The Slim Framework support forum has moved to This Tender forum is no longer maintained or monitored.


Neil Young's Avatar

Neil Young

10 Jan, 2012 03:32 PM

Hi Josh,

Slim looks great and I am having a play. Currently I run my own implementation of a RESTful api but this does look a lot better.

A couple of questions - any plans to add OAuth to your Slim framework - would be a powerful addition ?

Also does Slim support calls made from a remote server ?

Many Thanks

Neil Young

  1. Support Staff 1 Posted by Josh Lockhart on 10 Jan, 2012 03:38 PM

    Josh Lockhart's Avatar

    Hi Neil,

    So long as your Slim app is on a web server available to the public, it can accept requests. Your remote server can use cURL to send HTTP requests to your Slim app. It will act just as it does if someone sent the request from a traditional web browser.

    As for oAuth, there is not an implementation for this yet. But I'd enjoy working with you to build one. I'll post more thoughts on that tonight when I return home from work.


  2. 2 Posted by Neil Young on 10 Jan, 2012 03:41 PM

    Neil Young's Avatar

    Thank you John, makes sense :-)

  3. Support Staff 3 Posted by Josh Lockhart on 11 Jan, 2012 01:26 PM

    Josh Lockhart's Avatar

    I did some reading last night. I'm not super familiar with oAuth, but from what I've read it appears implementing an oAuth layer on your app is very specific to your app and not to the framework as a whole.

    For example, let's say you are building an app that needed access to my Twitter timeline. You'd need to register your app with Twitter to get a consumer key and a consumer secret. You'd store these two keys with your app. Next, when I use your app and want to allow your app access to my timeline, your app needs to request a "request key" and "request secret" so that you can then request a "access key" and "access secret". The access key and access secret are ultimately stored by your app in association with my user account.

    That's a very abstract overview, but it demonstrates that there are a series of redirects involved, as is a data persistence layer specific to your app.

    Slim's involvement is really just enabling you to create the routes used during the oAuth communication. The actual oAuth key/secret handling is best suited for an existing oAuth PHP library. Twitter has some specific to its platform. I know there are some generic libs out there, too.

    I'm concerned that 1) oAuth is almost too specific to the app you make with Slim and not generic enough to be wrapped into Slim itself, and 2) I don't want to re-invent the wheel so to speak when there are plenty of existing oAuth libs already available that work very well.

    What are your thoughts?

  4. 4 Posted by Jeroen on 14 Feb, 2012 02:56 PM

    Jeroen's Avatar

    Hi Josh,

    I think you are right from a oAuth consumer perspective. But having an oAuth2 server implementation would be very useful and it seems quite generic in its approach.

  5. 5 Posted by Mark Cicero on 12 Apr, 2012 04:33 PM

    Mark Cicero's Avatar

    Yes, i think building in the functions for the "OAuth authentication dance" would be useful. I am using Slim currently for a project and I love it. I'll be working on adding OAuth functionality to it soon, however I am unfamiliar with implementing it.

  6. Andrew Smith closed this discussion on 01 Aug, 2012 12:53 PM.

Comments are currently closed for this discussion. You can start a new one.

Keyboard shortcuts


? Show this help
ESC Blurs the current field

Comment Form

r Focus the comment reply box
^ + ↩ Submit the comment

You can use Command ⌘ instead of Control ^ on Mac