Testing a three-legged and two-legged OAuth REST using Drupal 7.x, Services 7.x-3.2, Oauth 7.x-3.0, and PHP Client

This article is based on my drupal community documentation at http://drupal.org/node/1839550.

System

• CentOS 6.3
• PHP 5.3.18
• PECL Oauth extension (install it via command pecl install oauth)
• Drupal-7.17
• Server URL: http://core.zeus.lan (you can use any URL BUT You SHOULD really going for HTTPS). You can read about setting up SSL certificate here
• Client URL: http://localhost/oauth.php (this will be used below)

Modules

• Services-7.x-3.2
• Oauth-7.x-3.0

Step-by-Step

I use location sites/all/modules/contrib for all of my drupal modules.

Services Configuration

First we set up the services with oauth.

1. In Drupal site, install modules: REST Server, OAuth Authentication, OAuth Provider UI.
2. In Drupal directory, comment out line 6 to 8 in file oauth/lib/OAuth.php, since it will conflict with PECL OAuth.
3. In Drupal site, Create OAuth context in admin/config/services/oauth/add, make sure to create Authorization level and set as default.
4. Then add Services myawesomejson in admin/structure/services/add, choose Server:REST, Path to endpoint:myawesomejson, tick OAuth authentication , then hit Save.
5. Next, click Edit Resources for your earlier json services, check all resources, then hit Save.
6. Next, click tab:Server, check all boxes, then hit Save.
7. Lastly, click tab:Authentication, use your earlier OAuth Context, and Default required authentication: select Three Leg or Two Leg, then hit Save.

Consumer Creation

Finally we ready to create the consumer and finish our server session. For this tutorial, I use admin account.

1. Go to My Account (URL /user) and click tab:Authorization.
2. Click Add consumer and make sure Callback URL is Client URL above, then hit Save.
3. Edit your Consumer, and click Show Secret. Note the Consumer Key and Consumer Secret which will be used for PHP Client below.

PHP Client for 3-legged OAuth

For the PHP Client, I copy paste the code from http://id1.php.net/manual/en/oauth.examples.fireeagle.php, I change the variables into:

$req_url = 'http://core.zeus.lan/oauth/request_token';
$authurl = 'http://core.zeus.lan/oauth/authorize';
$acc_url = 'http://core.zeus.lan/oauth/access_token';
$api_url = 'http://core.zeus.lan/myawesomejson';
$conskey = 'your_consumer_key';
$conssec = 'your_consumer_secret';

Now visit your Client URL, you’ll redirected to the Server URL, and after clicking Grant button, you’ll back to your Client URL with result like below:

Array ( [0] => stdClass Object ( [uid] => 1 [name] => admin .... etc etc

PHP Client for 2-legged OAuth

A more simple (modified from above file), make sure you select 2-Legged in your Services Authentication.
Full PHP code here:

$api_url = 'http://core.zeus.lan/myawesomejson';
$conskey = 'your_consumer_key';
$conssec = 'your_consumer_secret';

session_start();

try {
$oauth=new OAuth($conskey,$conssec,OAUTH_SIG_METHOD_HMACSHA1,OAUTH_AUTH_TYPE_URI);
  $oauth->enableDebug();

  $oauth->fetch("$api_url/user.json");
  $json = json_decode($oauth->getLastResponse());
  print_r($json);

} catch(OAuthException $E) {
  print_r($E);
}

That’s it, now you can expand this to anything you like.