Why are the POST values inaccessible? - php

I am using Guzzle to make HTTP POST requests to a webservice I'm developing.
I use a service description JSON file for this operation, which looks like this:
{
"name": "My webservice",
"apiVersion": "1.0",
"description": "My webservice is a webservice",
"operations": {
"createStuff": {
"httpMethod": "POST",
"uri": "/stuff/{accountid}/{product}/things",
"summary": "Creates a thing",
"parameters": {
"accountid": {
"location": "uri",
"description": "The account ID of the stuff"
},
"product": {
"location": "uri",
"description": "The product of the stuff"
}
},
"additionalParameters": {
"location": "body"
}
}
}
}
The code that does the work is split in 2 classes (they're not long, I promise) :
StuffApi
class StuffApi
{
protected $client;
public function __construct(ClientInterface $client, $baseUrl)
{
$this->client = $client;
//tell the client what the base URL to use for the request
$this->client->setBaseUrl($baseUrl);
//fill the client with all the routes
$description = ServiceDescription::factory(__DIR__."/../resources/routes.json");
$this->client->setDescription($description);
}
public function create(StuffEntity $entity)
{
$postArray = array('postParam1' => $entity->getPostParam1(), 'postParam2' => $entity->getPostParam2());
$params = array(
'parameters' => json_encode($postArray),
'accountid' => $entity->getAccountId(),
'product' => $entity->getProduct()
);
$response = $this->performCall('createStuff', $params);
$locationAsArray = $response->getHeader('location')->raw();
$location = $locationAsArray[0];
return $location;
}
private function performCall($operationName, $parameters)
{
$command = $this->client->getCommand($operationName, $parameters);
$command->prepare();
$response = $this->client->execute($command);
return $response;
}
}
MySubscriber
class MySubscriber implements Symfony\Component\EventDispatcher\EventSubscriberInterface
{
public static function getSubscribedEvents()
{
return array('request.success' => 'onRequestSuccess');
}
public function onRequestSuccess(Event $event)
{
var_dump($event['request']->getPostFields());
}
}
The code that uses the above classes is:
$client = new Guzzle\Service\Client();
$subscriber = new MySubscriber;
$client->addSubscriber($subscriber);
$api = new StuffApi($client, 'http://url.to.webservice.com/');
$x = new StuffEntity();
$x->setAccountId(654143);
$x->setProduct('theproduct');
$x->setPostParam1(1);
$x->setPostParam2('989054MNBNMO5490BMN54');
$result = $api->createStuff($x);
OK, now the problem is, since I did a var_dump of the POST fields in the onRequestSuccess method, I expected to see the values 1 and "989054MNBNMO5490BMN54" which I set above.
Instead, I get this:
object (Guzzle\Http\QueryString) [35]
protected 'fieldSeparator' => string '&' (length=1)
protected 'valueSeparator' => string '=' (length=1)
protected 'urlEncode' => string 'RFC 3986' (length=8)
protected 'aggregator' => null
protected 'data' =>
array (size=0)
empty
I really need access in the onRequestSuccess method to the POST information used in the request. Why is it not there ? Or am I trying to get it in the wrong way ?
Thank you in advance.
PS: The Guzzle version I use is 3.8.1.

Related

Schema is not configured for mutations in webonyx/graphql-php

i'm new in graphql.
I'm try to config graphql mutation via siler+swoole php framework, that use webonyx/graphql-php.
When i post query i'm get error "Schema is not configured for mutations", but it's configured in my shema.
My index
$typeDefs = file_get_contents(__DIR__.'/schema.graphql');
$resolvers = include __DIR__.'/resolvers.php';
$schema = GraphQL\schema($typeDefs, $resolvers);
GraphQL\execute($schema, GraphQL\request()->toArray(), [], [])
schema.graphql :
schema {
query: Query
mutation: Mutation
}
type Query {
clusters: [Cluster!]!
}
type Cluster {
id: Int
title: String
}
type Mutation {
addCluster(title: String!): Cluster!
}
resolver.php
<?php
use RedBeanPHP\R;
//R::setup('sqlite:'.__DIR__.'/db.sqlite');
$clusters = [
'clusters' => function () {
return R::findAll('clusters');
},
];
$queryType = [
'clusters' => function () {
return R::findAll('clusters');
},
];
$mutationType = [
'addCluter' => function ($root, $args) {
$title = $args['title'];
$cluster = R::dispense('cluster');
$cluster['title'] = $title;
R::store($cluster);
return $cluster;
},
];
return [
'Cluster' => $clusters,
'Query' => $queryType,
'Mutation' => $mutationType,
];
And my query is:
mutation addCluster($clusterName: String) {
addCluster(clusterName: $clusterName) {
id
}
}
The response says:
Schema is not configured for mutations

Yii2 paypal payment integration

I am using this https://www.yiiframework.com/extension/bitcko/yii2-bitcko-paypal-api#usage With yii2 to enable payments my code looks like this.
public function actionMakePayment(){
if(!Yii::$app->user->getIsGuest()){
// Setup order information array
$params = [
'order'=>[
'description'=>'Payment description',
'subtotal'=>45,
'shippingCost'=>0,
'total'=>45,
'currency'=>'USD',
]
];
// In case of payment success this will return the payment object that contains all information about the order
// In case of failure it will return Null
Yii::$app->PayPalRestApi->processPayment($params);
}else{
Yii::$app->response->redirect(Url::to(['site/signup'], true));
}
Everything is went as per my expectation this call is returning somthing like this to dom.
{ "id": "PAYID-LTKUAVA8WK14445NN137182H", "intent": "sale", "state": "approved", "cart": "9RE74926AX5730813", "payer": { "payment_method": "paypal", "status": "UNVERIFIED", "payer_info": { "first_name": "Susi", "last_name": "Flo", "payer_id": "KWPDGYRP2KCK4", "shipping_address": { "recipient_name": "Susi Flo", "line1": "Suso", "line2": "bldg", "city": "Spring hill", "state": "FL", "postal_code": "34604", "country_code": "US" }, "phone": "3526003902", "country_code": "US" } }, "transactions": [ { "amount": { "total": "45.00", "currency": "USD", "details": { "subtotal": "45.00", "shipping": "0.00", "insurance": "0.00", "handling_fee": "0.00", "shipping_discount": "0.00" } }, "payee": { "merchant_id": "NHN6S6KT4FF6N", "email": "arunwebber2-facilitator#gmail.com" }, "description": "Payment description", "invoice_number": "5cd5404d624a9", "soft_descriptor": "PAYPAL *TESTFACILIT", "item_list": { "items": [ { "name": "Item one", "price": "45.00", "currency": "USD", "tax": "0.00", "quantity": 1 } ], "shipping_address": { "recipient_name": "Susi Flo", "line1": "Suso", "line2": "bldg", "city": "Spring hill", "state": "FL", "postal_code": "34604", "country_code": "US" } }, "related_resources": [ { "sale": { "id": "6LN25215GP1183020", "state": "completed", "amount": { "total": "45.00", "currency": "USD", "details": { "subtotal": "45.00", "shipping": "0.00", "insurance": "0.00", "handling_fee": "0.00", "shipping_discount": "0.00" } }, "payment_mode": "INSTANT_TRANSFER", "protection_eligibility": "ELIGIBLE", "protection_eligibility_type": "ITEM_NOT_RECEIVED_ELIGIBLE,UNAUTHORIZED_PAYMENT_ELIGIBLE", "transaction_fee": { "value": "2.43", "currency": "USD" }, "receipt_id": "3896118010137330", "parent_payment": "PAYID-LTKUAVA8WK14445NN137182H", "create_time": "2019-05-10T09:30:10Z", "update_time": "2019-05-10T09:30:10Z", "links": [ { "href": "https://api.sandbox.paypal.com/v1/payments/sale/6LN25215GP1183020", "rel": "self", "method": "GET" }, { "href": "https://api.sandbox.paypal.com/v1/payments/sale/6LN25215GP1183020/refund", "rel": "refund", "method": "POST" }, { "href": "https://api.sandbox.paypal.com/v1/payments/payment/PAYID-LTKUAVA8WK14445NN137182H", "rel": "parent_payment", "method": "GET" } ], "soft_descriptor": "PAYPAL *TESTFACILIT" } } ] } ], "create_time": "2019-05-10T09:11:48Z", "update_time": "2019-05-10T09:30:10Z", "links": [ { "href": "https://api.sandbox.paypal.com/v1/payments/payment/PAYID-LTKUAVA8WK14445NN137182H", "rel": "self", "method": "GET" } ] }
How can I store this to my database? for a specefi user id i can get user id with this.
echo Yii::$app->user->id;
I want to store this value along with the user id how can I do that? And a payment success message to the user :)

Update
Looks like the component class needs to be fully copied and edited before it can correctly override the checkOut() method as the property $apiContext accessed in the method is private rather than being $protected so either you copy that whole component and place it in you frontend/components directory and change it accordingly and then use.
Above all that class is poorly designed and written too, it would be better if you use the following component that i have been using in my Yii2 projects. I havent removed the extra code and have pasted the file as is in the answer. you can remove/comment the part related to the BalanceHistory TransactionHistory and the email part. you need to install paypal checkout sdk via composer or add below in your composer.json
"paypal/paypal-checkout-sdk": "1.0.1"
Paypal Component
<?php
namespace frontend\components;
use Yii;
use common\models\{
User,
BalanceHistory,
TransactionHistory
};
use yii\base\Component;
use common\components\Helper;
use PayPalCheckoutSdk\Core\{
PayPalHttpClient,
SandboxEnvironment,
ProductionEnvironment
};
use PayPalCheckoutSdk\Orders\{
OrdersGetRequest,
OrdersCreateRequest,
OrdersCaptureRequest
};
class Paypal extends Component
{
/**
* The Pyapal Client Id
*
* #var mixed
*/
public $clientId;
/**
* The Paypal client Secret
*
* #var mixed
*/
public $clientSecret;
/**
* API context object
*
* #var mixed
*/
private $httpClient; // paypal's http client
/**
* #var mixed
*/
private $user_id;
/**
* Override Yii's object init()
*
* #return null
*/
public function init()
{
$this->httpClient = new PayPalHttpClient(
Yii::$app->params['paypal']['mode'] == 'sandbox' ?
new SandboxEnvironment($this->clientId, $this->clientSecret) :
new ProductionEnvironment($this->clientId, $this->clientSecret)
);
$this->user_id = Yii::$app->user->id;
Yii::info("User: {$this->user_id} Init PayPal", 'paypal');
}
/**
* Returns the context object
*
* #return object
*/
public function getClient()
{
return $this->httpClient;
}
/**
* Set the payment methods and other objects necessary for making the payment
*
* #param decimal $price the amount to be charged
*
* #return string $approvalUrl
*/
public function createOrder($price)
{
//create order request
$request = new OrdersCreateRequest();
$request->prefer('return=representation');
setlocale(LC_MONETARY, 'en_US.UTF-8');
$price = sprintf('%01.2f', $price);
Yii::info("User: {$this->user_id} Setting payment for amount: {$price}", 'paypal');
//build the request body
$requestBody = [
'intent' => 'CAPTURE',
'purchase_units' =>
[
0 =>
[
'amount' =>
[
'currency_code' => 'USD',
'value' => $price,
],
],
],
'application_context' => [
'shipping_preference' => 'NO_SHIPPING'
]
];
$request->body = $requestBody;
//call PayPal to set up a transaction
$client = $this->getClient();
$response = $client->execute($request);
return json_encode($response->result, JSON_PRETTY_PRINT);
}
/**
* #param $orderId
*/
public function getOrder($orderId)
{
// 3. Call PayPal to get the transaction details
$request = new OrdersGetRequest($orderId);
$client = $this->getClient();
$response = $client->execute($request);
return json_encode($response->result, JSON_PRETTY_PRINT);
}
/**
* Retrieves Order Capture Details for the given order ID
*
* #param string $orderId the payment id of the transaction
*
* #return mixed
*/
public function captureOrder($orderId)
{
$request = new OrdersCaptureRequest($orderId);
//Call PayPal to capture an authorization
$client = $this->getClient();
$transaction = Yii::$app->db->beginTransaction();
try {
$response = $client->execute($request);
//get payment variables for email
$paymentId = $response->result->id;
$paymentStatus = $response->result->status;
$paypalTransaction = $response->result->purchase_units[0]->payments->captures[0];
$payedAmount = $paypalTransaction->amount->value;
$txnId = $paypalTransaction->id;
$userId = $this->user_id;
//get the user
$model = User::findOne($userId);
$profile = $model->businessProfile;
$prevBalance = $profile->balance;
if ($paymentStatus == 'COMPLETED') {
Yii::info("User: {$userId} payment amount:{$payedAmount} approved updating balance.", 'paypal');
//update balance
$newBalance = $profile->updateBalance($payedAmount);
Yii::info("User: {$userId} balance updated.", 'paypal');
$data = [
'amount' => $payedAmount,
'type' => TransactionHistory::BALANCE_ADDED,
'description' => "Funds added to account",
'user' => [
'id' => $userId,
'balance' => $newBalance,
],
];
Yii::info("User: {$userId} adding transaction history.", 'paypal');
TransactionHistory::add($data);
//update subscription status if required
if ($profile->subscription_status !== 'active') {
$profile->updateStatus('active');
}
Yii::info("User: {$userId} adding balance history:{$payedAmount}.", 'paypal');
//send the success email to the user and admin
$this->sendNotification($model, $response->result);
//set session flash with success
Yii::$app->session->setFlash(
'success',
'Your Payment is processed and you will receive an email with the details shortly'
);
} else {
Yii::warning("User: {$userId} payment amount:{$payedAmount} NOT approved.", 'paypal');
//send the error email to the user and admin
$this->sendNotification($model, $response->result, 'error');
//set session flash with error
Yii::$app->session->setFlash(
'danger',
'Your Payment was not approved, an email has been sent with the details.'
);
}
//update balance history
BalanceHistory::add(
$profile->user_id,
$prevBalance,
$payedAmount,
$paymentId,
$paymentStatus,
$txnId,
$response
);
//commit the transaction
$transaction->commit();
Yii::info(
"User: {$userId} payment Success prevBalance: {$prevBalance} payedAmount:{$payedAmount}.",
'paypal'
);
return json_encode($response->result, JSON_PRETTY_PRINT);
} catch (\Exception $e) {
//roll back the transaction
$transaction->rollBack();
Yii::error("ERROR EXCEPTION", 'paypal');
Yii::error($e->getMessage(), 'paypal');
Yii::error($e->getTraceAsString(), 'paypal');
//send error email to the developers
Helper::sendExceptionEmail(
"TC : Exception on PayPal Balance",
$e->getMessage(),
$e->getTraceAsString()
);
//set session flash with error
Yii::$app->session->setFlash('danger', $e->getMessage());
}
}
/**
* Sends Success Email for the transaction
*
* #param \common\models\User $model the user model object
* #param $response the paypal Order Capture object
* #param string $type the type of the notification to be sent
*
* #return null
*/
public function sendNotification(
\common\models\User $model,
$response,
$type = 'success'
) {
Yii::info("User: {$this->user_id} Sending notifications type:{$type}", 'paypal');
$paymentId = $response->id;
$paymentStatus = $response->status;
$paypalTransaction = $response->purchase_units[0]->payments->captures[0];
$payedAmount = $paypalTransaction->amount->value;
//payment creation time
$paymentCreateTime = new \DateTime(
$paypalTransaction->create_time,
new \DateTimeZone('UTC')
);
//payment update time
$paymentUpdateTime = new \DateTime(
$paypalTransaction->update_time,
new \DateTimeZone('UTC')
);
//payer/billing info for email
$payerInfo = $response->payer;
$payerEmail = $payerInfo->email_address;
$payerFirstName = $payerInfo->name->given_name;
$payerLastName = $payerInfo->name->surname;
$billingInfo = [
'billing_info' => [
'email' => $payerEmail,
'full_name' => "$payerFirstName $payerLastName",
],
];
if (property_exists($response->purchase_units[0], 'shipping')) {
$payerAddress = property_exists($response->purchase_units[0]->shipping->address, 'address_line_1');
$isStateAvailable = property_exists($response->purchase_units[0]->shipping->address, 'admin_area_1');
$isPostCodeAvailable = property_exists($response->purchase_units[0]->shipping->address, 'postal_code');
$iscountryCodeAvailable = property_exists($response->purchase_units[0]->shipping->address, 'country_code');
//#codingStandardsIgnoreStart
$payerState = $isStateAvailable ? $response->purchase_units[0]->shipping->address->admin_area_1 : 'NA';
$payerPostalCode = $isPostCodeAvailable ? $response->purchase_units[0]->shipping->address->postal_code : 'NA';
$payerCountryCode = $iscountryCodeAvailable ? $response->purchase_units[0]->shipping->address->country_code : 'NA';
//#codingStandardsIgnoreEnd
$billingInfo['billing_info'] = array_merge(
$billingInfo['billing_info'],
[
'address' => $payerAddress,
'state' => $payerState,
'country' => $payerCountryCode,
'post_code' => $payerPostalCode,
]
);
}
//email params
$data = [
'user' => [
'email' => $model->email,
'name' => $model->username,
],
'payment_id' => $paymentId,
'amount' => $payedAmount,
'status' => $paymentStatus,
'create_time_utc' => $paymentCreateTime,
'update_time_utc' => $paymentUpdateTime,
];
$data = array_merge($data, $billingInfo);
//check the notification email type and set params accordingly
if ($type == 'success') {
$txnId = $paypalTransaction->id;
$data['txn_id'] = $txnId;
$subject = Yii::$app->id . ': Your Account has been recharged.';
$view = '#frontend/views/user/mail/payment-complete';
} else {
$subject = Yii::$app->id . ': Transaction failed.';
$view = '#frontend/views/user/mail/payment-failed';
}
Yii::info("User: {$this->user_id} Sending email to user:{$model->email} type: {$type}", 'paypal');
//send email to user
$model->sendEmail($subject, $view, $data, $model->email);
//send notification to admin for Payment Received
$data['user']['email'] = Yii::$app->params['adminEmail'];
$subject = ($type == 'success') ?
Yii::$app->id . ': New Transaction in Account.' :
Yii::$app->user->id . ': A Transaction Failed for the user.';
Yii::info(
"User: {$this->user_id} Sending email to admin " . Yii::$app->params['adminEmail'] . " type: {$type}",
'paypal'
);
//send admin email
$model->sendEmail($subject, $view, $data, Yii::$app->params['adminEmail']);
}
}
Usage
You can call createOrder and then the captureOrder respectively. I was using it with ajax approach so i had separate actions defined like below
/**
* Displays fail message to the user
*
* #param string $token the cancel token
*
* #return mixed
* #throws \Exception
*/
public function actionPaymentCancel($token)
{
Yii::warning("Payment Cancel : token: {$token}.", 'paypal');
return $this->render(
'payment-cancelled',
[
'data' => $token,
]
);
}
/**
* Shows the payment details & success message to the user
*
* #param string $paymentId the payment id
*
* #return mixed
* #throws \Exception
*/
public function actionPaymentComplete($paymentId)
{
$history = BalanceHistory::findOne(['payment_id' => $paymentId]);
return $this->render(
'payment-complete',
[
'data' => $history,
]
);
}
/**
* Captures the Paypal order and verifies it
*
* #param string $orderId the Paypal order object's id
*
* #return mixed
*/
public function actionCaptureOrder($orderId)
{
$orderInfo = Yii::$app->paypal->captureOrder($orderId);
return $orderInfo;
}
/**
* Creates the order and
*
* #param string $amount the price of the order
*
* #return mixed
*/
public function actionCreateOrder($amount)
{
if (!Yii::$app->user->isGuest) {
$order = Yii::$app->paypal->createOrder($amount);
return $order;
}
throw new Exception("You are not logged in.", 404);
}
/**
* Executes the payement and checkouts to the paypal to confirm
*
* #param string $token the paypal token
*
* #return mixed
*/
public function actionPaymentExecute($orderId)
{
//get transaction details
$details = Yii::$app->paypal->getOrder($orderId);
$details = json_decode($details);
//added check for duplicate hits to return url from Paypal
if (null !== BalanceHistory::transactionExists($orderId)) {
//redirect to payment complete
return $this->redirect(['payment-complete', 'paymentId' => $orderId]);
}
if ($details->status == 'COMPLETED') {
//redirect to payment complete
return $this->redirect(['payment-complete', 'paymentId' => $orderId]);
} else {
//redirect to the payment failed page
return $this->redirect(['payment-failed', 'paymentId' => $orderId]);
}
}
ALso keep in mind that you need to declare a param with live and local ENV for the paypal gateway which turns sandbox environment ON/OFF.
params-local.php
<?php
'paypal'=>[
'sandbox'=>true
]
?>
params.php
<?php
'paypal'=>[
'sandbox'=>false
]
?>
Paypal PHP-SDK Provides you the setCustom() to add a custom field value, you can use it to send the user id and then retrieve it with the response in the transaction object after the payment is executed.
What you are using is just a custom component using the Paypal SDK functions,you should extend the class bitcko\paypalrestapi\PayPalRestApi.php to override the function checkOut() and add the ->setCustom(Yii::$app->user->id) to the chain in this line, as it does not provide any way to set the custom field, so just copy the whole code of the method into your new class and add the above.
Your class should look like below.
NOTE: Add the file inside common/components folder.
<?php
namespace common\components;
use bitcko\paypalrestapi\PayPalRestApi as PayPalBase;
use PayPal\Api\Amount;
use PayPal\Api\Details;
use PayPal\Api\Item;
use PayPal\Api\ItemList;
use PayPal\Api\Payer;
use PayPal\Api\Payment;
use PayPal\Api\RedirectUrls;
use PayPal\Api\Transaction;
use PayPal\Exception\PayPalConnectionException;
use yii\helpers\Url;
use Yii;
class PaypalRestApi extends PayPalBase
{
public function checkOut($params)
{
$payer = new Payer();
$payer->setPaymentMethod($params['method']);
$orderList = [];
foreach ($params['order']['items'] as $orderItem) {
$item = new Item();
$item->setName($orderItem['name'])
->setCurrency($orderItem['currency'])
->setQuantity($orderItem['quantity'])
->setPrice($orderItem['price']);
$orderList[] = $item;
}
$itemList = new ItemList();
$itemList->setItems($orderList);
$details = new Details();
$details->setShipping($params['order']['shippingCost'])
->setSubtotal($params['order']['subtotal']);
$amount = new Amount();
$amount->setCurrency($params['order']['currency'])
->setTotal($params['order']['total'])
->setDetails($details);
$transaction = new Transaction();
$transaction->setAmount($amount)
->setItemList($itemList)
->setDescription($params['order']['description'])
->setCustom(Yii::$app->user->id)
->setInvoiceNumber(uniqid());
$redirectUrl = Url::to([$this->redirectUrl], true);
$redirectUrls = new RedirectUrls();
$redirectUrls->setReturnUrl("$redirectUrl?success=true")
->setCancelUrl("$redirectUrl?success=false");
$payment = new Payment();
$payment->setIntent($params['intent'])
->setPayer($payer)
->setRedirectUrls($redirectUrls)
->setTransactions(array($transaction));
try {
$payment->create($this->apiContext);
return \Yii::$app->controller->redirect($payment->getApprovalLink());
} catch (PayPalConnectionException $ex) {
// This will print the detailed information on the exception.
//REALLY HELPFUL FOR DEBUGGING
\Yii::$app->response->format = \yii\web\Response::FORMAT_HTML;
\Yii::$app->response->data = $ex->getData();
}
}
}
Now change your configurations for the PayPalRestApi component class in the common/config/main.php or frontend/config/main.php whichever you are using, to the new class you created
'components'=> [
...
'PayPalRestApi'=>[
'class'=>'common\components\PayPalRestApi',
]
...
]
so now you can get the same user id by using
$response = \yii\helpers\Json::decode( Yii::$app->PayPalRestApi->processPayment($params));
$user_id = $response['transactions'][0]['custom'];

Unresolvable dependency resolving within Laravel

I get the error when calling a custom function I created:
namespace App\Jobs\Device;
class UpdateUserReference {
public $installationReference;
public $userReference;
// assign payload data and installation id received to command
function __construct($bodyContent) {
$this->installationReference = $bodyContent["installationReference"];
$this->userReference = $bodyContent["userReference"];
}
}
Unresolvable dependency resolving [Parameter #0 [ $bodyContent ]] in class App\Jobs\Device\UpdateUserReference
Strange enough I never had the error before and I create my function exactly the same as for all other cases. What is wrong with the bodyContent variable I provide?
The function is called within:
public function update(Request $request) {
// Get payload from request
$bodyContent = json_decode($request->getContent(), true);
$action = $bodyContent["action"];
$installationReference = $bodyContent["installationReference"];
switch($action) {
case 'userReference':
$updateUserReference = new UpdateUserReference($bodyContent);
$result = $this->commandBus->execute($updateUserReference);
break;
}
if (!empty($result)) {
$response = [
'error' => [
'code' => 400,
'message' => "Update Error"
]
];
return $this->setStatusCode(400)->respond($response);
}
$response = [
'data' => [
'installationReference' => $installationReference
]
];
return $this->setStatusCode(201)->respond($response);
}

Yii2 and OAuth2 Plugin Filsh/yii2-oauth2-server: Unauthorized when sending POST data

EDIT: SOLVED
Apparently this plugin, was having some problem missing the request headers. The solution was adding
SetEnvIf Authorization .+ HTTP_AUTHORIZATION=$0
To the .htaccess file to make Authorizaion variable available as this issue report says:
https://github.com/yiisoft/yii2/issues/6631
I'm currently working with Yii2 and using this OAuth2 plugin (Filsh/yii2-oauth2-server) for login and to work with tokens from a mobile HTML5 app.
I've configured everything, and it's retrieving the token, but when I try to send the token via POST it throws an error.
I start by calling send() to retrieve the token.
function send(){
var url = "http://www.server.org/app/api/oauth2/rest/token";
var data = {
'grant_type':'password',
'username':'user',
'password':'pass',
'client_id':'clientid',
'client_secret':'clientsecret',
};
$.ajax({
type: "POST",
url: url,
data: data,
success:function(data){
console.log(data);
token = data.access_token;
},
})
};
Then when I perform this a call to createuser().
function createuser(){
var url = "http://www.server.org/app/api/v1/users/create";
var data = {
'callback':'asdf',
'username': 'user',
'password':'pass',
'first_name':'name',
'last_name':'lastname'
};
$.ajax({
type: "POST",
url: url,
data: data,
beforeSend: function (xhr) {
xhr.setRequestHeader('Authorization', 'Bearer ' + token);
},
success:function(r){
console.log(r);
},
});
}
It returns
Unauthorized: You are requesting with an invalid credential
When I change to GET instead, it works fine.
This is my controller, I'm already using:
['class' => HttpBearerAuth::className()],
['class' => QueryParamAuth::className(), 'tokenParam' => 'accessToken'],
As authentication method.
<?php
namespace app\api\modules\v1\controllers;
use Yii;
use app\models\OauthUsers;
use yii\rest\ActiveController;
use yii\web\Response;
use yii\helpers\ArrayHelper;
use yii\filters\auth\HttpBearerAuth;
use yii\filters\auth\QueryParamAuth;
use filsh\yii2\oauth2server\filters\ErrorToExceptionFilter;
use filsh\yii2\oauth2server\filters\auth\CompositeAuth;
class UsersController extends \yii\web\Controller
{
public function behaviors()
{
return ArrayHelper::merge(parent::behaviors(), [
'authenticator' => [
'class' => CompositeAuth::className(),
'authMethods' => [
['class' => HttpBearerAuth::className()],
['class' => QueryParamAuth::className(), 'tokenParam' => 'accessToken'],
]
],
'exceptionFilter' => [
'class' => ErrorToExceptionFilter::className()
],
'class' => \yii\filters\ContentNegotiator::className(),
]);
}
/**
* Creates a new model.
* If creation is successful, the browser will be redirected to the 'view' page.
* #return mixed
*/
public function actionCreate()
{
$model = new OauthUsers;
try {
if ($model->load($_POST) && $model->save()) {
return $this->redirect(Url::previous());
} elseif (!\Yii::$app->request->isPost) {
$model->load($_GET);
}
} catch (\Exception $e) {
$msg = (isset($e->errorInfo[2]))?$e->errorInfo[2]:$e->getMessage();
$model->addError('_exception', $msg);
}
return "true";
}
}
This is my configuration object
'oauth2' => [
'class' => 'filsh\yii2\oauth2server\Module',
'tokenParamName' => 'accessToken',
'tokenAccessLifetime' => 3600 * 24,
'storageMap' => [
'user_credentials' => 'app\models\OauthUsers',
],
'grantTypes' => [
'user_credentials' => [
'class' => 'OAuth2\GrantType\UserCredentials',
],
'refresh_token' => [
'class' => 'OAuth2\GrantType\RefreshToken',
'always_issue_new_refresh_token' => true
]
]
]
This is class OauthUsers
<?php
namespace app\models;
use Yii;
use \app\models\base\OauthUsers as BaseOauthUsers;
/**
* This is the model class for table "oauth_users".
*/
class OauthUsers extends BaseOauthUsers
implements \yii\web\IdentityInterface,\OAuth2\Storage\UserCredentialsInterface
{
/**
* #inheritdoc
*/
public static function findIdentity($id) {
$dbUser = OauthUsers::find()
->where([
"id" => $id
])
->one();
if (!count($dbUser)) {
return null;
}
return new static($dbUser);
}
/**
* #inheritdoc
*/
public static function findIdentityByAccessToken($token, $userType = null) {
$at = OauthAccessTokens::find()
->where(["access_token" => $token])
->one();
$dbUser = OauthUsers::find()
->where(["id" => $at->user_id])
->one();
if (!count($dbUser)) {
return null;
}
return new static($dbUser);
}
/**
* Implemented for Oauth2 Interface
*/
public function checkUserCredentials($username, $password)
{
$user = static::findByUsername($username);
if (empty($user)) {
return false;
}
return $user->validatePassword($password);
}
/**
* Implemented for Oauth2 Interface
*/
public function getUserDetails($username)
{
$user = static::findByUsername($username);
return ['user_id' => $user->getId()];
}
/**
* Finds user by username
*
* #param string $username
* #return static|null
*/
public static function findByUsername($username) {
$dbUser = OauthUsers::find()
->where([
"username" => $username
])
->one();
if (!count($dbUser)) {
return null;
}
return new static($dbUser);
}
/**
* #inheritdoc
*/
public function getId()
{
return $this->id;
}
/**
* #inheritdoc
*/
public function getAuthKey()
{
return $this->authKey;
}
/**
* #inheritdoc
*/
public function validateAuthKey($authKey)
{
return $this->authKey === $authKey;
}
/**
* Validates password
*
* #param string $password password to validate
* #return boolean if password provided is valid for current user
*/
public function validatePassword($password)
{
return $this->password === $password;
}
}
I've changed createuser too, but still receiving a 401. I'm not sure it is passing through findIdentityByAccessToken (access_token is in a different table than oauth users, thats why I'm querying it first).
Any thoughts?

I don't know the plugin you are using but what I know is that you can use the Yii2 HttpBearerAuth filter when implementing OAuth 2.0 which means using the HTTP Bearer token. And that token is typically passed with the Authorization header of the HTTP request instead of the body request and it usually looks like :
Authorization: Bearer y-9hFW-NhrI1PK7VAXYdYukwWVrNTkQ1
The idea is about saving the token you received from the server somewhere (should be a safe place) and include it in the headers of the requests that requires server authorization (maybe better explained here, here or here) So the JS code you are using to send a POST request should look more like this :
function createuser(){
var url = "http://www.server.org/app/api/v1/users/create";
var data = {
'callback':'cb',
'username': 'user',
'password':'pass',
'first_name':'name',
'last_name':'lastname'
};
$.ajax({
type: "POST",
url: url,
data: data,
beforeSend: function (xhr) {
xhr.setRequestHeader('Authorization', 'Bearer ' + token);
},
success:function(r){
console.log(r);
},
});
}
Also check in the User class (the one defined in your config files and responsible of authenticating a user) check the implementation of the findIdentityByAccessToken() method. it should usually look like this (see Yii docs for more details) :
public static function findIdentityByAccessToken($token, $type = null)
{
return static::findOne(['auth_key' => $token]);
}
This is the function that will receive the token and it should return null when authentication should fail (by default findOne() returns null when no record is found) or returns a User instance to register it and make it accessible within Yii::$app->user->identity or Yii::$app->user->id anywhere inside your app so you can implement whatever logic you need inside it like checking the validity of an access token or its existence in a different table.

Apparently this plugin (Filsh/yii2-oauth2-server), was having some problem missing the request headers. The solution was adding
SetEnvIf Authorization .+ HTTP_AUTHORIZATION=$0
To the .htaccess file to make Authorizaion variable available as this says:
https://github.com/yiisoft/yii2/issues/6631

unwanted response text in rest apigility

use apigility to get json response in postman
when i send post request in postman and return response like this
{
"\u0000*\u0000version": null,
"\u0000*\u0000contentSent": false,
"\u0000*\u0000recommendedReasonPhrases": {
"100": "Continue",
"101": "Switching Protocols",
"102": "Processing",
"200": "OK",
"201": "Created",
"202": "Accepted",
"203": "Non-Authoritative Information",
"204": "No Content",
"205": "Reset Content",
"206": "Partial Content",
.
.
.
"508": "Loop Detected",
"511": "Network Authentication Required"
},
"\u0000*\u0000statusCode": 200,
"\u0000*\u0000reasonPhrase": null,
"\u0000*\u0000headers": {},
"\u0000*\u0000metadata": [],
"\u0000*\u0000content": "{\"success\":\"this is test\"}",
"_links": {
"self": {
"href": "http://xxxxx/xxxxx/public/userapi"
}
}
my code in userapiresource.php, using get table data and return it also output like this
public function create($data)
{
$response=new HttpResponse;
$response->setContent(\Zend\Json\Json::encode(array('success'=>"this is test")));
return $response;
}

got it in return response in apigility:
so change my code in userapiResource.php
public function create($data)
{
$client = new Client();
$client->setUri('http://xxxx/xxxx/public/mob-app/client/update');
// set some parameters
$client->setParameterPost(array('userid'=> $data->userid,'price'=>$data->price));
// POST request
$client->setMethod('POST');
$respons=$client->send();
$respons->getContent();
$returnArray = [];
$final_array = [
'content' => json_decode($respons->getContent())
];
$returnArray['data'] = $final_array;
$returnArray['success'] = 'true';
$returnArray['reason'] = '';
return $returnArray;
}

Categories