I've been working with the Podio API for nearly a year now and have rarely had issues, but I recently ran into one that I can't figure out. I'm not even sure how to test what is going on. When an item is created, I have a webhook to a script which will send an http GET request to an item and perform a number of functions. The script runs just fine and has never run into any issues, unless I create a number of items in quick succession (15 or so). If I do this, a certain number will finish successfully, and then I will suddenly get the following error with each new call:
2016-11-14 16:41:14 401 GET /item/514610204
2016-11-14 16:41:14 Reponse: {"error_parameters":{},"error_detail":null,"error_propagate":false,"request":{"url":"http:\/\/api.podio.com\/item\/514610204","query_string":"","method":"GET "},"error_description":"invalid_request","error":"unauthorized"}
If I wait a minute or so, it begins working again.
I'm authenticating with username and password. Does anyone know what is going on or how to check what is going on? The podio.log has not been helpful in this situation.
(UPDATE)
The issue is that I am hitting an authentication request rate limit because I haven't been using a session manager. I'm now attempting to do this, but having issues. My code using the Redis setup is as follows:
require_once 'models/PodioRedisSession.php';
Podio::set_debug(true, 'file');
Podio::setup($client_id, $client_secret,array(
"session_manager" => "PodioRedisSession"
));
Podio::$auth_type = array(
"type" => "password",
"identifier" => "MY_EMAIL"
);
Podio::$oauth = self::$session_manager->get(Podio::$auth_type); //ERROR IS ON THIS LINE
if (!Podio::is_authenticated()) {
Podio::authenticate_with_password('MY_EMAIL', 'MY_PASSWORD');
}
which gives me the following error: Cannot access self:: when no class scope is active.
Am I on the right track to get the session manager working with password authentication? The error occurs on the commented line.
(UPDATE)
I was finally able to get the system running properly. The code above is correct. The server just needed to be reset (Windows server) for Redis to take affect.
If your script is authenticating to Podio each time an item is created, it is possible that you are running into the Podio API’s rate limit on authentication requests.
Are you generating a new auth token each time the script is triggered by your webhook? The Podio client libraries include some general documentation on session management that may be useful!
To avoid hitting this limit you should authenticate with the API once and then store the oauth and refresh tokens that at are returned from the API. Redis will do the trick. Then you use the oauth token for all subsequent requests.
An example can be found here [1]
Your oauth token will be valid for at most 28 days. When it's no longer valid you will need to obtain a new oauth token using the refresh token you received when you first authenticated. [2]
[1] https://developers.podio.com/authentication/username_password
[2] https://developers.podio.com/authentication
Related
I have an application (php) that handles the API for years.
However a few weeks ago it started giving the error sporadically:
(400) API key not valid. Please pass a valid API key.
In the end the error was continuous and stopped responding.
I related it to Google Calendar API - no longer authorized for reads?
After several days of inactivity, the application worked again for a few days, but the pattern has been repeated again:
It has been giving the error more and more frequently until it has stopped working.
Edited:
The application can be viewed at:
http://intraneteina.unizar.es/intraneteina/index.php?r=calendarioGoo/index
When selecting any option from the dropdown, the application reads information from a google calendar and displays it in html.
It has been working for years, and without touching the code, now it gives the described API error key not valid.
I had been experiencing a similar issue. I found some documentation, eventually, that said there was a limit of 50 (or possibly 100) "active" authorisation tokens allowed for an app unless you are running it via a service account. Typically once the limit is reached Google just drops authorisations off the end of the "active list" it maintains and you are unaware of this happening. This is a problem if you are relying on the expiry of your access token and don't generate a refresh token until you think you need to - i.e. When you generate/refresh your access token you record the expiry date and only refresh it when you system tells you that your token has expired.
Because Google may have disabled that token (dropped it off the active list) in the background and you are unaware of this you try to use that token which hasn't expired - the result is a typically uninformative error message with no indication of what has happened. In our case in the short term setting up a service account was too difficult (implementing RSA256 for the authorisation process) so we got around this by just ignoring the recorded expiry timestamp and requesting a refresh token every time we made a call to the API. I'm sorry I can't link you to the documentation, but I believe I found it via an answer in another S.O. post.
I am migrating to Xero and want to set an invoicing process to run once a month at a specific time using a cron job, I can get the cron job to fire and I have set up a php page based on https://github.com/XeroAPI/xero-php-oauth2-app which I can run manually and it works perfectly.
I've also used https://github.com/XeroAPI/xoauth to retrieve the tokens and store them in the keychain, I can see that they are there.
I've got a bit lost where xoauth says "Piping the access_token, id_token and refresh_token to stdout, so you can use them in a script workflow"
I'm hoping someone has done something similar and can point me in the right direction or even better give me an example as I can't find one online.
I assume I am missing a link between the 2 examples which transfers the token values.
When the cron runs I get the following error
'Fatal error: Uncaught BadMethodCallException: Required parameter not passed: "refresh_token" in /Applications/MAMP/htdocs/vendor/league/oauth2-client/src/Tool/RequiredParameterTrait.php:35'
which is not really a surprise as I'm not giving it a refresh_token as far as I can see.
I am using localhost on a Mac as a development environment.
I have seen a number of questions related to this from more experienced developers but no answers.
Thanks Gordon
thanks for your question. We have gotten this one a lot so I used this as the base for a XeroAPI community-corner video that I will share back here soon that walks through getting access/refresh tokens from xoauth, making api calls, and refreshing to get a new token set.
Answer
What you want to do is after you generate the access token with the xoauth repo. In your PHP script - plug in the access_token & xero-tenant-id (as 2 headers in your api call).
Authorization: "Bearer " + access_token
xero-tenant-id: tenantId
Ensure the API call returns your data. Then create a function in your script that does the following before future API calls
Refreshes for a new token_set
Saves new token_set to a DB or static file
Use that token_set 'access_token' to make your Invoice API call
Repeat step (1-3) at least once every 60 days
NOTE: you will need some kind of persistence to store the continually
refreshed token_set.
Hope this clarifies it for you. I will post back the video for an in depth walkthrough asap.
OAuth2.0 Background:
Essentially our move to simplify and standardize our API authentication came with some challenges in how to setup longstanding API connections for use cases that didn’t need to onboard an increasing number of new users. For instance, a lot of small businesses and accounting firms setup custom processes to batch import/export invoices.
The use case often did not have the need for an application user interface, so standing one up just to get a valid access token was a lot of extra work if the integration only needed to connect to single ‘admin’ type user for a specific Xero Organisation.
I've been using the QuickBooks PHP DevKit for some time now in production with no issues.
However, recently I've been getting the following error from my create_invoice ajax script when I spit out:
if($resp = $InvoiceService->add($Context, $realm, $Invoice)){
//create invoice code here
} else
{
echo $InvoiceService->lastError();
}
I get the following error:
3200: [message=ApplicationAuthenticationFailed; errorCode=003200; statusCode=401, ]
The only documentation I can find about this error is that error code 3200 means "Outdated edit sequence" but I am creating an Invoice.
So why is this error all of a sudden appearing?
It seems to have started giving me this error since July 11th. Before then everything was working fine.
Do I need to refresh my access tokens, and how would I go about doing that?
The only documentation I can find about this error is that error code 3200 means "Outdated edit sequence" but I am creating an Invoice.
Error code 3200 (for qbXML) is entirely separate from error code 003200 (for IPP/v3), so "outdated edit sequence" isn't really relevant here at all.
So why is this error all of a sudden appearing?
Generally a "401 Authentication Failed" error pretty much means exactly what it says - authentication against the app failed.
This could be because of several reasons:
Your OAuth tokens expired (they expire after 6 months if you don't renew them)
Your OAuth tokens/connection were disconnected (this can be done from within the UI Intuit provides)
You're not sending the correct OAuth tokens anymore
Did you check your OAuth tokens? Are they still valid? Are you sending the correct ones?
Do I need to refresh my access tokens, and how would I go about doing that?
Maybe.
You can go back through the connection process (e.g. click the "Connect to QuickBooks" button again) to renew them.
If they have expired (e.g. you didn't renew within 6 months) you should implement the reconnect call to avoid this in the future:
https://github.com/consolibyte/quickbooks-php/blob/master/docs/partner_platform/example_app_ipp_v3/reconnect.php
https://github.com/consolibyte/quickbooks-php/blob/master/docs/partner_platform/example_app_ipp_v3/
https://github.com/consolibyte/quickbooks-php
I am having trouble figuring this out. Facebook is implementing a new policy https://developers.facebook.com/roadmap/offline-access-removal/ that no longer allows for the simpler "offline_access" tokens that you used to be allowed to get. I am developing an application that needs to access the Graph API every 3 hours with a cronjob, and I am not sure how to set this up so that I dont need to login to access it, since I cant login with a cronjob if I am redirected to a login page. I am assuming I need to use some sort of a Curl call within a php script to get this working. I dont need to post anything, all I am doing is grabbing posts from a few public pages. Any Ideas? I already have a script in place that can do what I want it to, given that I log in first with the login_url. Just need this working with a cronjob.
First of all a reply to the first question - there is nothing to be done on your side. The facebook's change simply means that this kind of applications is no longer possible. The best thing you can do is to request an extended token, which then lasts around 30 (or 60, not sure) days. To request it you need to call the fb api - as shown here and here (albeit not python examples, they are useful pointers). Official FB's explanation is here.
However, this token is going to be invalidated on every occasion the user changes their password, remove the app or log out of facebook. You would need to have a look which requests failed and manually notify the users to renew the token at your side and store the new one.
To your second question about crawling public posts - do you even need an access token? Try using the Graph API without it and see if you can get to the information you are interested in.
I'm trying to get the status from facebook users, who connect to my app with offline_access and read_stream permissions.
All the processes will use subscription to get notification about new feeds, and then take access to status of the user, who changed it.
The code for subscription works great, I get all info as it should be, but the problem starts with second part - every time I try to access user status via
$objFacebook->api('/'USER_ID'/statuses?access_token=TOKEN', 'get', $params);
I get the exception:
An access token is required to request this resource
I tried to set access_token which I got when connected to my website via facebook login, also tried to set the whole session in similar way as it is done here:
Array
(
[access_token] => ...
[base_domain] => ...
[expires] => 0
[secret] => ...
[session_key] => ...
[sig] => ...
[uid] => ...
)
but it didn't help. On the other side, when I copied my access_token generated via facebook developers (http://developers.facebook.com/docs/reference/api/user/) it works correctly, so it looks like my app generates an incorrect access token.
Do you have any idea where the problem can be?
To connect I use facebook-php-2.0 library.
You should upgrade to version 3 of the PHP SDK. We made some changes to the cookie format and other things you can read about here. Version 2 will stop working on September 1st, so you'll need to upgrade soon anyways. Once you've done that, things should work for you.
P.S. You probably will want to use the "/posts" connection rather than than the "/statuses" connection of the User object as it will also give you any posts the user made that include attachments. The "/statuses" connection will only return text-only posts the user made. We'll update the documentation to clarify that.