From d14994d278c01a68b182ad8ce770ae92b7e3fe31 Mon Sep 17 00:00:00 2001
From: Nick Daugherty <ndaugherty987@gmail.com>
Date: Thu, 16 May 2013 18:07:32 -0600
Subject: [PATCH] Refactor _callApi() to properly sign POST requests
Previously, some POST requests were not being signed correctly. This
refactors how _callApi() works to properly sign GET and POST requests.
---
class-wp-codebird.php | 58 ++++++++++++++++---------------------------
1 file changed, 22 insertions(+), 36 deletions(-)
diff --git a/class-wp-codebird.php b/class-wp-codebird.php
index 04c13ad..3d3fbd2 100644
--- a/class-wp-codebird.php
+++ b/class-wp-codebird.php
@@ -4,7 +4,7 @@
* An extension of the Codebird class to use Wordpress' HTTP API instead of
* cURL.
*
- * @version 1.1.0
+ * @version 1.1.1
*/
class WP_Codebird extends Codebird {
/**
@@ -61,9 +61,10 @@ class WP_Codebird extends Codebird {
protected function _callApi( $httpmethod, $method, $method_template, $params = array(), $multipart = false, $app_only_auth = false ) {
$url = $this->_getEndpoint( $method, $method_template );
$url_with_params = null;
+ $authorization = null;
$remote_params = array(
- 'method' => 'GET',
+ 'method' => $httpmethod,
'timeout' => 5,
'redirection' => 5,
'httpversion' => '1.0',
@@ -75,39 +76,22 @@ class WP_Codebird extends Codebird {
);
if ( 'GET' == $httpmethod ) {
- $authorization = $this->_sign( $httpmethod, $url, $params );
-
+ $url_with_params = $url;
if ( count( $params ) > 0 ) {
- $url_with_params = $url .= '?' . http_build_query( $params );
+ $url_with_params .= '?' . http_build_query( $params );
}
+
+ $authorization = $this->_sign( $httpmethod, $url, $params );
+
+ $url = $url_with_params;
} else {
- if ( $multipart ) {
- $authorization = $this->_sign( 'POST', $url, array(), true );
- $post_fields = $params;
- } else {
- $authorization = $this->_sign( 'POST', $url, $params );
- $post_fields = $this->_sign( 'POST', $url, $params );
- }
+ $authorization = $this->_sign( $httpmethod, $url, array() );
- $headers = array();
- if ( isset( $authorization ) ) {
- $headers = array(
- 'Authorization' => str_replace( 'Authorization:', '', $authorization ),
- 'Expect:' => null
- );
+ if ( ! $multipart ) {
+ $authorization = $this->_sign( $httpmethod, $url, $params );
}
- $remote_params = array(
- 'method' => 'POST',
- 'timeout' => 5,
- 'redirection' => 5,
- 'httpversion' => '1.0',
- 'blocking' => true,
- 'headers' => $headers,
- 'body' => $post_fields,
- 'cookies' => array(),
- 'sslverify' => false
- );
+ $remote_params['body'] = $params;
}
if ( $app_only_auth ){
@@ -118,13 +102,15 @@ class WP_Codebird extends Codebird {
if ( null == self::$_oauth_bearer_token )
$this->oauth2_token();
- $bearer = 'Bearer ' . self::$_oauth_bearer_token;
+ $authorization = 'Authorization: Bearer ' . self::$_oauth_bearer_token;
+ }
+
+ // Codebird::_sign() adds Authorization: to $authorization, but the WP HTTP API needs it separate
+ $authorization = trim( str_replace( 'Authorization:', '', $authorization ) );
- $remote_params['headers']['authorization'] = $bearer;
- } else {
- // If this is a standard OAuth GET request, add on the authorization header
- if ( 'GET' == $httpmethod )
- $remote_params['headers']['Authorization'] = str_replace( 'Authorization:', '', $authorization );
+ if ( $authorization ) {
+ $remote_params['headers']['Authorization'] = $authorization;
+ $remote_params['headers']['Expect'] = '';
}
if ( 'GET' == $httpmethod ) {
@@ -174,7 +160,7 @@ class WP_Codebird extends Codebird {
$headers = array(
'Authorization' => 'Basic ' . base64_encode( self::$_oauth_consumer_key . ':' . self::$_oauth_consumer_secret ),
- 'Expect:'
+ 'Expect' => ''
);
$remote_params = array(
--
GitLab