I'm trying to implement Yahoo OAuth 2.0 to import contacts to my application. I'm using PHP, and this guide (Server-side Apps part) :
https://developer.yahoo.com/oauth2/guide
I have created my app, authorize access and receive my code
"authorization code is appended to the redirect_uri, shown below as
code=abcdef"
I've successfully arrive at step 4.
https://developer.yahoo.com/oauth2/guide/#step-4-exchange-authorization-code-for-access-token
Here, I cannot get a response for https://api.login.yahoo.com/oauth2/get_token and receive my Access Token.
I'm using https://github.com/saurabhsahni/php-yahoo-oauth2/blob/master/YahooOAuth2.class.php class.
Here is my code :
include_once("/libraries/Yahoo/YahooOAuth2.class.php");
// step 1, step2, step3
// Successfully received authorization code and stored in my session
[...]
//my Client ID (Consumer Key)
$cc_key = 'x3485sdfsfsdfsdfsdf[..]';
//Client Secret (Consumer Secret)
$cc_secret = '3423423fddssdfsdf';
//my authorization code receive
$code = $_GET['code'];
define("CONSUMER_KEY",'$cc_key');
define("CONSUMER_SECRET",$cc_secret);
$redirect_uri="http://dev.example.com/user/register-step4";
$token=$oauth2client->get_access_token(CONSUMER_KEY,CONSUMER_SECRET,$redirect_uri,$code);
I'm getting 401 error:
"Received error: 401 Raw response:{"error":"invalid_grant"}"
From yahoo api errors:
401 invalid_grant : An invalid or expired token was provided.
This is not true, because my authorize code should be good, because I just received exactly like in the specifications.
Related problems:
https://developer.yahoo.com/forum/Messenger-IM-SDK/not-getting-response-for-https-api-login-yahoo-com-oauth-v2-get-request-token/1310023528000-09714556-4cd3-38c5-b799-d29e8d5f9bcb/
Related
I have an issue with Socialite authentication via Google. I have two separate apps: Laravel and React Native. For react native app I use #react-native-community/google-signin and after getting a token on the client I'm sending it to the Laravel app, where I pass this token into Socialite function: Socialite::driver('google')->userFromToken($token); . I get this error:
Client error: GET https://www.googleapis.com/oauth2/v3/userinfo?prettyPrint=false resulted in a 401 Unauthorized response:
{
"error": "invalid_request",
"error_description": "Invalid Credentials"
}
I've rechecked credentials 4 times and I'm sure they are right. I use the same client id as in react native app. What am I doing wrong?
Note: I am using ID token to authorise instead of auth token.
From my research on a similar issue - It looks like Google one tap doesn't work in the same way as oAuth does.
So, you'd have to fetch a user from the $token manually, using the google/apiclient package.
There's an example in Google docs (it's in the android-section, but these particular snippets refer to back-end part, so it should still do the trick)
composer require google/apiclient
// Get $id_token via HTTPS POST.
$client = new Google_Client(['client_id' => $CLIENT_ID]); // Specify the CLIENT_ID of the app that accesses the backend
$payload = $client->verifyIdToken($id_token);
if ($payload) {
$userid = $payload['sub'];
// If request specified a G Suite domain:
//$domain = $payload['hd'];
} else {
// Invalid ID token
}
You can find more info on this Google Docs Page
I'm getting google api authorization code from this page on my server
https://github.com/google/google-api-php-client/blob/master/examples/user-example.php
the same page on my hosting to test
http://mawk3y.net/google/google-api-php-client/examples/user-example.php
after adjusting client id, secret and redirect uri.
$data =file_get_contents('https://accounts.google.com/o/oauth2/auth?code='.$code.'&client_secret={secret}&redirect_uri={my web page}&grant_type=authorization_code');
print_r($data);
but i get an error so i'm trying to paste the full url to the browser address bar after getting authorization code from that page like this (the same auth code I get from this page https://developers.google.com/oauthplayground/)
https://accounts.google.com/o/oauth2/token?code={authorization code}&redirect_uri=mywebpage.php&client_id={my client id}&client_secret={secret code}&grant_type=authorization_code
but the result is
{
"error" : "invalid_request"
}
how to solve this and exchange the authorization code for access token
You're sending the parameters in a GET request to the authorization endpoint (https://accounts.google.com/o/oauth2/auth), but you must send them in a POST request to the token endpoint (https://accounts.google.com/o/oauth2/token).
Having recently finished the process of having created the script that retrieves permissions from a account holder I now find that I have to convert the retrieved access token and token secret (from the GetAccessToken response) to the API signature in order to create a X-PAYPAL-AUTHORIZATION header.
The X-PAYPAL-AUTHORIZATION header contains:
A timestamp
The access token from the GetAccessToken response
A signature generated from the following information:
Your API username
Your API password
The access token from the GetAccessToken response
The token secret from the GetAccessToken response
The endpoint for the PayPal API operation's request, such as https://api.paypal.com/nvp
HTTPS delivery method, such as POST
Request parameters associated with the request
The problem is I can't find how to generate the signature. There are no guides in PHP (JAVA and Ruby).
I did however note the line in the guide I followed (first link) to retrieve the permissions:
PayPal provides SDKs that you can use to generate authentication header signatures for Java, PHP, and .NET. When you use the SDK, you will get two values, such as the following:
But what followed was the JAVA guide and I could not find anything amongth Paypal's SDKs.
Any help would be greatly appreciated!
This documentation actually cuts out the function from their PHP SDK that should do it for you.
private function generateAuthString($apiCred, $accessToken, $tokenSecret, $endpoint)
{
$callerUid = $apiCred->getUserName();
$callerPswd = $apiCred->getPassword();
$auth = new AuthSignature();
$response = $auth->genSign($callerUid,$callerPswd,$accessToken,$tokenSecret,'POST',$endpoint);
$authString =
"token=".$accessToken.
",signature=".$response['oauth_signature'].
",timestamp=".$response['oauth_timestamp'];
return $authString;
}
I had an implementation of OAuth working with Fitbit to pull data from fitbit's service. However they recently updated their service and now the request is failing whenever I try to get an access token.
They have made the following statement about the new requirement:
The solution is to OAuth sign the requests to <https://api.fitbit.com/oauth/request_token> and <https://api.fitbit.com/oauth/access_token> in a similar manner that all other calls to the Fitbit API are signed.
Requests to <https://api.fitbit.com/oauth/request_token> need to be signed with your application's consumer key and secret.
Requests to <https://api.fitbit.com/oauth/access_token> need to be signed with your application's consumer key and secret and the oauth_token and oauth_verifier received from the authorization callback.
I am using the PHP PECL OAuth library for OAuth requests. However I can't find a way to add additional parameters to the signature. I am trying the following but I'm not sure that this is the correct way to update the OAuth Signature:
$params['consumer_key'] = $this->consumer_key;
$params['consumer_secret'] = $this->consumer_secret;
$params['oauth_token'] = $this->oauth_token;
$params['oauth_verifier'] = $_REQUEST['oauth_verifier'];
$this->signature = $this->oauth->generateSignature('GET', $this->access_url, $params);
$this->access_token = $this->oauth->getAccessToken($this->access_url, $this->signature, $_REQUEST['oauth_verifier']);
The OAuth error I get is:
401
Invalid auth/bad request (got a 401, expected HTTP/1.1 20X or a redirect)
oauthoauth_signatureInvalid signature: FfvYDv5MSOfwcOwLZBJa0TlKS4Q=false
The signature which is stored from the code above shows that the proper signature should be:
[signature] => wlfzqPs4aEkTkHfqyaO65D/RW6o=
This is the "Headers Sent" piece of the debug information:
[headers_sent] => Authorization: OAuth oauth_session_handle="Frdnxw8oHe3BgNVi0Fy4jBXrZko%3D",
oauth_verifier="ss6nmke8elf3so66jg3auued49",
oauth_consumer_key="(my key)",
oauth_signature_method="HMAC-SHA1",
oauth_nonce="30463910852ea5cc2d04e60.71895372",
oauth_timestamp="1391090882",
oauth_version="1.0",
oauth_token="2cabd6beab341e332bdf8e522b6019ef",
oauth_signature="hULwWcQOl%2F8aYjh0YjR843iVXtA%3D"
I can't find anything in the documentation which explains how I can set the signature for OAuth to use with it's request. Any Help would be greatly appreciated!!!
Please let me know if you need more information!
I have found the issue.
It turns out I was not saving the oauth_token_secret being handed back and I was instead using the consumer secret.
Once I updated this, the process ran as expected.
I have problems with the authentication, i am doing this steps:
1. First time I get the oauth_signature by using this site url with following details:
http://7digital.github.io/oauth-reference-page/
url: https://api.7digital.com/1.2/oauth/requesttoken
consumer key: MY_KEY
consumer secret: MY_SECRET_KEY
nonce: 814629426
**timestamp: 1383291284
body encoding:** application/json
and them send request to get the oauth_token for the 7digital API:
https://api.7digital.com/1.2/oauth/requesttoken?oauth_consumer_key=MY_KEY&oauth_nonce=184615245&oauth_signature_method=HMAC-SHA1&oauth_timestamp=1383144733&oauth_version=1.0&oauth_signature=sJ%2B%2BPq2i9LfC1xGG1EHx2DrTBxg%3D
This request gets the oauth_token and the oauth_token_secret.
2. I need to authorize the oauth_token with the client key:
https://account.7digital.com/7dysvzdxkkmf/oauth/authorise?oauth_token=7EP6KGD
The request responses a page to registration or login if i have a 7digital account.
3. I need to access token:
https://api.7digital.com/1.2/oauth/accesstoken?oauth_token=JXLDXZY&oauth_consumer_key=MY_KEY&oauth_signature=uJ8jUSre5%2Fe5qiJsA5jeN54143M%3D&oauth_timestamp=1383204749&oauth_nonce=558206579
But on step 3 i got error message:
OAuth authentication error: Invalid signature.
What's wrong in my code?