<div dir="ltr">On Sun, Oct 16, 2016 at 11:28 PM, Magog The Ogre <span dir="ltr"><<a href="mailto:magog.the.ogre@gmail.com" target="_blank">magog.the.ogre@gmail.com</a>></span> wrote:<br><div class="gmail_extra"><div class="gmail_quote"><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="ltr">The one example program makes only a vague reference to it (<a href="https://tools.wmflabs.org/oauth-hello-world/index.php?action=download" target="_blank">https://tools.wmflabs.org/<wbr>oauth-hello-world/index.php?<wbr>action=download</a>), and the other (<a href="https://www.mediawiki.org/wiki/OAuth/For_Developers#PHP_demo_cli_client_with_RSA_keys" target="_blank">https://www.mediawiki.org/<wbr>wiki/OAuth/For_Developers#PHP_<wbr>demo_cli_client_with_RSA_keys</a>) presupposes that I have preexisting libraries installed, for some reason.<br></div></blockquote><div><br>In any case using RSA keys is going to want you to have some sort of
library installed to deal with using RSA keys, if not a library to
handle all the OAuth stuff itself.<br><br>The libraries needed for your
second link are included in the OAuth extension itself. The most
relevant bit for your question here is the <span class="gmail-nc">OAuthSignatureMethod_RSA_SHA1::build_signature() method[1] which uses PHP's openssl extension to do the actual signing.[2]<br></span><br> [1]: <a href="https://phabricator.wikimedia.org/diffusion/EOAU/browse/master/lib/OAuth.php;51cd54d332d1b6c0647f3be699c000833cb9d54e$235-252">https://phabricator.wikimedia.org/diffusion/EOAU/browse/master/lib/OAuth.php;51cd54d332d1b6c0647f3be699c000833cb9d54e$235-252</a><br> [2]: <a href="https://secure.php.net/openssl">https://secure.php.net/openssl</a><br> </div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="ltr"><div>I just want to be able to authenticate the identity of users.
Magnus Manske has said he doesn't want to maintain TUSC anymore, but I
cannot figure out how to do this with the documentation provided.</div></div></blockquote><div><br></div><div><span class="gmail-nc"></span></div><div><span class="gmail-nc">Note that using RSA-SHA1 rather than HMAC-SHA1 is in no way required.<br></span></div><div><br><br></div></div>-- <br><div class="gmail_signature"><div dir="ltr"><div>Brad Jorsch (Anomie)<br>Senior Software Engineer<br>Wikimedia Foundation</div></div></div>
</div></div>