Same consumer key, different server URI about oauth-php HOT 18 OPEN

I can adapt the updateServer function to save duplicate server for the 2nd 
server, but once you hit the OAuthRequester::requestRequestToken you get stuck, 
because it wants a consumer key (and you have two servers with the same key).

Could you post the exact errors?

You can have multiple equal consumer keys if they are linked to different users 
ids. There is in theory no restrictions on the consumer key/server 
relationship, although some parts of the code assume it is a 1:1 relationship. 

I understand that this is not very pleasant in your case, because the 
straightforward solution would be to add another table linking your users to 
the consumer keys. In other words, requestRequestToken($consumer_key, $usr_id) 
would have the same consumer_key but two different $usr_id, even though they 
are logically the same users.

It's conceivable to modify the software to support multiple scopes with the 
same consumer key. Pleas post the errors and your patch so far and I'll verify 
this possibility.

I'll do one better: when I get in tonight I'll post the changes I made to the 
code so you can evaluate it and see if it makes sense. But I did get it working 
for me quite well with little alterations.

Thanks!

Please do! I'm waiting for it.

Sorry about the delay. Here's what I changed (hopefully I have it all here...). 
Note: I'm working off of the current stable from the homepage, so line numbers 
might be off from what you have.

-------------------------
OAuthRequester.php

line 143: [changed the first variable in the requestRequestToken function to 
accept an array of server data rather than just a string.]

static function requestRequestToken ( $server_data, $usr_id, $params = null, 
$method = 'POST', $options = array() )

line 145: [added]
$consumer_key = $server_data['consumer_key'];
$server_uri = $server_data['server_uri'];

line 148: [changed]
$uri    = $server_data['request_token_uri'];

line 192: [changed, add variable $server_uri]
$store->addServerToken($consumer_key, $server_uri, 'request', 
$token['oauth_token'], $token['oauth_token_secret'], $usr_id, $opts);

line 279: [function requestAccessToken, changed, added variable]
$store->addServerToken($consumer_key, $r['server_uri'], 'access', 
$token['oauth_token'], $token['oauth_token_secret'], $usr_id, $opts);

-------------------------
OAuthStoreSQL.php

line 307: [changed, added extra variable $server_uri]
public function addServerToken ( $consumer_key, $server_uri, $token_type, 
$token, $token_secret, $user_id, $options = array() )

line 329: [changed, added $server_uri to query]
$ocr_id = $this->query_one('
                    SELECT ocr_id
                    FROM oauth_consumer_registry
                    WHERE ocr_consumer_key = \'%s\'
                        AND ocr_server_uri = \'%s\'
                    ', $consumer_key, $server_uri);

line 766: [changed, added server URI]
            $exists = $this->query_one('
                        SELECT ocr_id
                        FROM oauth_consumer_registry
                        WHERE ocr_consumer_key = \'%s\' 
                            AND ocr_server_uri = \'%s\' 
                          AND (ocr_usa_id_ref = %d OR ocr_usa_id_ref IS NULL)
                        ', $server['consumer_key'], $server['server_uri'], $user_id);

-------------------------
OAuthStoreAbstract.class.php

line 37: [changed, added server_uri variable]
abstract public function addServerToken ( $consumer_key, $server_uri, 
$token_type, $token, $token_secret, $user_id, $options = array() );





I THINK that should do it. Hope that helps!
Adam

I think your patch works, though I need to make some changes to ensure backward 
compatibility. 

I'm making these changes. They are a little bit more involved.

I did something simpler that *might* have fixed the problem. My tests were 
successful, but I'd rather not close this until someone else makes it work. I 
think that in some cases it may be necessary to explicitly choose the 
server_uri, as in your patch, but I can't come up with an example. Currently 
the server is selected automatically.

Since there are no complains and I have been using it successfully in 
production, I'm closing this.

Changes seem to be gone from the r182.
It's impossible to work with more than one Google API again.
Can somebody confirm or deny the absence of these fixes in current stable 
and/or r182?

My research shows this:

Compare:
from issue page: 
line 192: [changed, add variable $server_uri] 
$store->addServerToken($consumer_key, $server_uri, 'request', 
$token['oauth_token'], $token['oauth_token_secret'], $usr_id, $opts);
line 279: [function requestAccessToken, changed, added variable]
$store->addServerToken($consumer_key, $r['server_uri'], 'access', 
$token['oauth_token'], $token['oauth_token_secret'], $usr_id, $opts);

from 
http://code.google.com/p/oauth-php/source/browse/trunk/library/OAuthRequester.ph
p?r=182: 
$store->addServerToken($consumer_key, 'request', $token['oauth_token'], 
$token['oauth_token_secret'], $usr_id, $opts); 
$store->addServerToken($consumer_key, 'access', $token['oauth_token'], 
$token['oauth_token_secret'], $usr_id, $opts);

Clearly, mentions of $server_uri are gone.

I just committed a fix (r183). Could you please test it, Ilya? Thanks!

I will in about 24 hours.  Could you give me heads up on how to specify URIs 
now?

I made a quick fix, by the way, to my production copy - I removed $host and 
$path from SQL request for getSecrets function in OAuthStoreSQL.php. That did 
the trick, so now i can sign request to any server URI I want. Why is there a 
check for that, anyway?

Same way: use the 'server_uri' option in 'options' in the requests. 

Would you send me your patch so I can take a look into it? I don't know why the 
host and path were separated in the SQL (I suppose it's easier to order by 
host). 

Are we talking about signed requests or requestToken requests?

My 'patch' is more of a quick'n'dirty fix, because it makes $server_uri 
irrelevant to signing requests.
In OAuthStoreSQL.php (line 202, r183):
was:
                // The owner of the consumer_key is either the user or 
nobody (public consumer key)
                $secrets = $this->query_row_assoc('
                                        SELECT 
 ocr_consumer_key                as consumer_key,
                                                    
    ocr_consumer_secret             as consumer_secret,
                                                    
    oct_token                               as token,
                                                    
    oct_token_secret                as token_secret,
                                                    
    ocr_signature_methods   as signature_methods
                                        FROM 
oauth_consumer_registry
                                                JOIN 
oauth_consumer_token ON oct_ocr_id_ref = ocr_id
                                        WHERE 
ocr_server_uri_host = \'%s\'
                                          AND 
ocr_server_uri_path = LEFT(\'%s\', LENGTH(ocr_server_uri_path))
                                          AND 
(ocr_usa_id_ref = \'%d\' OR ocr_usa_id_ref IS NULL)
                                          AND 
oct_token_type      = \'access\'
                                          AND oct_name   
                 = \'%s\'
                                          AND 
oct_token_ttl       >= NOW()
                                        ORDER BY 
ocr_usa_id_ref DESC, ocr_consumer_secret DESC, LENGTH(ocr_server_uri_path) DESC
                                        LIMIT 0,1
                                        ', $host, $path, 
$user_id, $name
                                        );

becomes 



                // The owner of the consumer_key is either the user or 
nobody (public consumer key)
                $secrets = $this->query_row_assoc('
                                        SELECT 
 ocr_consumer_key                as consumer_key,
                                                    
    ocr_consumer_secret             as consumer_secret,
                                                    
    oct_token                               as token,
                                                    
    oct_token_secret                as token_secret,
                                                    
    ocr_signature_methods   as signature_methods
                                        FROM 
oauth_consumer_registry
                                                JOIN 
oauth_consumer_token ON oct_ocr_id_ref = ocr_id
                                        WHERE 
(ocr_usa_id_ref = \'%d\' OR ocr_usa_id_ref IS NULL)
                                          AND 
oct_token_type      = \'access\'
                                          AND oct_name   
                 = \'%s\'
                                          AND 
oct_token_ttl       >= NOW()
                                        ORDER BY 
ocr_usa_id_ref DESC, ocr_consumer_secret DESC, LENGTH(ocr_server_uri_path) DESC
                                        LIMIT 0,1
                                        ', $user_id, $name
                                        );

As you can see, I removed the check for server URI and path, which means I can 
sign requests to any server, even not Google (I guess this could be a security 
issue?..). 

Ok, so I tried to figure out where exactly server_uri comes into play and I 
couldn't. I'm sorry. Could you provide an example on how to use it? With 
function calls and stuff.

Hi Guys,
I am trying to connect salesforce API Called REST to our website and the code 
provided on salesforce can be seen on the following mentioned URL

In the CONFIG.PHP it is asking for CONSUMER KEY and SECRET KEY.. as I am 
running this application on localhost what would those KEYS bee ??? where can i 
get these keys from

config.php
1   define("CLIENT_ID", "PUT_YOUR_CONSUMER_KEY_HERE");
2   define("CLIENT_SECRET", "PUT_YOUR_CONSUMER_SECRET_HERE");
3   define("REDIRECT_URI", "https://localhost/resttest/oauth_callback.php");
4   define("LOGIN_URI", "https://login.salesforce.com");


TUTORIAL URL
http://developer.force.com/cookbook/recipe/interact-with-the-forcecom-rest-api-f
rom-php

Any help would be appreciated

Thanks and regards,
Muhammad