如果我的应用程序有 twitter 消费者密钥和消费者密钥,我如何在不使用任何外部库的情况下使用 PHP请求这个GET 请求?
任何好的例子都会受到 twitter REST API 新手的赞赏。
问问题
535 次
1 回答
1
Having only the consumer key and consumer secret you cannot make a successful GET Request. You would need an Oauth Token (Access Token) and an Oauth Token Secret (Access Token) also.
To obtain an access token and an access token secret you need to either authenticate or, if the application is only for personal use - create an access token by going to the application details on the app's page.
I'm going forward to explain how to obtain the tokens the hard way (for other people to be able to use your twitter app too). You need to authenticate to Twitter's API. For reference please see twitter's official how to sign in article. I'm trying to provide an easier to understand explanation based on this article.
If you already have the oauth token and oauth token secret you can jump straight to How to make a GET Request below.
How to Authenticate
*Before we go any further I would like to state that you need to have cURL activated, to be able to properly send any request.
Step 1 - Build the headers and send them to twitter to request an authentication token.(It basically authorizes you to authenticate)
These are the headers you need to have:
oauth_consumer_key = YOUR_CONSUMER_SECRET
oauth_nonce = RANDOM_GENERATED_32_CHAR_STRING
oauth_timestamp = NOW()
oauth_callback = YOUR_CALLBACK
oauth_signature_method = HMAC-SHA1
oauth_version = 1.0
oauth_signature = the generated signature based on all of the above headers. (How to build a signature is a pretty big subject itself, so I would sugest to read this article.)
After you have all the headers, sort them alphabetically, concatenate them in pairs of key and value (e.g. consumer_key="YOU_CONSUMER_KEY" ) and append them to the string "OAuth ".
You will end up having something like:
OAuth oauth_consumer_key="YOUR_CONSUMER_KEY", oauth_nonce="YOUR_NONCE", oauth_signature="YOUR_SIGNATURE", oauth_signature_method="HMAC-SHA1", oauth_timestamp="1377125526", oauth_token="84832050-OHhyESU4wM2YGRINsseuJQwouG1PY1Rs5YReZH2wh", oauth_version="1.0"
This is your header value.
Send an 'Authorization' header with this value via POST using cUrl to this url: https:// + api.twitter.com/oauth/request_token (*take the '+' out) and store the response in a var.
If everything went fine your storing var should be populated with a string containing your oauth_token. *Note this is not you access token - it is just the token which you will use to authenticate.
Now that you have the oauth_token value you can redirect to https:// + api.twitter.com/oauth/authenticate?oauth_token=THE_RECEIVED_OAUTH_TOKEN_VALUE
At this point you are prompted with a log in form on twitter, and you are ready to move to
STEP 2 - THE CALLBACK
After you logged in with twitter in the previous step you were redirected to you http:// + OWN_CALLBACK_URL?/oauth_token=SOME_VALUE&oauth_verifier=SOME_VALUE
*Again these are not you final access tokens. You just need to use them to create your new header and send them back to twitter.
STEP 3 - Exchange the token
So, append these 2 tokens to the list of headers already created in the STEP 1, rebuild the signature based on all of the headers and send another Authorization header with the new header value created via POST using cURL.
If everything went fine again, The response of the this cURL should be another string containing the oauth_token and oauth_token_secret. *These are your real access token and access token secret.
Once you have the real oauth_token(I call it access_token) and oauth_token_secret you can store them in the DB, in SESSION or wherever you want. You will need them for each GET request from now on.
How to make a GET Request
*Before we go any further I would like to state that you need to have cURL activated, to be able to properly send any request.
You need to know the endpoint url you want to make the request to. (e.g if you would like to get all your favorite tweets you need this url: https + ://api.twitter.com/1.1/favorites/list.json (take the ' + ' out)
Create the headers
You will need to create the set of headers (please see STEP 1 in How to Authenticate on how to create the headers) and append the oauth token to them.
*NOTE When you create the signature you will need to have the oauth token secret + the default ouath consumer secret to sign the base string. For more info please see https + ://dev.twitter.com/docs/auth/creating-signature (take the ' + ' out) on how to build a signature.
*NOTE 2 You will also need to have all the extra query params (whatever is after list.json in the endpoint URL) when building the signature.
Send the Request via GET http method to the endpoint url with the 'Authorization" header just created using cURL and store the result in a local var.
var_dump that var and see the goodies it contains.
于 2013-08-21T23:51:02.450 回答