PHP :: Request #59204 :: Need a way to generate a signature without making a request

Request #59204	Need a way to generate a signature without making a request
Submitted:	2010-05-10 23:23 UTC	Modified:	2010-05-28 05:27 UTC
From:	evert at rooftopsolutions dot nl	Assigned:	jawed (profile)
Status:	Closed	Package:	oauth (PECL)
PHP Version:	5.3.1	OS:	Any
Private report:	No	CVE-ID:	None

View Developer Edit

Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.

Password:

Status:
Package:
Bug Type:
Summary:
From:	evert at rooftopsolutions dot nl
New email:
PHP Version:		OS:

New Comment:

[2010-05-10 23:23 UTC] evert at rooftopsolutions dot nl

Description:
------------
One thing I dislike about the oauth extension is that it makes the HTTP requests *for me*. PHP's Curl and Streams functions are so flexibile (and are actually used *in* the extension) but all of the functionality and flexibility is hidden behind the OAuth::fetch() method, which only allows:

1. 4 HTTP methods
2. Request headers
3. Request parameters or a custom request body.

In my specific case I need to oauth-sign large file up and downloads. If I use this OAuth extension, I'm forced to load the entire request and response body into memory.

So what I'd like to suggest is adding a method to the OAuth class that has the following signature:

string OAuth::generateSignature(string $uri, string $method, array $post_arguments);

The returned string could be used in for instance the Authorization header.

I've tried working on a patch, but it's very very hard to make the jump to C, after an hour I lost all my confidence and opened this bug.

I _am_ very happy with the oauth extension otherwise. Thank you.

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

[2010-05-11 02:20 UTC] datibbaw@php.net

1. Actually we allow any method, albeit undocumented, since they're just strings; so using "DELETE" as the method parameter will be accepted
2. 3. So, in short, the extension doesn't support file uploads or direct access to the response in an efficient manner ;-)

Providing the latter two will not be straightforward unfortunately, but we'll keep this in view.

[2010-05-11 02:23 UTC] jawed@php.net

I like the generateSignature method proposal, could be useful. 
Will look into it for 1.0.

- JJ

[2010-05-11 02:29 UTC] evert at rooftopsolutions dot nl

@jawed: thanks for looking into this

@datibbaw: Yes, in my specific case it's just uploads. Sorry if it came across as a rant. I do feel implementing a getSignature method would be beneficial for other cases as well. Just think about the list from:

http://kr2.php.net/manual/en/function.curl-setopt.php

Thanks again! This would be much appreciated and improve the usefulness of the OAuth extension.

[2010-05-28 05:27 UTC] jawed@php.net

This bug has been fixed in SVN.

In case this was a documentation problem, the fix will show up at the
end of next Sunday (CET) on pecl.php.net.

In case this was a pecl.php.net website problem, the change will show
up on the website in short time.
 
Thank you for the report, and for helping us make PECL better.

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2024 The PHP Group All rights reserved.	Last updated: Sat Dec 21 17:01:58 2024 UTC