Oauth,Twitter,WordPress HTTP API和您
- Lisa Kudrow原創
- 2025-02-18 08:30:12376瀏覽
鑰匙要點
- >該教程提供了有關如何創建由WordPress HTTP API供電的PHP類的分步指南,用於消費Twitter。這包括在Twitter的鍵和訪問令牌的應用程序管理中心上創建一個應用程序,對PHP類編碼以及使用OAuth Authentication向Twitter提出HTTP請求。
- > >教程強調正確配置OAuth並使用正確的API鍵避免部署錯誤的重要性。它還強調了確保Oauth代幣以防止未經授權訪問的必要
- 在以前的教程中,我們深入研究了WordPress HTTP API。我們甚至構建了以下插件,以演示其用法的真實示例:whois和社交數據小部件; WordPress登錄,註冊和評論的CATPCHA保護插件;和用於停止一次性電子郵件地址註冊的插件。 在本教程中,我們將介紹Oauth的世界,Twitter如何使用它來授權HTTP請求向其API授權,最後構建由WordPress HTTP API供電的PHP類,該插件可以在消費Twitter時利用Twitter時會利用。
- > oauth
> oauth是一種身份驗證協議,提供了一種簡單,更安全,更安全的方式來發布和與受保護的數據進行交互。它允許用戶批准應用程序代表他們行動而無需共享密碼。
編碼PHP類
>關於如何使用OAuth身份驗證進行http請求的分解,將在我們編碼PHP類時解釋。
>首先,前往Twitter的應用程序管理中心;創建一個應用程序以獲取您的鍵並訪問令牌。>逐步指南創建Twitter應用程序和獲取API鍵,請訪問hostoople.com
>
創建PHP類,並包括將存儲各種參數的屬性。這些在下面概述了。
<span>class Twitter_API_WordPress {
</span>
<span>/** <span>@var <span>string</span> OAuth access token */</span>
</span> <span>private $oauth_access_token;
</span>
<span>/** <span>@var <span>string</span> OAuth access token secrete */</span>
</span> <span>private $oauth_access_token_secret;
</span>
<span>/** <span>@var <span>string</span> Consumer key */</span>
</span> <span>private $consumer_key;
</span>
<span>/** <span>@var <span>string</span> consumer secret */</span>
</span> <span>private $consumer_secret;
</span>
<span>/** <span>@var <span>array</span> POST parameters */</span>
</span> <span>private $post_fields;
</span>
<span>/** <span>@var <span>string</span> GET parameters */</span>
</span> <span>private $get_field;
</span>
<span>/** <span>@var <span>array</span> OAuth credentials */</span>
</span> <span>private $oauth_details;
</span>
<span>/** <span>@var <span>string</span> Twitter's request URL */</span>
</span> <span>private $request_url;
</span>
<span>/** <span>@var <span>string</span> Request method or HTTP verb */</span>
</span> <span>private $request_method;</span>
構造函數將接受您的Twitter應用程序消費者(或API)密鑰和秘密的數組,以及訪問令牌和訪問令牌秘密並將其保存到各自的屬性中。
<span>/** Class constructor */
</span> <span>public function __construct( $settings ) {
</span>
<span>if ( ! isset( $settings['oauth_access_token'] )
</span> <span>|| ! isset( $settings['oauth_access_token_secret'] )
</span> <span>|| ! isset( $settings['consumer_key'] )
</span> <span>|| ! isset( $settings['consumer_secret'] )
</span> <span>) {
</span> <span>return new WP_Error( 'twitter_param_incomplete', 'Make sure you are passing in the correct parameters' );
</span> <span>}
</span>
<span>$this->oauth_access_token = $settings['oauth_access_token'];
</span> <span>$this->oauth_access_token_secret = $settings['oauth_access_token_secret'];
</span> <span>$this->consumer_key = $settings['consumer_key'];
</span> <span>$this->consumer_secret = $settings['consumer_secret'];
</span> <span>}</span>接下來是將接受HTTP請求的GET或發布參數的方法。
<span>/**
</span><span> * Store the POST parameters
</span><span> *
</span><span> * <span>@param <span>array</span> $array array of POST parameters
</span></span><span> *
</span><span> * <span>@return $this
</span></span><span> */
</span> <span>public function set_post_fields( array $array ) {
</span> <span>$this->post_fields = $array;
</span>
<span>return $this;
</span> <span>}
</span>
<span>/**
</span><span> * Store the GET parameters
</span><span> *
</span><span> * <span>@param $string
</span></span><span> *
</span><span> * <span>@return $this
</span></span><span> */
</span> <span>public function set_get_field( $string ) {
</span> <span>$this->getfield = $string;
</span>
<span>return $this;
</span> <span>}</span>>私有方法_build_signature_base_string()接受以下參數以創建簽名基礎字符串:請求URL,請求方法或HTTP動詞和OAuth憑據(消費者密鑰和秘密和秘密; access and; access token and秘密;以及get參數;以及get參數;這是一個get請求)。
<span>/**
</span><span> * Create a signature base string from list of arguments
</span><span> *
</span><span> * <span>@param <span>string</span> $request_url request url or endpoint
</span></span><span> * <span>@param <span>string</span> $method HTTP verb
</span></span><span> * <span>@param <span>array</span> $oauth_params Twitter's OAuth parameters
</span></span><span> *
</span><span> * <span>@return <span>string</span>
</span></span><span> */
</span> <span>private function _build_signature_base_string( $request_url, $method, $oauth_params ) {
</span> <span>// save the parameters as key value pair bounded together with '&'
</span> <span>$string_params = array();
</span>
<span>ksort( $oauth_params );
</span>
<span>foreach ( $oauth_params as $key => $value ) {
</span> <span>// convert oauth parameters to key-value pair
</span> <span>$string_params[] = "<span><span>$key</span>=<span>$value</span>"</span>;
</span> <span>}
</span>
<span>return "<span><span>$method</span>&"</span> . rawurlencode( $request_url ) . '&' . rawurlencode( implode( '&', $string_params ) );
</span> <span>}</span>_generate_oauth_signature()私有方法接受創建的簽名鹼基字符串來生成oauth簽名。
<span>private function _generate_oauth_signature( $data ) {
</span>
<span>// encode consumer and token secret keys and subsequently combine them using & to a query component
</span> <span>$hash_hmac_key = rawurlencode( $this->consumer_secret ) . '&' . rawurlencode( $this->oauth_access_token_secret );
</span>
<span>$oauth_signature = base64_encode( hash_hmac( 'sha1', $data, $hash_hmac_key, true ) );
</span>
<span>return $oauth_signature;
</span><span>}</span>> build_oauth()創建一個包含以下數據的數組並將其保存到OAuth_details屬性,該屬性將稍後由pertureization_header()用於生成授權標頭。
> oauth_consumer_key - Twitter應用程序消費者密鑰。
- > oauth_nonce - 一個隨機字符串,由客戶端唯一生成,允許服務器驗證在經常使用time()或mt_rand()的創建之前從未提出過請求 > oauth_signature_method - 簽名方法通常是時代
- “ hmac-sha1”
- > oauth_token - 應用程序oauth token。 > oauth_timestamp - 當前的時間戳使用time()
- >創建 > oauth_version - Twitter使用版本1.0
- > oauth_signature - _generate_oauth_signature()
- 生成的OAuth簽名
- 請求方法或http動詞也保存到請求_method屬性。
這是我們討論的授權_header()方法的代碼。
><span>/**
</span><span> * Build, generate and include the OAuth signature to the OAuth credentials
</span><span> *
</span><span> * <span>@param <span>string</span> $request_url Twitter endpoint to send the request to
</span></span><span> * <span>@param <span>string</span> $request_method Request HTTP verb eg GET or POST
</span></span><span> *
</span><span> * <span>@return $this
</span></span><span> */
</span> <span>public function build_oauth( $request_url, $request_method ) {
</span> <span>if ( ! in_array( strtolower( $request_method ), array( 'post', 'get' ) ) ) {
</span> <span>return new WP_Error( 'invalid_request', 'Request method must be either POST or GET' );
</span> <span>}
</span>
<span>$oauth_credentials = array(
</span> <span>'oauth_consumer_key' => $this->consumer_key,
</span> <span>'oauth_nonce' => time(),
</span> <span>'oauth_signature_method' => 'HMAC-SHA1',
</span> <span>'oauth_token' => $this->oauth_access_token,
</span> <span>'oauth_timestamp' => time(),
</span> <span>'oauth_version' => '1.0'
</span> <span>);
</span>
<span>if ( ! is_null( $this->get_field ) ) {
</span> <span>// remove question mark(?) from the query string
</span> <span>$get_fields = str_replace( '?', '', explode( '&', $this->get_field ) );
</span>
<span>foreach ( $get_fields as $field ) {
</span> <span>// split and add the GET key-value pair to the post array.
</span> <span>// GET query are always added to the signature base string
</span> <span>$split = explode( '=', $field );
</span> <span>$oauth_credentials[ $split[0] ] = $split[1];
</span> <span>}
</span> <span>}
</span>
<span>// convert the oauth credentials (including the GET QUERY if it is used) array to query string.
</span> <span>$signature = $this->_build_signature_base_string( $request_url, $request_method, $oauth_credentials );
</span>
<span>$oauth_credentials['oauth_signature'] = $this->_generate_oauth_signature( $signature );
</span>
<span>// save the request url for use by WordPress HTTP API
</span> <span>$this->request_url = $request_url;
</span>
<span>// save the OAuth Details
</span> <span>$this->oauth_details = $oauth_credentials;
</span>
<span>$this->request_method = $request_method;
</span>
<span>return $this;
</span> <span>}</span>
> process_request()將使用wp_remote_get()或wp_remote_post()發送get或發布請求,並根據請求方法發送,然後隨後使用wp_remote_retrieve_body()。
<span>/**
</span><span> * Generate the authorization HTTP header
</span><span> * <span>@return <span>string</span>
</span></span><span> */
</span> <span>public function authorization_header() {
</span> <span>$header = 'OAuth ';
</span>
<span>$oauth_params = array();
</span> <span>foreach ( $this->oauth_details as $key => $value ) {
</span> <span>$oauth_params[] = "<span><span>$key</span>=\""</span> . rawurlencode( $value ) . '"';
</span> <span>}
</span>
<span>$header .= implode( ', ', $oauth_params );
</span>
<span>return $header;
</span> <span>}</span>請參閱本教程,以更好地了解WordPress HTTP API及其工作方式。
>最後,我們關閉了課程。
<span>/**
</span><span> * Process and return the JSON result.
</span><span> *
</span><span> * <span>@return <span>string</span>
</span></span><span> */
</span> <span>public function process_request() {
</span>
<span>$header = $this->authorization_header();
</span>
<span>$args = array(
</span> <span>'headers' => array( 'Authorization' => $header ),
</span> <span>'timeout' => 45,
</span> <span>'sslverify' => false
</span> <span>);
</span>
<span>if ( ! is_null( $this->post_fields ) ) {
</span> <span>$args['body'] = $this->post_fields;
</span>
<span>$response = wp_remote_post( $this->request_url, $args );
</span>
<span>return wp_remote_retrieve_body( $response );
</span> <span>}
</span>
<span>else {
</span>
<span>// add the GET parameter to the Twitter request url or endpoint
</span> <span>$url = $this->request_url . $this->get_field;
</span>
<span>$response = wp_remote_get( $url, $args );
</span>
<span>return wp_remote_retrieve_body( $response );
</span>
<span>}
</span>
<span>}</span>
請注意:在set_post_fields()中
>示例:
<span>} // Twitter_API_WordPress</span>請參閱下面的類用法,以便更好地理解。
如何使用類
必須在WordPress插件的上下文中使用此類。它無法作為獨立類,因為它需要WordPress http api才能工作。
<span>$SomeObject->getObjectOne()->getObjectTwo()</span>>
>獲取最新推文的列表或集合,請按照下面的指南進行操作。 注意:https://api.twitter.com/1.1/statuses/user_timeline.json是檢索最新推文數據的資源URL。
首先,創建一個訪問鍵和令牌的數組。<span>class Twitter_API_WordPress {
</span>
<span>/** <span>@var <span>string</span> OAuth access token */</span>
</span> <span>private $oauth_access_token;
</span>
<span>/** <span>@var <span>string</span> OAuth access token secrete */</span>
</span> <span>private $oauth_access_token_secret;
</span>
<span>/** <span>@var <span>string</span> Consumer key */</span>
</span> <span>private $consumer_key;
</span>
<span>/** <span>@var <span>string</span> consumer secret */</span>
</span> <span>private $consumer_secret;
</span>
<span>/** <span>@var <span>array</span> POST parameters */</span>
</span> <span>private $post_fields;
</span>
<span>/** <span>@var <span>string</span> GET parameters */</span>
</span> <span>private $get_field;
</span>
<span>/** <span>@var <span>array</span> OAuth credentials */</span>
</span> <span>private $oauth_details;
</span>
<span>/** <span>@var <span>string</span> Twitter's request URL */</span>
</span> <span>private $request_url;
</span>
<span>/** <span>@var <span>string</span> Request method or HTTP verb */</span>
</span> <span>private $request_method;</span>
設置請求URL和方法,其中w3guy是您的Twitter用戶名。
<span>/** Class constructor */
</span> <span>public function __construct( $settings ) {
</span>
<span>if ( ! isset( $settings['oauth_access_token'] )
</span> <span>|| ! isset( $settings['oauth_access_token_secret'] )
</span> <span>|| ! isset( $settings['consumer_key'] )
</span> <span>|| ! isset( $settings['consumer_secret'] )
</span> <span>) {
</span> <span>return new WP_Error( 'twitter_param_incomplete', 'Make sure you are passing in the correct parameters' );
</span> <span>}
</span>
<span>$this->oauth_access_token = $settings['oauth_access_token'];
</span> <span>$this->oauth_access_token_secret = $settings['oauth_access_token_secret'];
</span> <span>$this->consumer_key = $settings['consumer_key'];
</span> <span>$this->consumer_secret = $settings['consumer_secret'];
</span> <span>}</span>最後,像這樣處理請求。 >
<span>/**
</span><span> * Store the POST parameters
</span><span> *
</span><span> * <span>@param <span>array</span> $array array of POST parameters
</span></span><span> *
</span><span> * <span>@return $this
</span></span><span> */
</span> <span>public function set_post_fields( array $array ) {
</span> <span>$this->post_fields = $array;
</span>
<span>return $this;
</span> <span>}
</span>
<span>/**
</span><span> * Store the GET parameters
</span><span> *
</span><span> * <span>@param $string
</span></span><span> *
</span><span> * <span>@return $this
</span></span><span> */
</span> <span>public function set_get_field( $string ) {
</span> <span>$this->getfield = $string;
</span>
<span>return $this;
</span> <span>}</span>如果一切順利,變量$結果將使用您最近的推文的JSON數據填充。 例如,對於發布請求,說您要更新個人資料描述。
信用和資源
<span>/**
</span><span> * Create a signature base string from list of arguments
</span><span> *
</span><span> * <span>@param <span>string</span> $request_url request url or endpoint
</span></span><span> * <span>@param <span>string</span> $method HTTP verb
</span></span><span> * <span>@param <span>array</span> $oauth_params Twitter's OAuth parameters
</span></span><span> *
</span><span> * <span>@return <span>string</span>
</span></span><span> */
</span> <span>private function _build_signature_base_string( $request_url, $method, $oauth_params ) {
</span> <span>// save the parameters as key value pair bounded together with '&'
</span> <span>$string_params = array();
</span>
<span>ksort( $oauth_params );
</span>
<span>foreach ( $oauth_params as $key => $value ) {
</span> <span>// convert oauth parameters to key-value pair
</span> <span>$string_params[] = "<span><span>$key</span>=<span>$value</span>"</span>;
</span> <span>}
</span>
<span>return "<span><span>$method</span>&"</span> . rawurlencode( $request_url ) . '&' . rawurlencode( implode( '&', $string_params ) );
</span> <span>}</span>該課程的結構和代碼受到詹姆斯·馬利森(James Mallison)的php twitter客戶端的啟發。
要了解有關Twitter API和OAuth的更多信息,請參見下面的資源。
> oauth身份驗證demystifified
> Twitter Oauth在方案上下文中的工作方式
- > Twitter的文檔
- 創建PHP OAUTH服務器
- > IETF RFC
- 結論 在本文中,我們了解了OAuth以及如何使用由WordPress HTTP API供電的HTTP客戶端類消耗Twitter。如前所述,該類應在WordPress插件中使用,因為它使用WordPress HTTP API,該插件僅在加載WordPress時才存在或實例化。這個PHP類可以用來派遣構建,例如,最近的推文窗口小部件。
- 該代碼可在GitHub上獲得。隨意叉,甚至提交拉的請求。
快樂的編碼。
經常詢問有關Oauth,Twitter和WordPress HTTP API
的問題
>如何在WordPress站點上設置OAuth2? >在WordPress網站上設置OAuth2涉及安裝和配置OAuth2插件。您可以從WordPress插件目錄上的幾個插件中進行選擇。安裝插件後,您需要使用OAuth2提供商的詳細信息(包括客戶端ID和客戶端秘密)進行配置。您可能還需要設置重定向的URL和範圍,具體取決於提供商的要求。>
> OAuth在Twitter API中的作用是什麼?安全委派訪問。它允許用戶在不共享密碼的情況下授予第三方應用程序訪問其Twitter帳戶。這意味著應用程序可以代表您與Twitter進行交互,執行諸如推文,閱讀時間表和關注新用戶之類的操作。>
>如何解決Twitter中的部署錯誤API問題?可以通過確保正確配置您的應用程序並使用正確的API鍵來解決Twitter中的API問題。您還應確保您的應用程序不超過Twitter的速率限制。如果您仍在遇到問題,則可能值得與Twitter的開發人員提供更多幫助。OAuth1.0和OAuth2.0?
oauth1.0和OAuth2.0之間有什麼區別。但是,OAuth2.0是一個更加精簡和強大的協議。它為開發人員提供了更大的靈活性,可用於各種平台上的應用程序,包括移動和桌面應用程序。另一方面,oauth1.0更複雜且靈活較低。 WordPress網站。這對於與外部API(例如Twitter API)進行交互可能很有用。要使用WordPress HTTP API,您需要使用wp_remote_get或wp_remote_post函數,傳遞在API端點的URL中。
>確保您的OAuth代幣對於防止未經授權訪問您的應用程序至關重要。您應該始終安全地存儲代幣,例如在安全數據庫中,並且永遠不要將其曝光在客戶端代碼中。您還應該實施令牌到期和刷新令牌,以確保即使令牌受到損害,也不能無限期地使用它。>
>在將OAuth與WordPress集成時,面臨哪些常見問題? >在將OAuth與WordPress集成時面臨的一些常見問題包括OAuth插件的不正確配置,具有重定向URL的問題以及OAuth Provider的API問題。這些問題通常可以通過仔細檢查您的配置並確保您使用正確的API鍵和重定向URL來解決這些問題。>
>如何使用Twitter API對問題進行故障排除?使用Twitter,API可以涉及檢查應用程序的配置,確保您使用正確的API鍵,並檢查您的應用程序不超過Twitter的速率限制。您還可以使用Twitter的API參考文檔來了解API的預期行為並確定任何潛在問題。>
>我如何將OAuth2.0與Twitter API? .0使用Twitter API,您需要創建一個Twitter應用程序並獲取API鍵。然後,您需要使用這些鍵來獲得訪問令牌,該鍵可用於驗證您的API請求。請注意,Twitter的實現OAuth2.0是僅應用程序的,這意味著它只能用於不需要用戶上下文的請求。使用Miniorange OAuth 2.0服務器插件在WordPress中有什麼好處? WordPress的Miniorange OAuth 2.0服務器插件提供了一種簡單且安全的方法,可以在WordPress站點上設置OAuth2.0服務器。它支持多種贈款類型,包括授權代碼,隱式,密碼和客戶端憑據,並且還支持JWT和SAML。這使其成為在您的WordPress網站上實現OAuth2.0的靈活和強大選擇。
>
以上是Oauth,Twitter,WordPress HTTP API和您的詳細內容。更多資訊請關注PHP中文網其他相關文章!
php json less String Array Object Resource if for while timestamp include require Directory Error Token using class private protected finally Property Collection channel constructor this github database http https WordPress Access Other
陳述:
本文內容由網友自願投稿,版權歸原作者所有。本站不承擔相應的法律責任。如發現涉嫌抄襲或侵權的內容,請聯絡admin@php.cn