PHPackages serendipity\_hq/oauth-guzzle-middleware - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [HTTP & Networking](/categories/http) 4. / 5. serendipity\_hq/oauth-guzzle-middleware ActiveLibrary[HTTP & Networking](/categories/http) serendipity\_hq/oauth-guzzle-middleware ======================================= OAuth middleware for Guzzle (6+) 0.1.0(10y ago)12MITPHPPHP >=5.5.0 Since Feb 17Pushed 10y ago1 watchersCompare [ Source](https://github.com/SerendipityHQ/oauth-guzzle-middleware)[ Packagist](https://packagist.org/packages/serendipity_hq/oauth-guzzle-middleware)[ Docs](http://guzzlephp.org/)[ RSS](/packages/serendipity-hq-oauth-guzzle-middleware/feed)WikiDiscussions master Synced 4w ago READMEChangelogDependencies (5)Versions (2)Used By (0) [![Latest Stable Version](https://camo.githubusercontent.com/fc16676884a69f7b9923f1c80fbca2819c1d901a80bd0b7c8ae2d3f8fe75dfe6/68747470733a2f2f706f7365722e707567782e6f72672f736572656e6469706974795f68712f6f617574682d67757a7a6c652d6d6964646c65776172652f762f737461626c65)](https://packagist.org/packages/serendipity_hq/oauth-guzzle-middleware)[![Build Status](https://camo.githubusercontent.com/2acd0320bea416092765ef81eddfd0c7144007b482e28d34d5e6dd3306674bcd/68747470733a2f2f7472617669732d63692e6f72672f536572656e64697069747948512f6f617574682d67757a7a6c652d6d6964646c65776172652e7376673f6272616e63683d6d6173746572)](https://travis-ci.org/SerendipityHQ/oauth-guzzle-middleware)[![Total Downloads](https://camo.githubusercontent.com/a865f3555544e9580dd483d550cbcf68fc78affe8f21fa9bf4c08249c38a2c06/68747470733a2f2f706f7365722e707567782e6f72672f736572656e6469706974795f68712f6f617574682d67757a7a6c652d6d6964646c65776172652f646f776e6c6f616473)](https://packagist.org/packages/serendipity_hq/oauth-guzzle-middleware)[![License](https://camo.githubusercontent.com/1507bd172f69f75118670ef01d5bd040c88a0fc65f76515d342211edebc00f90/68747470733a2f2f706f7365722e707567782e6f72672f736572656e6469706974795f68712f6f617574682d67757a7a6c652d6d6964646c65776172652f6c6963656e7365)](https://packagist.org/packages/serendipity_hq/oauth-guzzle-middleware)[![Code Climate](https://camo.githubusercontent.com/52e2d80098d41661f580df34531fd87ece8afcc09fd3d8fa06adec740a126774/68747470733a2f2f636f6465636c696d6174652e636f6d2f6769746875622f536572656e64697069747948512f6f617574682d67757a7a6c652d6d6964646c65776172652f6261646765732f6770612e737667)](https://codeclimate.com/github/SerendipityHQ/oauth-guzzle-middleware)[![Test Coverage](https://camo.githubusercontent.com/7270acd846ded2fe72ac840231042ef146415863b09c76da56e33792b9e6fcf8/68747470733a2f2f636f6465636c696d6174652e636f6d2f6769746875622f536572656e64697069747948512f6f617574682d67757a7a6c652d6d6964646c65776172652f6261646765732f636f7665726167652e737667)](https://codeclimate.com/github/SerendipityHQ/oauth-guzzle-middleware/coverage)[![Issue Count](https://camo.githubusercontent.com/82ab9b4a4dcf32de2e75fb4977be9ee49f8107992a504bfc306c2dc7c1e88686/68747470733a2f2f636f6465636c696d6174652e636f6d2f6769746875622f536572656e64697069747948512f6f617574682d67757a7a6c652d6d6964646c65776172652f6261646765732f69737375655f636f756e742e737667)](https://codeclimate.com/github/SerendipityHQ/oauth-guzzle-middleware)[![StyleCI](https://camo.githubusercontent.com/85b1a9abb20b395016e18cdc3c1fb7489f9e803e0ca5b54a555c991f81b10c49/68747470733a2f2f7374796c6563692e696f2f7265706f732f35313836343535352f736869656c64)](https://styleci.io/repos/51864555)[![SensioLabsInsight](https://camo.githubusercontent.com/4e6580d5a11431e1e959fdbc3d918573ecf3d07934cdc6f34ada7c63b3f8bac9/68747470733a2f2f696e73696768742e73656e73696f6c6162732e636f6d2f70726f6a656374732f36303936313635362d316264312d343064642d396233372d3266393431386533626331662f6d696e692e706e67)](https://insight.sensiolabs.com/projects/60961656-1bd1-40dd-9b37-2f9418e3bc1f)[![Dependency Status](https://camo.githubusercontent.com/878b238e38c10d4800a9e5683e227791b85ef9026d32a7571b281932371087d9/68747470733a2f2f7777772e76657273696f6e6579652e636f6d2f757365722f70726f6a656374732f3536633338613362313862323731303033366338646565312f62616467652e7376673f7374796c653d666c6174)](https://www.versioneye.com/user/projects/56c38a3b18b2710036c8dee1) Guzzle 6+ OAuth Middleware ========================== [](#guzzle-6-oauth-middleware) Signs HTTP requests using OAuth. This version only works with Guzzle 6.0 and up! (Forked from and separated from original repo to be able to use continuous integration server and other analysis tools). Installing ========== [](#installing) **Requires [PHP OAuth extension](http://php.net/manual/en/book.oauth.php).** This project can be installed using Composer. Add the following to your `composer.json`: ``` { "require": { "serendipity_hq/oauth-guzzle-middleware": "~0.1" } } ``` About OAuth =========== [](#about-oauth) From [OAuth Core 1.0a](http://oauth.net/core/1.0a/): > The OAuth protocol enables websites or applications (Consumers) to access Protected Resources from a web service (Service Provider) via an API, without requiring Users to disclose their Service Provider credentials to the Consumers. More generally, OAuth creates a freely-implementable and generic methodology for API authentication. > > An example use case is allowing printing service printer.example.com (the Consumer), to access private photos stored on photos.example.net (the Service Provider) without requiring Users to provide their photos.example.net credentials to printer.example.com. > > OAuth does not require a specific user interface or interaction pattern, nor does it specify how Service Providers authenticate Users, making the protocol ideally suited for cases where authentication credentials are unavailable to the Consumer, such as with OpenID. > > OAuth aims to unify the experience and implementation of delegated web service authentication into a single, community-driven protocol. OAuth builds on existing protocols and best practices that have been independently implemented by various websites. An open standard, supported by large and small providers alike, promotes a consistent and trusted experience for both application developers and the users of those applications. OAuth Versions -------------- [](#oauth-versions) - \[2007\] OAuth Core 1.0 (\[DEPRECATED\] Community - [OAuth.net](http://oauth.net/core/1.0/)) - \[2009\] OAuth Core 1.0a (Community - [OAuth.net](http://oauth.net/core/1.0a/)) - \[2010\] OAuth Protocol 1.0 (Informational - [RFC5849](http://tools.ietf.org/html/rfc5849)) - \[2012\] OAuth Protocol 2.0 (Standards Track - [RFC6749](https://tools.ietf.org/html/rfc6749)) This library supports --------------------- [](#this-library-supports) - OAuth Core 1.0a - OAuth Protocol 1.0 (to implement) - OAuth Protocol 2.0 (to implement) How to use the OAuth Core 1.0a Middleware ========================================= [](#how-to-use-the-oauth-core-10a-middleware) You can send both 2-legged and 3-legged `Requests` by passing or not the `token` and `token_secret` values to the `OAuth*` middleware. See the [Terminology paragraph on hueniverse.com](http://hueniverse.com/oauth/guide/terminology/) for more information about n-legged requests. For a full working example see the [Twitter example](docs/examples/Twitter/Twitter-GuzzleMiddleware_OAuth10a.php). Send a 3-legged `Request` ------------------------- [](#send-a-3-legged-request) ``` /** * Sends ALL THE REQUESTS authenticated with OAuth. * @see [docs/examples/Twitter/](docs/examples/Twitter/) for more details. */ use GuzzleHttp\Client; use GuzzleHttp\Handler\CurlHandler; use GuzzleHttp\HandlerStack; use GuzzleHttp\Middleware\OpenAuthentication\OAuth10a; use GuzzleHttp\RequestOptions; // Consumer Credentials: created at Precondition 2 $consumerKey = 'your-consumer-key'; $consumerSecret = 'your-consumer-secret'; // Set here the access token generated at Precondition 3 $accessTokenKey = 'your-token-key'; $accessTokenSecret = 'your-token-secret'; // The home_timeline endpoint $resourceUrl = 'statuses/home_timeline.json'; try { // Instantiate the Guzzle Client and the OAuth10a middleware $handler = new CurlHandler(); $stack = HandlerStack::create($handler); $middleware = new OAuth10a([ 'consumer_key' => $consumerKey, 'consumer_secret' => $consumerSecret, 'token' => $accessTokenKey, 'token_secret' => $accessTokenSecret, 'request_method' => OAuth10a::REQUEST_METHOD_HEADER, 'signature_method' => OAuth10a::SIGNATURE_METHOD_HMAC, ]); $stack->push($middleware); // Set the client params $clientParams = [ 'base_uri' => 'https://api.twitter.com/1.1/', 'handler' => $stack, // Set the oauth authentication for ALL REQUESTS RequestOptions::AUTH => 'oauth', RequestOptions::HTTP_ERRORS => false, RequestOptions::DEBUG => true, RequestOptions::ALLOW_REDIRECTS => ['track_redirects' => true] ]; $guzzleClient = new Client($clientParams); $tweetsList = $guzzleClient->get($resourceUrl); dump(json_decode($tweetsList->getBody()->__toString(), true)); } catch (\Exception $e) { dump($e->getMessage()); echo "<br/>"; dump($e); } ``` To authenticate only a single `Request` with OAuth middleware, remove the `RequestOptions::AUTH => 'oauth'` option from the `$clientParams` array and put it into a `$requestParams` array: ``` /** * @see [docs/examples/Twitter/](docs/examples/Twitter/) for more details. */ ... try { ... $stack->push($middleware); // Set the client params $clientParams = [ 'base_uri' => 'https://api.twitter.com/1.1/', 'handler' => $stack, // Remove the option from the CLient parameters // RequestOptions::AUTH => 'oauth', RequestOptions::HTTP_ERRORS => false, RequestOptions::DEBUG => true, RequestOptions::ALLOW_REDIRECTS => ['track_redirects' => true] ]; $guzzleClient = new Client($clientParams); $requestParams = [ RequestOptions::AUTH => 'oauth' ]; // Use OAuth on a pre Request basis $tweetsList = $guzzleClient->get($resourceUrl, $requestParams); dump(json_decode($tweetsList->getBody()->__toString(), true)); } catch (\Exception $e) { dump($e->getMessage()); echo "<br/>"; dump($e); } ``` Send a 2-legged `Request` ------------------------- [](#send-a-2-legged-request) To send 2-legged `Requests` simply omit `token` and `token_secret` parameters. ``` /** * Sends ALL THE REQUESTS authenticated with OAuth. * @see [docs/examples/Twitter/](docs/examples/Twitter/) for more details. */ use GuzzleHttp\Client; use GuzzleHttp\Handler\CurlHandler; use GuzzleHttp\HandlerStack; use GuzzleHttp\Middleware\OpenAuthentication\OAuth10a; use GuzzleHttp\RequestOptions; // Consumer Credentials: created at Precondition 2 $consumerKey = 'your-consumer-key'; $consumerSecret = 'your-consumer-secret'; // DO NOT SET THOSE PARAMETERS // $accessTokenKey = 'your-token-key'; // $accessTokenSecret = 'your-token-secret'; // The home_timeline endpoint $resourceUrl = 'statuses/home_timeline.json'; try { // Instantiate the Guzzle Client and the OAuth10a middleware $handler = new CurlHandler(); $stack = HandlerStack::create($handler); $middleware = new OAuth10a([ 'consumer_key' => $consumerKey, 'consumer_secret' => $consumerSecret, // DO NOT SET THOSE PARAMETERS // 'token' => $accessTokenKey, // 'token_secret' => $accessTokenSecret, 'request_method' => OAuth10a::REQUEST_METHOD_HEADER, 'signature_method' => OAuth10a::SIGNATURE_METHOD_HMAC, ]); $stack->push($middleware); // Set the client params $clientParams = [ 'base_uri' => 'https://api.twitter.com/1.1/', 'handler' => $stack, // Set the oauth authentication for ALL REQUESTS RequestOptions::AUTH => 'oauth', RequestOptions::HTTP_ERRORS => false, RequestOptions::DEBUG => true, RequestOptions::ALLOW_REDIRECTS => ['track_redirects' => true] ]; $guzzleClient = new Client($clientParams); $tweetsList = $guzzleClient->get($resourceUrl); dump(json_decode($tweetsList->getBody()->__toString(), true)); } catch (\Exception $e) { dump($e->getMessage()); echo "<br/>"; dump($e); } ``` Using the RSA-SH1 signature method ================================== [](#using-the-rsa-sh1-signature-method) ``` use GuzzleHttp\Middleware\OpenAuthentication\Oauth10a; $stack = HandlerStack::create(); $middleware = new Oauth10a([ 'consumer_key' => 'my_key', 'consumer_secret' => 'my_secret', 'private_key_file' => 'my_path_to_private_key_file', 'private_key_passphrase' => 'my_passphrase', 'signature_method' => Oauth10a::SIGNATURE_METHOD_RSA, ]); $stack->push($middleware); $client = new Client([ 'handler' => $stack ]); $response = $client->get('http://httpbin.org', ['auth' => 'oauth']); ``` ### Health Score 22 — LowBetter than 21% of packages Maintenance20 Infrequent updates — may be unmaintained Popularity4 Limited adoption so far Community7 Small or concentrated contributor base Maturity48 Maturing project, gaining track record Bus Factor1 Top contributor holds 100% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Unknown Total 1 Last Release 3786d ago ### Community Maintainers ![](https://www.gravatar.com/avatar/dd91a553e180dea3a2e726643704e33a1d7e4c818b65ead1516ddf2f4e23ea43?d=identicon)[Aerendir](/maintainers/Aerendir) --- Top Contributors [![Aerendir](https://avatars.githubusercontent.com/u/1968622?v=4)](https://github.com/Aerendir "Aerendir (9 commits)") --- Tags Guzzleoauth ### Code Quality TestsPHPUnit ### Embed Badge ![Health badge](/badges/serendipity-hq-oauth-guzzle-middleware/health.svg) ``` [![Health](https://phpackages.com/badges/serendipity-hq-oauth-guzzle-middleware/health.svg)](https://phpackages.com/packages/serendipity-hq-oauth-guzzle-middleware) ``` ### Alternatives [guzzlehttp/oauth-subscriber Guzzle OAuth 1.0 subscriber 24015.1M149](/packages/guzzlehttp-oauth-subscriber)[kamermans/guzzle-oauth2-subscriber OAuth 2.0 client for Guzzle 4, 5, 6 and 7+ 1527.2M64](/packages/kamermans-guzzle-oauth2-subscriber)[graham-campbell/guzzle-factory Provides A Simple Guzzle Factory With Good Defaults 926.8M53](/packages/graham-campbell-guzzle-factory)[bilfeldt/laravel-http-client-logger A logger for the Laravel HTTP Client 1531.7M3](/packages/bilfeldt-laravel-http-client-logger)[eljam/guzzle-jwt-middleware A jwt authentication middleware for guzzle 6 28750.0k3](/packages/eljam-guzzle-jwt-middleware)[eslazarev/wildberries-sdk Wildberries OpenAPI clients (generated). 252.5k](/packages/eslazarev-wildberries-sdk) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)