Sample code for 30+ languages & platforms
PHP Extension

WooCommerce OAuth 1.0a “one-legged” Authentication

See more REST Examples

Demonstrates how to use OAuth 1.0a "one legged" authentication with Woo Commerce.

Chilkat PHP Extension Downloads

PHP Extension
<?php

include("chilkat.php");

$success = false;

// Demonstrates how to do OAuth1 authentication for a Wordpress site using Woo Commerce.

// This example requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.

// Prepare an OAuth 1.0 object for use with the Chilkat REST API.
$oauth1 = new CkOAuth1();
$oauth1->put_ConsumerKey('WOO_COMMERCE_CONSUMER_KEY');
$oauth1->put_ConsumerSecret('WOO_COMMERCE_CONSUMER_SECRET');

// The signature method can be HMAC-SHA1 or HMAC-SHA256
$oauth1->put_SignatureMethod('HMAC-SHA256');

// The OauthUrl property will need to be updated each time a request is sent.
// The domain here must match the domain passed to the Connect method (below).
// The domain must be exact.  For example, "www.your-wordpress-site.com" vs. "your-wordpress-site.com".
// One might work while the other does not..
$oauth1->put_OauthUrl('http://your-wordpress-site.com/wc-api/v3/orders');

// The OAuthMethod property will be set automatically when the REST request is sent.
// Setting it here is not actually necessary.
$oauth1->put_OauthMethod('GET');

// Generate an initial nonce so that Chilkat knows the desired size of the nonce.
$success = $oauth1->GenNonce(32);

$rest = new CkRest();

// Tell the REST object to use the OAuth1 object for authentication.
// Also, indicate that the OAuth authentication parameters should be query parameters
// and not located within the Authorization header.
$bUseQueryParams = true;
$success = $rest->SetAuthOAuth1($oauth1,$bUseQueryParams);

// Make the initial connection (without sending a request yet) to the WooCommerce endpoint at your Wordpress blog.
$bTls = false;
$port = 80;
$bAutoReconnect = true;
$success = $rest->Connect('your-wordpress-site.com',$port,$bTls,$bAutoReconnect);
if ($success != true) {
    print $rest->lastErrorText() . "\n";
    exit;
}

// Send a GET request to list orders.

// When the request is sent, the OAuth1 object's Timestamp and Nonce properties are automatically
// regenerated.  Also, the OAuth1 object's OauthMethod property is automatically set to the HTTP method
// used for the request (in this case it is "GET").
$responseJson = $rest->fullRequestNoBody('GET','/wc-api/v3/orders');
if ($rest->get_LastMethodSuccess() != true) {
    print $rest->lastErrorText() . "\n";
    exit;
}

// When successful, the response status code will equal 200.
if ($rest->get_ResponseStatusCode() != 200) {
    // Examine the request/response to see what happened.
    print 'response status code = ' . $rest->get_ResponseStatusCode() . "\n";
    print 'response status text = ' . $rest->responseStatusText() . "\n";
    print 'response header: ' . $rest->responseHeader() . "\n";
    print 'response body (if any): ' . $responseJson . "\n";
    print '---' . "\n";
    print 'LastRequestStartLine: ' . $rest->lastRequestStartLine() . "\n";
    print 'LastRequestHeader: ' . $rest->lastRequestHeader() . "\n";
    exit;
}

print $responseJson . "\n";
print 'Success.' . "\n";

?>