I'm talking about this: http://code.google.com/p/google-api-php-client/
Is it possible to use a method in that API library to send Oauth GET/POST requests in general...
I've been scanning the source code, and I can't seem to find any such method...
What are you trying to connect with? Adsense/Analytics/Gmail or what? All that code does is get you an Oauth key, all GET/POST requests are separated by which google application your are trying to connect with. The documentation can be found here
Related
Is it possible to passively access google API using google api php client library? What I want to do is connect to google API by providing necessary credentials (not using oauth).
Basically, my oauth authentication will be in googleads php lib and want to access resources using php client lib. Or is there any way to accomplish this? Thanks.
EDIT:
What I really curious about for hours is integrating those two libraries (GoogleAds PHP Api and Google API Client API). The former uses pure Oauth and the latter uses 'Google_Client' implementation in accessing Google API.
I'm having a bit of trouble figuring out how to properly proceed making calls using the Intuit QuickBooks Online API v3. I've looked at the API Explorer, and from my understanding, I can send and receive JSON.
They also provide information about the base URL, the entity, etc: https://developer.intuit.com/docs/api/accounting/Customer
So I'm wondering, am I supposed to be using the QuickBooks SDK that they mention to download? https://developer.intuit.com/docs/0100_accounting
Or would I be able to utilize their API using something like cURL? I don't want to reinvent the wheel of course, but with all the information they provide and no reference to the SDK itself, that's where I started to get a little confused. They basically tell you how to make the calls, but don't reference the SDK in those documents.
Just to provide some extra information, I'm using PHP 5.5 and Laravel.
So I'm wondering, am I supposed to be using the QuickBooks SDK that they mention to download?
If you want to, sure.
Or would I be able to utilize their API using something like cURL?
Again, if you want to, sure. Just be aware that if you use cURL, you'll have to do some OAuth signing of your requests (see the OAuth spec) or find an OAuth lib too.
Here's another open-source alternative if you need something with more examples (disclaimer: I'm the author):
https://github.com/consolibyte/quickbooks-php
Examples:
https://github.com/consolibyte/quickbooks-php/tree/master/docs/partner_platform/example_app_ipp_v3
The documentation for accessing the Quickbooks Online API seems to revolve around creating applications for public use. I'm only interested in developing an app to access my very own Quickbooks file. However, I'm having difficulty authenticating.
I successfully obtain all the necessary codes and can run API calls in the API playground. My preference would be not to use any libraries (including the Quickbooks PHP library as it does not support JSON).
I have spent hours searching but I do not know how to 'sign' the various secrets and codes to obtain the Oauth token needed. Does anyone have working PHP code?
I'd like to simply be able to input in the values and make the API calls via curl.
I have spent hours searching but I do not know how to 'sign' the various secrets and codes to obtain the Oauth token needed.
You sign the code using OAuth. This is a well documented authentication method, with many implementations.
Does anyone have working PHP code?
Sure:
https://github.com/consolibyte/quickbooks-php/blob/master/QuickBooks/IPP/OAuth.php#L77
https://code.google.com/p/oauth-php/
https://php.net/manual/en/book.oauth.php
https://pecl.php.net/package/oauth
https://github.com/Lusitanian/PHPoAuthLib
My preference would be not to use any libraries
OAuth is not a trivial authentication method. You should use a library to sign your requests -- it will save you a lot of time vs. implementing your own OAuth signatures.
I am trying to use the API to Get a list of documents on a Google Drive then if I need to download a selected file that I query for. I cannot for the life of me figure out OAUTH and how to do this. I have a client ID , client secret key, but the documentation sucks.
I am trying to use :
https://developers.google.com/drive/v2/reference/files/list
Can you you use OAUTH with out having a use give permissions?
Can you you use OAUTH with out having a use give permissions?
No. That would defeat the purpose of OAuth.
My suggestion is start by ignoring Drive completely. Focus on understanding OAuth first.
Use the Oauth playground https://developers.google.com/oauthplayground/ and this page https://developers.google.com/accounts/docs/OAuth2 as your ONLY documentation. Everything you need to know is on those two links.
Once you have grasped Oauth, then use the Try It Now feature of https://developers.google.com/drive/v2/reference/files/list
to see how the Oauth token is used in your drive requests.
I have a main website (which contain all data) and multiple client websites which fetch data from the main website. Each client website has access to different set of data on main website. I want to create a PHP based web API for this. This is my first API so I am not sure what is the best and most secure way to do this.
After some googling I found OAuth to be the most common authentication method for APIs. however in my case I want the client website to be configured once and then the communication should be automatic, i.e. communication should take place in background without any user interference. Is OAuth required for this scenario?
Or is there any other method I can implement here?
oauth is way to complicated to implement for your needs.
If you are using rest, i suggest using a basic-auth in the header and using SSL so that your communication is encrypted.
You could make a small SecurityFilter that checks if for any request with a url pattern /api/ that the basic-auth is correct and that it use SSL...
It really depends on how you are exposing your API.
If you are using REST, HTTP Basic Auth over HTTPS is sufficient. I see a lot of people try to implement their own solutions when the provided approach is quite sufficient.
If you are using SOAP, there is a SOAP-based approach you could use: WS-Security (which is just a standard using anything from SAML assertions to OAuth tokens).
If passing Basic Auth credentials over HTTPS is too "open" for you, in that the credentials are saved in config on the client server somewhere, OAuth2 is probably the best solution. Doing OAuth on the server side wouldn't require any user interaction. You just store your tokens in a server config and let the OAuth library take care of the rest. PHP has a library for this PHP OAuth Library. There are plenty of OAuth2 libraries for PHP. Just Google it.
After some more googling and research I found answer to my question:
The scenario I explained is an example of 2-legged oauth (one can find many articles about 2-legged and 3-legged oauth)
Also, OAuth is not difficult to implement, infact for a developer with good knowledge of API and Auth system its very easy.
Here's a link of very good php OAuth library with example code http://code.google.com/p/oauth-php/