I am working on a small PHP script which calls an API. This API uses OAuth 1.0 authorization. Hence I need to create the signature and request-header. I am pretty sure my signature-generation method and the generation of the request-header work well as I have done the same in C# (where the everything works) and the signature as well as the header look quite the same.
Generating signature:
function generateSignature($method,$url,$consumerKey,$consumerSecret,$tokenValue,$tokenSecret,$timestamp, $nonce, $signatureMethod, $version)
{
$base = $method . "&" . rawurlencode($url) . "&"
. rawurlencode("oauth_consumer_key=" . rawurlencode($consumerKey)
. "&oauth_nonce=" . rawurlencode($nonce)
. "&oauth_signature_method=" . rawurlencode($signatureMethod)
. "&oauth_timestamp=" . rawurlencode($timestamp)
. "&oauth_token=" . rawurlencode($tokenValue)
. "&oauth_version=" . rawurlencode($version));
$key = rawurlencode($consumerSecret) . '&' . rawurlencode($tokenSecret);
$signature = base64_encode(hash_hmac('sha1', $base, $key, true));
return $signature;
}Generating authorization header:
$authHeader = "OAuth realm=".""","."
oauth_consumer_key="{$consumerKey}",
oauth_nonce="{$nonce}",
oauth_signature_method="{$signatureMethod}",
oauth_timestamp="{$timestamp}",
oauth_token="{$tokenValue}",
oauth_version="{$version}",
oauth_signature="{$signature}"";I got stuck at the point of passing the authorization header over to the API I am calling.
Setting the authorization:
$header = array('Content-Type: application/x-www-form-urlencoded');
curl_setopt($ch, CURLOPT_HTTPHEADER,$header);
curl_setopt($ch, CURLOPT_POSTFIELDS,urlencode($authHeader));Finally, when I make the request I get the response, that a parameter is missing.
Advertisement
Answer
Fixed my problem with the help of this tutorial. Moreover, I forgot removing the query parameters from the url used to create the sigunature, which probably was the main problem.