WP REST API – OAuth 1.0a Server

설명

This plugin uses the OAuth 1.0a protocol to allow delegated authorization; that is, to allow applications to access a site using a set of secondary credentials. This allows server administrators to control which applications can access the site, as well as allowing users to control which applications have access to their data.

This plugin only supports WordPress >= 4.4.

The latest stable version is also available from the WordPress Plugin Directory.

New to OAuth

We strongly recommend you use an existing OAuth library. You’ll be best off if you understand the authorization process, but leave the actual implementation to well-tested libraries, as there are a lot of edge cases.

Start reading from the Introduction to get started!

For OAuth Veterans

If you already know how to use OAuth, here’s the lowdown:

  • The plugin uses OAuth 1.0a in
  • We use the three-legged flow
  • To find the REST API index, apply the API autodiscovery process
  • The endpoints for the OAuth process are available in the REST API index: check for $.authentication.oauth1 in the index data.
    • The temporary credentials (request token) endpoint is $.authentication.oauth1.request (typically /oauth1/request)
    • The authorization endpoint is $.authentication.oauth1.authorize (typically /oauth1/authorize)
    • The token exchange (access token) endpoint is $.authentication.oauth1.access (typically /oauth1/access)
  • Your callback URL must match the registered callback URL for the application in the scheme, authority (user/password) host, port, and path sections. (Subpaths are not allowed.)
  • The only signature method supported is HMAC-SHA1.
  • OAuth parameters are supported in the Authorization header, query (GET) parameters, or request body (POST) parameters (if encoded as application/x-www-form-urlencoded). OAuth parameters are not supported in JSON data.

후기

2017년 10월 8일
Got this working after some good amount of work! Thanks for bringing this and making API calls secure.
2017년 8월 3일
Just google { "code": "rest_cannot_create", "message": "Sorry, you are not allowed to create posts as this user.", "data": { "status": 401 } } and you'll find anyone using this plugin having issues authenticating to perform and protected operations. Dev team is not even responding to github issues or forum posts.
2016년 12월 4일
Hello, I have made an adapter for Parse Server under Node.js with which you can link the login of any installation of wordpress in Parse Server, for that I have used your plugin, which is the one that gives us access_token and allows us to verify the authenticity Of the user registered in the server. https://github.com/enriquecerda/parse-server-wordpress-login
모든 6 평가 읽기

기여자 & 개발자

“WP REST API – OAuth 1.0a Server”(은)는 오픈 소스 소프트웨어입니다. 다음의 사람들이 이 플러그인에 기여하였습니다.

기여자

자국어로 “WP REST API – OAuth 1.0a Server”(을)를 번역하세요.

개발에 관심이 있으십니까?

코드 탐색하기는, SVN 저장소를 확인하시거나, 개발 기록RSS로 구독하세요.