Helper function:


Returns a url such as:


Which can be loaded by a browser (i.e. to return JSON data to some JavaScript).

This URL runs the script located at:


To run a gateway from elsewhere on the site use:

$gateway = new gateway();

TODO: add notes about the tester helper, and maintenance gateway.

Future directions

Look at the suggestion by ParagonIE, which is using LibSodium:

And possibly use client certificates (via CURLOPT_SSLCERT).

Notes on oAuth:

Might be issues:

Eran Hammer:
    What is now offered is a blueprint for an authorisation
    protocol, "that is the enterprise way", providing a "whole new
    frontier to sell consulting services and integration solutions".

Discussion with 2-legged auth in 2.0 (not good):

An idea of how to implement in 2.0:

Overview of 1.0 and 2.0, with a possible solution:

Implementation, documentation and discussion for 1.0:

Google testing area, more so for 3-legged auth though: