Shutterstock - lightboxes - Missing required scope error - php

I am trying to get my lightbox-collection of images from shutterstock. I am using php (wordpress site). For that I followed examples in documentation, but applied the code for my app.
To get token I use this code:
$client_id = 'My CLIENT ID here.';
$client_secret = 'My client secret there';
$redirect_uri = (isset($_SERVER['HTTPS']) ? 'https' : 'http') . '://' . "{$_SERVER['HTTP_HOST']}" . strtok($_SERVER['REQUEST_URI'], '?');
if(isset($_GET['code'])) {
$url = 'https://accounts.shutterstock.com/oauth/access_token';
$params = array(
code => $_GET['code'],
scope => 'collections.view',
client_id => $client_id,
client_secret => $client_secret,
redirect_uri => $redirect_uri,
grant_type => 'authorization_code'
);
$ch = curl_init($url);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $params);
curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_ANY);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
$response = curl_exec($ch);
curl_close($ch);
$json = json_decode($response);
if (json_last_error()) {
echo '<span style="font-weight:bold;color:red;">Error: ' . $response . '</span>';
} else {
$_SESSION['access_token'] = $json->access_token;
}
After that to get lightbox I go with this code:
...
$url = 'https://api.shutterstock.com/v2/images/collections/33162025/items';
$ch = curl_init($url);
curl_setopt($ch, CURLOPT_HTTPHEADER, array('Authorization: Bearer ' . $this->accessToken));
curl_setopt($ch, CURLOPT_USERAGENT, $_SERVER['HTTP_USER_AGENT']);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 1);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
$response = curl_exec($ch);
curl_close($ch);
return json_decode($response);
However, instead of request with lightbox info, I get this error:
Missing required scope: collections.view
As you see I have scope parameter in my parameters array. What am I missing there?


You are passing the scope after you have got the authorization which isn't right.
Pass the scope when you request for access token, see the case underneath.
https://accounts.shutterstock.com/oauth/authorize?client_id=xxxx&client_secret=yyyy&redirect_uri=http://zzz/zbc.php&scope=collections.view
Just replace your credentials and copy the url to the browser and it will definitely work.
Cheers :)

Related

Uniquely identify iOS device with DeviceCheck API and server side php code not working

I'm getting error : Missing or incorrectly formatted payload
I'm generating device token from Apple DeviceCheck API in swift language with real device and also passing Transaction ID to this php api.
jwt token generating successfully with this code but further code not working with apple query bit api.
This is my server side code in php :
<?php
require_once "vendor/autoload.php";
use Zenstruck\JWT\Token;
use Zenstruck\JWT\Signer\OpenSSL\ECDSA\ES256;
use \Ramsey\Uuid\Uuid;
$deviceToken = (isset($_POST["deviceToken"]) ? $_POST["deviceToken"] : null);
$transId = (isset($_POST["transId"]) ? $_POST["transId"] : null);
function generateJWT($teamId, $keyId, $privateKeyFilePath) {
$payload = [
"iss" => $teamId,
"iat" => time()
];
$header = [
"kid" => $keyId
];
$token = new Token($payload, $header);
return (string)$token->sign(new ES256(), $privateKeyFilePath);
}
$teamId = "#####";// I'm passing My team id
$keyId = "#####"; // I'm passing my key id
$privateKeyFilePath = "AuthKey_4AU5LJV3.p8";
$jwt = generateJWT($teamId, $keyId, $privateKeyFilePath);
function postReq($url, $jwt, $bodyArray) {
$header = [
"Authorization: Bearer ". $jwt
];
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $bodyArray); //Post Fields
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_HTTPHEADER, $header);
// curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
// curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
$server_output = curl_exec($ch);
//$info = curl_getinfo($ch);
// print_r($info);
//echo 'http code: ' . $info['http_code'] . '<br />';
//echo curl_error($ch);
curl_close($ch);
return $server_output;
}
$body = [
"device_token" => $deviceToken,
"transaction_id" => $transId,
"timestamp" => ceil(microtime(true)*1000)
];
$myjsonis = postReq("https://api.development.devicecheck.apple.com/v1/query_two_bits", $jwt, $body);
echo $myjsonis;
?>
Where is problem in this code? Or any other solution in php code.
Is there anything that I'm missing.

I just checked the Docs. They don't want POST fields like a form, they want a JSON body instead. Here's a snippet of code that you should be able to tweak to do what you require:
$data = array("name" => "delboy1978uk", "age" => "41");
$data_string = json_encode($data);
$ch = curl_init('http://api.local/rest/users');
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "POST");
curl_setopt($ch, CURLOPT_POSTFIELDS, $data_string);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_HTTPHEADER, array(
'Content-Type: application/json',
'Content-Length: ' . strlen($data_string))
);
$result = curl_exec($ch);
Actually, looking again at your code, it could be as simple as running json_encode() on your array.

Binance REST API - Placing a PHP Order (POST) via Query String

I am struggling using Binance's REST API. I have managed to get working GET request via query string such as pinging the server, ticker information, etc. My challenge now is performing POST request via query string using cURL. I have been scraping code from various places and referring back to the API to get pieces to work but I am unsure as to why I am getting this error returned from the result... {"code":-1102,"msg":"Mandatory parameter 'signature' was not sent, was empty/null, or malformed."}
(ERROR SHOWN ON WEBPAGE). I echo out the signature and its a load of gibberish so I would believe that the hash_hmac performed at the top would be working, but honestly I got pretty lucky making the GET request work. Does anyone have any suggestions as to why this would be broken? Thanks!
$apikey = "MYKEY";
$apisecret = "MYSECRET";
$timestamp = time()*1000; //get current timestamp in milliseconds
$signature = hash_hmac('sha256', "TRXBTC&type=market&side=buy&quantity=100.00&recvWindow=10000000000000000&timestamp=".$timestamp, $apisecret);
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, "https://www.binance.com/api/v3/order/test");
curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE);
curl_setopt($ch, CURLOPT_HEADER, FALSE);
curl_setopt($ch, CURLOPT_POST, TRUE);
curl_setopt($ch, CURLOPT_POSTFIELDS, "symbol=TRXBTC&type=market&side=buy&quantity=100.00&recvWindow=10000000000000000&timestamp=".$timestamp);
curl_setopt($ch, CURLOPT_HTTPHEADER, array("Content-Type: application/x-www-form-urlencoded","X-MBX-APIKEY: ".$apikey,"signature: ".$signature));
$response = curl_exec($ch);
curl_close($ch);
echo $response;

As per their API docs:
SIGNED endpoints require an additional parameter, signature, to be sent in the query string or request body.
You are sending the signature via neither of these methods and are instead sending it through the header.
Change this:
curl_setopt($ch, CURLOPT_POSTFIELDS, "symbol=TRXBTC&type=market&side=buy&quantity=100.00&recvWindow=10000000000000000&timestamp=".$timestamp);
curl_setopt($ch, CURLOPT_HTTPHEADER, array("Content-Type: application/x-www-form-urlencoded","X-MBX-APIKEY: ".$apikey,"signature: ".$signature));
To this:
curl_setopt($ch, CURLOPT_POSTFIELDS, "symbol=TRXBTC&type=market&side=buy&quantity=100.00&recvWindow=10000000000000000&timestamp=" . $timestamp . "&signature=" . $signature);
curl_setopt($ch, CURLOPT_HTTPHEADER, array("Content-Type: application/x-www-form-urlencoded","X-MBX-APIKEY: ".$apikey));

<?php
$secret = "F................";
$key = "D.................";
$s_time = "timestamp=".time()*1000;
$sign=hash_hmac('SHA256', $s_time, $secret);
$url = "https://api.binance.com/api/v3/account?".$s_time.'&signature='.$sign;
$ch = curl_init($url);
curl_setopt($ch, CURLOPT_HTTPHEADER, array('X-MBX-APIKEY:'.$key));
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($ch, CURLOPT_URL, $url);
$result = curl_exec($ch);
$result = json_decode($result, true);
echo '<pre>';
var_dump($result);
echo '</pre>';
?>

Here is an example, using php-curl-class
// Variables
// url, key and secret is on separate file, called using require once
$endPoint = "/api/v3/order/test";
$coin = "BTC";
$fiat = "EUR";
$symbol = $coin . "" . $fiat;
$side = "BUY";
$type = "LIMIT";
$timeInForce = "GTC";
$quantity = 1;
$price = 10000;
$timestamp = time();
// Constructing query arrays
queryArray = array(
"symbol" => $symbol,
"side" => $side,
"type" => $type,
"timeInForce" => $timeInForce,
"quantity" => $quantity,
"price" => $price,
"timestamp" => $timestamp*1000
);
$signature = hash_hmac("sha256", http_build_query($queryArray), $secret);
$signatureArray = array("signature" => $signature);
$curlArray = $queryArray + $signatureArray;
// Curl : setting header and POST
$curl->setHeader("Content-Type","application/x-www-form-urlencoded");
$curl->setHeader("X-MBX-APIKEY",$key);
$curl->post($url . "" . $endPoint, $curlArray);
if ($curl->error) {
echo 'Error: ' . $curl->errorCode . ': ' . $curl->errorMessage . "\n";
}
$order = $curl->response;
print_r($order);

I had the same problem, and nothing of above doesn't helped.
So I finaly figured out how to make order on my way.
So, maybe this helps someone.
function Kupovina($buy_parametri) {
$key = "xxxxxxxxxxxxxxx";
$secret = "xxxxxxxxxxxx";
$s_time = "timestamp=".time()*1000;
$timestamp = time()*1000; //get current timestamp in milliseconds
$sign = hash_hmac('sha256', $buy_parametri."&timestamp=".$timestamp, $secret);
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, "https://api.binance.com/api/v3/order");
curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE);
curl_setopt($ch, CURLOPT_HEADER, FALSE);
curl_setopt($ch, CURLOPT_POST, TRUE);
curl_setopt($ch, CURLOPT_POSTFIELDS, $buy_parametri."&".$s_time."&signature=".$sign);
curl_setopt($ch, CURLOPT_HTTPHEADER, array("Content-Type: application/x-www-form-urlencoded","X-MBX-APIKEY: ".$key));
$response = curl_exec($ch);
curl_close($ch);
return $response;
}
$buy_parametri = "symbol=BTCUSDT&type=market&side=buy&quantity=0.00086";
Call function:
Kupovina($buy_parametri);

Are facebook notifications from either vb.net or PHP?

Does anyone know if its possible to create a Facebook notification either via Vb.Net or PHP using the Facebook SDK version 4.
Ideally I'd like to have users on my website enter their Facebook login details which I'd then store their [facebook id] so I could send a weekly status notification via VB.Net to their Facebook account.
Edited
So far I get the scope ID from javascript and for testing copy it to PHP
<?php
$appId = '77585851581xxxx';
$appSecret = 'xxxx';
$userId = '1015273548332xxxx'; //Scope ID
$accesstoken = $appId . '|' . $appSecret;
$notificationText = 'The cake is a lie.';
//Get Access Token
$args = array('grant_type' => 'client_credentials',
'client_id' => $appId,
'client_secret' => $appSecret);
$ch = curl_init();
$url = 'https://graph.facebook.com/oauth/access_token';
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_HEADER, false);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, $args);
$returnValue = curl_exec($ch);
curl_close($ch);
echo $returnValue;
$accesstoken = $returnValue;
//Set Notification
$ch = curl_init();
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 10);
curl_setopt($ch, CURLOPT_TIMEOUT, 60);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE);
curl_setopt($ch, CURLOPT_USERAGENT, 'facebook');
$url = 'https://graph.facebook.com/' . $userId . '/notifications' .
'?access_token=' . $accesstoken .
'&template=' . $notificationText .
'&href=';
curl_setopt($ch, CURLOPT_URL, $url);
$curlResult = curl_exec($ch);
echo $curlResult;
?>
I now get the error:
Sorry, something went wrong. We're working on getting this fixed as soon as we can.

Tutorial for the PHP SDK 4.0: http://www.devils-heaven.com/facebook-php-sdk-4-0-tutorial/
Although i would suggest using simple CURL calls for App Notifications, you donĀ“t need the PHP SDK for that. Example code can be found here: http://blog.limesoda.com/2014/08/app-notifications-facebook-apps/
The article is in german, but the code is the relevant part:
$accessToken = $appId . '|' . $appSecret;
$notificationText = 'The cake is a lie.';
//init curl
$ch = curl_init();
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 10);
curl_setopt($ch, CURLOPT_TIMEOUT, 60);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE);
curl_setopt($ch, CURLOPT_USERAGENT, 'facebook');
//send notification
$url = 'https://graph.facebook.com/' . $userId . '/notifications' .
'?access_token=' . $accesstoken .
'&template=' . $notificationText .
'&href=';
curl_setopt($ch, CURLOPT_URL, $url);
$curlResult = curl_exec($ch);

How to post on user's wall in facebook after getting permission from user?

Is there any good tutorial that teaches how to post on user's wall with API? This is the flow:
The user will come on my website and click on post to facebook button at the end of article.
He is shown sign in dialog from facebook, after sign in he will give permission to my application to post on his wall on his behalf.
After authorization, his shared link will be posted on his wall.
Upon future shares, he will not be asked for permissions since he has already given permission to post on his behalf. So in future when he clicks 'Post to Facebook' button under the article then that item will be posted to his wall without opening facebook login dialog.
I have searched a lot on tutorials but have not found any that meets my requirement.
I am very new to facebook API and have not worked with it before.
Any suggestions or link to tutorials?
Thank You!

I've code to help you to post status with an image to an user's timeline.
After user has given permission to your app , you might have received a query string parameter called 'code' , using this code , we can post to user's timeline.
$code = #$_REQUEST["code"];
if(!empty($code))
{
// Start : Get live user access token ------------------------------------------ //
$token_url= "https://graph.facebook.com/oauth/"
. "access_token?"
. "client_id=" . FACEBOOK_APP_ID
. "&redirect_uri=" . urlencode( FACEBOOK_POST_LOGIN_URL)
. "&client_secret=" . FACEBOOK_APP_SECRECT
. "&code=" . $code;
$token = $this->get_app_access_token(FACEBOOK_APP_ID,FACEBOOK_APP_SECRECT,$token_url);
$access_token = $token;
// End : Get live user access token ------------------------------------------- //
// Start : Create album ------------------------------------------------------ //
$graph_url = "https://graph.facebook.com/me/albums?"
. "access_token=". $access_token;
$uri = 'https://graph.facebook.com/albums?access_token='.$access_token;
$post_fields = array('name' => trim( FACEBOOK_ALBUM_NAME ));
$curl = curl_init( $uri );
curl_setopt( $curl, CURLOPT_RETURNTRANSFER, 1 );
curl_setopt( $curl, CURLOPT_POST, TRUE );
curl_setopt( $curl, CURLOPT_POSTFIELDS, $post_fields );
$raw_data = curl_exec($curl);
curl_close( $curl );
$created_album_id = json_decode( $raw_data, $assoc = TRUE );
// End : Create album ---------------------------------------------------------- //
$facebook_share_image_url = FACEBOOK_SHARE_IMAGE_PATH;
$facebook_status_text = 'The status text';
$graph_url= "https://graph.facebook.com/me/photos";
$postData = "url=" . urlencode($facebook_share_image_url)
. "&message=" . urlencode($facebook_status_text)
. "&access_token=" .$access_token;
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $graph_url);
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $postData);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
$output = curl_exec($ch);
curl_close($ch);
// End : Add photos ------------------------------------------------------------- //
}
and the function to get app access token
function get_app_access_token($app_id, $secret,$token_url)
{
$url = 'https://graph.facebook.com/oauth/access_token';
$token_params = array(
"type" => "client_cred",
"client_id" => FACEBOOK_APP_ID,
"redirect_uri" => urlencode(FACEBOOK_POST_LOGIN_URL),
"client_secret" => FACEBOOK_APP_SECRECT
);
$a1 = $this->file_get_contents_curl($token_params,$token_url);
$a2 = str_replace("access_token=","",$a1);
$a3 = explode("&expires",$a2);
return $a3[0];
}
The other function access graph url
function file_get_contents_curl($params,$url)
{
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_FORBID_REUSE, 1);
curl_setopt($ch, CURLOPT_FRESH_CONNECT, TRUE);
$headers = array(
"Cache-Control: no-cache",
);
curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
$ret = curl_exec($ch);
curl_close($ch);
return $ret;
}
Hope it helps..!!

You can use simple facebook sharer URL:
https://www.facebook.com/sharer/sharer.php?u=YOURPAGEURL
Where YOURPAGEURL is the page URL which you want to share.. Hope this helps.

you have to permission pubish_stream on your app and then try this using curl:-
Also you need a user access token then send access token with curl call
$attachment = array(
'access_token' => $access_token,
'message' => 'i m success to using graph api for post wall',
'name' => 'Wall Post using graph api',
'link' => 'www.mysite.com',
'description' => 'Using the Graph API, any Facebook users Wall feed may be accessed by using this URL:',
'picture'=>'http://example.com/images/noimage.png'
);
$url = "https://graph.facebook.com/$facebook_id/feed";
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL,$url);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2);
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, $attachment);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); //to suppress the curl output
$result = curl_exec($ch);
curl_close ($ch);
print_r($result)
For more :- Graph API new feed post object-Attachment not showing
Post to a Facebook user's wall with cURL PHP

Token invalid - Error 401 in YouTube API

I am Working send message using youtuba api. But i got a Error on my file. it shows Invalid Token 401 Error. My file is given below.I'm pretty sure I must be missing something vital but small enough to not notice it.
<?php
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, "https://www.google.com/accounts/ClientLogin");
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
$data = array('accountType' => 'GOOGLE',
'Email' => 'User Email',
'Passwd' => 'pass',
'source'=>'PHI-cUrl-Example',
'service'=>'lh2');
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, $data);
$kk = curl_getinfo($ch);
$response = curl_exec($ch);
list($auth, $youtubeuser) = explode("\n", $response);
list($authlabel, $authvalue) = array_map("trim", explode("=", $auth));
list($youtubeuserlabel, $youtubeuservalue) = array_map("trim", explode("=", $youtubeuser));
$developer_key = 'AI39si7SavL5-RUoR0kvGjd0h4mx9kH3ii6f39hcAFs3O1Gf15E_3YbGh-vTnL6mLFKmSmNJXOWcNxauP-0Zw41obCDrcGoZVw';
$token = '7zWKm-LZWm4'; //The user's authentication token
$url = "http://gdata.youtube.com/feeds/api/users/worshipuk/inbox" ; //The URL I need to send the POST request to
$title = $_REQUEST['title']; //The title of the caption track
$lang = $_REQUEST['lang']; //The languageof the caption track
$transcript = $_REQUEST['transcript']; //The caption file data
$headers = array(
'Host: gdata.youtube.com',
'Content-Type: application/atom+xml',
'Content-Language: ' . $lang,
'Slug: ' . rawurlencode($title),
'Authorization: GoogleLogin auth='.$authvalue,
'GData-Version: 2',
'X-GData-Key: key=' . $developer_key
);
$xml = '<?xml version="1.0" encoding="UTF-8"?>
<entry xmlns="http://www.w3.org/2005/Atom"
xmlns:yt="http://gdata.youtube.com/schemas/2007">
<id>Qm6znjThL2Y</id>
<summary>sending a message from the api</summary>
</entry>';
// create a new cURL resource
$ch = curl_init();
// set URL and other appropriate options
curl_setopt($ch, CURLOPT_URL, $url );
curl_setopt($ch, CURLOPT_HEADER, TRUE );
curl_setopt($ch, CURLOPT_HTTPHEADER, $headers );
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, urlencode($xml) );
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_VERBOSE, 1 );
$tt = curl_getinfo($ch);
print_r($tt);
$result = curl_exec($ch);
print_r($result);
exit;
// close cURL resource, and free up system resources
curl_close($ch);
?>
any problem in my code? Please guide me. How can I get a result from this code?

Most likely your authentication is wrong, please debug that part first. Either you are not using right scope or that API is not enabled from your console.
On a separate note, I strongly suggest to use Youtube Data API v3 for this. We have updated PHP client library and great samples to get you started.

Categories