I am developing an etsy application on Node.js and I need to use OAuth to access app user's accounts.
Etsy provides the following PHP example:
$base_uri = 'https://openapi.etsy.com';
$api_key = 'YOURAPIKEY';
$secret = 'YOURSECRET';
$oauth = new OAuth($api_key, $secret);
$req_token = $oauth->getRequestToken($base_uri . '/v2/oauth/request_token?scope=', 'oob', "GET");
$login_url = $req_token['login_url'];
print "Please log in and allow access: $login_url \n\n";
$verifier = readline("Please enter verifier: ");
$verifier = trim($verifier);
$oauth->setToken($req_token['oauth_token'], $req_token['oauth_token_secret']);
$acc_token = $oauth->getAccessToken("https://openapi.etsy.com/v2/oauth/access_token", null, $verifier, "GET");
$oauth_token = $acc_token['oauth_token'];
$oauth_token_secret = $acc_token['oauth_token_secret'];
$oauth->setToken($oauth_token, $oauth_token_secret);
print "Token: $oauth_token \n\n";
print "Secret: $oauth_token_secret \n\n";
Must of this seems pretty straght forward. Obvously,the first few lines would become:
const base_uri = 'https://openapi.etsy.com';
var api_key = 'YOURAPIKEY';
var secret = 'YOURSECRET'
So how would I convert the rest into javascript/Node.js? Is there an OAuth package for Node?
Yes, multiple libraries exist in the Node ecosystem: https://www.npmjs.com/search?q=oauth2
Related
Using the default Tumblr v2 API, I'm able to connect to my application, and retrieve posts from my own account. However, I'd like users to be able to connect their own accounts. I've tried to figure this out but I'm not entirely sure how to use OAuth (im using this class). How is this done?
The code I'm using to retrieve dashboard posts is:
$consumerKey = 'xxx';
$consumerSecret = 'xxx';
$tumblr = new Tumblr\API\Client(
$consumerKey,
$consumerSecret
);
var_dump( $tumblr->getDashboardPosts() ); // using var_dump for testing purposes only
This code works, but it's only returning the code for my PERSONAL account.
I figured it out, thanks to Github user seejohnrun.
require_once 'include/util.php';
$consumerKey = 'XXX';
$consumerSecret = 'XXX';
$client = new Tumblr\API\Client($consumerKey, $consumerSecret);
$requestHandler = $client->getRequestHandler();
$requestHandler->setBaseUrl('https://www.tumblr.com/');
// If we are visiting the first time
if (!$_GET['oauth_verifier']) {
// grab the oauth token
$resp = $requestHandler->request('POST', 'oauth/request_token', array());
$out = $result = $resp->body;
$data = array();
parse_str($out, $data);
// tell the user where to go
echo ' GO ';
$_SESSION['t']=$data['oauth_token'];
$_SESSION['s']=$data['oauth_token_secret'];
} else {
$verifier = $_GET['oauth_verifier'];
// use the stored tokens
$client->setToken($_SESSION['t'], $_SESSION['s']);
// to grab the access tokens
$resp = $requestHandler->request('POST', 'oauth/access_token', array('oauth_verifier' => $verifier));
$out = $result = $resp->body;
$data = array();
parse_str($out, $data);
// and print out our new keys we got back
$token = $data['oauth_token'];
$secret = $data['oauth_token_secret'];
echo "token: " . $token . "<br/>secret: " . $secret;
// and prove we're in the money
$client = new Tumblr\API\Client($consumerKey, $consumerSecret, $token, $secret);
$info = $client->getUserInfo();
echo "<br/><br/>congrats " . $info->user->name . "!";
}
i am using abrahams php library for twitter api v 1.1.
my code:
(index.php)
/LOADING LIBRARY
require "twitteroauth/autoload.php";
use Abraham\TwitterOAuth\TwitterOAuth;
//TWITTER APP KEYS
$consumer_key = 'MY CONSUMER KEY';
$consumer_secret = 'MY CONSUMER SECRET';
//CONNECTION TO THE TWITTER APP TO ASK FOR A REQUEST TOKEN
$connection = new TwitterOAuth($consumer_key, $consumer_secret);
$request_token = $connection->oauth("oauth/request_token", array("oauth_callback" => "callbackurl"));
//callback is set to where the rest of the script is
//TAKING THE OAUTH TOKEN AND THE TOKEN SECRET AND PUTTING THEM IN COOKIES (NEEDED IN THE NEXT SCRIPT)
$oauth_token=$request_token['oauth_token'];
$token_secret=$request_token['oauth_token_secret'];
setcookie("token_secret", " ", time()-3600);
setcookie("token_secret", $token_secret, time()+60*10);
setcookie("oauth_token", " ", time()-3600);
setcookie("oauth_token", $oauth_token, time()+60*10);
//GETTING THE URL FOR ASKING TWITTER TO AUTHORIZE THE APP WITH THE OAUTH TOKEN
$url = $connection->url("oauth/authorize", array("oauth_token" => $oauth_token));
//REDIRECTING TO THE URL
header('Location: ' . $url);
callbackurl:
/**
* users gets redirected here from twitter (if user allowed you app)
* you can specify this url in https://dev.twitter.com/ and in the previous script
*/
//LOADING LIBRARY
require "twitteroauth/autoload.php";
use Abraham\TwitterOAuth\TwitterOAuth;
//TWITTER APP KEYS
$consumer_key = 'MY CONSUMER KEY';
$consumer_secret = 'MY CONSUMER SECRET';
//GETTING ALL THE TOKEN NEEDED
$oauth_verifier = $_GET['oauth_verifier'];
$token_secret = $_COOKIE['token_secret'];
$oauth_token = $_COOKIE['oauth_token'];
//EXCHANGING THE TOKENS FOR OAUTH TOKEN AND TOKEN SECRET
$connection = new TwitterOAuth($consumer_key, $consumer_secret, $oauth_token, $token_secret);
$access_token = $connection->oauth("oauth/access_token", array("oauth_verifier" => $oauth_verifier));
$accessToken=$access_token['oauth_token'];
$secretToken=$access_token['oauth_token_secret'];
//DISPLAY THE TOKENS
echo "<b>Access Token : </b>".$accessToken."<br />";
echo "<b>Secret Token : </b>".$secretToken."<br />";
$statues = $connection->get("statuses/home_timeline", array("count" => 25, "exclude_replies" => true));
echo '<pre>';
var_dump($statues);
echo '</pre>';
when i run index.php i get redirected to twitters authorization page. when i authorize the app the access token and secret token get printed on the screen yet i get an error: "Invalid or expired token"
i have searched everywhere and i dont understand what i did wrong...
plaease help!
Try application only authentication:
https://dev.twitter.com/oauth/application-only
I've followed the directions posted in this stackoverflow question, but I am stuck.
I am using tumblr/tumblr.php from Github (the official "PHP client for the tumblr API").
I am also following directions here (which are actually for twitter), but those directions aren't tailored for the git library I am using.
I have a valid consumer key and secret.
From those I make a request and get oauth_token and oauth_token_secret like so:
$client = new Tumblr\API\Client($consumerKey,$consumerSecret);
$client->getRequestHandler()->setBaseUrl('https://www.tumblr.com/');
$req = $client->getRequestHandler()->request('POST', 'oauth/request_token', [
'oauth_callback' => '...',
]);
// Get the result
$result = $req->body->__toString();
print_r( $result );
Which gives me:
oauth_token=2C6f...MqSF&oauth_token_secret=HaGh...IJLi&oauth_callback_confirmed=true
Then I send the user to the http://www.tumblr.com/oauth/authorize?oauth_token=2C6f...MqSF, so they can allow access for the app. This redirects to: ...?oauth_token=2C6f...MqSF&oauth_verifier=nvjl...GtEa#_=_
And now in the final step I believe I am supposed to convert my request token to an access token. Is that right? I am doing something wrong:
$client = new Tumblr\API\Client($consumerKey,$consumerSecret);
$client->getRequestHandler()->setBaseUrl('https://www.tumblr.com/');
$req = $client->getRequestHandler()->request('POST', 'oauth/access_token', [
'oauth_token' => '2C6f...MqSF',
'oauth_verifier' => 'nvjl...GtEa'
]);
// Get the result
$result = $req->body->__toString();
print_r( $result );
because I get responses like this one:
oauth_signature [AqbbYs0XSZ7plqB0V3UQ6O6SCVI=] does not match expected value [0XwhYMWswlRWgcr6WeA7/RrwrhA=]
What is wrong with my last step?
I am not sure if I should even be sending oauth_verifier with the request. Is #_=_ supposed to be part of oauth_verifier? I wouldn't think so. I get signature errors for all the variations Ive tried.
Without the token and tokenSecret I can't make certain calls to the API. I get unauthorized 403 responses. Same when I use the token and token_secret from the second step. I'm pretty sure I need a new token/secret pair.
You're pretty close, you just are passing the oauth_token incorrectly in the last step, and skipping out on oauth_token_secret altogeter.
I've compiled this working code (which you can also now find posted on the Wiki at https://github.com/tumblr/tumblr.php/wiki/Authentication):
<?php
require_once('vendor/autoload.php');
// some variables that will be pretttty useful
$consumerKey = '<your consumer key>';
$consumerSecret = 'your consumer secret>';
$client = new Tumblr\API\Client($consumerKey, $consumerSecret);
$requestHandler = $client->getRequestHandler();
$requestHandler->setBaseUrl('https://www.tumblr.com/');
// start the old gal up
$resp = $requestHandler->request('POST', 'oauth/request_token', array());
// get the oauth_token
$out = $result = $resp->body;
$data = array();
parse_str($out, $data);
// tell the user where to go
echo 'https://www.tumblr.com/oauth/authorize?oauth_token=' . $data['oauth_token'];
$client->setToken($data['oauth_token'], $data['oauth_token_secret']);
// get the verifier
echo "\noauth_verifier: ";
$handle = fopen('php://stdin', 'r');
$line = fgets($handle);
// exchange the verifier for the keys
$verifier = trim($line);
$resp = $requestHandler->request('POST', 'oauth/access_token', array('oauth_verifier' => $verifier));
$out = $result = $resp->body;
$data = array();
parse_str($out, $data);
// and print out our new keys
$token = $data['oauth_token'];
$secret = $data['oauth_token_secret'];
echo "\ntoken: " . $token . "\nsecret: " . $secret;
// and prove we're in the money
$client = new Tumblr\API\Client($consumerKey, $consumerSecret, $token, $secret);
$info = $client->getUserInfo();
echo "\ncongrats " . $info->user->name . "!\n";
I try to make private API requests for Yahoo. I used the code below but it does not work. It always returns the message 'invalid sig'.
Can you help me with a Two-legged OAuth Yahoo PHP example that works?
Thank you very much.
<?php // a super-stripped down 2-leg oauth server/client example
//http://oauth.net/code/
//http://oauth.googlecode.com/svn/code/php/OAuth.php
require 'oauth.php';
$key = 'key';
$secret = 'secret';
$consumer = new OAuthConsumer($key, $secret);
$sig_method = new OAuthSignatureMethod_HMAC_SHA1();
if ($_GET['server']) {
$method = $_SERVER['REQUEST_METHOD'];
$uri = 'http://' . $_SERVER['SERVER_NAME'] . $_SERVER['REQUEST_URI'];
$sig = $_GET['oauth_signature'];
$req = new OAuthRequest($method, $uri);
// token is null because we're doing 2-leg
$valid = $sig_method->check_signature($req, $consumer, null, $sig);
if (!$valid) {
die('invalid sig');
}
echo 'orale!';
}
else {
// call this file
$api_endpoint = 'http://' . $_SERVER['SERVER_NAME'] . $_SERVER['PHP_SELF'];
// handle request in 'server' block above
$parameters = array(
'server' => 'true');
// use oauth lib to sign request
$req = OAuthRequest::from_consumer_and_token($consumer, null, "GET", $api_endpoint, $parameters);
$sig_method = new OAuthSignatureMethod_HMAC_SHA1();
$req->sign_request($sig_method, $consumer, null); // note: double entry of token
// get data using signed url
$ch = curl_init($req->to_url());
curl_exec($ch);
curl_close($ch);
}
Do you generate the signature according to the Yahoo specification here?
Or you can use plaintext signature as described here.
I am trying to make a twitter application. I have gotten my application to a point where users log in through Twitter's user verification system. I am also able to send status updates using my application. I have this function to send status updates:
function sendTweet($tx){
$consumer_key = 'MY CONSUMER KEY';
$consumer_secret = 'MY CONSUMER SECRET';
$Twitter = new EpiTwitter($consumer_key, $consumer_secret);
$Twitter->setToken($_SESSION['OT'],$_SESSION['OTS']);
$text=$tx;
$status=$Twitter->post_statusesUpdate(array('status' => $text));
$status->response;
}
This sendTweet($tx) function works like a charm but now what i need to do is get a list of followers of a user and then send Direct Messages to them. How can I do this using oauth and PHP?
function sendDirectMessage($user,$message)
{ $consumer_key = 'YOUR CONSUMER KEY';
$consumer_secret = 'YOUR SECRET';
$Twitter = new EpiTwitter($consumer_key, $consumer_secret);
$Twitter->setToken($_SESSION['OT'],$_SESSION['OTS']);
$myArray = array('user' => $user, 'text' => $message);
$resp = $Twitter->post_direct_messagesNew( $myArray);
$resp->response;
}