we are using the woocommerce Rest API. If there any ways to get client key and secret key in api response for oauth authentication. We referred the below link https://woocommerce.github.io/woocommerce-rest-api-docs/?php#rest-api-keys
$store_url = 'http://example.com';
$endpoint = '/wc-auth/v1/authorize';
$params = [
'app_name' => 'My App Name',
'scope' => 'write',
'user_id' => 123,
'return_url' => 'http://app.com',
'callback_url' => 'https://app.com'
];
$query_string = http_build_query( $params );
echo $store_url . $endpoint . '?' . $query_string;
But it Doesn't return any response. It only returns the post values only send by me.
Related
I'm trying to get the access token using the Docusign JWT authentication, but I always get:
{"error":"invalid_grant","error_description":"unsupported_grant_type"}
I double checked all the data (integration key, api username, etc) and they are fine.
I followed all the steps in the Docusign guidelines.
The only part I'm not 100% sure is when I generate the signature of the JWT token.
The documentation says:
The first two parts of the JWT are signed with your application's private key (using the RSA SHA-256 digital signature algorithm) as shown in the diagram.
This is how I'm generating the signature:
$header = [
'typ' => 'JWT',
'alg' => 'RS256'
];
$body = [
'iss' => getenv('INTEGRATION_KEY'),
'sub' => getenv('API_USERNAME'),
'iat' => time(),
'exp' => time() + 3600,
'aud' => str_replace('https://', '', getenv('AUTH_URL')),
'scope' => 'signature impersonation'
];
$signature = JWT::encode($body, file_get_contents(env('PRIVATE_KEY')), 'RS256');
$header = $this->base64url_encode(json_encode($header));
$body = $this->base64url_encode(json_encode($body));
$jwt = $header . '.' . $body . '.' . $signature;
Is that correct?
If not, and since JWT::encode expects an array as first parameter, how should I do to make it work?
This is how I'm requesting the access token:
return Http::withHeaders(
[
'Content-Type' => 'application/x-www-form-urlencoded'
]
)->post(
getenv('AUTH_URL') . '/oauth/token',
[
'grant_type' => 'urn:ietf:params:oauth:grant-type:jwt-bearer',
'assertion' => $jwt
]
);
Thanks!
Apparently Firebase JWT encode method doesn't encode a string in the right way.
I used this:
$header = $this->base64url_encode(json_encode($header));
$body = $this->base64url_encode(json_encode($body));
openssl_sign(
$header.".".$body,
$signature,
file_get_contents(env('PRIVATE_KEY_PATH')),
"sha256WithRSAEncryption"
);
and it worked.
Make sure you're using the same scopes when requesting consent and requesting the jwt token.
Thanks everyone for the help.
Creating a correct JWT token is hard. I suggest you either use the requestJWTUserToken from the PHP SDK or review its source to see how it makes the OAuth request.
I was having the same problem in a application using Laravel 6 and I managed to solve it as follows:
// the Header will not be needed as it is automatically generated
$header = [
'typ' => 'JWT',
'alg' => 'RS256'
];
$body = [
'iss' => getenv('INTEGRATION_KEY'),
'sub' => getenv('API_USERNAME'),
'iat' => time(),
'exp' => time() + 3600,
'aud' => str_replace('https://', '', getenv('AUTH_URL')),
'scope' =>'signature impersonation'
];
/**
* Note that when creating the JWT, only the $body is provided,
* as the function already performs the necessary concatenations.
* in your code you put it like this:
* $jwt = $header . '.' . $body . '.' . $signature;
* which generates a hash that cannot be validated,
*/
// create the JWT
$jwt = JWT::encode($body , $privateKey, 'RS256');
// make the request
$client = new \GuzzleHttp\Client();
$response = $client->request('POST', getenv('AUTH_URL').'/oauth/token',['query' =>[
'grant_type' => 'urn:ietf:params:oauth:grant-type:jwt-bearer',
'assertion' => $jwt,
]
]);
echo '<pre>';
print_r($response);
echo '</pre>';
I am working on a php application that requires me to interact with each merchants store using the WooCommerce Rest API and i am trying to auto-generate the rest api keys like it was documented on their documentation but my callback_url endpoint won't fire and i don't receive the auto-generated keys sent to the callback endpoint.
Here is my code to Create an authentication endpoint URL
public function integrate()
{
$url = $this->input->post('url');
$title = $this->input->post('title');
$user_id = $this->session->userdata('client_id');
$save = $this->Store_model->save_store($user_id,$url, $title);
$genKeyEndpoint = '/wc-auth/v1/authorize';
$params = [
'app_name' => 'App Name',
'scope' => 'read_write',
'user_id' => $user_id,
'return_url' => base_url('stores/integrateForm'),
'callback_url' => base_url('stores/callback-endpoint')
];
$query_string = http_build_query( $params, null, '&', PHP_QUERY_RFC3986 );
$wooAuth = $url . $genKeyEndpoint . '?' . $query_string;
redirect($wooAuth);
}
and here is my code to retrieve the generated keys and store in my database
public function save_api_key() {
$post_data = json_decode(file_get_contents('php://input'), true);
$wooResponseData = [
'consumer_key' => $post_data['consumer_key'],
'consumer_secret' => $post_data['consumer_secret']
];
$this->Store_model->updateStoreKeys($this->session->userdata('client_id'), $wooResponseData);
}
My application is running on codeigniter.
I'm using ZF2 Twitter package to get user info by username and retrieve it's location, but the returned object doesn't give me the "derived" property, that should have the detailed data about location I want to use.
public function twitterAction()
{
$config = array(
'access_token' => array(
'token' => 'MY TOKEN',
'secret' => 'MY SECRET',
),
'oauth_options' => array(
'consumerKey' => 'MY CONSUMER KEY',
'consumerSecret' => 'MY COMSUMER SECRET',
),
'http_client_options' => array(
'adapter' => 'Zend\Http\Client\Adapter\Curl',
'curloptions' => array(
CURLOPT_SSL_VERIFYHOST => false,
CURLOPT_SSL_VERIFYPEER => false,
),
),
);
$twitter = new Twitter($config);
$response = $twitter->account->accountVerifyCredentials();
if (!$response->isSuccess()) {
die(var_dump($response->getErrors()));
}
$params = $this->params()->fromRoute();
$profile = $params['profile'];
$user = $twitter->users->show($profile);
$coordinates = $user->derived->geo->coordinates;
return new JsonModel(
[
'placeName' => $user->derived->locality . ' - ' $user->derived->region,
'link' => 'http://www.google.com/maps/place/'.$coordinates[0].','.$coordinates[1]
]
);
}
I'm using the twitter api page as reference
this is the response I get if I return the user
{
'placename: ': '-',
'link: ': 'http://www.google.com/maps/place/,',
}
How can I retrieve this data?
From that page:
Profile Geo data will be included in Twitter's PowerTrack, Replay, Volume Stream, Search, and Historical PowerTrack APIs.
I think that means the geo data is only available for paying customers of PowerTrack. If you're just a regular developer, you can't get it.
I got some example scripts from Facebook App Management to use the Marketing API. When I run the script, I just get this error by curl:
'Unsupported post request. Object with ID \'105101623679981\' does not exist, cannot be loaded due to missing permissions, or does not support this operation.
I already tried to deactivate the Sandbox Mode and go public, tried many different scripts in different languages and also other keys.
Any Ideas?
This is the Script:
<?php
//Add all those Uses and the autoloader
$access_token = '<my_very_long_accessToken';
$ad_account_id = '<my_account_id>'; //<-- This is the Object in the Error Code
$app_secret = '<my_app_secret>';
$page_id = '<my_page_id>';
$app_id = '<my_app_is>';
$api = Api::init($app_id, $app_secret, $access_token);
$api->setLogger(new CurlLogger());
$fields = array(
);
$params = array(
'objective' => 'PAGE_LIKES',
'status' => 'PAUSED',
'buying_type' => 'AUCTION',
'name' => 'My Campaign',
);
$campaign = (new AdAccount($ad_account_id))->createCampaign(
$fields,
$params
);
$campaign_id = $campaign->id;
echo 'campaign_id: ' . $campaign_id . "\n\n";
$fields = array(
);
$params = array(
'status' => 'PAUSED',
'targeting' => array('geo_locations' => array('countries' => array('US'))),
'daily_budget' => '1000',
'billing_event' => 'IMPRESSIONS',
'bid_amount' => '20',
'campaign_id' => $campaign_id,
'optimization_goal' => 'PAGE_LIKES',
'promoted_object' => array('page_id' => $page_id),
'name' => 'My AdSet',
);
//...
Yeah. I got it. It has to be "act_"
So bad. The Script is really crappy. So many Errors. And it's created by facebook!
I'm trying to pull my list of Google contacts and display on a page the name and phone number.
I found an interesting post made by Lorna Jane and tried her code. I get a token returned, but every time I revisit the page, it asks me to authenticate again. With current code, no data array is pulled:
$id = 'secret.apps.googleusercontent.com';
$scope = 'https://www.google.com/m8/feeds/default/full/';
$uri = 'http://example.com/callback.php';
$params = array(
'response_type' => 'code',
'client_id' => $id,
'redirect_uri' => $uri,
'scope' => $scope
);
$query = 'https://accounts.google.com/o/oauth2/auth?' . http_build_query($params);
header('Location: ' . filter_var($query, FILTER_SANITIZE_URL));
if (isset($_GET['code']))
{
$code = $_GET['code'];
$token = 'https://accounts.google.com/o/oauth2/token';
$params = array(
'code' => $code,
'client_id' => $id,
'client_secret' => 'clientsecret',
'redirect_uri' => $uri,
'grant_type' => 'authorization_code'
);
$request = new HttpRequest($token, HttpRequest::METH_POST);
$request->setPostFields($params);
$request->send();
$responseObj = json_decode($request->getResponseBody());
var_dump($responseObj);
}
Please let me know what I'm missing. I prefer the pecl_http implementation, over the Google API library.