Run the code bellow - works for me. Make sure to look at the callbacl_endpoint parameter a couple of rows down..
$api_key = "apikey"; // Edit this
$secret_token = "secret"; // Edit this
$email = "email address for the api key and secret above"; // Edit this
$petition_id = 'petitionID'; // Edit this
$params = array();
$params['api_key'] = $api_key;
$params['source_description'] = "Fight Racism Now Website"; // Something human readable.
$params['source'] = $petUrl; // Eventually included in every signature submitted with the auth key obtained with this request.
$params['requester_email'] = $email; // The email associated with your API key and Change.org account.
$params['timestamp'] = date("c"); // ISO-8601-formtted timestamp at UTC
$params['endpoint'] = '/v1/petitions/' . $petition_id . '/auth_keys';
$params['callback_endpoint'] = "
http://example.com"; // Docs say that the auth key will be sent to this callback. That's not the case, however. All I get in the callback is an empty POST
// Build request signature and add it as a parameter
$query_string_with_secret_and_auth_key = http_build_query($params) . $secret_token;
$params['rsig'] = hash('sha256', $query_string_with_secret_and_auth_key);
// Final request body
$query = http_build_query($params);
// Make the request
$options = array(
'http' => array(
'method' => 'POST',
'content' => http_build_query($params),
),
);
$context = stream_context_create($options);
if ($result = @file_get_contents($request_url, false, $context)) {
$res = json_decode($result, true);
print_r($res);
// Response is now in the array $res
}
else {
// Request to change failed...
return false;
}