We are trying to post from PHP to a Facebook, we are using HybridAuth but the question is not related to it.
What works:
-posting to user profile, works fine,including when using picture and link
-posting to page works including image(but not with link)
What does not work
-posting to page when we set a link(the url is not the issue since it works posting it to user profile )
The error is a generic error, that is not helping at all,thank you Facebook developers for giving us the trouble of guessing what is wrong
{"error":{"message":"An unknown error has occurred.","type":"OAuthException","code":1}}
I also made a simple script using curl to test this without involving the HybridAuth code and I get same error
<?
$access_token = "xxxxxx";
$page_id="352300454896456";
$msg = "test message ".time();
$title = "test title";
$uri = "http://www.example.com";
$desc = "test description";
//$pic = "http://ploscariu.com/simion/programming/kudani/kudani.png";
$attachment = array(
'access_token' => $access_token,
'message' => $msg,
'name' => $title,
'link' => $uri,
'description' => $desc//,
//'picture'=>$pic,
//'actions' => json_encode(array('name' => $action_name,'link' => $action_link))
);
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, 'https://graph.facebook.com/'.$page_id.'/feed');
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2);
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, $attachment);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); //to suppress the curl output
$result = curl_exec($ch);
print_r($result);
curl_close($ch);
?>
My question is, what is special about this "link" parameter and page posting? do we need some undocumented permission ? or is just some graph API bug I am wondering if we need sme different token for posting links ,but usually permission issue get back a good error message
in the image is the debug tool results on the access_token I get from the HybridAuth call, I tested using a short access token I get using JS API and posting with that works, but short access token are not a solution
Is the information in the image, about the token that it never expires true? How can I get such a token using the http API and curl(no SDKs)
I found the issue, it was the access_token, I know it makes no sense that it worked without the link parameter but with the link parameter did not worked, but this is the truth. So you need to make sure you get the page access_token, you get that from me/accounts or with your SDK.
The conclusion is that the Facebook developers are doing a bad job, wrong error messages, and allowing to post with wrong token.
Related
Currently I am trying to get reviews from https://play.google.com/store/apps/details?id=com.rosterelf.android.phone&hl=en by following https://developers.google.com/android-publisher/api-ref/rest/v3/reviews/list documentation.
I am using the PHP (cURL) method but I am keep getting an error saying --- Request is missing required authentication credential. Expected OAuth 2 access token, login cookie or other valid authentication credential.
Below are my steps what I have done / tried so far.
Created one Api KEY, OAuth 2.0 Client ID and Service Account in Google Developer Console.
Enabled the Google Play Android Developer API and Google Play Custom App Publishing API too.
Going at my browser https://accounts.google.com/o/oauth2/auth?scope=https://www.googleapis.com/auth/androidpublisher&response_type=code&redirect_uri=REDIRECT-URI&client_id=CLIENT-ID
It gives me the code in response and then to be able to get access_token, I am using below PHP cURL code which is also working fine.
<?php
$client_id = 'CLIENT-ID';
$redirect_uri = 'REDIRECT-URL';
$client_secret = 'CLIENT-SECRET';
$code = 'CODE';
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, "https://accounts.google.com/o/oauth2/token");
curl_setopt($ch, CURLOPT_POST, TRUE);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_POSTFIELDS, array(
'code' => $code,
'client_id' => $client_id,
'client_secret' => $client_secret,
'redirect_uri' => $redirect_uri,
'grant_type' => 'authorization_code'
));
$data = curl_exec($ch);
var_dump($data);
exit;
And in response, I am successfully able to get the access_token.
Now I am trying to go directly to this page in browser https://www.googleapis.com/androidpublisher/v3/applications/com.rosterelf.android.phone/reviews?access_token=ACCESS-TOKEN but it keeps saying me...
Request had invalid authentication credentials. Expected OAuth 2 access token, login cookie or other valid authentication credential. See https://developers.google.com/identity/sign-in/web/devconsole-project
-> I have checked the roles and permissions and it has owner as a permission in service account.
-> My REDIRECT-URI also the same URL throughout this process.
I event tried this URL to fetch the reviews https://androidpublisher.googleapis.com/androidpublisher/v3/applications/com.rosterelf.android.phone/reviews/review?access_token=ACCESS-TOKEN but having the same error.
Can someone please guide me what am I missing from here and why I am getting here and what exactly I should do from here on to get the reviews ?
Any help or suggestions will be highly appreciated.
Thanks in advance.
This is an example for that API using the official client library. I believe this code is for service account authentication. The service account will need to be properly configured see using_a_service_account How to create service account credetinals just remember to enable the proper library.
<?php
require_once 'google-api-php-client-2.2.2\vendor\autoload.php';
putenv('GOOGLE_APPLICATION_CREDENTIALS=client_secret.json');
$client = new Google_Client();
$client->useApplicationDefaultCredentials();
$client->addScope(Google_Service_AndroidPublisher::ANDROIDPUBLISHER);
$android_publisher = new Google_Service_AndroidPublisher($client);
$response = $android_publisher->reviews->listReviews('appname');
echo "<pre>";
var_dump($response);
I am developing a PHP project that needs Facebook integration. So before I do it on code , I am testing it using Facebook Graph API explorer tool (https://developers.facebook.com/tools/explorer). What I am doing now is.
1st Step
Get the user access_token by using the button at the top left.
2nd Step
Make a GET request to "me/accounts" to get the page token and page id.
3rd Step
Make a POST request to "{page_id}/feed" with the fields message={message} and access_token={page_token}
It worked perfectly and posted on my Facebook Fan Page. But when I try to replace the "3rd Step" with PHP code like this
$data['message'] = "my message";
$data['access_token'] = $page_access_token; //page token from 2nd step
$ch = curl_init();
curl_setopt($ch,CURLOPT_URL, 'https://graph.facebook.com/{page_id}/feed');
curl_setopt($ch, CURLOPT_VERBOSE, 1);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, FALSE);
curl_setopt($ch,CURLOPT_POSTFIELDS, $data);
curl_setopt($ch,CURLOPT_RETURNTRANSFER,TRUE);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, TRUE);
curl_setopt($ch, CURLOPT_POST, 1);
$resp = curl_exec($ch);
curl_close($ch);
$data_resp = json_decode($resp);
print_r($data_resp);
It show me this error.
stdClass Object ( [error] => stdClass Object ( [message] => (#200) Permissions error [type] => OAuthException [code] => 200 ) )
I set the permissions of manage_pages,publish_pages,publish_actions
Passing an array for CURLOPT_POSTFIELDS means cURL will send the request as Content-Type multipart/form-data – but you want application/x-www-form-urlencoded instead.
Use http_build_query on your $data array, and use the resulting string for CURLOPT_POSTFIELDS.
Have a look at the docs at
https://developers.facebook.com/docs/graph-api/reference/v2.4/page/feed#publish
Permissions
A user access token with publish_actions permission can be used to publish new posts on behalf of that person. Posts will appear in the voice of the user.
A page access token with publish_pages permission can be used to publish new posts on behalf of that page. Posts will appear in the voice of the page.
You should run the used access token through
https://developers.facebook.com/tools/debug/accesstoken/
to see whether it contains the appropriate permission(s).
I've successfully implemented the oAuth2 authentication process using the Web Server Flow of the REST API in PHP between my application and Salesforce, and it's working great when connecting with a Developer Edition type Salesforce account.
However, it's not working when trying to connect a test or prod environment type Salesforce account: I can't get an access token with the authorization code given by Salesforce since Salesforce gives me this error:
{"error_description":"authentication failure","error":"invalid_grant"}
Does anybody have an idea why it's not working ?
Here's what I've done:
Step 1 => OK => Redirect user to Salesforce
Step 2 => OK => User logs in
Step 3 => OK => User is redirected to our application with the authorization code
Step 4 => NOT OK => We request an access token using the authorization code given by Salesforce
We have tried it all (maybe not though :D): we have checked all the security configuration on our end and on the customer's end, we have checked for IP restrictions (no IP restriction is used), we have given our App "Full Access", but still no luck. We are receiving the authorization code which is encoded correctly and seems normal.
Does anybody have an idea why it's not working ?
Do you know if I need to validate our connected App before it can be used by test or prod type Salesforce accounts ?
Thanks a lot for all your help in advance.
Cheers
Quentin
NOTE : This is a duplicate of the following issue I guess, but it got no answer :( https://developer.salesforce.com/forums?id=906F00000009AFvIAM
I also saw this but it didn't fix my issue Salesforce Authentication Failing
EDIT 1 :
Here's the code I use ($instance is 'https://test.salesforce.com' in our case):
$url = $instance . '/services/oauth2/token?format=json';
$postFields = array(
'code' => $code,
'grant_type' => 'authorization_code',
'client_id' => $this->clientId,
'client_secret' => $this->clientSecret,
'redirect_uri' => $this->redirectURL);
// Create the CURL object.
$handle = curl_init($url);
curl_setopt($handle, CURLOPT_SSL_VERIFYPEER, FALSE);
curl_setopt($handle, CURLOPT_RETURNTRANSFER, TRUE);
curl_setopt($handle, CURLOPT_FOLLOWLOCATION, TRUE);
curl_setopt($handle, CURLOPT_POST, TRUE);
curl_setopt($handle, CURLOPT_POSTFIELDS, $postFields);
I feel pretty dumb answering my own question but that may help somebody someday.
In my "Edit 1", I was wrong about the content of $instance.
It was not pointing to 'https://test.salesforce.com', it was pointing to 'https://login.salesforce.com' so it was normal to get an "authentication failure" error.
So if you're experiencing the same problem, do check the URL you're sending the request to.
I'm trying to create an application on LinkedIn that's using OAuth2 for authentication and am running into some errors. The client runs on an iOS device and uses an oAuth library to make a call to LinkedIn's servers. My iOS client successfully gets the authorization_code. The client application then passes that authorization_code to my server, which attempts to connect to linkedIN again and get the access_token. This step consistently fails, I get the following error from LinkedIn: {"error":"invalid_request","error_description":"missing required parameters, includes an invalid parameter value, parameter more than once. : client_id"}
My POST method to LInkedIN does contain the client_id, it only contains it once, and I've triple checked the values for all the parameters, they are correct. I've also reset the access multiple times from https://www.linkedin.com/secure/settings and I've even created additional applications on LinkedIn, I keep getting the same result.
I've checked other responses, such as this one: unable to retrieve access token linkedin api and tried the suggestions: revoke keys, request new keys etc, nothing seems to be working.
Here is my server code:
$tokenURL = 'https://www.linkedin.com/uas/oauth2/accessToken';
$redirectURL = 'https://staging.textsuggestions.com';
$clientId = '75a4ezqh741sup';
$clientSecret = 'XXXXXXXX';
$tokenArguments = array("grant_type" => "authorization_code",
"code" => $code,
"redirect_uri" => $redirectURL,
"client_secret" => $clientSecret,
"client_id" => $clientId);
// send the request to the server getting data
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $tokenURL);
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, $tokenArguments);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
$response = json_decode(curl_exec($ch), true);
curl_close($ch);
if (!empty($response["error"])) {
error_log("Error is: " . $response["error"]);
exit (0);
} else {
// no error, get the access_token and do stuff with it
$timeout = $response["expires_in"];
$access_token = $response["access_token"];
}
Ok I realized what I was doing wrong, the client application library that I was using was generating the full access token (not the auth code). So I was trying to pass in the access token in the place of the auth code. The error that I was getting from Linked In was certainly misleading and I should have checked the client library I was using more carefully.
Have you tried to check your code against this code sample?
https://developer.linkedin.com/documents/code-samples
Check that the POST headers include "Content-Type": "application/x-www-form-urlencoded".
What I am trying to do: Connect to the Tumblr API v2 via PHP and be able to create new posts
The problem: The API response is always something similar to Invalid OAuth credentials. Unable to get info
The strange part is that I am able to connect to the API (http://www.tumblr.com/docs/en/api/v2) with no problems when I do a GET request but there must be something I must be doing wrong with my signature when I try to create a POST.
Here is my code:
$params = array("type" => "quote", "quote"=>"test" );
$consumer = new OAuthConsumer($consumer_key, $consumer_secret, null);
$token = new OAuthConsumer($access_token['oauth_token'], $consumer_secret);
$req_req = OAuthRequest::from_consumer_and_token($consumer, $token,
"POST", 'http://api.tumblr.com/v2/blog/MY_URL/post', $params);
$req_req->sign_request(new OAuthSignatureMethod_HMAC_SHA1(),
$consumer, $token, null);
$result = $req_req->to_postdata();
$ch = curl_init('http://www.tumblr.com/api/write');
curl_setopt($ch, CURLOPT_URL, 'http://www.tumblr.com/api/write');
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, $result);
A var_dump of $result echoes the following
oauth_consumer_key=xxxxxxxx&oauth_nonce=xxxxxxx&oauth_signature=xxxxxx
&oauth_signature_method=HMAC-SHA1&oauth_timestamp=1325033502&oauth_token=xxxxxx
&oauth_version=1.0"e=test&type=quote
I am not sure the curl_init must be calling http://www.tumblr.com/api/write but I also tried with api.tumblr.com/v2/blog/{base-hostname}/post with no luck
I also checked all the variables to see if the tokens are OK and they seem to be working fine.
Any hint in the right direction will be appreciated as I have went to page 30 of Google and I just see people with the same issue as myself.
I've been having success with this library, which was written around a year ago.
I checked the dump of the result before the curl and it looks more or less the same as yours, so i'm not sure what the difference is.