The first application for Flickr. Authorize oAuth 2.0, get a list of photos

The API documentation on flickr.com is outdated. It has long been possible to log in through oAuth 2.0, but the site has neither a normal description, nor examples of working with the API after authentication.

Authorization on Flickr occurs in three stages:

1. Getting oauth_token and oauth_token_secret. In the first step, oauth_token is request_token.
2. Authorization of the application in the user profile.
3. Get the oauth_token and oauth_token_secret. In the third step, oauth_token is the access_token.

Stage 1

I don’t know why, but at this stage I’ve got a mistake out of 10 a couple of times, so I added recursion and if there’s an error, please request_token again.
')
It all starts by clicking on the button

$("#flickr_connect").click(function(){ flickrauth(); return false; }); function flickrauth(){ $.ajax({ type: "POST", url: "/auth/flickr.php?type=get_request_token", success: function(result){ var oResult = $.parseJSON(result); if(oResult.oauth_problem == "signature_invalid"){   ,     flickrauth(); } if(oResult.oauth_callback_confirmed == "true"){   ,     .    flickr.com     oauth_token = oResult.oauth_token; location.href = "http://www.flickr.com/services/oauth/authorize?oauth_token="+oauth_token+"&perms=read"; } } }); } 

Below is the code that was called in the example above.

 if($_GET["type"] == "get_request_token"){ $request_token_url = "http://www.flickr.com/services/oauth/request_token"; $oauth_nonce=md5(microtime().mt_rand()); $timestamp = time(); $consumer_key = "676d28f0d2ae990730a3fb232c252a8b"; $consumer_secret = "36b056c53456fef"; $sig_method = "HMAC-SHA1"; $oauth_version = "1.0"; $callback_url = "http://example.com/auth/flickr.php"; $basestring = "oauth_callback=".urlencode($callback_url)."&oauth_consumer_key=".$consumer_key."&oauth_nonce=".$oauth_nonce."&oauth_signature_method=".$sig_method."&oauth_timestamp=".$timestamp."&oauth_version=".$oauth_version; // basestring    ,   .       $basestring = "GET&".urlencode($request_token_url)."&".urlencode($basestring); $hash_key = $consumer_secret."&"; //     $hash_key   $consumer_secret $oauth_signature = base64_encode(hash_hmac('sha1', $basestring, $hash_key, true)); $url = $request_token_url."?oauth_nonce=".$oauth_nonce."&oauth_timestamp=".$timestamp."&oauth_consumer_key=".$consumer_key."&oauth_signature_method=".$sig_method."&oauth_version=".$oauth_version."&oauth_signature=".$oauth_signature."&oauth_callback=".$callback_url; if( $curl = curl_init() ) { curl_setopt($curl, CURLOPT_URL, $url); curl_setopt($curl, CURLOPT_RETURNTRANSFER,true); $out = curl_exec($curl); $aOut = array(); foreach(explode("&", $out) as $key=>$value){ list($k,$v) = explode("=", $value); $aOut[$k] = $v; if($k == "oauth_token_secret"){ $recent_update = mysql_query("UPDATE users SET oauth_token_secret='".$v."' WHERE user_id=".$_SESSION['user_id']);   oauth_token_secret,            oauth_signature,    access_token    } } echo json_encode($aOut); curl_close($curl); } } 

Stage 2

The first stage is completed and a redirect occurs to authorize the application. If the user clicks "YES", another redirect occurs and the oauth_token is sent to GET, which is still the request_token and oauth_verifier, which we will need to get access_token in the third stage.

Stage 3

Below is the access_token getting code

 if(isset($_GET["oauth_token"])){ $recent_update = mysql_query("UPDATE users SET oauth_verifier='".$_GET['oauth_verifier']."' WHERE user_id=".$_SESSION['user_id']); $recent = mysql_query("SELECT * FROM users WHERE user_id=".$_SESSION['user_id']); $recent_info = mysql_fetch_assoc($recent); $request_token_url = "http://www.flickr.com/services/oauth/access_token"; $oauth_nonce=md5(microtime().mt_rand()); $timestamp = time(); $consumer_key = "676d28f0d2ae990730a3fb232c252a8b"; $consumer_secret = "36b056c53456fef"; $sig_method = "HMAC-SHA1"; $oauth_version = "1.0"; $oauth_token_secret = $recent_info['oauth_token_secret']; $basestring = "oauth_consumer_key=".$consumer_key."&oauth_nonce=".$oauth_nonce."&oauth_signature_method=".$sig_method."&oauth_timestamp=".$timestamp."&oauth_token=".$_GET['oauth_token']."&oauth_verifier=".$_GET['oauth_verifier']."&oauth_version=".$oauth_version; $basestring = "GET&".urlencode($request_token_url)."&".urlencode($basestring); //   $hash_key     $hash_key = $consumer_secret."&".$oauth_token_secret; $oauth_signature = base64_encode(hash_hmac('sha1', $basestring, $hash_key, true)); $url = $request_token_url."?oauth_nonce=".$oauth_nonce."&oauth_timestamp=".$timestamp."&oauth_verifier=".$_GET['oauth_verifier']."&oauth_consumer_key=".$consumer_key."&oauth_signature_method=".$sig_method."&oauth_version=".$oauth_version."&oauth_token=".$_GET['oauth_token']."&oauth_signature=".$oauth_signature; if( $curl = curl_init() ) { curl_setopt($curl, CURLOPT_URL, $url); curl_setopt($curl, CURLOPT_RETURNTRANSFER,true); $out = curl_exec($curl); $aOut = array(); foreach(explode("&", $out) as $key=>$value){ list($k,$v) = explode("=", $value); $aOut[$k] = $v; if($k == "oauth_token"){ $recent_update = mysql_query("UPDATE users SET oauth_token='".$v."' WHERE user_id=".$_SESSION['user_id']); } if($k == "oauth_token_secret"){ $recent_update = mysql_query("UPDATE users SET oauth_token_secret='".$v."' WHERE user_id=".$_SESSION['user_id']); } } echo json_encode($aOut); curl_close($curl); } } 

The oauth_token and oauth_token_secret obtained here will be required to complete all subsequent requests.

Getting a list of photos

If you use OAUTH authentication on Flickr, the methods described at www.flickr.com/services/api do not work. More precisely work, but you need to make some adjustments.

Below is an example of a list of photos of one user.

 // url      $request_url = "http://www.flickr.com/services/rest"; $oauth_nonce=md5(microtime().mt_rand()); $timestamp = time(); $consumer_key = "676d28f023e990730a3fbc12c252a8b"; $consumer_secret = "36b05634d0626fef"; $sig_method = "HMAC-SHA1"; $oauth_version = "1.0"; //        $oauth_token = "72157630222363050-c9347c35c6f40906"; $oauth_token_secret = "568455560efe6e4e"; $format = "json"; $method = "flickr.photos.search"; $user_id = "22227268@N03"; $basestring = "format=".$format."&method=".$method."&oauth_consumer_key=".$consumer_key."&oauth_nonce=".$oauth_nonce."&oauth_signature_method=".$sig_method."&oauth_timestamp=".$timestamp."&oauth_token=".$oauth_token."&oauth_version=".$oauth_version."&user_id=".$user_id; $basestring = "GET&".urlencode($request_url)."&".urlencode($basestring); $hash_key = $consumer_secret."&".$oauth_token_secret; $oauth_signature = base64_encode(hash_hmac('sha1', $basestring, $hash_key, true)); $url = $request_url."?format=".$format."&method=".$method."&oauth_consumer_key=".$consumer_key."&oauth_nonce=".$oauth_nonce."&oauth_signature_method=".$sig_method."&oauth_timestamp=".$timestamp."&oauth_token=".$oauth_token."&oauth_version=".$oauth_version."&oauth_signature=".$oauth_signature."&user_id=".$user_id; if( $curl = curl_init() ) { curl_setopt($curl, CURLOPT_URL, $url); curl_setopt($curl, CURLOPT_RETURNTRANSFER,true); $out = curl_exec($curl); echo $out; curl_close($curl); }