roguesupport / oauth-php

The original OAUTH standard implemented in PHP (Historic Record)
MIT License
0 stars 0 forks source link

is Mysql or any other database required to for oauth store for consumer? can we store the info in sessions #25

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago
to set up consumer side, Mysql seems to be required. oauth requester should
not need mysql. 

can we setup consumer without having to use mysql at all or any other database

thank you very much

Original issue reported on code.google.com by ashr...@gmail.com on 2 Feb 2010 at 2:02

GoogleCodeExporter commented 9 years ago
Yes, a backend (such as MySQL) is required. This is by design and difficult to
change, although it is conceivable to write a new store that uses _SESSION or 
plain
files.

OTOH, PECL::OAuth (http://pecl.php.net/package/oauth) is a good option for 
consumers.
It depends on libcurl, but has no database dependencies.

Original comment by brunobg%...@gtempaccount.com on 6 Feb 2010 at 4:43

GoogleCodeExporter commented 9 years ago

Original comment by brunobg%...@gtempaccount.com on 6 Feb 2010 at 5:04

GoogleCodeExporter commented 9 years ago
From a comment by @a4amitarora:

There doesn't seem to be an easy way to adapt this for 2-legged variation of 
OAuth.
The 2-legged OAuth doesn't require a request token or an access token. The 
request
should be signed just using consumer key and consumer secret (using blank value 
for
access token in signature base string, and blank value for access secret in 
HMAC-SHA1
algorithm key - for HMAC-SHA1 case in particular). So, this case doesn't 
require the
complexity of OAuthStore at all; rather a simple additional constructor for
OAuthRequester class that accepts request URL, HTTP Method, request params, 
consumer
key and consumer secret should suffice. Once that's done, one can easily use 
this
library for 2-legged OAuth scenario as well while avoiding steps 1 to 4 which 
aren't
required for that case.

Original comment by brunobg%...@gtempaccount.com on 18 Feb 2010 at 5:36

GoogleCodeExporter commented 9 years ago
I solved the problem by creating an OAuthStore2Leg that just stores the key and
secret. It only involved implementing the constructor and the 
getSecretsForSignature
method. It is attached if you would find it useful.

Original comment by ben.hesk...@gmail.com on 26 Feb 2010 at 5:33

Attachments:

GoogleCodeExporter commented 9 years ago
@ben.hesketh: Thanks a lot!! I just commited your file to the SVN and I'm going 
to
update the wiki.

Original comment by brunobg%...@gtempaccount.com on 26 Feb 2010 at 8:48

GoogleCodeExporter commented 9 years ago
No problem, thanks for creating this library :)

Original comment by ben.hesk...@gmail.com on 26 Feb 2010 at 8:59

GoogleCodeExporter commented 9 years ago
@ben.hesketh: would you mind checking the wiki (consumer page) to see if I 
missed
anything? There's a new session on 2-legged oauth at the bottom. Thanks!

Original comment by brunobg%...@gtempaccount.com on 26 Feb 2010 at 9:01

GoogleCodeExporter commented 9 years ago
Looks good. I've attached a sample of the code I used to test the store if you 
want
to put up a complete example.

Original comment by ben.hesk...@gmail.com on 26 Feb 2010 at 9:09

Attachments:

GoogleCodeExporter commented 9 years ago
Just added it. May I also add it to the source repository under the MIT license?

Original comment by brunobg%...@gtempaccount.com on 26 Feb 2010 at 9:21

GoogleCodeExporter commented 9 years ago
Of course, I forgot to put the license on the top.

Original comment by ben.hesk...@gmail.com on 26 Feb 2010 at 9:23