I've followed a couple of different guides on this, but I can't seem to get my head around the way in which Uservoice 3-legged OAuth works.
The guides I've followed:
https://github.com/uservoice/uservoice-php#verifying-a-uservoice-user
https://developer.uservoice.com/docs/api/php-sdk/ (See: Associating your users with their UserVoice profiles)
I can successfully redirect the user to the uservoice auth screen, which asks for permission, and on clicking "Allow Access" they are taken back to the correct callback URL, however this is where their documentation fails...
Following exactly what they suggest, I do the following:
$access_token = $client->login_with_verifier($_GET['oauth_verifier']);
However this fails of course unless I have a $client, so, I make that as I did on the last request... but then it complains that UserVoice\Client::$request_token isn't set on line 130 (see here).
And the only way to set that variable, is to recreate the auth link... which generates a whole new OAuth process, so it inevitably fails authentication.
I'm wondering if anybody knows how I can work around this?
Was able to put this down to a small bug in the package, and have submitted a pull request to fix this
https://github.com/uservoice/uservoice-php/pull/4
Related
So I'm trying to get the latest tweets posted by a user using a PHP script (and caching the results into a text file). I'm using the request https://api.twitter.com/1/statuses/user_timeline.json?count=5&screen_name=google and it's been working fine as a public client, but in order to get better control over my API hit limit I need to authenticate my requests.
I've tried the method shown at https://dev.twitter.com/docs/auth/application-only-auth , but after I successfully connect I get the error "Your credentials do not allow access to this resource" (why ?). So I've tried to use the OAuth method (which looks frighteningly complicated for a hobbyist like me), and downloaded the TwitterOAuth library. But I'm still having trouble connecting ! I put my credentials in the config.php file, but I have no idea where to go from there. The documentation seems to be hinting that I need to manually login to Twitter to authorize the application's connection token... or something. Apparently I need to redirect to some callback URL (what even ?!) and get a short-term connection to enable a long-term connection password which I have to store for later ? What is this madness ?
I was initially under the impression that I could just fetch data from Twitter's RSS feeds but those can't be accessed from scripts for some reason (unlike the Google News RSS feed which fetches just fine). It seems I've gotten myself into something much more complicated than what I signed for. Isn't there an easier (and saner) way of doing this ? Or is nothing decidedly simple ?
I apologize for being such an easily-confused dullard, but my head is spinning.
Thanks !
Edit : after digging around some more I decided to just use PHP curl to fetch the raw page, and then do some Xpath voodoo to get the tweets and the time they were posted at. Of course, this is CPU-intensive, far from stable, and probably not a practice that pleases the folks at Twitter; it also only returns the last 20 tweets (which is thankfully enough for my needs).
However, Cormac Driver's response below about Temboo is certainly a method I'll be investigating next time I need to do something like that.
Temboo provides a simple way of using OAuth to authenticate with Twitter. The process is broken down into two steps:
InitializeOauth. This step returns a Twitter authorization URL that Twitter account holders can visit to grant access to your script.
FinalizeOauth. This step returns the access token that your script will need to make authenticated requests to the Twitter API on behalf of the user.
Full details on how to do this with PHP here: https://www.temboo.com/library/Library/Twitter/OAuth/
You can see an example of how Temboo handles OAuth for Facebook on this page. The PHP source code is provided, and it's almost identical to the code you'll need to do the same thing for Twitter.
(Full disclosure: I work at Temboo)
I am having trouble figuring this out. Facebook is implementing a new policy https://developers.facebook.com/roadmap/offline-access-removal/ that no longer allows for the simpler "offline_access" tokens that you used to be allowed to get. I am developing an application that needs to access the Graph API every 3 hours with a cronjob, and I am not sure how to set this up so that I dont need to login to access it, since I cant login with a cronjob if I am redirected to a login page. I am assuming I need to use some sort of a Curl call within a php script to get this working. I dont need to post anything, all I am doing is grabbing posts from a few public pages. Any Ideas? I already have a script in place that can do what I want it to, given that I log in first with the login_url. Just need this working with a cronjob.
First of all a reply to the first question - there is nothing to be done on your side. The facebook's change simply means that this kind of applications is no longer possible. The best thing you can do is to request an extended token, which then lasts around 30 (or 60, not sure) days. To request it you need to call the fb api - as shown here and here (albeit not python examples, they are useful pointers). Official FB's explanation is here.
However, this token is going to be invalidated on every occasion the user changes their password, remove the app or log out of facebook. You would need to have a look which requests failed and manually notify the users to renew the token at your side and store the new one.
To your second question about crawling public posts - do you even need an access token? Try using the Graph API without it and see if you can get to the information you are interested in.
I am trying to get a list of all Google Apps users of a domain onto a public PHP website (without visitors of the site needing to login or do anything). I have a basic understanding of what needs to happen but can't quite piece it all together. It can't be as hard as it seems to me... could it?
Authentication and Authorization:
I'm pretty sure it needs to use OAuth 2.0 ... but am unsure whether it needs 2 legged or 3 legged. I got another section of the site working with ClientLogin but that won't pull in Google Apps profiles, only user's first and last names (I need the other profile fields). I have set up the API access within the account and have that side of things all set (I believe).
I have found this page, which shows how to construct a URL request to get all Profiles (in every language except PHP of course) but don't understand how to implement this.
http://code.google.com/googleapps/domain/profiles/developers_guide.html
I also tried this example but it just gives me a 401 after I enter the credentials. http://gdatatips.blogspot.com/2008/11/2-legged-oauth-in-php.html
I don't know which frameworks or includes are needed to accomplish this either. I have tried zend, OAuth.php and a whole bunch of other bootstraps... but keep getting lost as to what each is doing.
If someone could help me by outlining:
Which files/framework I need to upload and include as a bootstrap
What variables within those files I need to update with the Google credentials
How I integrate the Google Profiles "Retrieve all Profiles" request with PHP
An ELI5 (explain it like i'm 5) overview would be very much appreciated... I'm sorry for my apparent incompetence, but I have been reading articles for nearly a week and have not gotten anywhere.
Thank you in advance for any help provided.
Good question.
You'll need to implement the Google OAuth 2.0 process as it's described here (experimental?), because someone (you) will need to give your app the initial permissions to access Google Apps API. Steps are:
Register your domain with google (don't remember the link)
Redirect/send browser to an authentication url: https://accounts.google.com/o/oauth2/auth, with the appropriate request params (see the first link). You'll need access_type=offline, your scope would be https://apps-apis.google.com/a/feeds/user/
Get a code back, then exchange for a refresh_token, an access_token, and a value specifying when the access_token will expire. Store these in a database
Whenever you need to make an API call, check if your access_token has expired or not, and refresh when necessary, which is what the refresh_token is for. The refresh_token is valid as long as you don't revoke the access you gave to the app.
OAuth Playground helps a lot. Good luck.
I'm using Facebook's PHP SDK, and it's been great so far. However, I have a weird issue on one page. On this page, I make a call to the graph API, then later a call using FQL. On the second call, however, I get an "Invalid OAuth 2.0 Access Token" exception. Why would the token become invalid while the first call worked? I also use FQL (same exact query/code) elsewhere in my site, and it works just fine. Does anyone know what would cause this?
Update: First call is a graph call (/me?fields=email).. second is querying for current user's affiliation, if that helps.
Could be one of several things, but if I had to hazard a guess, I'd say that you're trying to access something out-of-session, and your oauth token doesn't include the offline_access permission for the resource being accessed.
Perhaps some more detail about the nature of your API calls/FQL queries would help us narrow it down.
Hope this doesn't get too complicated. :) thing is..
I'm trying to make my PHP code post notes to Google Buzz using OAuth as authentication mechanism. I'm doing the typical "OAuth dance" (get request token, authorise it, exchange for access token), but i've ran into some problems that seem to be on Google's side. Hope i'm wrong - it would be much easier to fix. :)
To get to the point - oauth_callback parameter doesn't seem to get passed to the authorization form. Authorization URI i'm redirecting to is like:
https://www.google.com/buzz/api/auth/OAuthAuthorizeToken
?domain=<my.domain>
&scope=<urlencode(https://www.googleapis.com/auth/buzz)>
&oauth_token=<request_token>
&oauth_callback=<my.domain/callback>
When redirected, client is asked to authorize site to read/write from/to Buzz. If accepted, Google asks again (but in different form) to allow access to .. after allowing for second time, success message is shown, but it doesn't return any tokens to my site, not redirecting to oauth_callback uri.
Workaround i found is to manually add form field 'oauth_callback=' trough firebug/chrome inspector, and then, after these two confirmations it redirects to my site and i can extract authorized token from response, and exchange it for access token. If i use 'standard' Google's authorization endpoint, i get redirected correctly (one confirmation only), but then the access token i get after that is invalid for Buzz.
So, am i wrong or google?! :D I've implemented OAuth for cooperation with some other services (Facebook, MySpace..) but i've never had this much trouble.
ok, when i got on the problem next morning, with (partially) fresh eyes, solution was pretty easy (but still undocumented).. :) in case anybody else needs answer - oauth_callback parameter should be specified when requesting request token.