I am trying to link up with Walmart.io API to get some data from their resources. But I am stuck up in the first phase.
According to Walmart.io Quick Start Doc (https://walmart.io/docs/affiliate/quick-start-guide) I am supposed to follow following steps:
Create an account with Walmart.io
Create an application for Web Application
Generate a certificate ( According to their guide there should be some feature to autogenerate the certificate, but I didn't find it)
Upload public key to the application
We will get consumer id and key version using which along with private key, we can make a request. We need to add additional headers that includes Signature and Timestamp too.
So, I did everything, but it still isn't working.
I am using Open SSL to generate private and public key as suggested by them: https://walmart.io/key-tutorial
I tried avoiding -des3 so that it doesn't ask me for passphrase too, but it didn't work either.
Here is the script I tried with
curl --location --request GET 'https://developer.api.walmart.com/api-proxy/service/affil/product/v2/taxonomy' \
--header 'WM_SEC.KEY_VERSION: 2' \
--header 'WM_CONSUMER.ID: <Consumer_ID>' \
--header 'WM_CONSUMER.INTIMESTAMP: 1594389945813' \
--header 'WM_SEC.AUTH_SIGNATURE: W5PEHIew3LsnATk0zxJddeo416YEpMIjvk1b7lW9VMIZFx55erc/5df/FK9UtS5i48q057oASo0AX3SDd2hx+QSeyiX3FtLAgAgiZnGqQ6nJndySWgL5ih/GaUTXIC6dd048GFEZlC6axXdGoTWNzX9P0n/2DwLF9EtvMjdvjB1kum0z2xKz/lQGlvnjVkGK9sZdSUa5rfgxKSPi7ix+LRIJWYwt6mTKUlGz2vP1YjGcZ7gVwAs9o8iFC//0rHUWFwaEGrT0aZJtS7fvSFtKj5NRfemX4fwRO4cgBRxPWy9MRooQwXPmKxRP75PxHKTerv8X6HvRo0GdGut+2Krqxg==' \
And the response I get is
{
"details": {
"Description": "Could not authenticate in-request, auth signature : Signature verification failed: affil-product, version: 2.0.0, env: prod",
"wm_svc.version": "2.0.0",
"wm_svc.name": "affil-product",
"wm_svc.env": "prod"
}
}
Hope someone gives me some insight into this problem.
Thanks in advance
I've had this issue before, it looks like the format of the data you are trying to sign is incorrect.
In node, the content of the template string should look like this: ${consumerId}\n${timeStamp}\n${keyVersion}\n
Turns out it was issue with generated Signature (That explains why it worked after I changed the script.
Thus here is the script that worked fine:
<?php
use GuzzleHttp\Psr7;
use GuzzleHttp\Exception\RequestException;
class Walmart{
private $host;
private $consumer_id;
private $private_key_file;
private $headers;
private $sec_key_version;
private $client;
private $options;
public function __construct($config){
$this->host = $config['host'];
$this->consumer_id = $config['consumer_id'];
$this->private_key_file = $config['private_key_file'];
$this->sec_key_version = $config['sec_key_version'];
$this->options = array();
$this->client = new GuzzleHttp\Client();
}
public function lookup_product($publisher_id='', $ids='', $upc='', $format='json'){
$this->load_options();
$url_params = array(
'format' => $format,
);
if($publisher_id){
$url_params['publisher_id'] = $publisher_id;
}
if($ids){
$url_params['ids'] = $ids;
}
if($upc){
$url_params['upc'] = $upc;
}
$query = http_build_query($url_params);
$url = $this->host . '/product/v2/items?'.$query;
try {
$res = $this->client->request('GET', $url, $this->options);
$body = $res->getBody();
if($res->getStatusCode() == 200){
return $this->response(false, json_decode($body, true));
}else{
return $this->response(array(
'title' => 'Unable to get products',
'stack' => $body,
));
}
} catch (RequestException $e) {
$err = Psr7\str($e->getRequest());
if ($e->hasResponse()) {
$err .= Psr7\str($e->getResponse());
}
return $this->response(array(
'title' => 'Unable to get products',
'stack' => $err,
));
}
}
private function load_options(){
$timestamp = time()*1000;
$this->options = array(
'debug' => (defined("DEBUG") && DEBUG) ? true: false,
'headers' => array(
'WM_SEC.KEY_VERSION' => $this->sec_key_version,
'WM_CONSUMER.ID' => $this->consumer_id,
'WM_CONSUMER.INTIMESTAMP' => $timestamp,
'WM_SEC.AUTH_SIGNATURE' => $this->get_signature($timestamp),
)
);
}
private function get_signature($timestamp){
$message = $this->consumer_id."\n".$timestamp."\n".$this->sec_key_version."\n";
$pkeyid = openssl_pkey_get_private("file://".$this->private_key_file);
openssl_sign($message, $signature, $pkeyid, OPENSSL_ALGO_SHA256);
$signature = base64_encode($signature);
openssl_free_key($pkeyid);
return $signature;
}
private function response($err, $data=false){
return array(
'error' => $err,
'data' => $data,
);
}
}
Note: It uses guzzlehttp/guzzle library for HTTP Request
Here is a full example based on Abiral's post above:
<?php
/**
* Sample script to sign and send a request to the Walmart Affiliate Marketing API.
*
* https://walmart.io/docs/affiliate/introduction
*
* Usage:
* 1. Fill out the required variables at the top of this script.
* 2. Install dependencies via composer install.
* 3. Run via php index.php or by opening this script in a browser.
*
* Acknowledgements:
* Abiral Neupane at https://stackoverflow.com/a/62847241/1120652
* #gorenstein at https://gitter.im/IO-support/community?at=5f2e5d2051bb7d3380d9b58b
*/
include './vendor/autoload.php';
use \GuzzleHttp\Client;
/**
* Create an account at Walmart.io. Then create an application. Then follow the
* steps at https://walmart.io/key-tutorial to create a set of keys. Upload
* the public key (its contents start with BEGIN PUBLIC KEY) into the
* production environment of the application that you created.
*/
$consumer_id = 'Paste here the consumer id that you will see in your application details after pasting the public key';
$key = 'Paste here the private key. Full, including BEGIN and END PRIVATE KEY lines.';
$version = '1';
$timestamp = round(microtime(true) * 1000);
$message = $consumer_id . "\n" . $timestamp . "\n" . $version . "\n";
$pkeyid = openssl_pkey_get_private($key);
openssl_sign($message, $signature, $pkeyid, OPENSSL_ALGO_SHA256);
$signature = base64_encode($signature);
openssl_free_key($pkeyid);
$api = 'https://developer.api.walmart.com';
$product_resource = 'api-proxy/service/affil/product/v2/items/316226539';
$client = new Client(['base_uri' => $api]);
$response = $client->get($product_resource, [
'headers' => [
'WM_SEC.KEY_VERSION' => $version,
'WM_CONSUMER.ID' => $consumer_id,
'WM_CONSUMER.INTIMESTAMP' => $timestamp,
'WM_SEC.AUTH_SIGNATURE' => $signature,
]
]);
print_r(json_decode($response->getBody()->__toString()));
I published the above at https://github.com/juampynr/walmart-api-v2-php
Related
I have tried using oAuth2 to use the google cloud platform api, but my redirect url(get_oauth_token.php in PHPMailer is the file I used) couldn't find composer's autoload file : vendor/autoload.php, even though I have composer and guzzle downloaded and running. Are there any other files that I should download or another way to autoload that file?
Here's get_oauth_token.php in case you haven't seen it(didn't post client id on here)
<?php
/**
* Get an OAuth2 token from Google.
* * Install this script on your server so that it's accessible
* as [https/http]://<yourdomain>/<folder>/get_oauth_token.php
* e.g.: http://localhost/phpmail/get_oauth_token.php
* * Ensure dependencies are installed with 'composer install'
* * Set up an app in your Google developer console
* * Set the script address as the app's redirect URL
* If no refresh token is obtained when running this file, revoke access to your app
* using link: https://accounts.google.com/b/0/IssuedAuthSubTokens and run the script again.
* This script requires PHP 5.4 or later
* PHP Version 5.4
*/
namespace League\OAuth2\Client\Provider;
//composer require PHPMailer/PHPMailer;
require 'vendor/autoload.php';
//require_once(__DIR__.'/PHPMailer/PHPMailer-master/vendor/autoload.php');
use League\OAuth2\Client\Provider\Exception\IdentityProviderException;
use League\OAuth2\Client\Token\AccessToken;
use League\OAuth2\Client\Tool\BearerAuthorizationTrait;
use Psr\Http\Message\ResponseInterface;
session_start();
//If this automatic URL doesn't work, set it yourself manually
$redirectUri ='http://localhost:8080/phpmailer/get_oauth_token.php';
//$redirectUri = 'http://localhost/phpmailer/get_oauth_token.php';
//These details obtained are by setting up app in Google developer console.
$clientId = '';
$clientSecret = '';
class Google extends AbstractProvider
{
use BearerAuthorizationTrait;
const ACCESS_TOKEN_RESOURCE_OWNER_ID = 'id';
/**
* #var string If set, this will be sent to google as the "access_type" parameter.
* #link https://developers.google.com/accounts/docs/OAuth2WebServer#offline
*/
protected $accessType;
/**
* #var string If set, this will be sent to google as the "hd" parameter.
* #link https://developers.google.com/accounts/docs/OAuth2Login#hd-param
*/
protected $hostedDomain;
/**
* #var string If set, this will be sent to google as the "scope" parameter.
* #link https://developers.google.com/gmail/api/auth/scopes
*/
protected $scope;
public function getBaseAuthorizationUrl()
{
return 'https://accounts.google.com/o/oauth2/auth';
}
public function getBaseAccessTokenUrl(array $params)
{
return 'https://accounts.google.com/o/oauth2/token';
}
public function getResourceOwnerDetailsUrl(AccessToken $token)
{
return ' ';
}
protected function getAuthorizationParameters(array $options)
{
if (is_array($this->scope)) {
$separator = $this->getScopeSeparator();
$this->scope = implode($separator, $this->scope);
}
$params = array_merge(
parent::getAuthorizationParameters($options),
array_filter([
'hd' => $this->hostedDomain,
'access_type' => $this->accessType,
'scope' => $this->scope,
// if the user is logged in with more than one account ask which one to use for the login!
'authuser' => '-1'
])
);
return $params;
}
protected function getDefaultScopes()
{
return [
'email',
'openid',
'profile',
];
}
protected function getScopeSeparator()
{
return ' ';
}
protected function checkResponse(ResponseInterface $response, $data)
{
if (!empty($data['error'])) {
$code = 0;
$error = $data['error'];
if (is_array($error)) {
$code = $error['code'];
$error = $error['message'];
}
throw new IdentityProviderException($error, $code, $data);
}
}
protected function createResourceOwner(array $response, AccessToken $token)
{
return new GoogleUser($response);
}
}
//Set Redirect URI in Developer Console as [https/http]://<yourdomain>/<folder>/get_oauth_token.php
$provider = new Google(
array(
'clientId' => $clientId,
'clientSecret' => $clientSecret,
'redirectUri' => $redirectUri,
'scope' => array('https://mail.google.com/'),
'accessType' => 'offline'
)
);
if (!isset($_GET['code'])) {
// If we don't have an authorization code then get one
$authUrl = $provider->getAuthorizationUrl();
$_SESSION['oauth2state'] = $provider->getState();
header('Location: ' . $authUrl);
exit;
// Check given state against previously stored one to mitigate CSRF attack
} elseif (empty($_GET['state']) || ($_GET['state'] !== $_SESSION['oauth2state'])) {
unset($_SESSION['oauth2state']);
exit('Invalid state');
} else {
// Try to get an access token (using the authorization code grant)
$token = $provider->getAccessToken(
'authorization_code',
array(
'code' => $_GET['code']
)
);
// Use this to get a new access token if the old one expires
echo 'Refresh Token: ' . $token->getRefreshToken();
}
You might be forgeting the file path in this case.
Try require "/path/to/vendor/autoload.php";
I installed league/oauth2-client with composer and it created this line in composer.json
"league/oauth2-client": "2.2.0"
When I refreshed get_oauth_token.php page, this error still came out:
Fatal error: Class 'League\OAuth2\Client\Provider\AbstractProvider'
not found in C:\xampp\htdocs...\PHPMailer\get_oauth_token.php on
line 35
Here's get_oauth_token.php
<?php
/**
* Get an OAuth2 token from Google.
* * Install this script on your server so that it's accessible
* as [https/http]://<yourdomain>/<folder>/get_oauth_token.php
* e.g.: http://localhost/phpmail/get_oauth_token.php
* * Ensure dependencies are installed with 'composer install'
* * Set up an app in your Google developer console
* * Set the script address as the app's redirect URL
* If no refresh token is obtained when running this file, revoke access to your app
* using link: https://accounts.google.com/b/0/IssuedAuthSubTokens and run the script again.
* This script requires PHP 5.4 or later
* PHP Version 5.4
*/
namespace League\OAuth2\Client\Provider;
require './vendor/autoload.php';
use League\OAuth2\Client\Provider\Exception\IdentityProviderException;
use League\OAuth2\Client\Token\AccessToken;
use League\OAuth2\Client\Tool\BearerAuthorizationTrait;
use Psr\Http\Message\ResponseInterface;
session_start();
//If this automatic URL doesn't work, set it yourself manually
$redirectUri = isset($_SERVER['HTTPS']) ? 'https://' : 'http://' . $_SERVER['HTTP_HOST'] . $_SERVER['PHP_SELF'];
//$redirectUri = 'http://localhost/phpmailer/get_oauth_token.php';
//These details obtained are by setting up app in Google developer console.
$clientId = 'RANDOMCHARS-----duv1n2.apps.googleusercontent.com';
$clientSecret = 'RANDOMCHARS-----lGyjPcRtvP';
class Google extends AbstractProvider
{
use BearerAuthorizationTrait;
const ACCESS_TOKEN_RESOURCE_OWNER_ID = 'id';
/**
* #var string If set, this will be sent to google as the "access_type" parameter.
* #link https://developers.google.com/accounts/docs/OAuth2WebServer#offline
*/
protected $accessType;
/**
* #var string If set, this will be sent to google as the "hd" parameter.
* #link https://developers.google.com/accounts/docs/OAuth2Login#hd-param
*/
protected $hostedDomain;
/**
* #var string If set, this will be sent to google as the "scope" parameter.
* #link https://developers.google.com/gmail/api/auth/scopes
*/
protected $scope;
public function getBaseAuthorizationUrl()
{
return 'https://accounts.google.com/o/oauth2/auth';
}
public function getBaseAccessTokenUrl(array $params)
{
return 'https://accounts.google.com/o/oauth2/token';
}
public function getResourceOwnerDetailsUrl(AccessToken $token)
{
return ' ';
}
protected function getAuthorizationParameters(array $options)
{
if (is_array($this->scope)) {
$separator = $this->getScopeSeparator();
$this->scope = implode($separator, $this->scope);
}
$params = array_merge(
parent::getAuthorizationParameters($options),
array_filter([
'hd' => $this->hostedDomain,
'access_type' => $this->accessType,
'scope' => $this->scope,
// if the user is logged in with more than one account ask which one to use for the login!
'authuser' => '-1'
])
);
return $params;
}
protected function getDefaultScopes()
{
return [
'email',
'openid',
'profile',
];
}
protected function getScopeSeparator()
{
return ' ';
}
protected function checkResponse(ResponseInterface $response, $data)
{
if (!empty($data['error'])) {
$code = 0;
$error = $data['error'];
if (is_array($error)) {
$code = $error['code'];
$error = $error['message'];
}
throw new IdentityProviderException($error, $code, $data);
}
}
protected function createResourceOwner(array $response, AccessToken $token)
{
return new GoogleUser($response);
}
}
//Set Redirect URI in Developer Console as [https/http]://<yourdomain>/<folder>/get_oauth_token.php
$provider = new Google(
array(
'myClientId' => $clientId, //already inserted
'myClientSecret' => $clientSecret, //already inserted
'myRedirectUri' => $redirectUri, //already inserted
'scope' => array('https://mail.google.com/'),
'accessType' => 'offline'
)
);
if (!isset($_GET['code'])) {
// If we don't have an authorization code then get one
$authUrl = $provider->getAuthorizationUrl();
$_SESSION['oauth2state'] = $provider->getState();
header('Location: ' . $authUrl);
exit;
// Check given state against previously stored one to mitigate CSRF attack
} elseif (empty($_GET['state']) || ($_GET['state'] !== $_SESSION['oauth2state'])) {
unset($_SESSION['oauth2state']);
exit('Invalid state');
} else {
// Try to get an access token (using the authorization code grant)
$token = $provider->getAccessToken(
'authorization_code',
array(
'code' => $_GET['code']
)
);
// Use this to get a new access token if the old one expires
echo 'Refresh Token: ' . $token->getRefreshToken();
}
Can you explain me in detail what to do after having installed league/oauth2-client through composer require league/oauth2-client?
Thank you.
Had a similar issue and discovered its not stated explicitly in the official tutorial here.
The library league/oauth2-client requires you to install the provider you need seperately as there are multiple providers both official and third party here.
For google provider you would need
composer require league/oauth2-google
And refer to it like this
use League\OAuth2\Client\Provider\Google;
When I try to access phpmailer/get_outh_token.php to get refresh token server returns:
HTTP ERROR 500
Client ID, Secret key and redirect Uri are correct, and i am using it already in Wordpress.
I have downloaded last version of phpmailer, also tested with old version with same result.
I found what cause this, it is this part:
namespace League\OAuth2\Client\Provider;
When I remove it, then script loads with errors of course because
Provider namespace is not loaded.
Website working on PHP 7.
This is full code of get_outh_token.php, and it is original (just credentials are different of course):
<?php
error_reporting(E_ALL);
ini_set('display_errors', 'On');
/**
* Get an OAuth2 token from Google.
* * Install this script on your server so that it's accessible
* as [https/http]://<yourdomain>/<folder>/get_oauth_token.php
* e.g.: http://localhost/phpmail/get_oauth_token.php
* * Ensure dependencies are installed with 'composer install'
* * Set up an app in your Google developer console
* * Set the script address as the app's redirect URL
* If no refresh token is obtained when running this file, revoke access to your app
* using link: https://accounts.google.com/b/0/IssuedAuthSubTokens and run the script again.
* This script requires PHP 5.4 or later
* PHP Version 5.4
*/
namespace League\OAuth2\Client\Provider; //when i remove this line, than page load without 500, but with errors.
require 'vendor/autoload.php';
use League\OAuth2\Client\Provider\Exception\IdentityProviderException;
use League\OAuth2\Client\Token\AccessToken;
use League\OAuth2\Client\Tool\BearerAuthorizationTrait;
use Psr\Http\Message\ResponseInterface;
session_start();
//If this automatic URL doesn't work, set it yourself manually
$redirectUri = 'https://www.secret.co/phpmailer/get_oauth_token.php';
//These details obtained are by setting up app in Google developer console.
$clientId = 'secret.apps.googleusercontent.com';
$clientSecret = 'secret';
class Google extends AbstractProvider
{
use BearerAuthorizationTrait;
const ACCESS_TOKEN_RESOURCE_OWNER_ID = 'id';
/**
* #var string If set, this will be sent to google as the "access_type" parameter.
* #link https://developers.google.com/accounts/docs/OAuth2WebServer#offline
*/
protected $accessType;
/**
* #var string If set, this will be sent to google as the "hd" parameter.
* #link https://developers.google.com/accounts/docs/OAuth2Login#hd-param
*/
protected $hostedDomain;
/**
* #var string If set, this will be sent to google as the "scope" parameter.
* #link https://developers.google.com/gmail/api/auth/scopes
*/
protected $scope;
public function getBaseAuthorizationUrl()
{
return 'https://accounts.google.com/o/oauth2/auth';
}
public function getBaseAccessTokenUrl(array $params)
{
return 'https://accounts.google.com/o/oauth2/token';
}
public function getResourceOwnerDetailsUrl(AccessToken $token)
{
return ' ';
}
protected function getAuthorizationParameters(array $options)
{
if (is_array($this->scope)) {
$separator = $this->getScopeSeparator();
$this->scope = implode($separator, $this->scope);
}
$params = array_merge(
parent::getAuthorizationParameters($options),
array_filter([
'hd' => $this->hostedDomain,
'access_type' => $this->accessType,
'scope' => $this->scope,
// if the user is logged in with more than one account ask which one to use for the login!
'authuser' => '-1'
])
);
return $params;
}
protected function getDefaultScopes()
{
return [
'email',
'openid',
'profile',
];
}
protected function getScopeSeparator()
{
return ' ';
}
protected function checkResponse(ResponseInterface $response, $data)
{
if (!empty($data['error'])) {
$code = 0;
$error = $data['error'];
if (is_array($error)) {
$code = $error['code'];
$error = $error['message'];
}
throw new IdentityProviderException($error, $code, $data);
}
}
protected function createResourceOwner(array $response, AccessToken $token)
{
return new GoogleUser($response);
}
}
//Set Redirect URI in Developer Console as [https/http]://<yourdomain>/<folder>/get_oauth_token.php
$provider = new Google(
array(
'clientId' => $clientId,
'clientSecret' => $clientSecret,
'redirectUri' => $redirectUri,
'scope' => array('https://mail.google.com/'),
'accessType' => 'offline'
)
);
if (!isset($_GET['code'])) {
// If we don't have an authorization code then get one
$authUrl = $provider->getAuthorizationUrl();
$_SESSION['oauth2state'] = $provider->getState();
header('Location: ' . $authUrl);
exit;
// Check given state against previously stored one to mitigate CSRF attack
} elseif (empty($_GET['state']) || ($_GET['state'] !== $_SESSION['oauth2state'])) {
unset($_SESSION['oauth2state']);
exit('Invalid state');
} else {
// Try to get an access token (using the authorization code grant)
$token = $provider->getAccessToken(
'authorization_code',
array(
'code' => $_GET['code']
)
);
// Use this to get a new access token if the old one expires
echo 'Refresh Token: ' . $token->getRefreshToken();
}
I know this question is old, but I was having same issue.
All I did was to install league/oauth2-google via composer
composer require league/oauth2-google
This helped me figure it out
Hope it help some else.
So after reading the documentation of youtube api I have successfully make an oauth connection for youtube account on my server side app but I failed to find a solution on how to get channel views by using this data I obtained.
So my code looks like this (the PHP part):
class YouTube {
protected $token;
protected $params = [];
/**
* YouTube constructor.
*
* #param null $id
*/
public function __construct($id = null)
{
if ($id) {
$this->token = $this->getToken($id);
}
}
/**
* Get api authorization
*
* #return string
*/
public function getAuthorizationUrl()
{
// Make redirect
$this->params = [
'client_id' => '########',
'redirect_uri' => '######',
'scope' => 'https://gdata.youtube.com&',
'response_type'=> 'code&',
'access_type' => 'offline'
];
$redirect_url = 'https://accounts.google.com/o/oauth2/auth?' . http_build_query($this->params);
return $redirect_url;
}
/**
* Get API token and save account list to db
*
* #param $code
*
* #return \App\Models\DynamicDashboard\ThirdPartyAccounts
*/
public function getCallbackUrl($code)
{
// Grab the returned code and extract the access token.
$this->params = [
'code' => $code,
'client_id' => '####',
'client_secret' => '#####',
'redirect_uri' => '#######',
'grant_type' => 'authorization_code'
];
// Get access token
$command = 'curl --data "' . http_build_query($this->params) . '" https://accounts.google.com/o/oauth2/token';
exec($command, $resultToken);
$resultToken = json_decode($resultToken[0]);
// Do a request using the access token to get the list of accounts.
$command = 'curl -H "Authorization: Bearer ' . $resultToken->access_token . '" https://accounts.google.com/o/oauth2.json';
exec($command, $result);
$result = json_decode($result[0]);
// Save data to db
$account = new ThirdPartyAccounts();
$account->account_id = $result->identity->id;
$account->type = 'youtube';
$account->name = $result->identity->first_name . ' ' . $result->identity->last_name;
$account->extra_details = json_encode([
'access_token' => $resultToken->access_token,
'token_type' => $resultToken->token_type,
'expires_in' => $resultToken->expires_in,
'refresh_token' => $resultToken->refresh_token
]);
$account->save();
return $account;
}
/**
* Get API token
*
* #param $id
*
* #return mixed
*/
private function getToken($id)
{
$mainAccount = ThirdPartyAccounts::find($id);
$youtubeToken = json_decode($mainAccount->extra_details);
return $youtubeToken;
}
}
But I don't know how to make use of this data, I don't know how to write the method required to get the channel views for the last 30 days (with data for every day).
Sorry but I really don't know enough about api connection in order to understand what to do so if you would be so kind as to explain to me what to do any help would be welcomed. Thank you all in advance for your time!
You can use the reports.query method to do this. It lets you retrieve many different Analytics reports. Each request uses query parameters to specify a channel ID or content owner, a start date, an end date, and at least one metric. You can also provide additional query parameters, such as dimensions, filters, or sorting instructions.
There's an example in the link provided to retrieve last 30 days but it's written in App Script:
var analyticsResponse = YouTubeAnalytics.Reports.query(
'channel==' + channelId,
oneMonthAgoFormatted,
todayFormatted,
'views,likes,dislikes,shares',
{
dimensions: 'day',
sort: '-day'
});
To do this in PHP, I suggest looking at the Youtube PHP code samples. It is rife with guide and instructions.
I am trying to start with OAuth 1.0 in PHP and I faced weird problem. I created pseudo-Consumer which generates signature according to specification and sends it with used parameters via POST to Provider. Consumer uses:
$oauth_consumer_key = '123';
$oauth_consumer_secret = '456';
$oauth_signature_method = 'HMAC-SHA1';
$oauth_timestamp = time();
$oauth_nonce = uniqid();
$oauth_version = '1.0';
$oauth_callback = 'http://localhost/oauth/callback';
$oauth = new OAuth($oauth_consumer_key, $oauth_consumer_secret);
$oauth->enableDebug();
$oauth_signature = $oauth->generateSignature('POST', $oauth_callback, array($oauth_consumer_key, $oauth_signature_method, $oauth_timestamp, $oauth_nonce, $oauth_version));
On Providers side everything seems to work as intended. All values are received:
object(OAuthProvider)[1]
public 'consumer_key' => string '123' (length=3)
public 'consumer_secret' => string '456' (length=3)
public 'nonce' => string '5390610001c90' (length=13)
public 'token' => null
public 'token_secret' => null
public 'timestamp' => string '1401970944' (length=10)
public 'version' => string '1.0' (length=3)
public 'signature_method' => string 'HMAC-SHA1' (length=9)
public 'callback' => string 'http://localhost/oauth/callback' (length=31)
public 'request_token_endpoint' => boolean true
public 'signature' => string '8lNbnGTOen4TEOHS9KcpgCiBl+M=' (length=28)
But this is the end of honeymoon - attempt to verify signature causes error: signature_invalid. This is what I used on Providers side:
$provider = new OAuthProvider();
$provider->isRequestTokenEndpoint(true);
$provider->consumerHandler('lookupConsumer');
$provider->timestampNonceHandler('timestampNonceChecker');
try
{
$request_verified = $provider->checkOAuthRequest();
}
catch(OAuthException $e)
{
echo $provider->reportProblem($e);
}
and what I receive as an problem report:
oauth_problem=signature_invalid&debug_sbs=POST&http%3A%2F%2Flocalhost%2Foauth%2Fcustom_auth%2Frequest_token.php&oauth_callback%3Dhttp%253A%252F%252Flocalhost%252Foauth%252Fcallback%26oauth_consumer_key%3D123%26oauth_nonce%3D5390610001c90%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1401970944%26oauth_version%3D1.0
As an addition what baffles me is that when I use generateSignature for the same constant parameters (for debugging I set timestamp and nonce to constant values) it gives me every time different value like if there still was some random element I am not aware of. As a validation sample - hash_hmac does not have such issue.
Am I missing something or is there a problem with official PHP OAuth implementation (http://pecl.php.net/package/oauth)?
I have been scratching my head with this exact question for almost a week now because of lack of documentation but this is what solved everything for me.
It seems the OAuth class does its own request signing. I had done the exact same steps as you to no avail but once I removed all the parameters and just called fetch/getRequestToken on my url it all worked.
My code that works
$consumer_key = 'key';
$consumer_secret = 'secret';
$request_token_url = 'http://someurl.com/oauth/request-token';
$oauth = new OAuth($consumer_key, $consumer_secret);
$oauth->enableDebug(); //helpful debug
try {
$oauth->getRequestToken($request_token_url);
} catch (OAuthException $e) {
echo OAuthProvider::reportProblem($e); //easier to debug oauth exceptions
}
//this should hold the `request_token` and `request_token_secret` parameters for you to call getAccessToken
$response = json_decode($oauth->getLastResponse());
I have my own provider set up at http://someurl.com/oauth/request-token that looks like:
$provider = new OAuthProvider();
$provider->consumerHandler(array($this,'consumerHandler'));
$provider->timestampNonceHandler(array($this,'timestampNonceHandler'));
$provider->tokenHandler(array($this,'tokenHandler'));
$provider->setRequestTokenPath('/oauth/request-token');
try {
$request_verified = $provider->checkOAuthRequest();
} catch(OAuthException $e) {
echo $provider->reportProblem($e);
}
//provider now holds all the required timestamp, nonce, and signature
I hope this helps, even though it's a year after