PHP :: Request #59204 :: Need a way to generate a signature without making a request

Request #59204	Need a way to generate a signature without making a request
Submitted:	2010-05-10 23:23 UTC	Modified:	2010-05-28 05:27 UTC
From:	evert at rooftopsolutions dot nl	Assigned:	jawed (profile)
Status:	Closed	Package:	oauth (PECL)
PHP Version:	5.3.1	OS:	Any
Private report:	No	CVE-ID:	None

View Developer Edit

Welcome! If you don't have a Git account, you can't do anything here.
If you reported this bug, you can edit this bug over here.

php.net Username: php.net Password:

	Block user comment
Status:		Assign to:
Package:
Bug Type:
Summary:
From:	evert at rooftopsolutions dot nl
New email:
PHP Version:		OS:

New/Additional Comment:

[2010-05-10 23:23 UTC] evert at rooftopsolutions dot nl

Description:
------------
One thing I dislike about the oauth extension is that it makes the HTTP requests *for me*. PHP's Curl and Streams functions are so flexibile (and are actually used *in* the extension) but all of the functionality and flexibility is hidden behind the OAuth::fetch() method, which only allows:

1. 4 HTTP methods
2. Request headers
3. Request parameters or a custom request body.

In my specific case I need to oauth-sign large file up and downloads. If I use this OAuth extension, I'm forced to load the entire request and response body into memory.

So what I'd like to suggest is adding a method to the OAuth class that has the following signature:

string OAuth::generateSignature(string $uri, string $method, array $post_arguments);

The returned string could be used in for instance the Authorization header.

I've tried working on a patch, but it's very very hard to make the jump to C, after an hour I lost all my confidence and opened this bug.

I _am_ very happy with the oauth extension otherwise. Thank you.

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

[2010-05-11 02:20 UTC] datibbaw@php.net

1. Actually we allow any method, albeit undocumented, since they're just strings; so using "DELETE" as the method parameter will be accepted
2. 3. So, in short, the extension doesn't support file uploads or direct access to the response in an efficient manner ;-)

Providing the latter two will not be straightforward unfortunately, but we'll keep this in view.

[2010-05-11 02:23 UTC] jawed@php.net

I like the generateSignature method proposal, could be useful. 
Will look into it for 1.0.

- JJ

[2010-05-11 02:29 UTC] evert at rooftopsolutions dot nl

@jawed: thanks for looking into this

@datibbaw: Yes, in my specific case it's just uploads. Sorry if it came across as a rant. I do feel implementing a getSignature method would be beneficial for other cases as well. Just think about the list from:

http://kr2.php.net/manual/en/function.curl-setopt.php

Thanks again! This would be much appreciated and improve the usefulness of the OAuth extension.

[2010-05-28 05:27 UTC] jawed@php.net

This bug has been fixed in SVN.

In case this was a documentation problem, the fix will show up at the
end of next Sunday (CET) on pecl.php.net.

In case this was a pecl.php.net website problem, the change will show
up on the website in short time.
 
Thank you for the report, and for helping us make PECL better.

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2025 The PHP Group All rights reserved.	Last updated: Sun Apr 27 17:01:29 2025 UTC