So, i'm a fairly beginner in oAuth and i'm wanting to write a simple wrapper for Tumblr since i'm craving to make an iPad HTML5 App.
The thing is, i can't seem to find any clear documentation on how to exactly set up everything for oAuth-php. I can make a two legged request, and it works... but i want to be able to save users (three-legged) and retrive their dashboards (and i need need to make a GET request with authorized credentials).
I'm clueless on where to start.
Here's a somewhat vague documentation on the Tumblr API: http://www.tumblr.com/docs/en/api/v2#user-methods
This document helped me quite a bit to get the whole authorization header stuff worked out: http://oauth.net/core/1.0a/
Related
I currently have a web app that uses the google maps API, PHP, and MySQL to populate custom map bubbles and markers on a map.
Currently, the app is hosted by us and managed by us and is included as an iframe on a clients page, however this is quite tiresome..
I would like to develop an API/library that can be included on the page and then inject code into a div container (much like Google maps does). However, i have no idea what to search for or what to read up on to learn.
I have a basic rest api that is configured to provide read-only functionality in json/jsonp format to an authorized client. I am using Phil Sturgeon's REST-SERVER library for CI.
Here is a link to the current format, we pull this page in an iframe with no-scrollbars.
http://fhaz.mapitusa.com
Update: I found a partial solution.. web widgets: http://alexmarandon.com/articles/web_widget_jquery/
i need to develop a web widget.
I need to know:
what to learn
what types of programming methodologies to know
What to look for examples
What are some options to get away from the iframe and using a sort of "hard embed".
You didn't say it out loud, but because you specifically mention you now have a read-only api i figure you also want to send commands to the (your) server. I would start with looking into authentication methods. And for this, I would go for OAuth. You'll have to write a basic client class which can connect and authenticate the client to the server. This can be pretty simple and small. Php even has a pecl extension available (see http://nl.php.net/manual/en/book.oauth.php) which is pretty easy to use. If you do not have the possibility of installing pecl extensions curl will also do the trick, and even that isn't really necessary. Twitter also has a nice explanation of how OAuth works, with links to external resources. Check it out! https://dev.twitter.com/docs/auth/oauth
Note that at the server level you'll have to implement your own role system, oauth only lets your client connect to the server in a secure manner. Ie. it will let your "users" log in to your application, but will not check if the logged in user is, example given, an admin user with all rights, a read-only user or something in the middle.
If you have OAuth straightened out just write a list of API calls you want to implement. You should namespace them, for example like:
/map/marker/get
/map/marker/set
/map/bubble/get
...
Your client API should be able to make a call like this:
$api = new MyGreatApi();
$params = array('id' => 3, 'color' => 'red', ...);
$response = $api->call('/map/marker/get', $params);
echo $response;
Check out some oauth library implementations like the one Twitter promotes (https://dev.twitter.com/docs/twitter-libraries#php), or in example the really simple one bits on the run uses (http://developer.longtailvideo.com/botr/downloads/php-api-kit.zip)
At server level you catch the api call and route the request to the specific controller (to use some MVC terms). If, eg, you fetch the call '/map/marker/get' you can just explode('/', $call); and search for the right class/function/method/whatever and let it do the magic for you, then send back the output (which can be as simple as to echo $output) and you are up and running! Note that if you have the authentication and role-checking right, the functions which produce the output can be treated as normal, oldschool, php functions. There's nothing special at them! It's the authentication and routing of api calls which should be your main concern.
I hope this clarifies some of your questions and give you a direction. If I misunderstood your question, please correct me!
I have a website for a client offering information from a database. But other websites want to show that information in their website, so my client ask me for it.
Since the begining I thought it might be something similar to the twitter widget. As I want to give out a code similar to this:
<script src="http://widgets.twimg.com/j/2/widget.js"></script>
<script>
new TWTR.Widget({ ......
And other websites will show the information from my database.
But I cannot find a exactly example, I found this: http://tutorialzine.com/2010/03/who-is-online-widget-php-mysql-jquery/
But it is not exactly what I want.
My deployment is the following: In the server I've got a mySQL database and a website, I would like to create php and javascript code (or even jquery, but I'm not very expert with it) so other website could incorporate the information from the database in a secure mode.
Could anybody give a hint?
You'll need a RESTful service on your server which other sites can ping. You will use an AJAX request to get the information from that service.
The big piece of this for you will be creating a JavaScript object that has all the functionality you want. It is much easier to give people directions on how to use your REST API and let them implement it via AJAX on their own pages. If you really do want a full widget, you'll want to check out a lot of things. First is closures in JS to ensure you don't conflict with any of their variables. Also make sure you are good at developing cross-browser Javascript independent of libraries. And finally, you'll want to make sure your server is configured for cross-domain AJAX requests. Again, my recommendation is to set up a REST API for them, and let them do the dirty work.
There is an interesting tutorial about how to create a twitter widget using PHP and JavaScript on the nettuts website, I think you may find it useful.
Well, although it's not specific for PHP, this is by far the best resource I could find to this subject:
http://alexmarandon.com/articles/web_widget_jquery/
Simple question really, I've been looking all over the Internet probably for the past few days for several hours a day looking for some solid information on OpenID and Facebook Connect integration on a website.
I have seen the same names popup such as Janrain offering their solution, but I see a lot of websites such as Invision Power Board forums and even here at StackOverflow utilising different solutions.
The main two logins we wish to accept on our site are Facebook and Twitter. I've really been looking for a tutorial, or at least a guide to incorporating this functionality into a PHP website.
If anyone has any information or any pointers that would be great.
Thanks!
I'd start with the official docs. They're pretty good.
http://developers.facebook.com/docs/authentication/
http://dev.twitter.com/pages/sign_in_with_twitter
The twitter one is a little more obtuse, but it's still pretty easy to follow.
For Twitter, just use their simple JavaScript SDK:
http://dev.twitter.com/anywhere/begin
But I would really avoid implementing these services myself. E.g. Twitter anywhere is maybe painless to setup, but then you rely on their JavaScript. It's been down before and then your page takes ages to load or doesn't load at all.
I haven't tried the new Facebook APIs, but 2 years ago, I wasted a way a week of my life trying to integrate their API and the general idea I got was -- unless you know someone at Facebook that can check out some log or let you know why this API doesn't respond like it's supposed to, you're just on your own.
We do use Janrain's engage product (free). It works really, really well.
Dealing with all these services directly is a royal (!) PITA. They are down, change how they work, mis-behave -- it's good to outsource that to someone who seems to know all the ins and outs. In our case Janrain.
There's a copy and paste Facebook login button solution out there. It's also free. It's developed by LaunchBit. You could try that.
http://toolkit.launchbit.com
I once had a decent implementation of my Twitter feed on my website but apparently Twitter's authentication has changed and all my functionality is broken. All I need to do is retrieve my timeline, including tweets and retweets - nothing fancy, not an app, nothing.
I'm having a terribly hard time finding any resources to help me do this. I need things spelled out for me clearly and concisely, which none of the tutorials I've found (especially on Twitter) seem to do. Can anybody help me? Please?
Thanks,
Mike
Twitter now uses oAuth for their API authentication. You can find a large number of PHP oAuth frameworks/libraries out there that should be able to facilitate your needs. I have used twitteroauth by Abraham Williams. You can find it easily enough on GitHub.
I am creating a little flash game for the facebook platform, but I am finding it very difficult to get any decent documentation on the graph api and the PHP SDK, so if anyone has a decent resource for a beginner to go and learn the basics, I would appreciate it very much, as I am struggling to grasp the concept.
Thanx!
I agree that the docs can be pretty hard work for facebook. If you are looking to use the Graph API tho, bear in mind that it is just a REST API that uses oAuth for authentication, much the same as Twitter, SoundCloud etc.
The most awkward bit I found was authenticating properly so I would suggest checking out the oAuth website
http://oauth.net/
They also have some PHP samples which were what I used as a starting point. I'd definitely recommend starting from these rather than trying to build your own setup from scratch.
http://oauth.googlecode.com/svn/code/php/
I also found it handy to refer to the docs on some of the other sites that use oAuth, such as Twitter and SoundCloud as it helped build my overall understanding of what is going on, even if there were a few small differences from one site to another
http://apiwiki.twitter.com/Authentication
http://wiki.github.com/soundcloud/api/02-authentication
Personally I would suggest just trying to do a basic oAuth-authenticated request to begin with. Facebook Graph has a few extra options such as using scope for extended permissions. Whilst you will probably need to use these in the end, once you get your head round the signing mechanism its easy enough to add in these extra details.
Once you have got the hang of signing requests, it is just a case of requesting the appropriate endpoint for what you want using either curl or any other method that takes your fancy.
Hope this is of some use