Skip to content

Instantly share code, notes, and snippets.

@hiephm

hiephm/magento1_oauth_testing.md

Last active March 18, 2017 12:27
Show Gist options
  • Save hiephm/8a5300b89f13e65d83f4 to your computer and use it in GitHub Desktop.
Save hiephm/8a5300b89f13e65d83f4 to your computer and use it in GitHub Desktop.
Download ZIP
How to do OAuth 1.0 manually (Magento 1)
Raw
magento1_oauth_testing.md

How to do OAuth 1.0 manually (Magento 1)

0. Pre-requisites:

  • consumer_key: d208adaf663a85029c33f55ce73d2705
  • consumer_secrect: 9faba5ec4c19aa68ca96511201b20f69
  • Initiate url: http://domain.com/oauth/initiate
  • Authorize url: http://domain.com/admin/oauth_authorize
  • Token request url: http://domain.com/oauth/token
  • Callback url (for dumping returned oauth_token and oauth_verifier): http://domain.com/callback.php
# callback.php
<?php print_r($_GET); ?>

1. Call Initiate url with header:

Authorization: OAuth oauth_consumer_key="consumer_key",oauth_signature_method="PLAINTEXT",oauth_signature="consumer_secret&",oauth_callback="callback_url"

E.g:

Authorization: OAuth oauth_consumer_key="d208adaf663a85029c33f55ce73d2705",oauth_signature_method="PLAINTEXT",oauth_signature="9faba5ec4c19aa68ca96511201b20f69&",oauth_callback="http://domain.com/callback.php"

==> Response:

oauth_token=ca27cc39c40d7e8dd6b8712f1f1471b1&oauth_token_secret=fc9fb4880ef0cb456808bbc101e14e8a&oauth_callback_confirmed=true

Take note the oauth_token and oauth_token_secret

2. Browse to Authorize url, passing oauth_token as parameter:

http://domain.com/admin/oauth_authorize?oauth_token=ca27cc39c40d7e8dd6b8712f1f1471b1

==> Login and authorize this app.
==> Redirect to Callback url:

Array ( [oauth_token] => ca27cc39c40d7e8dd6b8712f1f1471b1 [oauth_verifier] => bf4a49d78505fc69351c2a46dc9b3cef )

Take note the oauth_verifier

3. Call Token request url with header:

Authorization: OAuth oauth_consumer_key="consumer_key",oauth_signature_method="PLAINTEXT",oauth_signature="consumer_secret&oauth_token_secret",oauth_token="oauth_token",oauth_verifier="oauth_verifier"

E.g:

Authorization: OAuth oauth_consumer_key="d208adaf663a85029c33f55ce73d2705",oauth_signature_method="PLAINTEXT",oauth_signature="9faba5ec4c19aa68ca96511201b20f69&fc9fb4880ef0cb456808bbc101e14e8a",oauth_token="ca27cc39c40d7e8dd6b8712f1f1471b1",oauth_verifier="bf4a49d78505fc69351c2a46dc9b3cef"

==> Response:

oauth_token=6180ce11e850940d0d74fde58c9c8d45&oauth_token_secret=81d0352c9a285def7418bca55093caf9

Take note the new oauth_token and oauth_token_secret

4. Make call to OAuth resources with header:

Authorization: OAuth oauth_consumer_key="consumer_key",oauth_signature_method="PLAINTEXT",oauth_signature="consumer_secret&new_oauth_token_secret",oauth_token="new_oauth_token"

E.g:

Authorization: OAuth oauth_consumer_key="d208adaf663a85029c33f55ce73d2705",oauth_signature_method="PLAINTEXT",oauth_signature="9faba5ec4c19aa68ca96511201b20f69&81d0352c9a285def7418bca55093caf9",oauth_token="6180ce11e850940d0d74fde58c9c8d45"
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment