I've made a simple script that posts images on tumblr.
everything is fine, but I've noticed some performance issues right after I've changed the host provider (my new host is limited and cheaper).
now, after debugging the script and after contacting the tumblr api helpdesk, I'm stuck on a problem:
there are 3 functions:
function oauth_gen($method, $url, $iparams, &$headers) {
$iparams['oauth_consumer_key'] = CONSUMER_KEY;
$iparams['oauth_nonce'] = strval(time());
$iparams['oauth_signature_method'] = 'HMAC-SHA1';
$iparams['oauth_timestamp'] = strval(time());
$iparams['oauth_token'] = OAUTH_TOKEN;
$iparams['oauth_version'] = '1.0';
$iparams['oauth_signature'] = oauth_sig($method, $url, $iparams);
$oauth_header = array();
foreach($iparams as $key => $value) {
if (strpos($key, "oauth") !== false) {
$oauth_header []= $key ."=".$value;
}
}
$str = print_r($iparams, true);
file_put_contents('data1-1.txt', $str);
$oauth_header = "OAuth ". implode(",", $oauth_header);
$headers["Authorization"] = $oauth_header;
}
function oauth_sig($method, $uri, $params) {
$parts []= $method;
$parts []= rawurlencode($uri);
$iparams = array();
ksort($params);
foreach($params as $key => $data) {
if(is_array($data)) {
$count = 0;
foreach($data as $val) {
$n = $key . "[". $count . "]";
$iparams []= $n . "=" . rawurlencode($val);
//$iparams []= $n . "=" . $val;
$count++;
}
} else {
$iparams[]= rawurlencode($key) . "=" .rawurlencode($data);
}
}
//debug($iparams,"iparams");
$str = print_r($iparams, true);
file_put_contents('data-1.txt', $str);
//$size = filesize('data.txt');
$parts []= rawurlencode(implode("&", $iparams));
//debug($parts,"parts");
//die();
$sig = implode("&", $parts);
return base64_encode(hash_hmac('sha1', $sig, CONSUMER_SECRET."&". OAUTH_SECRET, true));
}
these 2 functions above comes from an online functional example, they have always worked fine.
this is the function I use to call the APIs and the oAuth:
function posta_array($files,$queue,$tags,$caption,$link,$blog){
$datArr = array();
$photoset_layout = "";
foreach ($files as $sing_file){
$dataArr [] = file_get_contents($sing_file);
$photoset_layout .= "1";
}
$headers = array("Host" => "http://api.tumblr.com/", "Content-type" => "application/x-www-form-urlencoded", "Expect" => "");
$params = array(
"data" => $dataArr,
"type" => "photo",
"state" => $queue,
"tags"=>$tags,
"caption"=>$caption,
"photoset_layout" => $photoset_layout,
"link"=>str_replace("_","",$link)
);
debug($headers,"head");
oauth_gen("POST", "http://api.tumblr.com/v2/blog/$blog/post", $params, $headers);
debug($headers,"head 2");
$ch = curl_init();
curl_setopt($ch, CURLOPT_USERAGENT, "Tumblr v1.0");
curl_setopt($ch, CURLOPT_URL, "http://api.tumblr.com/v2/blog/$blog/post");
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1 );
curl_setopt($ch, CURLOPT_HTTPHEADER, array(
"Authorization: " . $headers['Authorization'],
"Content-type: " . $headers["Content-type"],
"Expect: ")
);
$params = http_build_query($params);
$str = print_r($params, true);
file_put_contents('data_curl1.txt', $str);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $params);
$response = curl_exec($ch);
debug($response,"response");
return $response;
}
this is the function with some problems, I try to explain:
I called the oauth_gen passing the parameters array to it, the oauth_gen creates the oauth header that I later used here: "Authorization: " . $headers['Authorization'],.
As I stated, everything is working smoothly, until I have tried to post a gif photoset of 6 files for a total of 6Mb (tumblr permit 2Mb each file and 10Mb total).
PHP runs out of memory and return an error, here it starts my debugging, after a while I contacted the tumblr api helpdesk, and they answer in this way:
You shouldn't need to include the files in the parameters used for
generating the oauth signature. For an example of how this is done,
checkout one of our official API clients.
This changes everything. Untill now, I passed the entire parameters array to the oauth_gen, which, calling the oauth_sig, will rawencode everything into the array (binary strings of gif files inlcuded), with a result of a binary file of about 1Mb becomes at least 3Mb of rawurlencoded string.
and that's why I had memory issues. Nice, so, as the helpdesk say, I've changed the call to the oauth_gen in this way:
$new_array = array();
oauth_gen("POST", "http://api.tumblr.com/v2/blog/$blog/post", $new_array, $headers);
seams legit to me, I passed a new array to the function, the function then generate the oAuth, the headers are passed back and I can use them into the posting call, the result was:
{"meta":{"status":401,"msg":"Unauthorized"},"response":[]}
asking more to tumblr api helpdesk leads only to more links to their documentation and their "tumblr php client" which I can't use, so it isn't a option.
Does anyone has experience with oAuth and can explain me what I'm doing wrong? as far as I understand, the trick is into the encrypted data the oauth_sig create, but I can't figure out how to proceed.
I really want to understand the oauth, but more I read about it and more the tumblr helpdsek seams right to me, but... the solution doesn't work, and works only if I let the oauth function to encrypt the entire data array (with the images and everything) but I can understand that this is wrong... help me.
UPDATE 1
I've tried a new thing today, first I created the empty array, then passed by reference to the oauth_genand only after generating the signature, I've added to the same array all the other fields about the post itself, but the result is the same.
UPDATE 2
reading here: http://oauth.net/core/1.0a/#signing_process
seems that the parameters of the request must all be used for the signature, but this is not totally clear (if someone could explain it better, I really appreciate).
this is weird, because if it's true, it go against the words of the Tumblr help desk, while if it's not true, there is a little confusion in the whole process.
by the way, at this time, I'm stile struck in the same point.
After digging couple of hours into the issue, debugging, reviewing tumblr api and api client, registering a test account and trying to post some images. The good news is finally I come up with a solution. It is not using a native CURL only, you need guzzle and an OAuth library to sign the requests.
Tumblr guys are correct about signing the request. You don't need to pass image data to sign the request. If you check their official library you can see; https://github.com/tumblr/tumblr.php/blob/master/lib/Tumblr/API/RequestHandler.php#L85
I tried to fix the issue with native CURL library but unfortunately I was not successful, either I was signing the request in a wrong way or missing something in the request header, data etc. I don't know actually, Tumblr api is really bad at informing you what you are doing wrong.
So I cheated a little bit and start to read Tumblr api client code, and I come up with a solution.
Here we go, first you need two packages.
$ composer require "eher/oauth:1.0.*"
$ composer require "guzzle/guzzle:>=3.1.0,<4"
And then the PHP code, just define your keys, tokens, secrets etc. Then it should be good to go.
Since the signing request does not include picture data, it is not exceeding memory limit. After signing the request actually we are not getting the contents of the files into our post data array. We are using addPostFiles method of guzzle, which takes care of file addition to POST request, does the dirty work for you. And here is the result for me;
string(70) "{"meta":{"status":201,"msg":"Created"},"response":{"id":143679527674}}"
And here is the url;
http://blog-transparentcoffeebouquet.tumblr.com/
<?php
ini_set('memory_limit', '64M');
define("CONSUMER_KEY", "");
define("CONSUMER_SECRET", "");
define("OAUTH_TOKEN", "");
define("OAUTH_SECRET", "");
function request($options,$blog) {
// Take off the data param, we'll add it back after signing
$files = isset($options['data']) ? $options['data'] : false;
unset($options['data']);
$url = "https://api.tumblr.com/v2/blog/$blog/post";
$client = new \Guzzle\Http\Client(null, array(
'redirect.disable' => true
));
$consumer = new \Eher\OAuth\Consumer(CONSUMER_KEY, CONSUMER_SECRET);
$token = new \Eher\OAuth\Token(OAUTH_TOKEN, OAUTH_SECRET);
$oauth = \Eher\OAuth\Request::from_consumer_and_token(
$consumer,
$token,
"POST",
$url,
$options
);
$oauth->sign_request(new \Eher\OAuth\HmacSha1(), $consumer, $token);
$authHeader = $oauth->to_header();
$pieces = explode(' ', $authHeader, 2);
$authString = $pieces[1];
// POST requests get the params in the body, with the files added
// and as multipart if appropriate
/** #var \Guzzle\Http\Message\RequestInterface $request */
$request = $client->post($url, null, $options);
$request->addHeader('Authorization', $authString);
if ($files) {
if (is_array($files)) {
$collection = array();
foreach ($files as $idx => $f) {
$collection["data[$idx]"] = $f;
}
$request->addPostFiles($collection);
} else {
$request->addPostFiles(array('data' => $files));
}
}
$request->setHeader('User-Agent', 'tumblr.php/0.1.2');
// Guzzle throws errors, but we collapse them and just grab the
// response, since we deal with this at the \Tumblr\Client level
try {
$response = $request->send();
} catch (\Guzzle\Http\Exception\BadResponseException $e) {
$response = $request->getResponse();
}
// Construct the object that the Client expects to see, and return it
$obj = new \stdClass;
$obj->status = $response->getStatusCode();
$obj->body = $response->getBody();
$obj->headers = $response->getHeaders()->toArray();
return $obj;
}
$files = [
"/photo/1.jpg",
"/photo/2.jpg",
"/photo/3.png",
"/photo/4.jpg",
"/photo/1.jpg",
"/photo/2.jpg",
"/photo/3.png",
"/photo/4.jpg",
"/photo/1.jpg",
"/photo/2.jpg",
];
$params = array(
"type" => "photo",
"state" => "published",
"tags"=> [],
"caption"=>"caption",
"link"=>str_replace("_","","http://stackoverflow.com/questions/36747697/oauth-signature-creation-issue-with-php-posting-photoset-to-tumblr"),
"data" => $files,
);
$response = request($params, "blog-transparentcoffeebouquet.tumblr.com");
var_dump($response->body->__toString());
I've been trying to translate some PHP code to Python 3 but can't quite get it to work. In PHP I have the following:
$request = "https://api.example.com/token";
$developerKey = "Basic VVVfdFdfsjkUIHDfdsjYTpMX3JQSDNJKSFQUkxCM0p0WWFpRklh";
$data = array('grant_type'=>'password',
'username'=>'name',
'password'=>'pass',
'scope'=>'2346323');
$cjconn = curl_init($request);
curl_setopt($cjconn, CURLOPT_POST, TRUE);
curl_setopt($cjconn, CURLOPT_HTTPHEADER, array('Authorization: '.$developerKey));
curl_setopt($cjconn, CURLOPT_SSL_VERIFYPEER, FALSE);
curl_setopt($cjconn, CURLOPT_RETURNTRANSFER, TRUE);
curl_setopt($cjconn, CURLOPT_POSTFIELDS,http_build_query($data));
$result = curl_exec($cjconn);
curl_close($cjconn);
$tokens = json_decode($result,true);
$accesstoken = $tokens['access_token'];
echo $accesstoken."\n";
I tried converting it to the following in Python:
import pycurl, json
url = 'https://api.example.com/token'
data = json.dumps({"grant_type":"password",
"username":"name",
"password":"pass",
"scope":"2346323"})
key = 'Basic VVVfdFdfsjkUIHDfdsjYTpMX3JQSDNJKSFQUkxCM0p0WWFpRklh'
c = pycurl.Curl()
c.setopt(pycurl.URL,url)
c.setopt(pycurl.HTTPHEADER,['Authorization: {}'.format(key)])
c.setopt(pycurl.POST,1)
c.setopt(pycurl.POSTFIELDS,data)
c.perform()
But I get the following error:
<faultstring>String index out of range: -1</faultstring>
How can I correct this, or is there a more pythonic solution?
If anyone is interested in the solution, I came up with the following which worked:
def getToken(self):
"""Retrieves the token from provider"""
#The data to be passed to retrieve the token
tokenData = {'grant_type':'password',
'username':TOKENUSERNAME,
'password':TOKENPASSWORD,
'scope':TOKENSCOPE}
#The header parameters
header_params = {'Authorization':KEY}
#Make the request for the token
r = requests.post(TOKENURL,data=tokenData,headers=header_params)
#Check the status code
if r.status_code not in [200,203]:
self.log.logentry("There was an error retrieving the data from Linkshare: {}:{}".format(r.status_code,r.text))
sys.exit()
#Extract the data from the response
data = r.json()
#Parse the access token
token = {'token':data['access_token'],
'type':data['bearer']}
return token
I have the API request as outlined below which works fine (given the correct replacement of "xxxyyy"!) however I want to perform this call simultaneously with up to 5-10 different remote URLs. In the example below I've shown just 1 remote URL however I have an array of 10,000 urls which I would like to query as quickly as possible, all of which return the same structure in JSON.
After researching the topic I believe this can be done in PHP using Curl Multi, does anyone know if this is true, if so how would I go about this so i can call say 10 at once rather than each one individually?
<?php
$username = "xxxyyyxxxyyyxxxyyyxxxyyy";
$password = "xxxyyyxxxyyyxxxyyyxxxyyyxxxyyyxxxyyyxxxyyyxxxyyy";
$remote_url_1 = 'https://xxxyyyxxxyyyxxxyyyxxxyyy_1.json';
{
$headers = array();
$headers[] = "Authorization: Basic " . base64_encode("$username:$password");
$headers[] = "X-Page:" . $pages;
$opts = array(
'http'=>array(
'method'=>"GET",
'header' => $headers
)
);
$context = stream_context_create($opts);
$file1 = file_get_contents($remote_url, false, $context);
$data = json_decode($file1, true);
$data2 = (array_values($data));
$orderline_id = $data2[0];
$orderline_sale_number = $data2[1];
$orderline_status = $data2[2];
$orderline_notes = $data2[3];
}
}
?>
i write some code in php.
I wanna get last redirecting adress on this is site:
fluege.de
I posting this is;
$dep= "sFlightInput[accDep]=ZRH";
$arr= "sFlightInput[accArr]=VIE";
$depregion= "sFlightInput[accDepRegion]=";
$arrregion= "sFlightInput[accArrRegion]=";
$multidep= "sFlightInput[accMultiAirportDep]=ZRH";
$multiarr= "sFlightInput[accMultiAirportArr]=ZRH";
$ftype = "sFlightInput[flightType]=RT";
$depcity = "sFlightInput[depCity]=Zürich+-+Flughafen+(ZRH)+-+Schweiz";
$arrcity = "sFlightInput[arrCity]=Wien+-+Internationaler+Flughafen+(VIE)+-+Österreich";
$sdate = "sFlightInput[departureDate]=29.03.2014";
$srange = "sFlightInput[departureTimeRange]=2";
$rdate ="sFlightInput[returnDate]=05.04.2014";
$rrange = "sFlightInput[returnTimeRange]=2";
$adt = "sFlightInput[paxAdt]=1";
$chd ="sFlightInput[paxChd]=0";
$inf = "sFlightInput[paxInf]=0";
$cabin = "sFlightInput[cabinClass]=Y";
$airline = "sFlightInput[depAirline]=";
$send = $dep.$arr.$depregion.$arrregion.$multidep.$multiarr.$ftype.$depcity.$arrcity.$sdate.$srange.$rdate.$rrange.$adt.$chd.$inf.$cabin.$airline;
I using this ;
echo getLastEffectiveUrl("http://www.fluege.de/flight/wait/".$send);
And there is function
function getLastEffectiveUrl($url)
{
// initialize cURL
$curl = curl_init($url);
curl_setopt_array($curl, array(
CURLOPT_RETURNTRANSFER => true,
CURLOPT_FOLLOWLOCATION => true,
));
// execute the request
$result = curl_exec($curl);
// fail if the request was not successful
if ($result === false) {
curl_close($curl);
return null;
}
// extract the target url
$redirectUrl = curl_getinfo($curl, CURLINFO_EFFECTIVE_URL);
curl_close($curl);
return $redirectUrl;
}
They code must give this url;
www.fluege.de/wait/?accDep=&accArr=&accDepRegion=&accArrRegion=&accMultiAirportDep=&accMultiAirportArr=&flightType=RT&depCity=Z%FCrich+-+Flughafen+%28ZRH%29+-+Schweiz&arrCity=Wien+-+Internationaler+Flughafen+%28VIE%29+-+%D6sterreich&departureDate=04.04.2014&departureTimeRange=2&returnDate=20.04.2014&returnTimeRange=2&paxAdt=1&paxChd=0&paxInf=0&cabinClass=Y&depAirline=
But i need ;
http://www.fluege.de/flight/encodes/sFlightInput/5f8ccad612bafb69e7693f04cfaf1458/ (etc)
The code you provided does not handle cookies, so if the site you are query'ing requires this, your code won't work.
I checked http://php.net/manual/en/function.curl-setopt.php, but it seems like cURL cannot store cookies in memory. By adding the following line under curl_setopt_array, cookies are kept in a temporary file:
CURLOPT_COOKIEJAR => tempnam(sys_get_temp_dir(), 'cookiejar'),
However, I did not get your specific case to work. I noticed that the URL you create does not contain a question mark, and that the URL that your script creates does not redirect at all; it returns with 200 OK. I checked this using the following shell command:
curl -LI 'http://www.fluege.de/flight/wait/sFlightInput\[accDep\]=ZRHsFlightInput\[accArr\]=VIEsFlightInput\[accDepRegion\]=sFlightInput\[accArrRegion\]=sFlightInput\[accMultiAirportDep\]=ZRHsFlightInput\[accMultiAirportArr\]=ZRHsFlightInput\[flightType\]=RTsFlightInput\[depCity\]=Zürich+-+Flughafen+(ZRH)+-+SchweizsFlightInput\[arrCity\]=Wien+-+Internationaler+Flughafen+(VIE)+-+ÖsterreichsFlightInput\[departureDate\]=29.03.2014sFlightInput\[departureTimeRange\]=2sFlightInput\[returnDate\]=05.04.2014sFlightInput\[returnTimeRange\]=2sFlightInput\[paxAdt\]=1sFlightInput\[paxChd\]=0sFlightInput\[paxInf\]=0sFlightInput\[cabinClass\]=YsFlightInput\[depAirline\]='
If it's unclear what the URL should look like, you should contact fluege.de to ask them how to use their API.
In Bitstamp's API documentation, a client_id is mentioned. It is used to generate a signature.
https://www.bitstamp.net/api/
But I couldn't find how I can get that client_id.
Any hint on that? Many thanks.
Did you register for an API key via their instructions? They say:
To get an API key, go to "Account", "Security" and then "API Access". Set permissions and click "Generate key".`
Once you have the API key, you use a HMAC encoded of the API key, API secret, and your customer/client id. You should be able to get your client id by going to the "Account Balance" page, where I believe it's referred to as your "Customer ID".
Use this code to get idea. This is Ruby code
require 'open-uri'
require 'json'
require 'base64'
require 'openssl'
require 'hmac-sha2'
require 'net/http'
require 'net/https'
require 'uri'
def bitstamp_private_request(method, attrs = {})
secret = "xxx"
key = "xxx"
client_id = "xxx"
nonce = nonce_generator
message = nonce + client_id + key
signature = HMAC::SHA256.hexdigest(secret, message).upcase
url = URI.parse("https://www.bitstamp.net/api/#{method}/")
http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true
data = {
nonce: nonce,
key: key,
signature: signature
}
data.merge!(attrs)
data = data.map { |k,v| "#{k}=#{v}"}.join('&')
headers = {
'Content-Type' => 'application/x-www-form-urlencoded'
}
resp = http.post(url.path, data, headers)
console_log "https://www.bitstamp.net/api/#{method}/"
resp.body
end
def nonce_generator
(Time.now.to_f*1000).to_i.to_s
end
The page where you change password on Bitstamp presents you your client id (contains letters and digits).
I have some probelm with bitstamp api
below is my code php
$message = $nonce.$client_id.$api_key;
$signature = strtoupper(hash_hmac('sha256', $message, $secret_key));
$post_string = 'api_key='.$api_key.'&signature='.$signature.'&nonce='.$nonce;
$url = "https://www.bitstamp.net/api/balance/";
$ch = curl_init();
curl_setopt($ch,CURLOPT_URL,$url);
curl_setopt($ch,CURLOPT_RETURNTRANSFER,1);
curl_setopt($ch,CURLOPT_CONNECTTIMEOUT, 4);
curl_setopt($ch,CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_POSTFIELDS, $post_string);
$json = curl_exec($ch);
if(!$json) {
echo curl_error($ch);
}
curl_close($ch);
$tempData = json_decode($json);
print_r($tempData);<br>
Output:
stdClass Object ( [error] => Missing key, signature and nonce parameters )