The Community is hosting an End of Summer sweepstakes! Participants must complete tasks to earn tickets that will enter them with a chance to win a free year of Constant Contact and other great prizes!*
*No Purchase Necessary. For Official Rules, visit here. Constant Contact’s End of Summer 2020 Sweepstakes ends on October, 20, 2020 at 11:50 PM EST.

PHP OAuth Example

Highlighted
Employee

PHP OAuth Example

Here is a sample of how to implement Constant Contact 3-Legged OAuth Authentication in PHP. 


This sample utilizes the PHP OAuth Framework found at http://oauth.googlecode.com/svn/code/php/.


<?php

/*

 * The sample code utilizes the PHP OAuth Framework found at http://oauth.googlecode.com/svn/code/php/.

 * To obtain a consumer key and consumer secret, please visit http://developer.constantcontact.com/license/login.

 *

 * Note: This sample uses a cookie to set and retrieve the request token and secret from Constant Contact.

 *

 * Once the authorization token is granted, this sample immediately makes an API request to demonstrate the

 * full process of authentication. However, in an actual application this information should be stored

 * as the long term tokens to make future API requests for the authenticated user.

 */




require_once('OAuth.php');



// Constant Contact Variables

$consumer_key = 'API KEY'; // Constant Contact API key

$consumer_secret = 'CONSUMER SECRET'; // Constant Contact consumer secret

$username = 'USER NAME'; // Constant Contact username - The account's resources are you attempting to access



// Typical modifications should not go past here

define("URI", "https://oauth.constantcontact.com/ws");

$request_token_url = URI.'/oauth/request_token';

$callback_url = 'http://'.$_SERVER.$_SERVER;

$access_url = URI.'/oauth/access_token';

$webServiceUrl = 'https://api.constantcontact.com/ws/customers/'.$username.'/contacts';

$sig_method = new OAuthSignatureMethod_HMAC_SHA1();



if(!$_GET){



    // Create new OAuth Consumer

    $oauth_consumer = new OAuthConsumer($consumer_key, $consumer_secret);

    $params = array(oauth_callback => $callback_url);

   

    // Create an OAuth Request to obtain request token

    $tokenRequest = OAuthRequest::from_consumer_and_token($oauth_consumer, NULL, 'GET', $request_token_url, $params);

   

    // Sign the request using HMAC_SHA1 signature method

    $tokenRequest->sign_request($sig_method, $oauth_consumer, NULL);

   

    // Convert the request parameters to a URL

    $token_request_url  = $tokenRequest->to_url();

   

    // Excecute request for a request token / secret

    $session = curl_init($token_request_url);

    curl_setopt($session, CURLOPT_RETURNTRANSFER, 1);

    curl_setopt($session, CURLOPT_SSL_VERIFYPEER, 0);

    $response = curl_exec($session);

    if (!$response) {

        $response = curl_error($session);

        echo $response;

    }

    curl_close($session);

   

    // Retrieve the returned request token and request secret

    parse_str($response, $params);

    $oauth_token = $params;

    $oauth_token_secret = $params;

   

    // Set a cookie with the request token and secret to be used after the user has provided access

    $info = $oauth_token."[]".$oauth_token_secret;

    setcookie('requestToken', $info, time()+120, '/');

   

    /*

     * Create and redirect the user to the authentication URL. This is where the user is prompted

     * to authorize this application to access resources in their Constant Contact account.

     */


   

    $auth_url = URI.'/oauth/confirm_access?oauth_token='.$oauth_token.'&oauth_callback='.urlencode($callback_url);

    Header("Location: $auth_url");

   

} else {

   

    // At this point we assume the callback_url has been used, and the oauth_verifier has been set

    $oauth_verifier = $_GET;

   

    // Retrieve the request token and secret from the requestToken cookie

    $requestToken = explode('[]', $_COOKIE);

    $request_token = $requestToken;

    $request_token_secret = $requestToken;

       

    // Create OAuth request for an access token

    $oauth_consumer = new OAuthConsumer($consumer_key, $consumer_secret);

    $access_token = new OAuthToken($request_token, $request_token_secret);

    $access_request = OAuthRequest::from_consumer_and_token($oauth_consumer, $access_token, 'GET', $access_url);

   

    //Set verifier returned with the request token

    $access_request->set_parameter('oauth_verifier', $oauth_verifier);

   

    // Sign the request using HMAC_SHA1 signature method

    $access_request->sign_request($sig_method, $oauth_consumer, $access_token);

   

    // Execute access token request

    $request  = $access_request->to_url();

    $session = curl_init($request);

    curl_setopt($session, CURLOPT_RETURNTRANSFER, 1);

    curl_setopt($session, CURLOPT_SSL_VERIFYPEER, 0);

    $response = curl_exec($session);

    if (!$response) {

        $response = curl_error($curl);

        echo $response;  

    }

    curl_close($session);

   

    // Retrieve the access_token and access_token_secret  

    parse_str($response, $params);  

    $access_token = $params;

    $access_token_secret = $params;

   

    /*

     * The user has now granted this application access to its resources, and we

     * can begin to make http requests for the authenticated user.

     */


   

    //Create API Request

    $oauth_consumer = new OAuthConsumer($consumer_key, $consumer_secret);

    $authorization_token = new OAuthToken($access_token, $access_token_secret);

    $api_request = OAuthRequest::from_consumer_and_token($oauth_consumer, $authorization_token, 'GET', $webServiceUrl);



    // Sign request

    $api_request->sign_request($sig_method, $oauth_consumer, $authorization_token);

    $api_request->get_normalized_http_method();

   

    // Execute HTTP Request

    $request_url  = $api_request->to_url();

    $session = curl_init($request_url);

    curl_setopt($session, CURLOPT_RETURNTRANSFER, 1);

    curl_setopt($session, CURLOPT_SSL_VERIFYPEER, 0);

    $response = curl_exec($session);

    if (!$response) {

        $response = curl_error($curl);

        echo $response;  

    }

    $error = curl_error($session);

    curl_close($session);

       

    print_r($response);

}



?>



 

David J

Developer Portal

View API documentation, code samples, get your API key.

Visit Page

Constant Contact 2020 End of Summer Community Sweepstakes!

The Constant Contact User Community is hosting a sweepstakes. The more you participate, the more chances you have to win! Read on to learn more...

Read More
Featured