The documentation for accessing the Quickbooks Online API seems to revolve around creating applications for public use. I'm only interested in developing an app to access my very own Quickbooks file. However, I'm having difficulty authenticating.
I successfully obtain all the necessary codes and can run API calls in the API playground. My preference would be not to use any libraries (including the Quickbooks PHP library as it does not support JSON).
I have spent hours searching but I do not know how to 'sign' the various secrets and codes to obtain the Oauth token needed. Does anyone have working PHP code?
I'd like to simply be able to input in the values and make the API calls via curl.
I have spent hours searching but I do not know how to 'sign' the various secrets and codes to obtain the Oauth token needed.
You sign the code using OAuth. This is a well documented authentication method, with many implementations.
Does anyone have working PHP code?
Sure:
https://github.com/consolibyte/quickbooks-php/blob/master/QuickBooks/IPP/OAuth.php#L77
https://code.google.com/p/oauth-php/
https://php.net/manual/en/book.oauth.php
https://pecl.php.net/package/oauth
https://github.com/Lusitanian/PHPoAuthLib
My preference would be not to use any libraries
OAuth is not a trivial authentication method. You should use a library to sign your requests -- it will save you a lot of time vs. implementing your own OAuth signatures.
Related
i am currently working on a Project with Firebase and i am trying to Implement the Firebase Cloud messaging service. I manage to make it work with a combination of PHP and Javascript (Javascript sends a Requiest to the server, where php makes a call to the Firebase API to send out a Notification).
The problem here is, that the code i use is for the old version, so its not using the HTTP v1.
When i looked at the docs on how to upgrade to the new version, i found out you need a short-lived OAuth 2.0 access token.
Thing is, the docs only show how you can get it via node.js, java, python, c# and go.
So my question is, is there a way to get the short-lived OAuth 2.0 access token with php or do i have to use something like node.js for it?
I'm not sure I fully understand your requirements, but if you want to send FCM notification from a PHP backend, I'd suggest checking out this (unofficial) Admin SDK for PHP (Disclaimer: I'm the creator of that library)
In its current state, you would need a Firebase Service Account (with Admin access) to be able to send notifications with it, but I'm currently working on a feature that will allow you to retrieve an OAuth access token for a given user (https://github.com/kreait/firebase-php/pull/390) in case you really need this.
I'd like to invite you to join https://discord.gg/nbgVfty (the Discord-Community around the PHP Admin SDK) to discuss your use case and process further.
Even if the SDK is not for you, looking through the code might could give you some ideas...
An alternative could be to use the Google PHP Api Client Services library, in which you can find a FirebaseCloudMessaging service.
I hope this helps!
Is it possible to passively access google API using google api php client library? What I want to do is connect to google API by providing necessary credentials (not using oauth).
Basically, my oauth authentication will be in googleads php lib and want to access resources using php client lib. Or is there any way to accomplish this? Thanks.
EDIT:
What I really curious about for hours is integrating those two libraries (GoogleAds PHP Api and Google API Client API). The former uses pure Oauth and the latter uses 'Google_Client' implementation in accessing Google API.
I'm having a bit of trouble figuring out how to properly proceed making calls using the Intuit QuickBooks Online API v3. I've looked at the API Explorer, and from my understanding, I can send and receive JSON.
They also provide information about the base URL, the entity, etc: https://developer.intuit.com/docs/api/accounting/Customer
So I'm wondering, am I supposed to be using the QuickBooks SDK that they mention to download? https://developer.intuit.com/docs/0100_accounting
Or would I be able to utilize their API using something like cURL? I don't want to reinvent the wheel of course, but with all the information they provide and no reference to the SDK itself, that's where I started to get a little confused. They basically tell you how to make the calls, but don't reference the SDK in those documents.
Just to provide some extra information, I'm using PHP 5.5 and Laravel.
So I'm wondering, am I supposed to be using the QuickBooks SDK that they mention to download?
If you want to, sure.
Or would I be able to utilize their API using something like cURL?
Again, if you want to, sure. Just be aware that if you use cURL, you'll have to do some OAuth signing of your requests (see the OAuth spec) or find an OAuth lib too.
Here's another open-source alternative if you need something with more examples (disclaimer: I'm the author):
https://github.com/consolibyte/quickbooks-php
Examples:
https://github.com/consolibyte/quickbooks-php/tree/master/docs/partner_platform/example_app_ipp_v3
I want to add a row to a Google Spreadsheet using PHP and the following library: https://github.com/asimlqt/php-google-spreadsheet-client which seems to be pretty simple.
However, I don't know how to obtain the required access token via the suggested Google's https://github.com/google/google-api-php-client library. I do not want my users to authenticate using OAuth, it is my server side, I just want to have a static access key somehow. It looks like the API has changed since the developer of the php-google-spreadsheet-client has used it?!
How to obtain a static access key from Google?
If not possible, how to obtain one without redirecting the user?
Is it possible to obtain such a key via https://github.com/google/google-api-php-client ?
For anybody interested: Google is coming up with a solution to the problem called "service accounts": https://code.google.com/p/google-api-php-client/wiki/OAuth2#Service_Accounts
Unfortunately it is not supported by many Google APIs yet. In the meantime one can run the "normal" OAuth authentication process once with the service user and cache the cookie for future use.
Alternative solution: use the old Zend framework and rely on Google API v1 instead of v3.
I have a main website (which contain all data) and multiple client websites which fetch data from the main website. Each client website has access to different set of data on main website. I want to create a PHP based web API for this. This is my first API so I am not sure what is the best and most secure way to do this.
After some googling I found OAuth to be the most common authentication method for APIs. however in my case I want the client website to be configured once and then the communication should be automatic, i.e. communication should take place in background without any user interference. Is OAuth required for this scenario?
Or is there any other method I can implement here?
oauth is way to complicated to implement for your needs.
If you are using rest, i suggest using a basic-auth in the header and using SSL so that your communication is encrypted.
You could make a small SecurityFilter that checks if for any request with a url pattern /api/ that the basic-auth is correct and that it use SSL...
It really depends on how you are exposing your API.
If you are using REST, HTTP Basic Auth over HTTPS is sufficient. I see a lot of people try to implement their own solutions when the provided approach is quite sufficient.
If you are using SOAP, there is a SOAP-based approach you could use: WS-Security (which is just a standard using anything from SAML assertions to OAuth tokens).
If passing Basic Auth credentials over HTTPS is too "open" for you, in that the credentials are saved in config on the client server somewhere, OAuth2 is probably the best solution. Doing OAuth on the server side wouldn't require any user interaction. You just store your tokens in a server config and let the OAuth library take care of the rest. PHP has a library for this PHP OAuth Library. There are plenty of OAuth2 libraries for PHP. Just Google it.
After some more googling and research I found answer to my question:
The scenario I explained is an example of 2-legged oauth (one can find many articles about 2-legged and 3-legged oauth)
Also, OAuth is not difficult to implement, infact for a developer with good knowledge of API and Auth system its very easy.
Here's a link of very good php OAuth library with example code http://code.google.com/p/oauth-php/