php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Request #59204 Need a way to generate a signature without making a request
Submitted: 2010-05-10 23:23 UTC Modified: 2010-05-28 05:27 UTC
From: evert at rooftopsolutions dot nl Assigned: jawed (profile)
Status: Closed Package: oauth (PECL)
PHP Version: 5.3.1 OS: Any
Private report: No CVE-ID: None
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.
Password:
Status:
Package:
Bug Type:
Summary:
From: evert at rooftopsolutions dot nl
New email:
PHP Version: OS:

 

 [2010-05-10 23:23 UTC] evert at rooftopsolutions dot nl
Description:
------------
One thing I dislike about the oauth extension is that it makes the HTTP requests *for me*. PHP's Curl and Streams functions are so flexibile (and are actually used *in* the extension) but all of the functionality and flexibility is hidden behind the OAuth::fetch() method, which only allows:

1. 4 HTTP methods
2. Request headers
3. Request parameters or a custom request body.

In my specific case I need to oauth-sign large file up and downloads. If I use this OAuth extension, I'm forced to load the entire request and response body into memory.

So what I'd like to suggest is adding a method to the OAuth class that has the following signature:

string OAuth::generateSignature(string $uri, string $method, array $post_arguments);

The returned string could be used in for instance the Authorization header.

I've tried working on a patch, but it's very very hard to make the jump to C, after an hour I lost all my confidence and opened this bug.

I _am_ very happy with the oauth extension otherwise. Thank you.




Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2010-05-11 02:20 UTC] datibbaw@php.net
1. Actually we allow any method, albeit undocumented, since they're just strings; so using "DELETE" as the method parameter will be accepted
2. 3. So, in short, the extension doesn't support file uploads or direct access to the response in an efficient manner ;-)

Providing the latter two will not be straightforward unfortunately, but we'll keep this in view.
 [2010-05-11 02:23 UTC] jawed@php.net
I like the generateSignature method proposal, could be useful. 
Will look into it for 1.0.

- JJ
 [2010-05-11 02:29 UTC] evert at rooftopsolutions dot nl
@jawed: thanks for looking into this

@datibbaw: Yes, in my specific case it's just uploads. Sorry if it came across as a rant. I do feel implementing a getSignature method would be beneficial for other cases as well. Just think about the list from:

http://kr2.php.net/manual/en/function.curl-setopt.php

Thanks again! This would be much appreciated and improve the usefulness of the OAuth extension.
 [2010-05-28 05:27 UTC] jawed@php.net
This bug has been fixed in SVN.

In case this was a documentation problem, the fix will show up at the
end of next Sunday (CET) on pecl.php.net.

In case this was a pecl.php.net website problem, the change will show
up on the website in short time.
 
Thank you for the report, and for helping us make PECL better.


 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Wed Dec 11 13:01:29 2024 UTC