I have successfully implemented "Login with Google" feature and everything works perfectly but I would like to add one extra feature - "Disconnect Your Google Account".
I can easily remove a row from "auth" table (user_id, source, source_id) but I would like to remove it from:
https://security.google.com/settings/security/permissions
too!
I guess I have to use a PHP client library for accessing Google APIs: https://github.com/google/google-api-php-client
And that's okay. But I'm not sure about sending GET and POST requests - when user is logging first time I can save in my database data such as:
(
[access_token] => MY_ACCESS_TOKEN
[token_type] => Bearer
[expires_in] => 3599
[id_token] => MY_ID_TOKEN
)
But what about expiring? They don't login everytime - they will be logged for couple of weeks or even months and that means my token data can expired?
Thank you.
Related
The latest specification for connecting to the BigCommerce API recommends using OAuth since the simple auth method will soon be deprecated.
I have been using the BigCommerce API within some PHP scripts that access the Store API for my store. These scripts do relatively simple things like update product names, update product prices, etc.
I'm confused as to how I transfer these scripts over to use the new OAuth system. Everything I am reading makes it seem like OAuth is based around developing an actual app that a user installs and authorizes to access their store. However, this is clearly not my use case, and has left me very confused.
A simple example would be a script to retrieve products from my store. I would simply run this code in a PHP file:
Bigcommerce::configure(array(
'store_url' => 'https://www.my-store.com',
'username' => 'my_username',
'api_key' => 'xxxxxxxxxxxxxxxxxxxxxxxxxxxx'
));
Bigcommerce::setCipher('RC4-SHA');
Bigcommerce::verifyPeer(false);
Bigcommmerce::getProducts();
How can I achieve this same thing using OAuth? Is it even possible?
I would probably create a quick "app" to get a Client ID, Client Secret & Token. Then use those credentials for authentication externally. So you would install an "authentication app" but execute your code from outside of BC.
Note that this is not that different from how an installed app that is iframed in works.
PS, I have not actually tried this but in theory it should work.
I realize this may be a bit off-topic as I see you're using PHP and my experience has been with C# but thought I'd add my comments on the issue so maybe someone will benefit:
I've been working on this same type of oauth token issue and the docs haven't been much help, but once I got going I finally managed to get the app setup by creating my SSL callback page locally on my server. Once I specified that URL in the app settings I was all set. The caveat being I had to do perform the 'install' from the server itself since it wasn't a public URL while logged into BC as the store owner. I was then able to get the temporary token from the querystring and post back to https://login.bigcommerce.com/oauth2/token and obtain the permanent token from the response stream.
One thing their API rep did mention that may be of interest is that eventually you're going to need to refresh the 'permanent' token every 60-90 days or so once they get their end in order.
#developerscott is perfectly correct, but just to add on to your question on how to achieve the same thing as your code using oAuth with the BC PHP API SDK
Once you have an oAuth access token and the client_id of an app you created, you can use them to utilize oAuth in your PHP scripts. You just need to provide those credentials into the Bigcommerce::configure() method like so, instead of the username and api_key properties:
Bigcommerce::configure(array(
'store_hash' => 'abcdef',
'client_id' => '123xxxx321',
'auth_token' => 'xxxxxxxxxxxxxxxxxxxxxxxxxxxx'
));
Bigcommerce::setCipher('RC4-SHA');
Bigcommerce::verifyPeer(false);
Bigcommmerce::getProducts();
I am building a website with google login using hybridauth.
I just want some basic info such as email, userid and username but I cannot set the scope correct.
It keeps ask for "have offline access"
I tried each of these url in the scope:
https://www.googleapis.com/auth/plus.me
https://www.googleapis.com/auth/plus.login
https://www.googleapis.com/auth/userinfo.profile
https://www.googleapis.com/auth/userinfo.email
"Google" => array (
"enabled" => true,
"keys" => array ( "id" => "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx", "secret" => "xxxxxxxxxxxxxxxxxxxxxxxxx"),
"scope" => "https://www.googleapis.com/auth/plus.me"
//https://developers.google.com/+/api/latest/people/get
),
I have read these two article, but still cannot figure it out
google plus outh thing
"This app would like to: Have offline access" when access_type=online
A couple of the answers in the post you linked to pointed out that the userinfo.profile and userinfo.email scopes are deprecated and scheduled for removal soon, and that this is related to the access_type issue you're seeing. Try using just the plus.me or plus.login scopes, or one of the other non-deprecated scopes from the Google Developer documentation you linked to.
It also sounds like this prompt may take place if you have already authorized the app to some scopes, and are requesting a change to the scopes used in that app. You may wish to completely disconnect the app at http://plus.google.com/apps and see if that helps.
Finally, you may wish to show the code you're using to see if we can help you find an error there.
I found a whole bunch of related questions here, but since Twitter had made a lot of changes in its API, most of them are outdated (+ nothing actually solved my problem).
So My website is a semi social network (with posts, likes comments etc). The user has the option to post to twitter and facebook through my site. Everything is working just fine, posts are finding their way to both FB and TW.
I'm using Twitter oauth php library, posting is done like so:
$response = $connection->post("statuses/update", array('status' => "Tweet"));
but when if I want to verify user's credentials like so:
$response = $connection->get("account/verify_credentials.json");
I get:
[0] => stdClass Object
(
[message] => Sorry, that page does not exist
[code] => 34
)
I don't think the problem is in the authentication process nor in the app settings, for I was able to post a tweet but got that same error, both using the same access token (and obviously the same app).
apparently you get this 34 error for a variety of cases, the documentations is so ambiguous about it.
So any troubleshooting techniques are appreciated.
Just use
$response = $connection->get("account/verify_credentials"); // Remove the .json
Hi and thank you in advance,
I am currently trying to send a search request to Facebook Graph Api in PHP, and each time i send a request to the API it returns an empty array.
Sending my request to the Graph Api using the exemple on the developer page of facebook located here
My parameters are the following.
Param
(
[access_token] => "this is a valide access token that i removed to posted in the forum.",
[type] => location,
[center] => 45.33,36.210,
[distance] => 2000
)
and the path of the request is the following : https://graph.facebook.com/search
with the Get method.
But my result is constantly the same, its an empty array.
Is this feature broken, not in service or am i sending the lat long in the wrong format.
Facebook places restrictions on retrieving posts that specify locations. You can only return results for your query if:
you or a friend authored the post
you or a friend were tagged in the post.
See here for more details: https://developers.facebook.com/docs/reference/fql/location_post/
I'm trying to get the status from facebook users, who connect to my app with offline_access and read_stream permissions.
All the processes will use subscription to get notification about new feeds, and then take access to status of the user, who changed it.
The code for subscription works great, I get all info as it should be, but the problem starts with second part - every time I try to access user status via
$objFacebook->api('/'USER_ID'/statuses?access_token=TOKEN', 'get', $params);
I get the exception:
An access token is required to request this resource
I tried to set access_token which I got when connected to my website via facebook login, also tried to set the whole session in similar way as it is done here:
Array
(
[access_token] => ...
[base_domain] => ...
[expires] => 0
[secret] => ...
[session_key] => ...
[sig] => ...
[uid] => ...
)
but it didn't help. On the other side, when I copied my access_token generated via facebook developers (http://developers.facebook.com/docs/reference/api/user/) it works correctly, so it looks like my app generates an incorrect access token.
Do you have any idea where the problem can be?
To connect I use facebook-php-2.0 library.
You should upgrade to version 3 of the PHP SDK. We made some changes to the cookie format and other things you can read about here. Version 2 will stop working on September 1st, so you'll need to upgrade soon anyways. Once you've done that, things should work for you.
P.S. You probably will want to use the "/posts" connection rather than than the "/statuses" connection of the User object as it will also give you any posts the user made that include attachments. The "/statuses" connection will only return text-only posts the user made. We'll update the documentation to clarify that.