我目前正在尝试使用php直接使用Yahoo API。我已经将oauth-php库与一些Google API一起使用,它就像一个魅力。
但雅虎API不喜欢oauth-php使用的授权标头。我看到PECL Oauth可以选择如何发送授权参数,但在几乎不存在的oauth-php文档中找不到任何等价物。所以我的问题是:是否可以使用oauth-php选择此方法,还是应该开始处理某些补丁?
编辑:更改标题以反映问题的根本原因。
答案 0 :(得分:2)
如果它可以帮助另一个失去的灵魂,我终于得到了它。 所以Oauth-php在oauth_consumer_token表的varchar(64)字段中存储标记。至少,在可下载的r175版本中;它已在安装程序的r188源中更改为varchar(255)。
但雅虎的令牌比这长得多(至少790字节),这意味着你必须改变表结构,使colum oct_token为TEXT。要做到这一点,你必须删除一个外键然后删除索引。
修改了library / store / mysql / mysql.sql:
# Datamodel for OAuthStoreMySQL
#
# You need to add the foreign key constraints for the user ids your are using.
# I have commented the constraints out, just look for 'usa_id_ref' to enable them.
#
# The --SPLIT-- markers are used by the install.php script
#
# @version $Id$
# @author Marc Worrell
#
# Changes:
#
# 2011-02-25
# ALTER TABLE oauth_consumer_token MODIFY oct_token varchar(255) binary not null;
# ALTER TABLE oauth_consumer_token MODIFY oct_token_secret varchar(255) binary not null;
#
# 2010-09-15
# ALTER TABLE oauth_server_token MODIFY ost_referrer_host varchar(128) not null default '';
#
# 2010-07-22
# ALTER TABLE oauth_consumer_registry DROP INDEX ocr_consumer_key;
# ALTER TABLE oauth_consumer_registry ADD UNIQUE ocr_consumer_key(ocr_consumer_key,ocr_usa_id_ref,ocr_server_uri)
#
# 2010-04-20 (on 103 and 110)
# ALTER TABLE oauth_consumer_registry MODIFY ocr_consumer_key varchar(128) binary not null;
# ALTER TABLE oauth_consumer_registry MODIFY ocr_consumer_secret varchar(128) binary not null;
#
# 2010-04-20 (on 103 and 110)
# ALTER TABLE oauth_server_token ADD ost_verifier char(10);
# ALTER TABLE oauth_server_token ADD ost_callback_url varchar(512);
#
# 2008-10-15 (on r48) Added ttl to consumer and server tokens, added named server tokens
#
# ALTER TABLE oauth_server_token
# ADD ost_token_ttl datetime not null default '9999-12-31',
# ADD KEY (ost_token_ttl);
#
# ALTER TABLE oauth_consumer_token
# ADD oct_name varchar(64) binary not null default '',
# ADD oct_token_ttl datetime not null default '9999-12-31',
# DROP KEY oct_usa_id_ref,
# ADD UNIQUE KEY (oct_usa_id_ref, oct_ocr_id_ref, oct_token_type, oct_name),
# ADD KEY (oct_token_ttl);
#
# 2008-09-09 (on r5) Added referrer host to server access token
#
# ALTER TABLE oauth_server_token ADD ost_referrer_host VARCHAR(128) NOT NULL;
#
#
# Log table to hold all OAuth request when you enabled logging
#
CREATE TABLE IF NOT EXISTS oauth_log (
olg_id int(11) not null auto_increment,
olg_osr_consumer_key varchar(64) binary,
olg_ost_token varchar(64) binary,
olg_ocr_consumer_key varchar(64) binary,
olg_oct_token varchar(64) binary,
olg_usa_id_ref int(11),
olg_received text not null,
olg_sent text not null,
olg_base_string text not null,
olg_notes text not null,
olg_timestamp timestamp not null default current_timestamp,
olg_remote_ip bigint not null,
primary key (olg_id),
key (olg_osr_consumer_key, olg_id),
key (olg_ost_token, olg_id),
key (olg_ocr_consumer_key, olg_id),
key (olg_oct_token, olg_id),
key (olg_usa_id_ref, olg_id)
# , foreign key (olg_usa_id_ref) references any_user_auth (usa_id_ref)
# on update cascade
# on delete cascade
) engine=InnoDB default charset=utf8;
#--SPLIT--
#
# /////////////////// CONSUMER SIDE ///////////////////
#
# This is a registry of all consumer codes we got from other servers
# The consumer_key/secret is obtained from the server
# We also register the server uri, so that we can find the consumer key and secret
# for a certain server. From that server we can check if we have a token for a
# particular user.
CREATE TABLE IF NOT EXISTS oauth_consumer_registry (
ocr_id int(11) not null auto_increment,
ocr_usa_id_ref int(11),
ocr_consumer_key varchar(128) binary not null,
ocr_consumer_secret varchar(128) binary not null,
ocr_signature_methods varchar(255) not null default 'HMAC-SHA1,PLAINTEXT',
ocr_server_uri varchar(255) not null,
ocr_server_uri_host varchar(128) not null,
ocr_server_uri_path varchar(128) binary not null,
ocr_request_token_uri varchar(255) not null,
ocr_authorize_uri varchar(255) not null,
ocr_access_token_uri varchar(255) not null,
ocr_timestamp timestamp not null default current_timestamp,
primary key (ocr_id),
unique key (ocr_consumer_key, ocr_usa_id_ref, ocr_server_uri),
key (ocr_server_uri),
key (ocr_server_uri_host, ocr_server_uri_path),
key (ocr_usa_id_ref)
# , foreign key (ocr_usa_id_ref) references any_user_auth(usa_id_ref)
# on update cascade
# on delete set null
) engine=InnoDB default charset=utf8;
#--SPLIT--
# Table used to sign requests for sending to a server by the consumer
# The key is defined for a particular user. Only one single named
# key is allowed per user/server combination
CREATE TABLE IF NOT EXISTS oauth_consumer_token (
oct_id int(11) not null auto_increment,
oct_ocr_id_ref int(11) not null,
oct_usa_id_ref int(11) not null,
oct_name varchar(64) binary not null default '',
oct_token text binary not null,
oct_token_secret varchar(255) binary not null,
oct_token_type enum('request','authorized','access'),
oct_token_ttl datetime not null default '9999-12-31',
oct_timestamp timestamp not null default current_timestamp,
primary key (oct_id),
unique key (oct_usa_id_ref, oct_ocr_id_ref, oct_token_type, oct_name),
key (oct_token_ttl)
# , foreign key (oct_usa_id_ref) references any_user_auth (usa_id_ref)
# on update cascade
# on delete cascade
) engine=InnoDB default charset=utf8;
#--SPLIT--
#
# ////////////////// SERVER SIDE /////////////////
#
# Table holding consumer key/secret combos an user issued to consumers.
# Used for verification of incoming requests.
CREATE TABLE IF NOT EXISTS oauth_server_registry (
osr_id int(11) not null auto_increment,
osr_usa_id_ref int(11),
osr_consumer_key varchar(64) binary not null,
osr_consumer_secret varchar(64) binary not null,
osr_enabled tinyint(1) not null default '1',
osr_status varchar(16) not null,
osr_requester_name varchar(64) not null,
osr_requester_email varchar(64) not null,
osr_callback_uri varchar(255) not null,
osr_application_uri varchar(255) not null,
osr_application_title varchar(80) not null,
osr_application_descr text not null,
osr_application_notes text not null,
osr_application_type varchar(20) not null,
osr_application_commercial tinyint(1) not null default '0',
osr_issue_date datetime not null,
osr_timestamp timestamp not null default current_timestamp,
primary key (osr_id),
unique key (osr_consumer_key),
key (osr_usa_id_ref)
# , foreign key (osr_usa_id_ref) references any_user_auth(usa_id_ref)
# on update cascade
# on delete set null
) engine=InnoDB default charset=utf8;
#--SPLIT--
# Nonce used by a certain consumer, every used nonce should be unique, this prevents
# replaying attacks. We need to store all timestamp/nonce combinations for the
# maximum timestamp received.
CREATE TABLE IF NOT EXISTS oauth_server_nonce (
osn_id int(11) not null auto_increment,
osn_consumer_key varchar(64) binary not null,
osn_token varchar(64) binary not null,
osn_timestamp bigint not null,
osn_nonce varchar(80) binary not null,
primary key (osn_id),
unique key (osn_consumer_key, osn_token, osn_timestamp, osn_nonce)
) engine=InnoDB default charset=utf8;
#--SPLIT--
# Table used to verify signed requests sent to a server by the consumer
# When the verification is succesful then the associated user id is returned.
CREATE TABLE IF NOT EXISTS oauth_server_token (
ost_id int(11) not null auto_increment,
ost_osr_id_ref int(11) not null,
ost_usa_id_ref int(11) not null,
ost_token varchar(64) binary not null,
ost_token_secret varchar(64) binary not null,
ost_token_type enum('request','access'),
ost_authorized tinyint(1) not null default '0',
ost_referrer_host varchar(128) not null default '',
ost_token_ttl datetime not null default '9999-12-31',
ost_timestamp timestamp not null default current_timestamp,
ost_verifier char(10),
ost_callback_url varchar(512),
primary key (ost_id),
unique key (ost_token),
key (ost_osr_id_ref),
key (ost_token_ttl),
foreign key (ost_osr_id_ref) references oauth_server_registry (osr_id)
on update cascade
on delete cascade
# , foreign key (ost_usa_id_ref) references any_user_auth (usa_id_ref)
# on update cascade
# on delete cascade
) engine=InnoDB default charset=utf8;
答案 1 :(得分:0)
好吧,经过一段时间弄乱授权标题不是问题。使用一些谷歌oauth参数(xoauth_displayname)为雅虎一个。
但是在环顾oauth-php lib(r175)时,我看到OAuthRequestSigner::getQueryString中的一个参数未被使用,但可以在查询中获取标题。
所以,如果有人需要这个,但不是因为我试过它的原因,你可以像这样修改OAuthRequester.php。
第149行:添加
$auth_header = true;
if(isset($options['auth_header']) && !$options['auth_header']){
$auth_header = false;
}
$text = $oauth->curl_raw($curl_options, $auth_header);替换为$text = $oauth->curl_raw($curl_options, $auth_header); protected function curl_raw ( $opts = array() )替换为protected function curl_raw ( $opts = array(), $auth_header = true ) $query = $this->getQueryString()替换为$query = $this->getQueryString($auth_header); 电话示例:
$token = OAuthRequester::requestRequestToken($consumer_key, $user_id, $getAuthTokenParams, 'POST', array('auth_header' => FALSE));