I am using the [Google Analytics API PHP] by wanze. I was able to set up authentication (using web auth only) and everything and I stored the token in a session. On another page, I use this code to find all the accounts the user logged in with.
session_start();
include('GoogleAnalyticsAPI.class.php');
$ga = new GoogleAnalyticsAPI();
$ga->auth->setClientId('replaces'); // From the APIs console
$ga->auth->setClientSecret('replaces'); // From the APIs console
$ga->auth->setRedirectUri('replaced'); // Url to your app, must match one in the APIs console
// Get the Auth-Url
$url = $ga->auth->buildAuthUrl();
// Set the accessToken and Account-Id
$ga->setAccessToken($_SESSION['accessToken']);
$ga->setAccountId('ga:xxxxxxx');
// Load profiles
$profiles = $ga->getProfiles();
print_r($profiles);
$accounts = array();
foreach ($profiles['items'] as $item) {
$id = "ga:{$item['id']}";
$name = $item['name'];
$accounts[$id] = $name;
}
// Print out the Accounts with Id => Name. Save the Id (array-key) of the account you want to query data.
// See next chapter how to set the account-id.
print_r($accounts);
I this returned:
Array
(
[http_code] => 403
[error] => Array
(
[errors] => Array
(
[0] => Array
(
[domain] => usageLimits
[reason] => accessNotConfigured
[message] => Access Not Configured. The API is not enabled for your project, or there is a per-IP or per-Referer restriction configured on your API key and the request does not match these restrictions. Please use the Google Developers Console to update your configuration.
[extendedHelp] => https://console.developers.google.com
)
)
[code] => 403
[message] => Access Not Configured. The API is not enabled for your project, or there is a per-IP or per-Referer restriction configured on your API key and the request does not match these restrictions. Please use the Google Developers Console to update your configuration.
)
)
<br />
<b>Warning</b>: Invalid argument supplied for foreach() in <b>/home3/chalzzy/public_html/dashboard/dashboard.php</b> on line <b>21</b><br />
Array
(
)
I see in a lot of places that I need to remove or set all refers in a "Referrals" section in the console but I can't seem to fins that in the new or old console. If it is there and I can't find it, can you please give me a url or a screenshot?
Also, these are all the APIs I have installed for this project:
Thanks in advance,
Ben
Also, let me know if you need more details!
Hey (I'm sorry it was a very stupid question),
What you have to do is add to your APIs list "Analytics API" in the Developers Console.
Related
I am using Firebase authentication in my Flutter app to manage the users (Facebook, Google, Email...). When the user log in my app, I send the Firebase token to my PHP server, where that token is verified with JWT.
The problem is that, although the token generated by the email login is correctly verified, the token generated by the Facebook or Google login fails with "SignatureInvalidException: Signature verification failed".
Facebook login code in the Flutter app:
FirebaseAuth auth = FirebaseAuth.instance;
final LoginResult result = await FacebookAuth.instance.login();
final FacebookAuthCredential facebookAuthCredential = FacebookAuthProvider.credential(result.accessToken.token);
UserCredential user = await auth.signInWithCredential(facebookAuthCredential);
String token = await auth.currentUser.getIdToken();
print(token.toString());
The information of the token is correctly validated in the https://jwt.io/ debugger, so the header and the payload are fine.
In the PHP server (Same code for both cases):
Validating the email&password token (OK):
stdClass Object ( [iss] => https://securetoken.google.com/project-123546 [aud] => project-123546 [auth_time] => 1603424825 [user_id] => S2gpfdsa156dsacdsfQ2z1 [sub] => S2gpfdsa156dsacdsfQ2z1 [iat] => 1603424825 [exp] => 1603428425 [email] => user#example.com [email_verified] => [firebase] => stdClass Object ( [identities] => stdClass Object ( [email] => Array ( [0] => user#example.com ) ) [sign_in_provider] => password ) )
Validating the Facebook token (KO):
Fatal error: Uncaught Firebase\JWT\SignatureInvalidException: Signature verification failed in server\vendor\firebase\php-jwt\src\JWT.php:122 Stack trace: #0 server\token.php(18): Firebase\JWT\JWT::decode('eygswbdsasdJSUzI...', '-----BEGIN CERT...', Array) #1 {main} thrown in server\vendor\firebase\php-jwt\src\JWT.php on line 122
PHP code:
$token = "...TOKEN-FROM-APP...";
$pkeys_raw = file_get_contents('https://www.googleapis.com/robot/v1/metadata/x509/securetoken#system.gserviceaccount.com');
$pkeys = json_decode($pkeys_raw, true);
$decoded = JWT::decode($token, $pkeys, ["RS256"]);
print_r($decoded);
The KeyID match with the key in https://www.googleapis.com/robot/v1/metadata/x509/securetoken#system.gserviceaccount.com, but I think that the app (or Firebase) is not signing correctly the token with the private key in the Facebook and Google login. However, I am using auth.currentUser.getIdToken() too in the email&password login, so there are not differences.
Any idea how to resolve this?
Investigating in the firebase library for Flutter I found the answer to this problem. I post it here just in case it was helpfull for someone.
The library is fine and the signature is correctly generated.
The reason is totally unrelated to the library - debugPrint() in Flutter/Dart on the Android platform does not have enough buffer to print out the entire token string.
So the problem is the print(token.toString());, if you send the token to the server it will be correctly decoded.
All the info about this issue:
https://github.com/FirebaseExtended/flutterfire/issues/2728
I think you can use log to get the whole token:
log(token);
Even though jwt token is invalid somehow from https://jwt.io, but I am still able to verify it from my backend which is Java using Firebase Admin SDK.
FirebaseAuth.getInstance(firebaseApp).verifyIdToken(token);
Also, you can print like this:
final idToken = await firebaseCredential.user!.getIdToken(true);
print(idToken.substring(0, 1000));
print(idToken.substring(1000));
I was developing a Shopify App. It was working fine till yesterday evening, but then I started getting the Bad Request [400] error, after the user allow access to the app for his shop.
Error is below
(https://SHOP-NAME.myshopify.com/admin/oauth/access_token) in /path/to/shopify/authentication/oauth.php on line 28
Array (
[method] => POST
[uri] => https://SHOP-NAME.myshopify.com/admin/oauth/access_token
[query] => Array ( )
[headers] => Array ( )
[payload] => Array (
[client_id] => {CLIENTID}
[client_secret] => {CLIENT_SECRET}
[code] => {CODE}
)
)
I'm doing a POST cURL Request with Content-Type:application/x-www-form-urlencode and all the request are validated to be coming from shopify.
If anyone want more information I can provide.
Thanks.
If this happening after the user authorizes the app, it could be an issue with the permanent token they have received. You could try grabbing the token that is generated and doing a POSTMAN request manually to query the API to verify the token works.
If it worked before and you didn't make any changes to the app, it could be a temporary API issue, even though I found that to be rare with my app.
The code parameter that is sent from Shopify can only be used a single time.
If you re-make the original request that sends the code parameter to your server, you should be able to make the call successfully.
The question is about Google Translate API
I set a project and turn the billing on (with some money on the account)
I created a key for server app (also tryed to use a browser key) and added all 3 IPs I have (home and 2 servers)
What I see:
It does work in apis-explorer and in a browser address bar (https://www.googleapis.com/language/translate/v2/detect?q=an%20english%20text&key=MY_KEY)
It returns 403 error if I trying to get the same URL from PHP code:
$apiKey = 'MY_KEY';
$url = 'https://www.googleapis.com/language/translate/v2/detect?q=an%20english%20text&key=' . $apiKey . '';
$handle = curl_init($url);
curl_setopt($handle, CURLOPT_RETURNTRANSFER, true);
$response = curl_exec($handle);
curl_close($handle);
print_r(json_decode($response, true));
thre result:
Array (
[error] => Array (
[errors] => Array (
[0] => Array (
[domain] => usageLimits
[reason] => ipRefererBlocked
[message] => There is a per-IP or per-Referer restriction configured on your API key and the request does not match these restrictions. Please use the Google Developers Console to update your API key configuration if request from this IP or referer should be allowed.
[extendedHelp] => https://console.developers.google.com
))
[code] => 403
[message] => There is a per-IP or per-Referer restriction configured on your API key and the request does not match these restrictions. Please use the Google Developers Console to update your API key configuration if request from this IP or referer should be allowed.
))
I checked the IPs dozens of times, tryed to use browser key with allowed URL as referer.
Out of ideas.
Thanks for admins, they helped to figure out.
By default - curl using our ipv6 address...
So we have three options here:
curl_setopt($handle, CURLOPT_IPRESOLVE, CURL_IPRESOLVE_V4 );
add ipv6 address to allowed list
Turn ipv6 off forthe server
I had to be more attentive and remember about ipv6 :-)
I am told that this is fixed by simply removing all Ip's from the edit allowed IP's option. This makes it so that it is less secure, but it will accept all IP's after that.
I am trying to implement SAML authentication system using onelogin.com, I am using this php library https://github.com/simplesamlphp/saml2 with below code
// Set up an AuthnRequest
$request = new SAML2_AuthnRequest();
// $request->setId(SAML2_Utils::generateId());
$request->setIssuer('http://localhost:8888/yii2/dw/advanced/frontend/web/index.php?r=site/auth');
$request->setDestination('https://app.onelogin.com/trust/saml2/http-post/sso/418578');
// Send it off using the HTTP-Redirect binding
$binding = new SAML2_HTTPRedirect();
$binding->send($request);
Above code is successfully authenticating me and posting back me to my success page, but I don't know how to get user information from posted data.
I am trying below code to get the user data
$response = new \SAML2_Response();
print_r($response);
It is giving below data
SAML2_Response Object
(
[assertions:SAML2_Response:private] => Array
(
)
[inResponseTo:SAML2_StatusResponse:private] =>
[status:SAML2_StatusResponse:private] => Array
(
[Code] => urn:oasis:names:tc:SAML:2.0:status:Success
[SubCode] =>
[Message] =>
)
[extensions:protected] =>
[tagName:SAML2_Message:private] => Response
[id:SAML2_Message:private] => _afe4d7fd7add270de7d334231e2eec68d1492363130
[issueInstant:SAML2_Message:private] => 14340322405
[destination:SAML2_Message:private] =>
[consent:SAML2_Message:private] => urn:oasis:names:tc:SAML:2.0:consent:unspecified
[issuer:SAML2_Message:private] =>
[relayState:SAML2_Message:private] =>
[document:protected] =>
[signatureKey:SAML2_Message:private] =>
[messageContainedSignatureUponConstruction:protected] =>
[certificates:SAML2_Message:private] => Array
(
)
[validators:SAML2_Message:private] => Array
(
)
)
From above output I am not able to get user information, Please help.
Your code:
$response = new \SAML2_Response();
actually creates a new SAML 2.0 Response object instead of parsing the one that is posted back from the IDP. This call should be used by an IDP that wants to create a SAML response. You should be looking to execute something like the following code on the Assertion Consumer (ACS) URL:
$b = SAML2_Binding::getCurrentBinding();
$response = $b->receive();
but I would very strongly advise you to use simpleSAMLphp itself (or another 3rd party SAML implementation) for integration SAML in to your PHP application since it deals with all complex and security sensitive SAML processing.
The SAML 2.0 library is only meant for developers who want to use SAML for other purposes than Web SSO or that want to rebuild a SAML implementation because simpleSAMLphp does not suit them. Assuming you have no requirements that simpleSAMLphp can't meet, you're far better off (and secure) using that. Moreover, if you'd have an extension requirement, I would create a pull request for simpleSAMLphp instead of redoing that project from scratch.
#HansZ is right. Be careful when using directly the SAML core of simpleSAMLphp instead the whole framework.
I also wanted to suggest an alternative, since you want to connect your application with onelogin.com, why not use the OneLogin's PHP SAML Toolkit? https://github.com/onelogin/php-saml
I have enabled billing and have 10$ balance in my project,
I have created Key for browser applications, with right referrer
I have generate key , my code is given below
$api_key = 'My Key is Here';
$response = file_get_contents('https://www.googleapis.com/language/translate/v2?key='.$api_key.'&q=hello%20world&source=en&target=de');
//decode json to array
$json = json_decode($response);
//show the json array in a readable format
echo '<pre>';
//show array
print_r($json);
I am getting following errors
stdClass Object
(
[error] => stdClass Object
(
[errors] => Array
(
[0] => stdClass Object
(
[domain] => usageLimits
[reason] => accessNotConfigured
[message] => Access Not Configured. Please use Google Developers Console to activate the API for your project.
)
)
[code] => 403
[message] => Access Not Configured. Please use Google Developers Console to activate the API for your project.
)
)
Please would you help me to figure out, what i have missed or did wrong that i get above error.
Many Thanks
Make sure you have enabled translate API in developer console.