OAuth1 Application
OAuth1 is required by a small number of older APIs (most famously the legacy Twitter and Trello APIs). Orchesty supports it through a dedicated base class.
Node.js note. The Node.js SDK does not ship an OAuth1 base class today. If you need OAuth1 from Node.js, you have two options: implement the signing yourself in a Basic Application, or place the OAuth1-using portion of your topology in a PHP worker. The rest of the topology can stay in Node.js.
Class to extend (PHP) #
| SDK | Base class |
|---|---|
| PHP | OAuth1ApplicationAbstract (extends ApplicationAbstract) |
What you implement #
| Method | Purpose |
|---|---|
getRequestTokenUrl() | The provider's request-token endpoint. |
getAccessTokenUrl() | The provider's access-token endpoint. |
getAuthorizeUrl() | The user-facing authorize endpoint. |
getFormStack() | Settings form (consumer key, consumer secret, optional service-specific fields). |
getRequestDto() | Builds an HTTP request signed with HMAC-SHA1 against the user's tokens. |
Minimal example (PHP) #
<?php declare(strict_types=1);
// worker/src/Trello/TrelloApplication.php
namespace App\Trello;
use Hanaboso\PipesPhpSdk\Application\Document\ApplicationInstall;
use Hanaboso\PipesPhpSdk\Authorization\Base\OAuth1\OAuth1ApplicationAbstract;
use Hanaboso\PipesPhpSdk\Utils\Process\ProcessDto;
final class TrelloApplication extends OAuth1ApplicationAbstract
{
public function getName(): string { return 'trello'; }
public function getPublicName(): string { return 'Trello'; }
public function getDescription(): string { return 'Trello integration'; }
public function getRequestTokenUrl(): string { return 'https://trello.com/1/OAuthGetRequestToken'; }
public function getAccessTokenUrl(): string { return 'https://trello.com/1/OAuthGetAccessToken'; }
public function getAuthorizeUrl(): string { return 'https://trello.com/1/OAuthAuthorizeToken'; }
public function getRequestDto(
ProcessDto $dto,
ApplicationInstall $install,
string $method,
?string $url = NULL,
?string $data = NULL,
): RequestDto {
return $this->signRequest($install, $method, $url, $data ?? '');
}
}
The signRequest() helper is provided by the base class and produces the OAuth realm="..." header with the right signature.
Authorization flow #
- The user opens Applications -> Trello -> Authorize.
- The platform calls
getRequestTokenUrl()to obtain a temporary token. - The platform redirects the user to
getAuthorizeUrl()with the temporary token; the user signs in and approves. - The provider redirects back to the platform's callback URL with a verifier.
- The platform calls
getAccessTokenUrl()with the verifier to obtain the long-lived token + secret. They are stored in theApplicationInstall.
After this, every connector call signs requests with the stored secret automatically.