|
|
php.net | support | documentation | report a bug | advanced search | search howto | statistics | random bug | login |
[2010-05-26 10:57 UTC] qroups dot q at gmail dot com
Description: ------------ Certain access secret keys returned by Google has spaces in them. A request to access the API using an access secret key that has a space in it fails. Here are the relevant URL's 'RequestUrl'=>"https://www.google.com/accounts/OAuthGetRequest Token" 'AccessUrl'=>"https://www.google.com/accounts/OAuthGetAccessTo ken", 'AuthorizeUrl'=>"https://www.google.com/accounts/OAuthAuthoriz eToken", 'Scopes' => "http://picasaweb.google.com/data/" Reproduce code: --------------- try { $oauth = new OAuth($this->consKey, $this->consSecret, OAUTH_SIG_METHOD_HMACSHA1, OAUTH_AUTH_TYPE_URI); // if the accessSecret has a space $oauth->fetch fails $oauth->setToken($this->accessToken, $this->accessSecret); $oauth->disableSSLChecks(); $oauth->enableDebug(); $oauth->fetch($url); var_dump($oauth->getLastResponse()); } catch(OAuthException $e) { var_dump($oauth->debugInfo); return false; } Expected result: ---------------- Result from the requested API Actual result: -------------- OAuthException is thrown. PatchesPull RequestsHistoryAllCommentsChangesGit/SVN commits
|
|||||||||||||||||||||||||||
Copyright © 2001-2025 The PHP GroupAll rights reserved. |
Last updated: Tue Oct 28 01:00:01 2025 UTC |
Here is an example access secret "KVbprjbe0BoNoOYlIt M8uwr". I was able to get an access secret with a space in it for every 5-10 times I tried. The procedure that I follow to retrieve an access secret is by invoking 1. $access = $oauth->getAccessToken($accessUrl) 2. $access_secret = $access['oauth_token_secret']; Here is the debuginfo for a failed request. I have edited the key and token: "GET&http%3A%2F%2Fpicasaweb.google.com%2Fdata%2Ffeed%2Fapi%2 Fuser%2Fdefault&oauth_consumer_key%3Dsecret%26oauth_nonce%3D 247854bffcd5018a5d0.86791471%26oauth_signature_method%3DHMAC - SHA1%26oauth_timestamp%3D1275055440%26oauth_token%3D1%252FbR QhIrP2yh_S- faUlF1MaUd4R98J_qeLY0HpnwosFWg%26oauth_version%3D1.0" ["headers_sent"]=> string(347) "GET /data/feed/api/user/default? oauth_consumer_key=secret&oauth_signature_method=HMAC- SHA1&oauth_nonce=247854bffcd5018a5d0.86791471&oauth_timestam p=1275055440&oauth_version=1.0&oauth_token=1%2FbRQhIrP2yh_Sf aUlF1MaUd4R98J_qeLY0HpnwosFWg&oauth_signature=LnTr5rB9WfvFHQ FaVt1fYKsinrk%3D HTTP/1.1 Host: picasaweb.google.com Accept: */*" ["headers_recv"]=> string(474) "HTTP/1.1 403 Forbidden Set-Cookie: _rtok=4ywqtBgLr1UK; Path=/; HttpOnly Set-Cookie: S=photos_html=Zun5LX6ofNPwyG9KIHE7oA; Domain=.google.com; Path=/; HttpOnly WWW-Authenticate: GoogleLogin realm="/accounts" Content-Type: text/html; charset=UTF-8 Date: Fri, 28 May 2010 14:04:00 GMT Cache-control: private, must-revalidate, max-age=0 X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block Server: GSE Transfer-Encoding: chunked" ["body_recv"]=> string(33) "16 Authorization required 0 " ["info"]=> string(212) "About to connect() to picasaweb.google.com port 80 (#0) Trying 64.233.169.136... connected Connected to picasaweb.google.com (64.233.169.136) port 80 (#0) Connection #0 to host picasaweb.google.com left intact " Important update: Also, if I urlencode (using the function mentioned in the note) the secret before accessing the API using the oauth::setToken() and oauth::fetch(), the request succeeds all the time(even with space in the secret), from my limited testing. If I don't urlencode the secret with the space, the request fails all the time. Note: function rfc3986_encode($str) { $str = rawurlencode($str); $str = str_replace('%E7', '~', $str); return $str; }