Refactor _callApi() to properly sign POST requests

Previously, some POST requests were not being signed correctly. This refactors how _callApi() works to properly sign GET and POST requests.

Refactor _callApi() to properly sign POST requests
d14994d2 · Nick Daugherty · a26d0053 · d14994d2
Commit d14994d2 authored 12 years ago by Nick Daugherty
--- a/class-wp-codebird.php
+++ b/class-wp-codebird.php
@@ -4,7 +4,7 @@
 * An extension of the Codebird class to use Wordpress' HTTP API instead of
 * cURL.
 *
- * @version 1.1.0
+ * @version 1.1.1
 */
 class WP_Codebird extends Codebird {
    /**
@@ -61,9 +61,10 @@ class WP_Codebird extends Codebird {
 	protected function _callApi( $httpmethod, $method, $method_template, $params = array(), $multipart = false, $app_only_auth = false ) {
 		$url 				= $this->_getEndpoint( $method, $method_template );
 		$url_with_params 	= null;
+		$authorization 		= null;

 		$remote_params = array(
-			'method' => 'GET',
+			'method' => $httpmethod,
 			'timeout' => 5,
 			'redirection' => 5,
 			'httpversion' => '1.0',
@@ -75,39 +76,22 @@ class WP_Codebird extends Codebird {
 		);

 		if ( 'GET' == $httpmethod ) {
-			$authorization = $this->_sign( $httpmethod, $url, $params );
-
+			$url_with_params = $url;
 			if ( count( $params ) > 0 ) {
-                $url_with_params = $url .= '?' . http_build_query( $params );
+                $url_with_params .= '?' . http_build_query( $params );
            }
+            
+			$authorization = $this->_sign( $httpmethod, $url, $params );
+
+			$url = $url_with_params;
 		} else {
-			if ( $multipart ) {
-				$authorization = $this->_sign( 'POST', $url, array(), true );
-				$post_fields   = $params;
-			} else {
-				$authorization 	= $this->_sign( 'POST', $url, $params );
-				$post_fields 	= $this->_sign( 'POST', $url, $params );
-			}
+			$authorization 	= $this->_sign( $httpmethod, $url, array() );

-			$headers = array();
-			if ( isset( $authorization ) ) {
-				$headers = array( 
-					'Authorization' => str_replace( 'Authorization:', '', $authorization ), 
-					'Expect:' => null
-					);
+			if ( ! $multipart ) {
+				$authorization 	= $this->_sign( $httpmethod, $url, $params );
 			}

-			$remote_params = array(
-				'method' => 'POST',
-				'timeout' => 5,
-				'redirection' => 5,
-				'httpversion' => '1.0',
-				'blocking' => true,
-				'headers' => $headers,
-				'body' => $post_fields,
-				'cookies' => array(),
-				'sslverify' => false
-			);
+			$remote_params['body'] = $params;
 		}

 		if ( $app_only_auth ){
@@ -118,13 +102,15 @@ class WP_Codebird extends Codebird {
 			if ( null == self::$_oauth_bearer_token )
 				$this->oauth2_token();

-			$bearer = 'Bearer ' . self::$_oauth_bearer_token;
+			$authorization = 'Authorization: Bearer ' . self::$_oauth_bearer_token;
+		}
+
+		// Codebird::_sign() adds Authorization: to $authorization, but the WP HTTP API needs it separate
+		$authorization = trim( str_replace( 'Authorization:', '', $authorization ) );

-			$remote_params['headers']['authorization'] = $bearer;
-		} else {
-			// If this is a standard OAuth GET request, add on the authorization header
-			if ( 'GET' == $httpmethod )
-				$remote_params['headers']['Authorization'] = str_replace( 'Authorization:', '', $authorization );
+		if ( $authorization ) {
+			$remote_params['headers']['Authorization'] 	= $authorization;
+			$remote_params['headers']['Expect'] 		= '';
 		}

 		if ( 'GET' == $httpmethod ) {
@@ -174,7 +160,7 @@ class WP_Codebird extends Codebird {

        $headers = array(
        	'Authorization' => 'Basic ' . base64_encode( self::$_oauth_consumer_key . ':' . self::$_oauth_consumer_secret ),
-        	'Expect:'
+        	'Expect'		=> ''
        );

        $remote_params = array(