I have a very simple script sending an email if there is a new facebook comment.
I am using the Webhook: Application and the event: plugin_comment.
It actually works if I do not use and test the challenge and token.
I tried it as stated in the FB docs with:
$_GET['hub_verify_token']
$_GET['hub_challenge']
And I also tried:
$_REQUEST['hub_challenge']
$_REQUEST['hub_verify_token']
but its always empty.
If I disable the token check it works fine (also in production environment).
Related
I have setup a webhook in shopify via settings > notifications > webhooks and entered a heroku app URL. My heroku app is in php and I run the verification function found here: https://shopify.dev/tutorials/manage-webhooks and when I open my app I get a blank response. I am not sure if this is something I am doing wrong on my heroku app, or if I am missing something. The goal here is to grab the json data after the event I have selected is ran, then to send that data to via third party api. But to start I just want to be able to verify that my heroku app is receiving the payload. Is there more I need to add to my php file in order to verify? (php noob here). Below is the code I am running in my php file, and yes I am using my shared secret found in the webhooks section.
<?php
define('SHOPIFY_APP_SECRET', 'my_shared_secret');
function verify_webhook($data, $hmac_header)
{
$calculated_hmac = base64_encode(hash_hmac('sha256', $data, SHOPIFY_APP_SECRET, true));
return hash_equals($hmac_header, $calculated_hmac);
}
$hmac_header = $_SERVER['HTTP_X_SHOPIFY_HMAC_SHA256'];
$data = file_get_contents('php://input');
$verified = verify_webhook($data, $hmac_header);
error_log('Webhook verified: '.var_export($verified, true)); //check error.log to see the result
?>
If I am not mistaken you cannot test webhooks that way as the admin does not use your API key as it has no idea who you are when in the admin. So if you have a heroku App and it has an API key, use that API key to first off establish the webhook, verify you created it with the API, and then sit around and test your actual endpoint with Shopify Admin itself. That is how it works AFAIK.
The other verification in the admin is mickey mouse and meant to just throw data at any old endpoint with no validation.
I am trying to set up Oauth with the YouTube Data API. I had a Laravel app which has Socialite set up. Out of the box YouTube isn't set up with this but I saw that there is a provider for YouTube here:
https://socialiteproviders.netlify.app/providers/you-tube.html
I have done all of the steps outlined on the page along with all routes that I need. I have also done the Oauth set up on Google Developer Console and got the client ID/secret key and set the callback.
When I use the login URL it works where I'm redirected for login with Google. The problem comes when the callback URL is reached. I get the error:
ErrorException
Undefined index: items
This occurs on the provider callback function which has the code:
$user = Socialite::driver('youtube')->user();
I have tried using stateless:
$user = Socialite::driver('youtube')->stateless()->user();
But get the same error. All caches have been cleared. I am pretty sure that the setup was done correctly as I'm also using the Twitch provider from https://socialiteproviders.netlify.app/providers/twitch.html which the setup was similar and it works correctly.
Please can anyone advise? Thanks.
Try selecting the fields you want to access first:
$user = Socialite::driver('youtube')->fields([
'items'
])->user();
I'm facing the same issue. Is it possible that the API has changed? If I take a look at the raw response there
I also stumbled onto this issue:
When I tested it, I did not got the error, but my colleague did so I figured it had something to do with the account that tried to connect.
I changed my approach from:
$user = Socialite::driver('youtube')->stateless()->user();
And just received tokens by doing this:
$socialite = Socialite::driver('youtube');
$code = $request->input('code');
$response = $socialite->getAccessTokenResponse($code);
$response will contain an array of tokens. I used these tokens to connect it to an existing user in my database.
I don't know if this is the solution for your workflow, but it is a way to get around the mysterious error.
The issue is due to YouTube no longer automatically creating a channel for your google/gmail account like it did in the past. This results in responses completely missing an items array.
if you dd($response->getBody()->getContents()) the response for an account that throws an error you'll see this.
I've made a pull request for this here. https://github.com/SocialiteProviders/YouTube/pull/8
The Paysafe API was working perfectly fine in localhost, I was able to complete payment to Netbanx. I started to integrate the system on the website. I have a page for billing information, then a page for card payment where I use paysafe.js to create a token.
Then, I use PHP to get response from the server. This works in local. But online, this last part where I try to settle a payment, I get an error 500. I think it could be because the server is not using HTTPS. I want to know if it's possible that the error 500 is coming from the fact we don't have HTTPS or if it's something else?
P.S: It's complicated to access to the server because of bureaucracy, I don't want to make all the process if it's sure it's not that!
Thank you!
P.S.: I also tried using curl instead, and the response was bool(false).
require_once("config.php");
use Paysafe\Environment;
use Paysafe\PaysafeApiClient;
use Paysafe\CardPaymentService;
use Paysafe\CardPayments\Authorization;
$client = new PaysafeApiClient($paysafeApiKeyId, $paysafeApiKeySecret, Environment::TEST, $paysafeAccountNumber);
$info = new Authorization(array(
//PAYMENT ARRAY (Getting POST variable from previous page)
));
$response = $client->cardPaymentService()->authorize($info);
$statut = $response->status;
That Environment::TEST obviously does not match the production environment (or host-name).
Just enable PHP error reporting for your IP only, in order not to possibly leak any details.
Also check the console there (if any), if that host if even authorized to access the API.
I mean, HTTP500 is an error description just alike "it does not work".
I'm setting up comment moderation tool on a client's website, and in order to do that I need to create an app through facebook developer tools and create a webhook in order to be able to moderate comments.
When I try to set up the webhook, this is the error I receive.
The URL couldn't be validated. Response does not match challenge, expected value="716205142", received=""
And here's the code within the fbwebhook.php file:
<?php
$challenge = $_GET['hub_challenge'];
$verify_token = $_GET['hub_verify_token'];
if ($verify_token === 'TpQQFSkEJZbVlXZzCfEx') {
echo $challenge;
}
file_put_contents(
'log.txt',
"\n" . file_get_contents('php://input'),
FILE_APPEND
);
What is really driving me crazy is that this same file works on the staging site, works on other servers, but not on the server where the live site is being hosted.
We are on WPengine,
createwhimsy.staging.wpengine.com == webhook works
createwhimsy.com == webhook doesn't work (error above)
Tried on a digital ocean server == webhook works.
Tried on a different site being hosted on WPengine == webhook doesn't work (same error as above)
If I move the file I get a 404 error, so I know that FB is hitting the file, but it seems like FB isn't sending the right data to be used to verify, or something, not sure. This leads me to believe it's a DNS issue, or something with WPengine's hosting environment.
Any direction or input is much appreciated!
Discovered what is is.
WPengine has a redirect bot in place that will totally mess with facebooks validation post to your site. Just have to request them to disable the bot, and it worked just fine!
I try to get the Live Delegated Authentication to work for the purpose of reading the email addresses.
I am doing this in PHP with the help of the windowslivelogin library. The problem is that I get an error.
I'm not sure what I'm doing wrong, i registered my application on the Azure webpage and got the appid and the secret into the code. This is what i use to initialize the Live Library :
$o = new WindowsLiveLogin();
$o->setAppId('000000004801B670');
$o->setSecret('secret');
$o->setSecurityAlgorithm('wsignin1.0');
$o->setDebug(true);
$o->setPolicyUrl('http://www.google.com/aides.html');
$o->setReturnUrl("http://michaelp.dev.gamepoint.net/framework/mainsite/contactimporter/?service=live");
return $o;
Then I call
$this->LiveLibrary->getLoginUrl()
And after I Login in to Live, it posts 2 things back, $_POST['stoken'] and $_POST['action'].
As soon as I call
$this->LiveLibrary->processLogin($_REQUEST);
It fails and gives back an error that the token is invalid.
I tried getting Consent straight away by making redirecting to
$this->LiveLibrary->getConsentUrl("Contacts.View");
But that gives an 3007 error and says that it cant share the information
According to MS this means the following :
3007
Consent Service API failed in the <method name> method. The application verifier is invalid.
The offer security level requires that a valid application verifier be passed with the request.
I am using the following URL, generated by the library
https://consent.live.com/Delegation.aspx?ps=Contacts.Invite&ru=http%3A%2F%2Fmichaelp.dev.gamepoint.net%2Fframework%2Fmainsite%2Fcontactimporter%2F%3Fservice%3Dlive&pl=http%3A%2F%2Fwww.google.com%2Faides.html&app=appid%3D000000004801B670%26ts%3D1251722931%26sig%3DD2gkM%252F%252FwlRXXfS64NMrV%252Bkt50v6dAOcESblfRk7j%252FUE%253D
I don't understand most of the documentation Microsoft has on this thing, I think its really unclear and chaotic. Also the Sample I tried doesn't work. I get an error message, it can't validate/decode the token. Same I get when I try the processLogin().
Thanks in Advance,
Michael