问题
I'm trying to connect an iPhone app to a PHP API using 2-legged OAuth as the Authentication mechanism. I'm using the PHP and Objective-C 2.0 libraries from http://code.google.com/p/oauth/ . The problem is that when I'm trying to issue a GET request with Objective-C, it doesn't include the OAuth parameters in the request URI, like the PHP library does when issuing an OAuth GET request:
http://www.mysite.com/oauth/index.php?oauth_consumer_key=key&oauth_nonce=XXXXXXXX&oauth_signature=XXXXXXXXXXX%3D&oauth_signature_method=HMAC-SHA1&oauth_timestamp=1309863754&oauth_version=1.0
Instead it puts the OAuth parameters in an Authorization header:
Authorization: OAuth realm="", oauth_consumer_key="XXXXX", oauth_token="XXXX-XXXX",
oauth_signature_method="HMAC-SHA1", oauth_signature="XXXXXXXX",
oauth_timestamp="1309863855", oauth_nonce="XXXX-XXX-XX-XX-XXXXXXX", oauth_version="1.0"
I suppose that both ways are equally valid for the OAuth specs, right?
What's the best way I can read the Authorization header with PHP?
回答1:
I suppose that both ways are equally valid for the OAuth specs, right?
Yes, right.
What's the best way I can read the Authorization header with PHP?
Request headers in PHP are stored in the $_SERVER superglobal array, each header as an entry of it's own: $_SERVER['HTTP_AUTHORIZATION'] most probably in your case, just do
var_dump($_SERVER);
and look for the info. Detailed information how PHP deals with the HTTP request.
Authorization header missing in PHP
Unfortunately the Authorization header is filtered by PHP(?), so it's not part of $_SERVER.
Workaround: apache_request_headers()
When using PHP as an Apache module, a workaround is to use the apache_request_headers() function to retrieve all request headers.
Workaround: mod_rewrite
For F/CGI a workaround is to set the Authorization header with Mod_Rewrite into a environment variable that mimics PHP's scheme converting HTTP request headers:
RewriteEngine on
RewriteCond %{HTTP:Authorization} ^(.*)$ [NC]
RewriteRule .* - [E=HTTP_AUTHORIZATION:%1]
The mod_rewrite solution should work for PHP running with mod_php as well. Hat tip Jon Nylander.
来源:https://stackoverflow.com/questions/6582264/how-to-read-the-oauth-request-parameters-with-php