Recently I have run into a problem with the pinterest api, I am using a library to help me and below is my simple script to authorize my application.
The library I am using is this one
I would ask in there if the problem had anything to do with the library itself which it does not since it was working until i revoked access to test it, since then it never authorizes.
The code redirects me to the login page and shows the right scopes, but when I approve and go to the pinterest page it does not show any authorized apps.
After my main code (below) there is a simple callback page that collects the access token into the database and then shows the user basic info.
Code used to connect:
<?php
session_start();
require "vendor\autoload.php";
use Pinterest\App\Scope;
$client = new Pinterest\Http\BuzzClient();
$auth = new Pinterest\Authentication($client, 'i have my cliend id here', 'i have my client secret here');
$url = $auth->getAuthenticationUrl(
'i have my redirect uri here',
array(
Scope::READ_PUBLIC,
Scope::WRITE_PUBLIC,
Scope::READ_RELATIONSHIPS,
Scope::WRITE_RELATIONSHIPS,
),
'random-string'
);
header('Location: ' . $url);
exit;
?>
Related
I am integrating Facebook login in my site. I am using Facebook SDK 4.0. My app API version is 2.4. I am trying to get basic profile info when user successfully log in with Facebook. But problem is - I am able to get only user id and his full name. Other stuffs like first name, last name, gender etc. are not being received. Also of course I need email of the person and user profile picture later on some stage. Here is my working code which is printing only name and id:
<?php
// start session
session_start();
$app_id = 'app_id'; // Facebook App ID
$api_secret = 'app_secret'; // Facebook App Secret
$required_scope = 'public_profile, publish_actions, email'; // Permissions required
$redirect_url = 'site_url/index.php'; // FB redirects to this page with a code
require_once __DIR__ . "/facebook-php-sdk-v4.0/autoload.php";
use Facebook\FacebookSession;
use Facebook\FacebookRequest;
use Facebook\GraphUser;
use Facebook\FacebookRedirectLoginHelper;
// init app with app id (APPID) and secret (SECRET)
FacebookSession::setDefaultApplication($app_id,$api_secret);
// login helper with redirect_uri
$helper = new FacebookRedirectLoginHelper( $redirect_url );
try {
$session = $helper->getSessionFromRedirect();
} catch( FacebookRequestException $ex ) {
// When Facebook returns an error
} catch( Exception $ex ) {
// When validation fails or other local issues
}
// see if we have a session
if ( isset( $session ) ) {
// graph api request for user data
$request = new FacebookRequest( $session, 'GET', '/me' );
$response = $request->execute();
// get response
$graphObject = $response->getGraphObject();
// print data
echo "<pre>";
echo print_r( $graphObject, 1 );
echo "</pre>";
} else {
// show login url
echo 'Login';
}
Following info is printed:
Facebook\GraphObject Object
(
[backingData:protected] => Array
(
[name] => Fname Lname
[id] => ID
)
)
You can see that I have already given scope parameter. But its not helping me. Then I started search on STO and found some solution which suggest us to add following line of code if you are using API v2.4 to explicitly mention the fields you want:
$request = (new FacebookRequest($this->session, 'GET', '/me/?fields=friends,id,name,birthday,email,picture,gender,location,address,email,hometown'))->execute()->getGraphObject()->asArray();
But when I used above code, it again didn't work instead i got blank screen not even id and name as before.
I also visited Facebook developer docs but they are so long, complex and not enough user friendly a developer can follow them easily in short time.
I think there is a lot of confusion regarding Facebook login. There are so many articles on web and each illustrating their own method. Some uses PHP and other uses JavaScript too which popups the login window. Honestly speaking I am very confused at this level and can't understand which is the best, recommended and working method of accomplish the task. Thus I'm in search of following questions:
I want help in making my above code working so that it can fetch all info about user including email and profile pic too.
Some method of login with Facebook takes user full login page and some other displays a popup for login and user remains on the same page after successful login which initially generated the popup window. How both are different?
What is best practice of login with Facebook. Also which SDK and Graph API version one should use?
While Generating a login URL you must pass on the scopes for which you seek permission. You can generate this by modifying,
echo 'Login';
to
echo 'Login';
This is just a example and may not cover all your requirement. You may have to add more scopes as per your requirement.
Above three scopes are permitted by default and you don't have to go through an app verification by facebook. But if you add any other scope, you may have to go through a an approval process before you can go live with an app.
And of-course since v2.4 you must explicitly ask for each field. Before email was supplied by default with /me, not any more. you must add it like,
/me?fields=id,first_name,last_name,friends,email
Login with a facebook will not ask for a login if user is already logged in and will go to permission screen straight away if user has not given permission to this app before. If user has already given all permission and he is already logged in facebook, clicking on login with facebook link will redirect user to redirect handler straight away.
I suggest, you should always use latest stable facebook apis.
UPDATE
Just realized that facebook allows account creation with a phone-number. So, if user has created an account with phone-number instead of an email, in api response you will receive phone-number in place of email like below,
...
'email' => '465454654654'
...
So, your code must handle this situation.
As part of the website I am working on, I need to be able to post directly to the wall of my clients Facebook Page.
I have created an App and am successfully posting to my own dummy profile by simply using:
$request = new FacebookRequest(
$session, 'POST', '/me/feed', array(
'link' => 'my_url',
'message' => 'my_message'
);
Now I need to modify this to post to my clients page, im assuming I cant just change 'me' to by their page ID because that would be a massive security flaw so I need to get permission somehow to post to their page. I am an admin for the page, how can I do this? Or do I actually need to be logged in with the user account that created the page?
I have looked all around in the developer section at creating an app but there doesn't seem to be any way of creating an app for a different account.
Any advice would be greatly appreciated on this.
Many thanks
In order to post to a Facebook page, you need to go through a two steps process -
login as the user using the extended user token,
get the user's token for the page
post to the page using the page's token.
The following code should be able to post a message to your page. I HAVEN'T DEBUGGED IT since it is simplified from my own web site :-) Don't forget to include the Facebook SDK files:
function extract_access_token_of_facebook_page_by_id($array_of_all_user_pages,$page_id){
$num_of_pages=count($array_of_all_user_pages['data']);
$the_page_token="";
for ($i=0; $i<$num_of_pages; $i++){
if ($array_of_all_user_pages['data'][$i]['id']==$page_id){
$the_page_token=$array_of_all_user_pages['data'][$i]['access_token'];
}
}
return $the_page_token;
}
$facebook = new Facebook(array(
'appId' => $YOUR-APP-ID,
'secret' => $YOUR-APP-SECRET,
));
try
{
$facebook->setAccessToken($THE-USER-TOKEN);
$page_id = YOUR-PAGE-ID;
$fanpage_access_token=extract_access_token_of_facebook_page_by_id($facebook->api("/me/accounts"),$page_id);
$args = array();
$args['access_token'] = $fanpage_access_token;
$args['message'] = "THE TEXT YOU WANT TO POST";
$api_url="/".$page_id."/feed";
$api_response = $facebook->api($api_url, 'post', $args);
}
catch (FacebookApiException $e)
{
echo 'Error facebookservice'.$e;
}
Please look into Application developer section. It will help you. Create on developer account and you will be able to access page.
you code is for old sdk version i think, it not work for me : Fatal error: Class 'Facebook' not found
I'm working on building a small web app connecting into the instagram API. Currently using this library on GitHub which makes things a bit easier. I can connect and initially login fine, and the page will display all user data.
But once you refresh the page all the data is lost, and it appears the script can't find my access token anymore. I tried storing this into a PHP session variable - but maybe I'm doing the whole process incorrectly? I just want to keep the same user session throughout an entire website once the OAuth is performed.
You can check out the small app live here: http://spyrestudios.com/demos/instagram-api/index.php
Additionally my callback URL is http://spyrestudios.com/demos/instagram-api/instagammy.php - this is the script which will work right after you connect. But try refreshing the page and all the data is gone! Also here is my bit of code which *should use the library to store the current user's access token:
session_start();
require_once 'Instagram.php'; // the library code
$config = array(
'client_id' => 'f0d225aa955c4bd9ae563f87f831efab', // Your client id
'client_secret' => '377b77afc1274a89bd2df7d77e934689', // Your client secret
'grant_type' => 'authorization_code',
'redirect_uri' => 'http://spyrestudios.com/demos/instagram-api/instagammy.php', // The redirect URI you provided when signed up for the service
);
// Instantiate the API handler object
$instagram = new Instagram($config);
$accessToken = $instagram->getAccessToken();
$_SESSION['InstagramAccessToken'] = $accessToken;
Really struggling for a solution, so I'd appreciate any help I can get. Willing to post examples of my code if needed..
Thanks in advance!
What you have already looks fine (although I have no experience in Instagram), assuming that $accessToken is actually being stored correctly in the session.
But surely at some point you need to feed back in $accessToken so that it can be verified. Like I said, I've not used Instagram before, so I don't know how you would do this.
Just in case you still care..
The problem is that refreshing is hitting the oauth landing page again when you refresh or back, but there is no authorization for it to collect the information from. In theory you could just wrap your setting of the session variable around a check:
$instagram = new Instagram($config);
$accessToken = $instagram->getAccessToken();
if ($accessToken != '')
$_SESSION['InstagramAccessToken'] = $accessToken;
That would stop an unwanted to call to your oauth landing page from clearing the current session value.
But better still would be to have the landing page redirect to a different page for the display. ie have your instagammy.php end there and add a
header("Location: http://spyrestudios.com/demos/instagram-api/dosomethinghere.php");
die();
That way the user won't ever see the "instagammy.php" page in their history and won't be able to go back to it.
This work for me, instead the original file instagammy.php
$instagram = new Instagram($config);
if ($_SESSION['InstagramAccessToken'] == ''){
$accessToken = $instagram->getAccessToken();
$_SESSION['InstagramAccessToken'] = $accessToken;
}else{
$accessToken = $_SESSION['InstagramAccessToken'];
$instagram->setAccessToken($_SESSION['InstagramAccessToken']);
}
Using Facebook's PHP SDK, I was able to get Facebook login working pretty quickly on my website. They simply set a $user variable that can be accessed very easily.
I've had no such luck trying to get Twitter's OAuth login working... quite frankly, their github material is confusing and useless for someone that's relatively new to PHP and web design, not to mention that many of the unofficial examples I've tried working through are just as confusing or are outdated.
I really need some help getting Twitter login working--I mean just a basic example where I click the login button, I authorize my app, and it redirects to a page where it displays the name of the logged in user.
I really appreciate your help.
EDIT I'm aware of the existence of abraham's twitter oauth but it provides close to no instructions whatsoever to get his stuff working.
this one is the basic example of getting the url for authorization and then fetching the user basic info when once u get back from twitter
<?php
session_start();
//add autoload note:do check your file paths in autoload.php
require "ret/autoload.php";
use Abraham\TwitterOAuth\TwitterOAuth;
//this code will run when returned from twiter after authentication
if(isset($_SESSION['oauth_token'])){
$oauth_token=$_SESSION['oauth_token'];unset($_SESSION['oauth_token']);
$consumer_key = 'your consumer key';
$consumer_secret = 'your secret key';
$connection = new TwitterOAuth($consumer_key, $consumer_secret);
//necessary to get access token other wise u will not have permision to get user info
$params=array("oauth_verifier" => $_GET['oauth_verifier'],"oauth_token"=>$_GET['oauth_token']);
$access_token = $connection->oauth("oauth/access_token", $params);
//now again create new instance using updated return oauth_token and oauth_token_secret because old one expired if u dont u this u will also get token expired error
$connection = new TwitterOAuth($consumer_key, $consumer_secret,
$access_token['oauth_token'],$access_token['oauth_token_secret']);
$content = $connection->get("account/verify_credentials");
print_r($content);
}
else{
// main startup code
$consumer_key = 'your consumer key';
$consumer_secret = 'your secret key';
//this code will return your valid url which u can use in iframe src to popup or can directly view the page as its happening in this example
$connection = new TwitterOAuth($consumer_key, $consumer_secret);
$temporary_credentials = $connection->oauth('oauth/request_token', array("oauth_callback" =>'http://dev.crm.alifca.com/twitter/index.php'));
$_SESSION['oauth_token']=$temporary_credentials['oauth_token']; $_SESSION['oauth_token_secret']=$temporary_credentials['oauth_token_secret'];$url = $connection->url("oauth/authorize", array("oauth_token" => $temporary_credentials['oauth_token']));
// REDIRECTING TO THE URL
header('Location: ' . $url);
}
?>
I just tried abraham's twitteroauth from github and it seems to work fine for me. This is what I did
git clone https://github.com/abraham/twitteroauth.git
Upload this into your webhost with domain, say, www.example.com
Go to Twitter Apps and register your application. The changes that you need are (assuming that you will use abraham's twitteroauth example hosted at http://www.example.com/twitteroauth)
a) Application Website will be http://www.example.com/twitteroauth
b) Application type will be browser
c) Callback url is http://www.example.com/twitteroauth/callback.php (Callback.php is included in the git source)
Once you do this, you will get the CONSUMER_KEY and CONSUMER_SECRET which you can update in the config.php from the twitteroauth distribution. Also set the callback to be the same as http://www.example.com/twitteroauth/callback.php
Thats it. If you now navigate to http://www.example.com/twitteroauth, you will get a "Signin with Twitter", that will take you to Twitter , authorize the request and get you back to the index.php page.
EDIT:
Example will not work but do not worry. Follow the above steps and upload to server.
Make sure you rename the file from github repository i.e. config-sample.php->config.php
if you want to see a working sample, find it here
Here are some OAuth 1.0A PHP libraries with examples:
tmhOAuth
Oauth-php
Twitter async
Twitter async provides documentation on how to simply sign in a user as you asked for.
Here is the step by step guide to integrate Twitter OAuth API to Web-application using PHP. Please following tutorial.
http://www.smarttutorials.net/sign-in-with-twitter-oauth-api-using-php/
You need to create Twitter App First By going thorugh following URL
https://apps.twitter.com/
Then you need to provide necessary information for the twitter app. Once your provided all the information and then save it. You will get Twitter application Consumer Key and Consumer secret.
Please download the source file from above link, and just replace TWITTER_CONSUMER_KEY, TWITTER_CONSUMER_SECRET and TWITTER_OAUTH_CALLBACK with your Consumer Key (API Key), Consumer Secret (API Secret) and callback URL. Then upload this to your server. Now it will work successfully.
Abraham's Twitteroauth has a working demo here:
https://github.com/abraham/twitteroauth-demo
Following the steps in the demo readme worked for me. In order to run composer on macOS I had to do this after installing it: mv composer.phar /usr/local/bin/composer
IMO the demo could be a lot simpler and should be included in the main twitteroauth repo.
I recently had to post new tweets to Twitter via PHP using V2 of their API but couldn’t find any decent examples online that didn’t use V1 or V1.1. I eventually figured it out using the great package TwitterOAuth.
Install this package via composer require abraham/twitteroauth first (or manually) and visit developer.twitter.com, create a new app to get the credentials needed to use the API (see below). Then you can post a tweet based on the code below.
use Abraham\TwitterOAuth\TwitterOAuth;
// Connect
$connection = new TwitterOAuth($twitterConsumerKey, // Your API key
$twitterConsumerSecret, // Your API secret key
$twitterOauthAccessToken, // From your app created at https://developer.twitter.com/
$twitterOauthAccessTokenSecret); // From your app created at https://developer.twitter.com/
// Set API version to 2
$connection->setApiVersion('2');
// POST the tweet; the third parameter must be set to true so it is sent as JSON
// See https://developer.twitter.com/en/docs/twitter-api/tweets/manage-tweets/api-reference/post-tweets for all options
$response = $connection->post('tweets', ['text' => 'Hello Twitter'], true);
if (isset($response['title']) && $response['title'] == 'Unauthorized') {
// Handle error
} else {
var_dump($response);
/*
object(stdClass)#404 (1) {
["data"]=>
object(stdClass)#397 (2) {
["id"]=>
string(19) "0123456789012345678"
["text"]=>
string(13) "Hello Twitter"
}
}
*/
}
I'm able to update the status on my PROFILE wall using this code:
require_once 'facebook-platform/php/facebook.php';
$facebook = new Facebook('APP API KEY','APP SECRET KEY');
$user_id = 'MY USER ID';
$facebook->api_client->users_setStatus('This is a new status');
...after authorizing using this address:
http://facebook.com/authorize.php?api_key=MYAPPAPIKEY&v=1.0&ext_perm=publish_stream
This code, however, does not work to update the status on my Facebook PAGE Wall. Are there additional parameters that I can add to the authorize.php url to specify authorizing the PAGE and not just my profile?
Or, are there better ways to post updates to Fan Page Walls?
Thanks!
I solved the problem by consulting the Facebook desktop application documentation (even though this is a web application).
I first had to authorize offline access with this url (replacing 'MYAPIKEY'):
http://www.facebook.com/login.php?api_key=MYAPIKEY&connect_display=popup&v=1.0&next=http://www.facebook.com/connect/login_success.html&cancel_url=http://www.facebook.com/connect/login_failure.html&fbconnect=true&return_session=true&session_key_only=true&req_perms=read_stream,publish_stream,offline_access
Then, I needed to grant 'publish_stream' permissions to the PAGE with this url (replacing 'MYAPIKEY' and 'THEPAGEID'):
http://www.facebook.com/connect/prompt_permissions.php?api_key=MYAPIKEY&v=1.0&next=http://www.facebook.com/connect/login_success.html?xxRESULTTOKENxx&display=popup&ext_perm=publish_stream&enable_profile_selector=1&profile_selector_ids=THEPAGEID
I could then use the following code to publish to the Fan Page wall:
require_once 'facebook-platform/php/facebook.php';
$facebook = new Facebook(MYAPIKEY, MYAPISECRET);
try{
$facebook->api_client->stream_publish('INSERT_STATUS_HERE',null,null,null,'THEPAGEID');
}catch(Exception $o ){
print_r($o);
}
Based on the above, i tried out a couple of querystring parameters on the graph API authorize URL, and it appears this works:
https://graph.facebook.com/oauth/authorize?client_id=[APP_ID]&redirect_uri=[REDIRECT_URL]&scope=publish_stream&enable_profile_selector=1&profile_selector_ids=[PAGE_IDS]
EDIT: Never mind, the above displays all the UI correctly, but still get the "(#200) The user hasn't authorized the application to perform this action" error --- it's clear it doesn't work because the access token contains my USER id but not the page's ID.