Commit d14994d2 authored by Nick Daugherty's avatar Nick Daugherty
Browse files

Refactor _callApi() to properly sign POST requests

Previously, some POST requests were not being signed correctly. This
refactors how _callApi() works to properly sign GET and POST requests.
parent a26d0053
......@@ -4,7 +4,7 @@
* An extension of the Codebird class to use Wordpress' HTTP API instead of
* cURL.
*
* @version 1.1.0
* @version 1.1.1
*/
class WP_Codebird extends Codebird {
/**
......@@ -61,9 +61,10 @@ class WP_Codebird extends Codebird {
protected function _callApi( $httpmethod, $method, $method_template, $params = array(), $multipart = false, $app_only_auth = false ) {
$url = $this->_getEndpoint( $method, $method_template );
$url_with_params = null;
$authorization = null;
$remote_params = array(
'method' => 'GET',
'method' => $httpmethod,
'timeout' => 5,
'redirection' => 5,
'httpversion' => '1.0',
......@@ -75,39 +76,22 @@ class WP_Codebird extends Codebird {
);
if ( 'GET' == $httpmethod ) {
$authorization = $this->_sign( $httpmethod, $url, $params );
$url_with_params = $url;
if ( count( $params ) > 0 ) {
$url_with_params = $url .= '?' . http_build_query( $params );
$url_with_params .= '?' . http_build_query( $params );
}
$authorization = $this->_sign( $httpmethod, $url, $params );
$url = $url_with_params;
} else {
if ( $multipart ) {
$authorization = $this->_sign( 'POST', $url, array(), true );
$post_fields = $params;
} else {
$authorization = $this->_sign( 'POST', $url, $params );
$post_fields = $this->_sign( 'POST', $url, $params );
}
$authorization = $this->_sign( $httpmethod, $url, array() );
$headers = array();
if ( isset( $authorization ) ) {
$headers = array(
'Authorization' => str_replace( 'Authorization:', '', $authorization ),
'Expect:' => null
);
if ( ! $multipart ) {
$authorization = $this->_sign( $httpmethod, $url, $params );
}
$remote_params = array(
'method' => 'POST',
'timeout' => 5,
'redirection' => 5,
'httpversion' => '1.0',
'blocking' => true,
'headers' => $headers,
'body' => $post_fields,
'cookies' => array(),
'sslverify' => false
);
$remote_params['body'] = $params;
}
if ( $app_only_auth ){
......@@ -118,13 +102,15 @@ class WP_Codebird extends Codebird {
if ( null == self::$_oauth_bearer_token )
$this->oauth2_token();
$bearer = 'Bearer ' . self::$_oauth_bearer_token;
$authorization = 'Authorization: Bearer ' . self::$_oauth_bearer_token;
}
// Codebird::_sign() adds Authorization: to $authorization, but the WP HTTP API needs it separate
$authorization = trim( str_replace( 'Authorization:', '', $authorization ) );
$remote_params['headers']['authorization'] = $bearer;
} else {
// If this is a standard OAuth GET request, add on the authorization header
if ( 'GET' == $httpmethod )
$remote_params['headers']['Authorization'] = str_replace( 'Authorization:', '', $authorization );
if ( $authorization ) {
$remote_params['headers']['Authorization'] = $authorization;
$remote_params['headers']['Expect'] = '';
}
if ( 'GET' == $httpmethod ) {
......@@ -174,7 +160,7 @@ class WP_Codebird extends Codebird {
$headers = array(
'Authorization' => 'Basic ' . base64_encode( self::$_oauth_consumer_key . ':' . self::$_oauth_consumer_secret ),
'Expect:'
'Expect' => ''
);
$remote_params = array(
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment