I am working on a small PHP script which calls an API. This API uses OAuth 1.0 authorization. Hence I need to create the signature and request-header. I am pretty sure my signature-generation method and the generation of the request-header work well as I have done the same in C# (where the everything works) and the signature as well as the header look quite the same.
Generating signature:
function generateSignature($method,$url,$consumerKey,$consumerSecret,$tokenValue,$tokenSecret,$timestamp, $nonce, $signatureMethod, $version) { $base = $method . "&" . rawurlencode($url) . "&" . rawurlencode("oauth_consumer_key=" . rawurlencode($consumerKey) . "&oauth_nonce=" . rawurlencode($nonce) . "&oauth_signature_method=" . rawurlencode($signatureMethod) . "&oauth_timestamp=" . rawurlencode($timestamp) . "&oauth_token=" . rawurlencode($tokenValue) . "&oauth_version=" . rawurlencode($version)); $key = rawurlencode($consumerSecret) . '&' . rawurlencode($tokenSecret); $signature = base64_encode(hash_hmac('sha1', $base, $key, true)); return $signature; }
Generating authorization header:
$authHeader = "OAuth realm=".""","." oauth_consumer_key="{$consumerKey}", oauth_nonce="{$nonce}", oauth_signature_method="{$signatureMethod}", oauth_timestamp="{$timestamp}", oauth_token="{$tokenValue}", oauth_version="{$version}", oauth_signature="{$signature}"";
I got stuck at the point of passing the authorization header over to the API I am calling.
Setting the authorization:
$header = array('Content-Type: application/x-www-form-urlencoded'); curl_setopt($ch, CURLOPT_HTTPHEADER,$header); curl_setopt($ch, CURLOPT_POSTFIELDS,urlencode($authHeader));
Finally, when I make the request I get the response, that a parameter is missing.
Advertisement
Answer
Fixed my problem with the help of this tutorial. Moreover, I forgot removing the query parameters from the url used to create the sigunature, which probably was the main problem.