· 5 years ago · Mar 06, 2020, 07:30 PM
1<?php
2if (!(isset($_GET['oauth_token']) && isset($_GET['oauth_verifier']))) {
3 exit;
4}
5
6$postData = [
7 'oauth_verifier' => $_GET['oauth_verifier']
8];
9
10$oauthHeader = [
11 'oauth_verifier' => $_GET['oauth_verifier'],
12 'oauth_callback' => 'https://dev.hsrv.me/twitter/callback.php',
13 'oauth_consumer_key' => '5OP48F94Icalm43EasojglbOy',
14 'oauth_token' => $_GET['oauth_token'],
15 'oauth_nonce' => 'K7ny27JTpKVsTgdyLdDfmQQWVLERj2zAf5BslRsqyw',
16 'oauth_signature_method' => 'HMAC-SHA1',
17 'oauth_timestamp' => strtotime("now"),
18 'oauth_version' => '1.0',
19 ];
20$signature = create_signature('https://api.twitter.com/oauth/access_token', $oauthHeader, $_GET['oauth_token']);
21$oauthHeader['oauth_signature'] = $signature;
22
23$ch = curl_init();
24curl_setopt($ch, CURLOPT_URL,"https://api.twitter.com/oauth/access_token");
25curl_setopt($ch, CURLOPT_POST, 1);
26curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($postData));
27curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
28curl_setopt($ch, CURLOPT_HTTPHEADER, array(
29 'Authorization: OAuth '.buildOAuthHeader($oauthHeader)
30));
31
32$server_output = curl_exec ($ch);
33
34curl_close ($ch);
35
36print_r($server_output);
37
38function buildOAuthHeader(array $parameters) {
39 $header = '';
40 foreach ($parameters as $key => $val) {
41 if ($header !== '') $header .= ', ';
42 $header .= rawurlencode($key).'="'.rawurlencode($val).'"';
43 }
44
45 return $header;
46}
47
48function create_signature($url, array $parameters, $tokenSecret = '', $method = 'POST') {
49 $tmp = [];
50 foreach ($parameters as $key => $val) {
51 $tmp[rawurlencode($key)] = rawurlencode($val);
52 }
53 $parameters = $tmp;
54
55 uksort($parameters, 'strcmp');
56 $parameterString = '';
57 foreach ($parameters as $key => $val) {
58 if ($parameterString !== '') $parameterString .= '&';
59 $parameterString .= $key.'='.$val;
60 }
61
62 $base = strtoupper($method).'&'.rawurlencode($url).'&'.rawurlencode($parameterString);
63 $key = rawurlencode('VQNrlBddIutL6nRNR3JgZFexSIzGkiy36y0d2qZaMYoVIRz3Sj').'&'.rawurlencode($tokenSecret);
64
65 return base64_encode(hash_hmac('sha1', $base, $key, true));
66}