PHP Classes
elePHPant
Icontem

PHP OAuth API Library with Tutorial Example Client for Any OAuth1 and OAuth2 Server package blog

Recommend this page to a friend!

Latest PHP OAuth API Library with Tutorial Example Client for Any OAuth1 and OAuth2 Server package blog posts

  All package blogs All package blogs   PHP OAuth API Library with Tutorial Example Client for Any OAuth1 and OAuth2 Server PHP OAuth API Library with Tutorial Example Client for Any OAuth1 and OAuth2 Server   Blog PHP OAuth API Library with Tutorial Example Client for Any OAuth1 and OAuth2 Server package blog   Post article Post article  

11. Improving the Protection of your PHP OAuth Client Application Against User Account Leaks

Posted on:

When your application needs to call an API with tokens obtained using OAuth, if your application OAuth credentials are stolen, it becomes a security problem that may cause you big headaches.

Read this tutorial to learn about good security practices to minimize the possible damages to your application if your developer user account details in the API site get stolen.


Blog More ...   Post a comment Post a comment   See comments See comments (0)   Trackbacks (0)

10. Is Your PHP Application Vulnerable to the HTTPoxy Security Exploit?

Posted on:

Recently it was disclosed a security vulnerability called HTTPoxy in Web applications of different languages can be used to perform serious man-in-the-middle attacks (MITM) and disclose sensitive information.

Read this article to learn what is the HTTPoxy vulnerability and how to check if your Web applications are vulnerable.


Blog More ...   Post a comment Post a comment   See comments See comments (2)   Trackbacks (0)

9. Get Twitter Direct Message Images in PHP with the OAuth API

Updated on: 2015-12-10

Posted on:

Twitter API allows applications to access users' direct messages but if you want to download images or other media associated with those direct messages, there is no specific API call to do so.

Direct messages are private, so there is no public URL to access the direct messages' images without using OAuth or you are a real logged user accessing Twitter via a browser.

Read this article to learn how to download images that belong to direct messages using authenticated requests with this PHP OAuth client class.


Blog More ...   Post a comment Post a comment   See comments See comments (1)   Trackbacks (0)

7. How to Check if an OAuth Token is Valid?

Posted on:

Some Web applications need to show different information to users depending on whether they have authorized API access using OAuth and if the access token is still valid, like for instance showing a login button or not. Read this article to learn about solutions for this problem.

Blog More ...   Post a comment Post a comment   See comments See comments (9)   Trackbacks (0)

6. OAuth Pin Based Authorization for Twitter, LinkedIn, Imgur and Others

Updated on: 2015-01-18

Posted on:

Some applications need to access OAuth based APIs but since they are not based on regular Web browsers, they need to need to use an alternative method to obtain the user authorization.

Pin based authorization is a method used for instance by applications based on the command line, desktop applications, embedded systems, game consoles, and certain types of mobile apps.

Read this article to learn how the pin based OAuth authorization process works and how can you implement it in your applications using the PHP OAuth API class.


Blog More ...   Post a comment Post a comment   See comments See comments (1)   Trackbacks (0)

5. 4 Ways to Access a Facebook, Google or Any OAuth API based on OAuth2 from PHP Without User Interaction for Offline Access

Updated on: 2017-01-19

Posted on:

OAuth is a protocol used to access APIs on behalf of an user but the user does not need to be present when the API is accessed.

There are even ways that allow applications to access APIs using tokens obtained without any user intervention, thus allowing greater application automation.

Read this article to learn about several ways to access a OAuth based API without the user presence to access OAuth2 based APIs like Facebook, Google, Google Drive, Gmail, Blogger Blogspot, Twitter, Magento, Salesforce, etc...


Blog More ...   Post a comment Post a comment   See comments See comments (0)   Trackbacks (0)

4. Is Your OAuth 2.0 Application Secure?

Posted on:

Recently, a security vulnerability named Covert Redirect was discovered in certain implementations of the OAuth 2.0 protocol.

If you have a site that uses OAuth to access the APIs of other sites on behalf of your users, your site may be inadvertently helping attackers to steal your users' data.

Read this article to learn how to check if your application is vulnerable and what you can do to fix it.


Blog More ...   Post a comment Post a comment   See comments See comments (3)   Trackbacks (0)

3. Moving OAuth Server Configuration to Separate Files

Posted on:

As the OAuth class supports more and more servers, it is because too large, moving the server configuration to separate files is necessary to keep the class more maintainable.

Read this article to learn how you can help to decide how the class will evolve in the future without breaking the applications that use it.


Blog More ...   Post a comment Post a comment   See comments See comments (11)   Trackbacks (0)

2. Google OAuth Offline Access and to Other API with Limited Lifetime Refresh Tokens After their Expiry

Updated on: 2017-01-15

Posted on:

Some applications require access to APIs on behalf of the user even when the user is not present, i.e. offline access.

OAuth is a protocol that allows applications to obtain a token to access an API when the user is not present but when the tokens expire they need to be renewed.

Some APIs like Google and Box.net support automatic renewal of expired tokens.

Read this article to learn how to use this OAuth client class to perform offline access to an API storing tokens in a database and how to have expired tokens automatically renewed.


Blog More ...   Post a comment Post a comment   See comments See comments (16)   Trackbacks (0)

1. Tutorial on How to Use OAuth with a Pure PHP Implementation Class with Example Without the PECL module

Updated on: 2017-02-13

Posted on:

OAuth is a widely used protocol to access APIs of certain Web sites on behalf of users of those sites.

Despite OAuth is relatively easy to explain, it is not easy to implement it without dealing with the headaches of the multiple protocol settings, the different protocol versions, the details of specific site implementations, and the worst of all having to know more about the details of the protocol than you would like to care.

Read this article to learn how to use this PHP OAuth API class to access any API of any site that supports any version of OAuth without having any of those headaches.


Blog More ...   Post a comment Post a comment   See comments See comments (76)   Trackbacks (0)


  All package blogs All package blogs   PHP OAuth API Library with Tutorial Example Client for Any OAuth1 and OAuth2 Server PHP OAuth API Library with Tutorial Example Client for Any OAuth1 and OAuth2 Server   Blog PHP OAuth API Library with Tutorial Example Client for Any OAuth1 and OAuth2 Server package blog   Post article Post article