SoC: OAuth - oauth.module -- sorry for late

There is a PHP library at http://code.google.com/p/oauth-php/

Sumit Kataria has proposed this as a Summer of Code project. Very exciting!

assigned as place holder

Work going on
patches to services coming soon
OAuth module is already in progress
http://drupal.org/project/oauth
OAuth services
http://drupal.org/project/oauth_services

Correct URLs provided for the projects

http://drupal.org/project/oauth
http://drupal.org/project/oauth_services

Files in tar :
1. services.module and
2. services_admin_browse.inc

These are changed to use OAuth for authorization in services
right now only access token is checked against consumer key
Soon support for nonce and nonce_timestamp will be added
nonce_timestamp will be checked for calls as request timestamp >= token issue timestamp
So that all fake calls can be identified

Also a module outh_call is in development to make calls to server from Drupal only to obtain request and access token

Both files in tar are to be dumped in root dir of Services module
Then in settings check OAuth to use OAuth for calls

right now you can use a test client server http://tut2tech.com/sb4/oauth_test/ for making calls and obtaining request and access tokens
(that may not respond correctly - right now just issuing request token - will be fixed very soon)

needs suggestions to make this implemented best way

I explain more about OAuth request here :
to make a request via OAuth for services required parameters are :

string oauth_consumer_key (required)
OAuth key for consumer.
string oauth_token (required)
OAuth token for consumer.
string oauth_signature_method (required)
OAuth signature method.
string oauth_signature (required)
OAuth signature.
string oauth_timestamp (required)
OAuth call timestamp
string oauth_nonce (required)
OAuth call nonce

Here we will be verifying 1. access token against consumer key(oauth_token table) 2. nonce, nonce_timestamp against oauth_nonce table [these are still to fix in OAuth module]
Timestamp in request must be >= previous timestamp for access

subscribing... here's sumit's changes as a patch.

Hi
here I am attaching modified oauth.module file
Please rename it and place it in /sites/all/modules/oauth/ directory

Issues Fixed :
1. Earlier it was not producing keys for all users, it was overwriting those -- >> Issue fixed
2. Nonce table was not able to store values in proper format -- >> Method + issue fixed
3. Earlier only users can view their keys+ secrets -->> issue fixed -->> Now admin(keys of all users) + users both can view their keys
4. Earlier normal user was not able to get an "access" token -->> issue fixed in this attached file -->>

you can use testing server for test calls -->> http://term.ie/oauth/example

Now we can use timestamp + nonce for verification of users in Services API as it is working fine now :)

committed your fixes.

Patch to above oauth.module fixes

somehow it didnt got attached

another issue link with major details to project
OAuth test browser done :)
check it here http://tut2tech.com/sb2/?q=admin/build/oauth
http://drupal.org/node/275107#comment-899622

Here is patch to srevices module to work with oauth module http://drupal.org/node/291571

Sumit,

niiice work. Im excited to commit work code, but i need the latest files and patches. I suggest you to update your CVS, since i did several changes in the past 2 days. Then post here the final code that i should test and commit, right?

regards,

massa

Sumit

I want to review the code aswell before any commit takes place aswell.

Marc

Hi Guys
my exams were going on - so I was a bit busy with them
I will submit latest code as earliest as possible

Also a few extra features have been added to module now - But I will add those to next big release
For testing purpose this code is working fine

ill update it this weekend surely and release a new patch for services as well

cheers!!
sumitk
http://sumitk.net

Hi Guys
my exams were going on - so I was a bit busy with them
I will submit latest code as earliest as possible

Also a few extra features have been added to module now - But I will add those to next big release
For testing purpose this code is working fine

ill update it this weekend surely and release a new patch for services as well

cheers!!
sumitk
http://sumitk.net

Sumit,

hi there! About 2 days ago i started to integrate OAuth on Services. I used your code as base.

Its 80% done!

It creates request and access tokens, create consumer keys for users that are allowed, and its already working with services calls. There are a couple things that i need to do before release it to the public, probably by monday. I suggest you to take a look on D6 Services CVS.

thanks for all that code.

regards,

massa

Summit

That sounds good I'll be more than happpy to review what you have done at some point over the weekend.

Good luck with the exams.

Marc