You are here

Home » API reference » Dropbox Client 7.4 » oauth.php

function build_auth_array in Dropbox Client 7.4

Same name and namespace in other branches
  1. 7 oauth.php \build_auth_array()
  2. 7.2 oauth.php \build_auth_array()
  3. 7.3 oauth.php \build_auth_array()

Assemble an associative array with oauth values

Parameters

string $baseurl the base url we are authenticating against.:

string $key your consumer key:

string $secret either your consumer secret key or the file location of your rsa private key.:

array $extra additional oauth parameters that should be included (you must urlencode, if appropriate, before calling this function):

string $method either GET or POST:

string $algo either HMAC-SHA1 or RSA-SHA1 (NOTE: this affects what you put in for the secret parameter):

Return value

array of all the oauth parameters

2 calls to build_auth_array()
dropbox::get_request_token in ./dropbox.php
This is called to begin the oauth token exchange. This should only need to be called once for a user, provided they allow oauth access. It will return a URL that your site should redirect to, allowing the user to login and accept your application.
get_auth_header in ./oauth.php
Creates the authorization portion of a header NOTE: This does not create a complete http header. Also NOTE: the oauth_token parameter should be passed in using the $extra array.

File

./oauth.php, line 131

Code

function build_auth_array($baseurl, $key, $secret, $extra = array(), $method = 'GET', $algo = OAUTH_ALGORITHMS::RSA_SHA1, $token_key = NULL, $token_secret = NULL) {
  $auth['oauth_consumer_key'] = $key;
  $auth['oauth_signature_method'] = $algo;
  $auth['oauth_timestamp'] = time();
  $auth['oauth_nonce'] = md5(uniqid(rand(), true));
  $auth['oauth_version'] = '1.0';
  $auth = array_merge($auth, $extra);

  //We want to remove any query parameters from the base url
  $urlsegs = explode("?", $baseurl);
  $baseurl = $urlsegs[0];

  //If there are any query parameters we need to make sure they

  //get signed with the rest of the auth data.
  $signing = $auth;
  if (count($urlsegs) > 1) {
    preg_match_all("/([\\w\\-]+)\\=([\\w\\d\\-\\%\\.\$\\+\\*]+)\\&?/", $urlsegs[1], $matches);
    $signing = $signing + array_combine($matches[1], $matches[2]);
  }
  if (strtoupper($algo) == OAUTH_ALGORITHMS::HMAC_SHA1) {
    $auth['oauth_signature'] = sign_hmac_sha1($method, $baseurl, $secret, $signing);
  }
  else {
    if (strtoupper($algo) == OAUTH_ALGORITHMS::RSA_SHA1) {
      $auth['oauth_signature'] = sign_rsa_sha1($method, $baseurl, $secret, $signing);
    }
    else {
      if (strtoupper($algo) == OAUTH_ALGORITHMS::PLAINTEXT) {
        $auth['oauth_signature_method'] = OAUTH_ALGORITHMS::PLAINTEXT;
        $auth['oauth_token'] = $token_key;
        $auth['oauth_signature'] = rawurlencode($secret) . "&" . rawurlencode($token_secret);
        unset($auth['oauth_timestamp']);
        unset($auth['oauth_nonce']);
      }
    }
  }
  $auth['oauth_signature'] = urlencode($auth['oauth_signature']);
  return $auth;
}