Generating OAuth 1 Signature in PHP

October 13, 2018, at 10:00 PM

I'm trying to connect to the LivePerson Engagement History API and I'm running into an issue that I believe is related to the signature being generated.

First off, the API already provides the necessary consumer key, consumer secret, access token, and token secret. So I don't have to go through the process of retrieving those. In order to access their API I just have to provide the auth header. I've mocked everything up using Postman and it all works correctly. The issue is when I try to generate my own timestamp/nonce/signature in my class.

Here's the method from my class that sends the cURL request:

private function execute($options = array())
    if (!isset($options['url'])) {
    $ch = curl_init($options['url']);
    $method = (isset($options['method'])) ? $options['method'] : 'GET';
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
    curl_setopt($ch, CURLOPT_CUSTOMREQUEST, $method);
    if (isset($options['auth']) && $options['auth']) {
        $timestamp = round(microtime(true) * 1000);
        $nonce = $this->getNonce(11);
        $version = "1.0";
        $signatureMethod = "HMAC-SHA1";
        $signature = $this->generateSignature($options, $timestamp, $nonce, $signatureMethod, $version);
        $authHeader = "Authorization: OAuth oauth_consumer_key=\"{$this->consumerKey}\",oauth_token=\"{$this->accessToken}\",oauth_signature_method=\"{$signatureMethod}\",oauth_timestamp=\"{$timestamp}\",oauth_nonce=\"{$nonce}\",oauth_version=\"{$version}\",oauth_signature=\"{$signature}\"";
        curl_setopt($ch, CURLOPT_HTTPHEADER, array(
            "Content-Type: application/json"
    if (isset($options['body']) && !empty($options['body'])) {
        curl_setopt($ch, CURLOPT_POSTFIELDS, json_encode($options['body']));
    $result = curl_exec($ch);
    return $result;

The getNonce method I copied pretty much directly from

Here's the method I've written to generate the signature (which has been cobbled together from various SO posts and other sources):

protected function generateSignature($request, $timestamp, $nonce, $signatureMethod, $version)
    $base = $request['method'] . "&" . rawurlencode($request['url']) . "&"
        . rawurlencode("oauth_consumer_key=" . rawurlencode($this->consumerKey)
        . "&oauth_nonce=" . rawurlencode($nonce)
        . "&oauth_signature_method=" . rawurlencode($signatureMethod)
        . "&oauth_timestamp=" . $timestamp
        . "&oauth_version=" . $version);
    $key = rawurlencode($this->consumerSecret) . '&' . rawurlencode($this->tokenSecret);
    $signature = base64_encode(hash_hmac('sha1', $base, $key, true));
    return $signature;

I can actually copy and paste the authorization header from Postman into my $authHeader variable, and replace everything except the timestamp/nonce/signature, and it works.

The response I'm getting from their server right now is [code] => 0005 but I can't find anything in their docs about response codes.

Rent Charter Buses Company
current user and env user do not match when executing a shell script through php with apache

current user and env user do not match when executing a shell script through php with apache

I'm running Apache on a Linux serverThere are a collection of shell scripts that need to get executed by a PHP script

Download files from Laravel

Download files from Laravel

I would like create endpoint in Laravel which I can use in Linux to download zip archive

service worker addAll() function not working

service worker addAll() function not working

hello good day I am trying to build a progressive web app and I want to use cache API to cache all my asset and it's not working, when ever I check the cache file it is always empty

Woocommerce Checkout Errors Edit

Woocommerce Checkout Errors Edit

I want to change the error messages coming from the checkout page