How to get an oauth_token with oAuth in PHP

Question

I'm trying to authenticate using OAuth in OpenX (site does not render well in chrome. Use iexplore or safari.)

This is my piece of code

# Login
$url = "https://sso.openx.com/api/index/token";
$post = http_build_query( array(  'Access Token URL' => 'https://sso.openx.com/api/index/token',
                'Authorize URL' => 'https://sso.openx.com/login/login',
                'callbackUrl' => 'oob',
                'Consumer Key' => $key,
                'Consumer Secret' => $secret,
                'OAuth Realm' => $realm,
                'Request Token URL' => 'https://sso.openx.com/api/index/initiate',
                'Signature Method' => 'HMAC-SHA1 ',
                'Version' => '1.0a ') );

$curl = curl_init($url);

curl_setopt($curl, CURLOPT_POST, true);
curl_setopt($resource, CURLOPT_POSTFIELDS, $post);
curl_setopt($curl, CURLOPT_HTTPAUTH, CURLAUTH_ANY);
curl_setopt($curl, CURLOPT_VERBOSE, 1);
curl_setopt($curl, CURLOPT_HEADER, 1);
curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);

$json_response = curl_exec($curl);
var_dump($json_response);
curl_close($curl);

$authObj = json_decode($json_response);

And, according to the linked documentation, I should be expecting an oauth_token and oauth_verifier:

1.Set the callbackUrl to oob (out-of-band), which tells the OAuth server that you are not redirecting a user. The OAuth Server returns the request token.

but instead I'm getting:

HTTP/1.1 400 Bad Request - Invalid Request: Missing parameters

Am I doing something obviously wrong here that I am missing? Am I misunderstanding something in the linked documentation?

Any sort of help is welcome, either aimed at the problem itself or to the way it's been presented; answers, hints, ideas, corrections, etc.

Thank you.

Answer 1

Try passing the parameters like this

curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($data));

where $data will have $data='username='.$username.'&password='.$password.'';

Answer 2

Where does "$resource" come from?? Replace:

curl_setopt($resource, CURLOPT_POSTFIELDS, $post);

with

curl_setopt($curl, CURLOPT_POSTFIELDS, $post);

for a start.

Answer 3

I am using openx too, here is my code. Hope it can help someone

$para = array (
        'Access Token URL' => 'https://sso.openx.com/api/index/token',
        'Authorize URL' => 'https://sso.openx.com/login/process',
        'callbackUrl' => 'oob',
        'Consumer Key' => $email,
        'Consumer Secret' => $consumer_secret,
        'OAuth Realm' => $sso_realm,
        'Request Token URL' => 'https://sso.openx.com/api/index/initiate',
        'Signature Method' => 'HMAC-SHA1',
        'Version' => '1.0a'
);

$opt = array (
        CURLOPT_URL => "https://sso.openx.com/login/process",
        CURLOPT_COOKIEFILE => $cookieFile,
        CURLOPT_COOKIEJAR => $cookieFile,
        CURLOPT_HTTPAUTH => CURLAUTH_BASIC,
        CURLOPT_POST => true,
        CURLOPT_POSTFIELDS => $para,
        CURLOPT_VERBOSE => true,
        CURLOPT_HEADER => true,
        CURLOPT_SSL_VERIFYPEER => false,
        CURLOPT_RETURNTRANSFER => true,
        CURLOPT_USERPWD => "{$authentication}",
        CURLOPT_FOLLOWLOCATION => true
);

$c = curl_init();

curl_setopt_array($c, $opt);

$content = curl_exec($c);
$info = curl_getinfo($c);
$error = curl_error($c);

You need the "consumer_secret" and "sso_realm" from the email openx people sent to you.