); - $request->setConfig(array( - 'follow_redirects' => true, - 'connect_timeout' => 120, - 'timeout' => 120, - 'ssl_verify_peer' => false, - 'ssl_verify_host' => false - )); + $request->setConfig( + array( + 'follow_redirects' => true, + 'connect_timeout' => 120, + 'timeout' => 120, + 'ssl_verify_peer' => false, + 'ssl_verify_host' => false + ) + ); return $request->get($url); } - -- cgit v1.2.3-54-g00ecf From be1668a1bd8436952bd9ee36ed710fae9834643f Mon Sep 17 00:00:00 2001 From: Zach Copley Date: Thu, 7 Oct 2010 19:24:24 -0700 Subject: Renamed the OAuth verify credentials test script --- tests/oauth/oauth_verify_creds.php | 107 +++++++++++++++++++++++++++++++++++++ tests/oauth/verifycreds.php | 107 ------------------------------------- 2 files changed, 107 insertions(+), 107 deletions(-) create mode 100755 tests/oauth/oauth_verify_creds.php delete mode 100755 tests/oauth/verifycreds.php (limited to 'tests/oauth') diff --git a/tests/oauth/oauth_verify_creds.php b/tests/oauth/oauth_verify_creds.php new file mode 100755 index 000000000..7eea6e7e7 --- /dev/null +++ b/tests/oauth/oauth_verify_creds.php @@ -0,0 +1,107 @@ +#!/usr/bin/env php +. + */ + +define('INSTALLDIR', realpath(dirname(__FILE__) . '/../..')); + +require_once INSTALLDIR . '/extlib/OAuth.php'; + +$shortoptions = 't:s:'; +$longoptions = array('oauth_token=', 'oauth_token_secret='); + +$helptext = <<sign_request($hmac_method, $consumer, $atok); + + $httpReq = httpRequest($oauthReq->to_url()); + +} catch (Exception $e) { + print "Error! HTTP response body: " . $httpReq->getBody(); + exit(1); +} + +print $httpReq->getBody(); + +function httpRequest($url) +{ + $request = HTTPClient::start(); + + $request->setConfig( + array( + 'follow_redirects' => true, + 'connect_timeout' => 120, + 'timeout' => 120, + 'ssl_verify_peer' => false, + 'ssl_verify_host' => false + ) + ); + + return $request->get($url); +} diff --git a/tests/oauth/verifycreds.php b/tests/oauth/verifycreds.php deleted file mode 100755 index 7eea6e7e7..000000000 --- a/tests/oauth/verifycreds.php +++ /dev/null @@ -1,107 +0,0 @@ -#!/usr/bin/env php -. - */ - -define('INSTALLDIR', realpath(dirname(__FILE__) . '/../..')); - -require_once INSTALLDIR . '/extlib/OAuth.php'; - -$shortoptions = 't:s:'; -$longoptions = array('oauth_token=', 'oauth_token_secret='); - -$helptext = <<sign_request($hmac_method, $consumer, $atok); - - $httpReq = httpRequest($oauthReq->to_url()); - -} catch (Exception $e) { - print "Error! HTTP response body: " . $httpReq->getBody(); - exit(1); -} - -print $httpReq->getBody(); - -function httpRequest($url) -{ - $request = HTTPClient::start(); - - $request->setConfig( - array( - 'follow_redirects' => true, - 'connect_timeout' => 120, - 'timeout' => 120, - 'ssl_verify_peer' => false, - 'ssl_verify_host' => false - ) - ); - - return $request->get($url); -} -- cgit v1.2.3-54-g00ecf From 3e0a1e3b884f31473383825fa9b54ab4e3e7b578 Mon Sep 17 00:00:00 2001 From: Zach Copley Date: Thu, 7 Oct 2010 19:40:31 -0700 Subject: Some fixups --- tests/oauth/statusupdate.php | 77 +++++++++++++++++++++++++------------------- 1 file changed, 43 insertions(+), 34 deletions(-) (limited to 'tests/oauth') diff --git a/tests/oauth/statusupdate.php b/tests/oauth/statusupdate.php index 4aa230e28..5e9d2a7ab 100644 --- a/tests/oauth/statusupdate.php +++ b/tests/oauth/statusupdate.php @@ -22,16 +22,16 @@ define('INSTALLDIR', realpath(dirname(__FILE__) . '/../..')); require_once INSTALLDIR . '/extlib/OAuth.php'; -$shortoptions = 'o:s:u:'; +$shortoptions = 't:s:u:'; $longoptions = array('oauth_token=', 'token_secret=', 'update='); $helptext = <<sign_request($hmac_method, $test_consumer, $at); +try { -$r = httpRequest($req_req->to_url()); + $oauthReq = OAuthRequest::from_consumer_and_token( + $consumer, + $atok, + 'POST', + $endpoint, + $params + ); -$body = $r->getBody(); + $oauthReq->sign_request($hmac_method, $consumer, $atok); -print "$body\n"; + $httpReq = httpRequest($endpoint, $oauthReq->to_postdata()); -//print $req_req->to_url() . "\n\n"; + print $httpReq->getBody(); -function httpRequest($url) +} catch (Exception $e) { + print "Error! . $e->getMessage() . 'HTTP reponse body: " . $httpReq->getBody(); + exit(1); +} + +function httpRequest($endpoint, $poststr) { $request = HTTPClient::start(); - $request->setConfig(array( - 'follow_redirects' => true, - 'connect_timeout' => 120, - 'timeout' => 120, - 'ssl_verify_peer' => false, - 'ssl_verify_host' => false - )); - - return $request->post($url); + $request->setConfig( + array( + 'follow_redirects' => true, + 'connect_timeout' => 120, + 'timeout' => 120, + 'ssl_verify_peer' => false, + 'ssl_verify_host' => false + ) + ); + + // Turn signed request query string back into an array + parse_str($poststr, $postdata); + return $request->post($endpoint, null, $postdata); } -- cgit v1.2.3-54-g00ecf From 626f3066002c707e11befcbba84aa7f3b372fd0c Mon Sep 17 00:00:00 2001 From: Zach Copley Date: Thu, 7 Oct 2010 19:41:05 -0700 Subject: Rename OAuth status update script --- tests/oauth/oauth_post_notice.php | 124 ++++++++++++++++++++++++++++++++++++++ tests/oauth/statusupdate.php | 124 -------------------------------------- 2 files changed, 124 insertions(+), 124 deletions(-) create mode 100644 tests/oauth/oauth_post_notice.php delete mode 100644 tests/oauth/statusupdate.php (limited to 'tests/oauth') diff --git a/tests/oauth/oauth_post_notice.php b/tests/oauth/oauth_post_notice.php new file mode 100644 index 000000000..5e9d2a7ab --- /dev/null +++ b/tests/oauth/oauth_post_notice.php @@ -0,0 +1,124 @@ +#!/usr/bin/env php +. + **/ + +define('INSTALLDIR', realpath(dirname(__FILE__) . '/../..')); + +require_once INSTALLDIR . '/extlib/OAuth.php'; + +$shortoptions = 't:s:u:'; +$longoptions = array('oauth_token=', 'token_secret=', 'update='); + +$helptext = <<sign_request($hmac_method, $consumer, $atok); + + $httpReq = httpRequest($endpoint, $oauthReq->to_postdata()); + + print $httpReq->getBody(); + +} catch (Exception $e) { + print "Error! . $e->getMessage() . 'HTTP reponse body: " . $httpReq->getBody(); + exit(1); +} + +function httpRequest($endpoint, $poststr) +{ + $request = HTTPClient::start(); + + $request->setConfig( + array( + 'follow_redirects' => true, + 'connect_timeout' => 120, + 'timeout' => 120, + 'ssl_verify_peer' => false, + 'ssl_verify_host' => false + ) + ); + + // Turn signed request query string back into an array + parse_str($poststr, $postdata); + return $request->post($endpoint, null, $postdata); +} + diff --git a/tests/oauth/statusupdate.php b/tests/oauth/statusupdate.php deleted file mode 100644 index 5e9d2a7ab..000000000 --- a/tests/oauth/statusupdate.php +++ /dev/null @@ -1,124 +0,0 @@ -#!/usr/bin/env php -. - **/ - -define('INSTALLDIR', realpath(dirname(__FILE__) . '/../..')); - -require_once INSTALLDIR . '/extlib/OAuth.php'; - -$shortoptions = 't:s:u:'; -$longoptions = array('oauth_token=', 'token_secret=', 'update='); - -$helptext = <<sign_request($hmac_method, $consumer, $atok); - - $httpReq = httpRequest($endpoint, $oauthReq->to_postdata()); - - print $httpReq->getBody(); - -} catch (Exception $e) { - print "Error! . $e->getMessage() . 'HTTP reponse body: " . $httpReq->getBody(); - exit(1); -} - -function httpRequest($endpoint, $poststr) -{ - $request = HTTPClient::start(); - - $request->setConfig( - array( - 'follow_redirects' => true, - 'connect_timeout' => 120, - 'timeout' => 120, - 'ssl_verify_peer' => false, - 'ssl_verify_host' => false - ) - ); - - // Turn signed request query string back into an array - parse_str($poststr, $postdata); - return $request->post($endpoint, null, $postdata); -} - -- cgit v1.2.3-54-g00ecf From 590d96f70e79e371610633e48497e14b5e6bc445 Mon Sep 17 00:00:00 2001 From: Zach Copley Date: Thu, 7 Oct 2010 19:43:55 -0700 Subject: Rename oauth.ini example to oauth.ini.sample --- tests/oauth/oauth.ini | 10 ---------- tests/oauth/oauth.ini.sample | 10 ++++++++++ 2 files changed, 10 insertions(+), 10 deletions(-) delete mode 100644 tests/oauth/oauth.ini create mode 100644 tests/oauth/oauth.ini.sample (limited to 'tests/oauth') diff --git a/tests/oauth/oauth.ini b/tests/oauth/oauth.ini deleted file mode 100644 index 16b747fe4..000000000 --- a/tests/oauth/oauth.ini +++ /dev/null @@ -1,10 +0,0 @@ -; Setup OAuth info here -apiroot = "http://YOURSTATUSNET/api" - -request_token_url = "/oauth/request_token" -authorize_url = "/oauth/authorize" -access_token_url = "/oauth/access_token" - -consumer_key = "b748968e9bea81a53f3a3c15aa0c686f" -consumer_secret = "5434e18cce05d9e53cdd48029a62fa41" - diff --git a/tests/oauth/oauth.ini.sample b/tests/oauth/oauth.ini.sample new file mode 100644 index 000000000..16b747fe4 --- /dev/null +++ b/tests/oauth/oauth.ini.sample @@ -0,0 +1,10 @@ +; Setup OAuth info here +apiroot = "http://YOURSTATUSNET/api" + +request_token_url = "/oauth/request_token" +authorize_url = "/oauth/authorize" +access_token_url = "/oauth/access_token" + +consumer_key = "b748968e9bea81a53f3a3c15aa0c686f" +consumer_secret = "5434e18cce05d9e53cdd48029a62fa41" + -- cgit v1.2.3-54-g00ecf From baa8ae778a01326927394818335d410233d24c49 Mon Sep 17 00:00:00 2001 From: Zach Copley Date: Thu, 7 Oct 2010 19:46:46 -0700 Subject: Update OAuth test script README --- tests/oauth/README | 162 +++++++++++++++++++++++++++++++++++++++++++++++++---- 1 file changed, 150 insertions(+), 12 deletions(-) (limited to 'tests/oauth') diff --git a/tests/oauth/README b/tests/oauth/README index dd76feb0c..13f1d0c03 100644 --- a/tests/oauth/README +++ b/tests/oauth/README @@ -1,22 +1,160 @@ Some very rough test scripts for hitting up the OAuth endpoints. -Note: this works best if you register an OAuth application, leaving -the callback URL blank. +These instructions assume you understand the basics of how OAuth +works. You may want to read up about it first. Here are some good +resources for learning about OAuth: -Put your instance info and consumer key and secret in oauth.ini + http://hueniverse.com/oauth/ + http://tools.ietf.org/html/rfc5849 -Example usage: --------------- +To use these scripts (and OAuth in general) first you will need to +register and OAuth client application with your StatusNet instance: -php getrequesttoken.php + http://example.status.net/settings/oauthapps -Gets a request token, token secret and a url to authorize it. Once -you authorize the request token you can exchange it for an access token... +oauth.ini +--------- -php exchangetokens.php --oauth_token=b9a79548a88c1aa9a5bea73103c6d41d --token_secret=4a47d9337fc0202a14ab552e17a3b657 +Using oauth.ini.sample as a guide, put your StatusNet OAuth endpoints +and consumer key and secret in a file called oauth.ini and save it +in the same directory as these scripts. -Once you have your access token, go ahead and try a protected API -resource: +fetch_temp_creds.php +-------------------- -php verifycreds.php --oauth_token=cf2de7665f0dda0a82c2dc39b01be7f9 --token_secret=4524c3b712200138e1a4cff2e9ca83d8 +Will fetch a request token, token secret and a URL to authorize the +token. Once you authorize the request token, you can exchange it +for an access token. + +example usage: + + $ php fetch_temp_creds.php + Request Token + - oauth_token = 89d481e376edc622f08da5791e6a4446 + - oauth_token_secret = 6d028bcd1ea125cbed7da2f254219885 + Authorize URL + http://example.status.net/api/oauth/authorize?oauth_token=89d481e376edc622f08da5791e6a4446 + + Now paste the Authorize URL into your browser and authorize your temporary credentials. + +fetch_token_creds.php +--------------------- + +After you have authorized your request token, you will be presented +with a verifier code, or pin, in your browser, which you will need +to get an access token. Make sure you copy it into a text buffer +or write it down or something. Then call fetch_token_credentials.php +to exchange your temporary credentials for real token credentials. + +example usage: + + $ php fetch_token_creds.php -t 89d481e376edc622f08da5791e6a4446 -s 6d028bcd1ea125cbed7da2f254219885 -v 305162 + Access Token + - oauth_token = 9b354df102d8e2b4621122c85d8d045c + - oauth_token_secret = 1800a88f1574b47d595214a74e5b1ec5 + + +oauth_verify_credentials.php +---------------------------- + +Now you should have real token credentials (an OAuth access token) +and you can access protected API resources. This is an example +script that calls /api/account/verify_credentials.xml. + +example usage: + + $ php oauth_verify_creds.php -t 80305cd15c5c69834364ac02d7f9178c -s 673e3b2978b1b92c8edbfe172505fee1 + + + 23 + zach + zach + + + http://example.status.net/theme/default/default-avatar-stream.png + + false + 0 + + + + + + 0 + Thu Sep 30 23:11:00 +0000 2010 + 0 + 0 + UTC + + false + 4 + true + false + true + + gar + false + Wed Oct 06 23:40:14 +0000 2010 + + web + 7 + + + + false + gar + + http://example.status.net/statusnet/zach + + +oauth_post_notice.php +--------------------- + +This is another test script that lets you post a notice via OAuth. + +example usage: + + $ php oauth_post_notice.php -t 80305cd15c5c69834364ac02d7f9178c -s 673e3b2978b1b92c8edbfe172505fee1 -u 'Test test test...' + + + Test test test... + false + Fri Oct 08 02:37:35 +0000 2010 + + <a href="http://banana.com" rel="nofollow">Banana</a> + 8 + + + + false + + 23 + zach + zach + + + http://example.status.net/statusnet/theme/default/default-avatar-stream.png + + false + 0 + + + + + + 0 + Thu Sep 30 23:11:00 +0000 2010 + 0 + 0 + UTC + + false + 5 + true + false + true + http://example.status.net/statusnet/zach + + Test test test... + -- cgit v1.2.3-54-g00ecf