Skip to content

Signs Guzzle requests using OAuth 1.0 (Guzzle 7.9+)

License

Notifications You must be signed in to change notification settings

guzzle/oauth-subscriber

Folders and files

NameName
Last commit message
Last commit date

Latest commit

92b619b · Jan 6, 2025

History

96 Commits
Jan 6, 2025
Jan 6, 2025
Jan 6, 2025
Jan 6, 2025
Jan 6, 2025
Jan 6, 2025
Jan 6, 2025
Jan 6, 2025
Jan 6, 2025
Jan 6, 2025
Jan 6, 2025
Jan 6, 2025

Repository files navigation

Guzzle OAuth Subscriber

Signs HTTP requests using OAuth 1.0. Requests are signed using a consumer key, consumer secret, OAuth token, and OAuth secret.

This version works with Guzzle 7.9+ and PHP 7.2.5+.

Installing

This project can be installed using Composer. Add the following to your composer.json:

{
    "require": {
        "guzzlehttp/oauth-subscriber": "^0.8"
    }
}

Using the Subscriber

Here's an example showing how to send an authenticated request to the Twitter REST API:

use GuzzleHttp\Client;
use GuzzleHttp\HandlerStack;
use GuzzleHttp\Subscriber\Oauth\Oauth1;

$stack = HandlerStack::create();

$middleware = new Oauth1([
    'consumer_key'    => 'my_key',
    'consumer_secret' => 'my_secret',
    'token'           => 'my_token',
    'token_secret'    => 'my_token_secret',
]);
$stack->push($middleware);

$client = new Client([
    'base_uri' => 'https://api.twitter.com/1.1/',
    'handler' => $stack,
]);

// Set the "auth" request option to "oauth" to sign using oauth
$res = $client->get('statuses/home_timeline.json', ['auth' => 'oauth']);

You can set the auth request option to oauth for all requests sent by the client by extending the array you feed to new Client with auth => oauth.

use GuzzleHttp\Client;
use GuzzleHttp\HandlerStack;
use GuzzleHttp\Subscriber\Oauth\Oauth1;

$stack = HandlerStack::create();

$middleware = new Oauth1([
    'consumer_key'    => 'my_key',
    'consumer_secret' => 'my_secret',
    'token'           => 'my_token',
    'token_secret'    => 'my_token_secret',
]);
$stack->push($middleware);

$client = new Client([
    'base_uri' => 'https://api.twitter.com/1.1/',
    'handler' => $stack,
    'auth' => 'oauth',
]);

// Now you don't need to add the auth parameter
$res = $client->get('statuses/home_timeline.json');

You can set the token and token_secret options to an empty string to use two-legged OAuth.

Using the RSA-SH1 signature method

use GuzzleHttp\Subscriber\Oauth\Oauth1;

$stack = HandlerStack::create();

$middleware = new Oauth1([
    'consumer_key'           => 'my_key',
    'consumer_secret'        => 'my_secret',
    'private_key_file'       => 'my_path_to_private_key_file',
    'private_key_passphrase' => 'my_passphrase',
    'signature_method'       => Oauth1::SIGNATURE_METHOD_RSA,
]);
$stack->push($middleware);

$client = new Client([
    'handler' => $stack,
]);

$response = $client->get('https://httpbin.org/', ['auth' => 'oauth']);