Tell me more ×
Drupal Answers is a question and answer site for Drupal developers and administrators. It's 100% free, no registration required.
up vote 9 down vote favorite
6

I am looking for either a tutorial or an example module to kick start my development. I am looking to create a module that consumes the oauth API from another website.

I have downloaded an installed the oauth_common and oauth_common_consumerui modules that are a part of the http://drupal.org/project/oauth package. There is little documentation to go from here.

I imagine that I need to create a custom module to implement the required methods in the oauth_common module, but no idea what these are. Does anyone have any information about this?

In other words, what is the barebones needed in a module to get me started? @MarkTrapp answer below was a step in the right direction, but completely bypasses the oauth set of modules including all their API. If I can reuse other modules API, and reduce my code base this is of huge benefit to me.

Decided to a raise a bounty on what limited reputation I have to see if I can encourage some thought in this area

share|improve this question
Have you looked at Services OAuth and OAuth Connector modules to see how they are using version 3.x of the OAuth module? – martin Mar 14 '11 at 7:43
2  
I have, but these modules do not actually really document what they are doing, and what hooks are available to be implemented in the oauth module. I was really just after a bare bones example. – wiifm Mar 14 '11 at 8:28

3 Answers

up vote 5 down vote accepted
+100

I once had the same issue, so I spent a good amount of time trying to figure it out and documented my results.

You can find my overview on my website. The workflow for OAuth is basically a set of several key exchanges. Excerpt from my overview:

Before MyApp can access John's private resources on FriendFeed, it needs to do 4 things:

  1. It needs to register with FriendFeed and receive its first set of keys: a consumer key and a consumer secret. This is done by the developer going to a special webpage (in FriendFeed's case, this page is within their API documentation).
  2. Once John clicks on "sign-in to FriendFeed," MyApp then needs to take the first set of keys it received (the consumer key and consumer secret) and use them to sign a special request to FriendFeed for a new set of keys, called a request token.
  3. Once MyApp has the request token, it needs to send John back to FriendFeed with the request token. There, John is asked to allow or deny MyApp's request to access to his data.
  4. Once John allows MyApp access to his data, FriendFeed sends John back to MyApp and tells it that the request token is "authorized." MyApp then needs to take the request token and use it to sign a new request to FriendFeed for a third and final set of keys, called the access token.

The code for a custom module I created in writing the overview is on Google Code: it implements FriendFeed's OAuth implementation.

Caveats:

  • Like the OAuth module, my code implements OAuth 1.0(a), not the newer and incompatible OAuth 2.0.
  • It was written years ago, so I wouldn't copy and paste the code. But it should give you some thoughts about how to do it in your project.
  • It was written before the OAuth module stabilized so it uses the official OAuth PHP library directly instead of the OAuth module (which also uses the same library), but the workflow is the same.

In fact, it appears the only major difference for developers is to use DrupalOAuth* instead of OAuth* for your class references so you can take advantage of the Drupal integration the Oauth module provides to the official OAuth library. The methods should be identical, as the DrupalOAuth* classes extend the official OAuth* ones.

share|improve this answer
Thanks for the info, I don't suppose by chance know what methods your module implements that already exist in the oauth_common and oauth_consumerui modules? Anyway this is a good start – wiifm Mar 14 '11 at 8:36
@wiifm The OAuth module appears to be merely an abstraction of the official OAuth library. The workflows between writing your own module that doesn't depend on OAuth (like my demonstration module) and one that does should be identical: just use DrupalOAuth* instead of the OAuth* for the class. – user7 Mar 14 '11 at 9:22
Thanks for your help @MarkTrapp – wiifm Mar 15 '11 at 3:12
up vote 1 down vote

The oauthconnector module does this on a user-by-user basis.

share|improve this answer
up vote 2 down vote

Here's an example of the most simple implementation you can possibly do with the OAuth.module: https://gist.github.com/1065774

As people has pointed out there's eg. the OAuth Connector that uses a bit more of the OAuth module so that might be a good inspiration when you have gotten started.

Documentation is on the roadmap to be built - sorry for not completing it yet.

share|improve this answer

Your Answer

 
discard

By posting your answer, you agree to the privacy policy and terms of service.

Not the answer you're looking for? Browse other questions tagged or ask your own question.