D. Tumblr

  1. Authentication
  2. User
  3. Blog

Authentication

The first thing we want to do is get an consumer key and consumer secret. This can be acheived by visiting Tumblr's My Applications and creating a new app or using an existing one. We can next plug in both of those to start an authentication process as in Figure 1.

Figure 1. Instantiate Auth
$auth = eden('tumblr')->auth('[TUMBLR_KEY]', '[TUMBLR_SECRET]');

With this auth class let's make sure we can generate a login URL. Figure 2 is used to redirect the user to tumblr to continue the authentication.

Figure 2. Get Login URL
//get the request token from tumblr
$token = $auth->getRequestToken();
//and store it in a session
$_SESSION['request_secret'] = $token['oauth_token_secret'];
//with the request token we can form a login URL the 
//user will need to go to inorder to complete the authenication process
$login = $auth->getLoginUrl($token['oauth_token'], 'http://yourwebsite.com/auth');

All you need to do is replace http://yourwebsite.com/auth with the URL of your website and page you will be handling the Tumblr authentication. When the user has authorized our app to use their data, tumblr will add an auth code, we can use to transfer to an access token. Figure 3 shows how we can convert that auth code to a token.

Figure 3. Get Token
$token = $auth->debug(true)->getAccessToken($_GET['oauth_token'], $_SESSION['request_secret'], $_GET['oauth_verifier']);
//lastly, save the token in session
$_SESSION['access_token'] 	= $token['oauth_token'];
$_SESSION['access_secret']  = $token['oauth_token_secret'];

An example of the whole entire authentication process can be found in Figure 4.

Figure 4. Authentication
session_start();
//if we have no access token
if(!isset($_SESSION['access_token'], $_SESSION['access_secret'])) {
	//if we do not have the request secret
	if(!isset($_SESSION['request_secret'])) {
		//we are still in the middle of authenticating
		//get the request token from tumblr
		$token = $auth->getRequestToken();
		//and store it in a session
		$_SESSION['request_secret'] = $token['oauth_token_secret'];
		//with the request token we can form a login URL the 
		//user will need to go to inorder to complete the authenication process
		$login = $auth->getLoginUrl($token['oauth_token'], 'http://yourwebsite.com/auth');
		header('Location:'.$login);
		exit;
	}
  
	//either way we should have a request secret at this point
	//at this point the user has already authorize our app
	//if we got something back in a URL query
	if(isset($_GET['oauth_token'], $_GET['oauth_verifier'])) {
		//we need to convert that to an access token
		$token = $auth->debug(true)->getAccessToken($_GET['oauth_token'], $_SESSION['request_secret'], $_GET['oauth_verifier']);
		//lastly, save the token in session
		$_SESSION['access_token'] 	= $token['oauth_token'];
		$_SESSION['access_secret']  = $token['oauth_token_secret'];
		//clean up
		unset($_SESSION['request_secret']);
	}
} 

© 2012 Openovate Labs. All rights reserved.