在php中获取雅虎联系人（雅虎OAuth）

Question

我正在为网站开发一个invite_friends工具。我读了这些文章和采取的步骤：

• http://anandafit.info/2011/01/06/yahoo-contact-list-reader-in-php/
• http://nullinfo.wordpress.com/oauth-yahoo/

但是当我执行的是，在年底，雅虎称：

{ "error": {  "lang": "en-US",  "description": "Please provide valid credentials. OAuth oauth_problem=\"token_rejected\", realm=\"yahooapis.com\"" } } 

：（（

这些是我的代码：

getreqtok.php

<?php 
require 'modules/invite/yahoo/globals.php'; 
require 'modules/invite/yahoo/oauth_helper.php'; 

// Callback can either be 'oob' or a url whose domain must match 
// the domain that you entered when registering your application 

$callback='http://www.warzone.in/modules.php?name=invite&op=yahoo_get_contacts'; 

// Get the request token using HTTP GET and HMAC-SHA1 signature 
$retarr = get_request_token(OAUTH_CONSUMER_KEY, OAUTH_CONSUMER_SECRET, 
          $callback, false, true, true); 


//echo $retarr[3]["oauth_token_secret"]."<br> 
//<br> 
//"; 

session_start();      
$_SESSION["oauth_token_secret"] = $retarr[3]["oauth_token_secret"]; 

//echo $_SESSION["oauth_token_secret"]."<br> 
//<br> 
//<br> 
//"; 

if (! empty($retarr)){ 
    list($info, $headers, $body, $body_parsed) = $retarr; 
    if ($info['http_code'] == 200 && !empty($body)) { 
     //print "Have the user go to xoauth_request_auth_url to authorize your app\n"; 
      ?> 
<a href="<?php echo rfc3986_decode($body_parsed['xoauth_request_auth_url'])?>">YAHOO</a> 
<?php 
    } 
} 




/** 
* Get a request token. 
* @param string $consumer_key obtained when you registered your app 
* @param string $consumer_secret obtained when you registered your app 
* @param string $callback callback url can be the string 'oob' 
* @param bool $usePost use HTTP POST instead of GET 
* @param bool $useHmacSha1Sig use HMAC-SHA1 signature 
* @param bool $passOAuthInHeader pass OAuth credentials in HTTP header 
* @return array of response parameters or empty array on error 
*/ 
function get_request_token($consumer_key, $consumer_secret, $callback, $usePost=false, $useHmacSha1Sig=true, $passOAuthInHeader=false) 
{ 
    $retarr = array(); // return value 
    $response = array(); 

    $url = 'https://api.login.yahoo.com/oauth/v2/get_request_token'; 
    $params['oauth_version'] = '1.0'; 
    $params['oauth_nonce'] = mt_rand(); 
    $params['oauth_timestamp'] = time(); 
    $params['oauth_consumer_key'] = $consumer_key; 
    $params['oauth_callback'] = $callback; 

    // compute signature and add it to the params list 
    if ($useHmacSha1Sig) { 
    $params['oauth_signature_method'] = 'HMAC-SHA1'; 
    $params['oauth_signature'] = 
     oauth_compute_hmac_sig($usePost? 'POST' : 'GET', $url, $params, 
          $consumer_secret, null); 
    } else { 
    $params['oauth_signature_method'] = 'PLAINTEXT'; 
    $params['oauth_signature'] = 
     oauth_compute_plaintext_sig($consumer_secret, null); 
    } 

    // Pass OAuth credentials in a separate header or in the query string 
    if ($passOAuthInHeader) { 

    $query_parameter_string = oauth_http_build_query($params, FALSE); 

    $header = build_oauth_header($params, "yahooapis.com"); 
    $headers[] = $header; 
    } else { 
    $query_parameter_string = oauth_http_build_query($params); 
    } 

    // POST or GET the request 
    if ($usePost) { 
    $request_url = $url; 
    logit("getreqtok:INFO:request_url:$request_url"); 
    logit("getreqtok:INFO:post_body:$query_parameter_string"); 
    $headers[] = 'Content-Type: application/x-www-form-urlencoded'; 
    $response = do_post($request_url, $query_parameter_string, 443, $headers); 
    } else { 
    $request_url = $url . ($query_parameter_string ? 
          ('?' . $query_parameter_string) : ''); 

    logit("getreqtok:INFO:request_url:$request_url"); 

    $response = do_get($request_url, 443, $headers); 

    } 

    // extract successful response 
    if (! empty($response)) { 
    list($info, $header, $body) = $response; 
    $body_parsed = oauth_parse_str($body); 
    if (! empty($body_parsed)) { 
     logit("getreqtok:INFO:response_body_parsed:"); 
     //print_r($body_parsed); 
    } 
    $retarr = $response; 
    $retarr[] = $body_parsed; 
    } 

    return $retarr; 
} 
?> 

getacctok.php

<?php 
session_start(); 
require 'modules/invite/yahoo/globals.php'; 
require 'modules/invite/yahoo/oauth_helper.php'; 



// Fill in the next 3 variables. 
$request_token=$_REQUEST["oauth_token"]; 
$request_token_secret=$_SESSION["oauth_token_secret"]; 
$oauth_verifier= $_REQUEST["oauth_verifier"]; 



//echo $request_token." xxxx ".$request_token_secret." yyyy ".$oauth_verifier."<br> 
//<br> 
//<br> 
//"; 



// Get the access token using HTTP GET and HMAC-SHA1 signature 
$retarr = get_access_token(OAUTH_CONSUMER_KEY, OAUTH_CONSUMER_SECRET, 
          $request_token, $request_token_secret, 
          $oauth_verifier, false, true, true); 
if (! empty($retarr)) { 
    list($info, $headers, $body, $body_parsed) = $retarr; 
    if ($info['http_code'] == 200 && !empty($body)) { 
    // print "Use oauth_token as the token for all of your API calls:\n" . 
      rfc3986_decode($body_parsed['oauth_token']); 
    } 
} 


















/** 
* Get an access token using a request token and OAuth Verifier. 
* @param string $consumer_key obtained when you registered your app 
* @param string $consumer_secret obtained when you registered your app 
* @param string $request_token obtained from getreqtok 
* @param string $request_token_secret obtained from getreqtok 
* @param string $oauth_verifier obtained from step 3 
* @param bool $usePost use HTTP POST instead of GET 
* @param bool $useHmacSha1Sig use HMAC-SHA1 signature 
* @param bool $passOAuthInHeader pass OAuth credentials in HTTP header 
* @return array of response parameters or empty array on error 
*/ 
function get_access_token($consumer_key, $consumer_secret, $request_token, $request_token_secret, $oauth_verifier, $usePost=false, $useHmacSha1Sig=true, $passOAuthInHeader=true) 
{ 
    $retarr = array(); // return value 
    $response = array(); 



    $url = 'https://api.login.yahoo.com/oauth/v2/get_token'; 
    $params['oauth_version'] = '1.0'; 
    $params['oauth_nonce'] = mt_rand(); 
    $params['oauth_timestamp'] = time(); 
    $params['oauth_consumer_key'] = $consumer_key; 
    $params['oauth_token']= $request_token; 
    $params['oauth_verifier'] = $oauth_verifier; 



    // compute signature and add it to the params list 
    if ($useHmacSha1Sig) { 
    $params['oauth_signature_method'] = 'HMAC-SHA1'; 
    $params['oauth_signature'] = 
     oauth_compute_hmac_sig($usePost? 'POST' : 'GET', $url, $params, 
          $consumer_secret, $request_token_secret); 
    } else { 
    $params['oauth_signature_method'] = 'PLAINTEXT'; 
    $params['oauth_signature'] = 
     oauth_compute_plaintext_sig($consumer_secret, $request_token_secret); 
    } 



    // Pass OAuth credentials in a separate header or in the query string 
    if ($passOAuthInHeader) { 
    $query_parameter_string = oauth_http_build_query($params, false); 
    $header = build_oauth_header($params, "yahooapis.com"); 
    $headers[] = $header; 
    } else { 
    $query_parameter_string = oauth_http_build_query($params); 
    } 



    // POST or GET the request 
    if ($usePost) { 
    $request_url = $url; 
    logit("getacctok:INFO:request_url:$request_url"); 
    logit("getacctok:INFO:post_body:$query_parameter_string"); 
    $headers[] = 'Content-Type: application/x-www-form-urlencoded'; 
    $response = do_post($request_url, $query_parameter_string, 443, $headers); 
    } else { 
    $request_url = $url . ($query_parameter_string ? 
          ('?' . $query_parameter_string) : ''); 
    logit("getacctok:INFO:request_url:$request_url"); 
    $response = do_get($request_url, 443, $headers); 
    } 



    // extract successful response 
    if (! empty($response)) { 
    list($info, $header, $body) = $response; 
    $body_parsed = oauth_parse_str($body); 
    if (! empty($body_parsed)) { 
     logit("getacctok:INFO:response_body_parsed:"); 
     //print_r($body_parsed); 
    } 
    $retarr = $response; 
    $retarr[] = $body_parsed; 
    } 



    return $retarr; 
} 












$guid = $retarr[3]["xoauth_yahoo_guid"]; 
$access_token = $retarr[3]["oauth_token"]; 
$access_token_secret = $retarr[3]["oauth_token_secret"]; 









// Call Contact API 
$retarr = callcontact(OAUTH_CONSUMER_KEY, OAUTH_CONSUMER_SECRET, 
         $guid, $access_token, $access_token_secret, 
         false, true); 









function callcontact($consumer_key, $consumer_secret, $guid, $access_token, $access_token_secret, $usePost=false, $passOAuthInHeader=true) 
{ 
    $retarr = array(); // return value 
    $response = array(); 



    $url = 'http://social.yahooapis.com/v1/user/' . $guid . '/contacts;count=5'; 
    $params['format'] = 'json'; 
    $params['view'] = 'compact'; 
    $params['oauth_version'] = '1.0'; 
    $params['oauth_nonce'] = mt_rand(); 
    $params['oauth_timestamp'] = time(); 
    $params['oauth_consumer_key'] = $consumer_key; 
    $params['oauth_token'] = $access_token; 



    // compute hmac-sha1 signature and add it to the params list 
    $params['oauth_signature_method'] = 'HMAC-SHA1'; 
    $params['oauth_signature'] = 
     oauth_compute_hmac_sig($usePost? 'POST' : 'GET', $url, $params, 
          $consumer_secret, $access_token_secret); 



    // Pass OAuth credentials in a separate header or in the query string 
    if ($passOAuthInHeader) { 
    $query_parameter_string = oauth_http_build_query($params, true); 
    $header = build_oauth_header($params, "yahooapis.com"); 
    $headers[] = $header; 
    } else { 
    $query_parameter_string = oauth_http_build_query($params); 
    } 



    // POST or GET the request 
    if ($usePost) { 
    $request_url = $url; 
    logit("callcontact:INFO:request_url:$request_url"); 
    logit("callcontact:INFO:post_body:$query_parameter_string"); 
    $headers[] = 'Content-Type: application/x-www-form-urlencoded'; 
    $response = do_post($request_url, $query_parameter_string, 80, $headers); 
    } else { 
    $request_url = $url . ($query_parameter_string ? 
          ('?' . $query_parameter_string) : ''); 
    logit("callcontact:INFO:request_url:$request_url"); 
    $response = do_get($request_url, 80, $headers); 
    } 



    // extract successful response 
    if (! empty($response)) { 
    list($info, $header, $body) = $response; 
    if ($body) { 
     logit("callcontact:INFO:response:"); 
     print(json_pretty_print($body)); 
    } 
    $retarr = $response; 
    } 



    return $retarr; 
} 


















?> 

Answer 1

class YahooContacts 
    { 
     protected static $oauthConsumerKey =""; 
     protected static $OauthConsumerSecret =""; 
     protected static $oauthDomain=""; 

     public function __construct(){ 
      //Check Session is Start Or not 
      if (session_status() == PHP_SESSION_NONE) { 
         session_start(); 
      } 

     } 

     /** 
     * Authentication user And Access Refresh and access token 
     * 
     * @author <Pawan Kumar> 
     * @return type boolean 
     **/ 
     protected function getAuthorization($code) 
     { 
      $url = "https://api.login.yahoo.com/oauth2/get_token"; 

      $data="grant_type=authorization_code&redirect_uri=".self::$oauthDomain."&code=".$code; 
      $auth = base64_encode(self::$oauthConsumerKey.":".self::$OauthConsumerSecret); 

      $headers = array(
       'Authorization: Basic '.$auth, 
       'Content-Type: application/x-www-form-urlencoded' 
      ); 

      try{ 
       $resultSet =self::makeRequest($url,$data,$headers); 
       if($resultSet->access_token){ 
        $this->setAccessToken($resultSet->access_token); 
        $this->setRefreshToken($resultSet->refresh_token); 
        $this->setGuidToken($resultSet->xoauth_yahoo_guid); 
        return true; 
       } 
      }catch(Exception $ex){ 
       throw($ex); 
      } 

     } 
     /** 
     * Get All Contacts list From Yahoo API using Auth Access Token And oAuth Guid Token 
     * 
     * @author <Pawan Kumar> 
     * @return type Object 
     **/ 
     public function getUserContactsDetails() 
     { 
      /** Refresh Access Token is Expired **/ 
      $this->generateAccessToken(); 

      $guid =$this->getGuidToken(); 
      $token =$this->getAccessToken(); 

      $contactUrl="https://social.yahooapis.com/v1/user/$guid/contacts?format=json"; 

      $opts = array(
         'http'=>array(
         'method'=>"GET", 
         'header'=>"Authorization: Bearer $token" 
        ) 
        ); 

      $context = stream_context_create($opts); 
      $file = file_get_contents($contactUrl, false, $context); 

      $output =json_decode($file); 
      return $output; 
     } 

     /** 
     * Get New Access Token using Refresh Token 
     * 
     * @author <Pawan Kumar> 
     * @return type boolean 
     **/ 
     protected function generateAccessToken() 
     { 

      $url = "https://api.login.yahoo.com/oauth2/get_token"; 

      $refreshToken = $this->getRefreshToken(); 
      $data="grant_type=refresh_token&redirect_uri=".self::$oauthDomain."&refresh_token=".$refreshToken; 

      $auth = base64_encode(self::$oauthConsumerKey.":".self::$OauthConsumerSecret); 
      $headers = array(
       'Authorization: Basic '.$auth, 
       'Content-Type: application/x-www-form-urlencoded' 
      ); 

      try{ 

       $resultSet =self::makeRequest($url,$data,$headers); 

       if($resultSet->access_token){ 
        $this->setAccessToken($resultSet->access_token); 
        return true; 
       }else{ 
        return false; 
       } 
      }catch(Exception $ex){ 
       throw($ex); 
      } 

     } 

     /** 
     * Build a login url using oAuth Consumber Key And Redirect Domain 
     * 
     * @author Pawan Kumar 
     * @return type String 
     **/ 
     public static function getLoginUrl() 
     { 
      $loginUrl = "https://api.login.yahoo.com/oauth2/request_auth"; 
      $buildUrl =$loginUrl."?client_id=".self::$oauthConsumerKey."&redirect_uri=".self::$oauthDomain."&response_type=code&language=en-us"; 
      return $buildUrl; 
     } 

     /** 
     * Make a Remote Post Request using MakeRequest Function 
     * 
     * @param Url String 
     * @param $postData String Send Post Data With Request 
     * @param headers Array Contain Auth basic information 
     * @author Pawan Kumar 
     * @return type Object 
     **/ 

     public static function makeRequest($url,$postData,$headers){ 

      try{ 

       if (empty($url))throw new Exception("Url is Not Format."); 
       if (empty($postData))throw new Exception("Post Parameters is Not Defined"); 

       $ch = curl_init(); 

       curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); 
       curl_setopt($ch, CURLOPT_VERBOSE, 1); 
       curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0); 
       curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0); 
       curl_setopt($ch, CURLOPT_HTTPHEADER, $headers); 
       curl_setopt($ch, CURLOPT_POSTFIELDS,$postData); 
       curl_setopt($ch, CURLOPT_URL,$url); 

       $result = curl_exec($ch); 
       $output =json_decode($result); 

       return $output; 

      }catch(\Exception $ex){ 
       throw($ex); 
      } 

     } 

     /** 
     * @param RefreshToken to set String Token Into Session 
     */ 
     public function setRefreshToken($token) 
     { 
      $_SESSION['refresh_token']=$token; 
     } 

     /** 
     * @return String Refresh Token From Session 
     */ 
     public function getRefreshToken() 
     { 
      return $_SESSION['refresh_token']; 
     } 

     /** 
     * @param AccessToken to set String Token into Session 
     */ 
     public function setAccessToken($token) 
     { 
      $_SESSION['access_token']=$token; 
     } 

     /** 
     * @return String Access Token From Session 
     */ 
     public function getAccessToken() 
     { 
      return $_SESSION['access_token']; 
     } 

     /** 
     * @param GuidToken to set String Token into Session 
     */ 
     public function setGuidToken($token) 
     { 
      $_SESSION['xoauth_yahoo_guid']=$token; 
     } 
     /** 
     * @return String Guid Token from Session 
     */ 
     public function getGuidToken() 
     { 
      return $_SESSION['xoauth_yahoo_guid']; 
     } 

    } 


    // Initialize Session If Session is Not Start 
    session_start(); 

    if(isset($_GET['code'])){ 
     $code = $_GET['code']; 
     if(!empty($code)){ 
      // create a instance of yahoo contacts 
      $obj = new YahooContacts(); 
      //Successfully Authorization Process 
      $obj->getAuthorization($code); 
      Header("Location:http://yahoo.fansunite.com.au");die; 
     } 
    }else{ 
     if(isset($_SESSION['access_token'])){ 

      // create a instance of yahoo contacts 
      $obj = new YahooContacts(); 

      //After Authorization Get User Contacts Email 
      $res = $obj->getUserContactsDetails(); 
      print "<pre>"; 
      print_r($res); 
     }else{ 
      $url = YahooContacts::getLoginUrl(); 
      echo "<center><strong><a href='$url'>Login With Yahoo Mail !</a></strong></center>"; 
     } 

    }