Make Oauth API calls with existing Access Token and Access Token Secret

0
votes

I am using the Lusitanian PHP Oauth library (https://github.com/Lusitanian/PHPoAuthLib).

After the user gets authorized in my application, i have received values of Access Token and Access Token Secret. Now with these values, i would like to make authenticated calls to API. How can i make the calls with the values of Access Token, Access Token Secret, along with the values of Consumer Key and Consumer Secret? I don't want to get the user authorized every time, to make API calls for him. Does anyone have an idea ?

My request goes like this:

$result = json_decode( $service->request( '/users/getDetails' ), true );

I have tried the REST Client of Firefox and Advanced REST Client of Chrome, that perform OAuth calls successfully, with just the values of Access Token, Access Token Secret, Consumer Key and Consumer Secret.

Similarly, i would like to perform the OAuth calls from my PHP code. The library which i am using, depends on Session to store these values (which requires the user to login each time) and build the Authorization header and signature. Is there a way i can build the Signature and Authorization header from my end manually and make the OAuth calls ?

1
phpapioauthaccess-token
The OAuth service i am using was almost similar to Twitter OAuth (1.0)shasi kanth

1 Answers

0
votes

Finally, i have tweaked the functionality of reusing the access tokens. I am fetching token from a config php file, after i store the token in it.

The token can also be stored in a local PHP session and read from it.

The code for storing token is in Service/AbstractService.php:

$this->storage->storeAccessToken($this->service(), $token);

You can modify it like the following, to store the token in a session variable:

if(!isset($_SESSION['access_token'])) {
        $token = new StdOAuth1Token();

        $token->setRequestToken($access_token);
        $token->setRequestTokenSecret($access_token_secret);
        $token->setAccessToken($access_token);
        $token->setAccessTokenSecret($access_token_secret);

        $token->setEndOfLife(StdOAuth1Token::EOL_NEVER_EXPIRES);
        $_SESSION['access_token'] = serialize($token);
}

Then when making a request to API, you can modify the code in request() function to use token from your session:

Change:

$token = $this->storage->retrieveAccessToken($this->service());

To:

$token = unserialize($_SESSION['access_token']);

This way, i could use custom PHP sessions to store and retrieve access tokens. You can also use Database or a text file to store and retrieve the tokens. It works! Hope it would be useful for someone.