I am trying to connect to a facebook API, but found some issues.
The user has to log in by the javascript FB.login function. Then a cookie is stored and the PHP class will try to connect with this cookie.
When I test on my local machine, everything works fine. When I upload my code to the webserver and try out my code, the connection is done with javascript. It places the cookie with the right data on my computer. When I parse the cookie, the access_token is set, but there is no way of connecting to facebook. I receive the error:
Fatal error: Uncaught OAuthException: An active access token must be used to query information about the current user
I tried to delete my cookies, so a new session is created, but I still get the same error. THe api key and secret are correct, so that cannot be the problem. I can post the code here, but it is the basic API code.
Does somebody know how I can solve this problem?
Thanks in advance!
Wow... The javascript attaches some / and " chars at the beginning and the ending of the cookie. Looked over it. Was looking on this issue for about 3 hours :D
trim($cookie, '/"');
resolved my problem.
Related
Been going around in circles with this and not getting a definitive answer... The error I am facing is:
oauth_problem=Cannot+create+request+token+because+consumer+token+is+not+a+verifier+token
Everything is correctly set with regards to my oAuth request header and sending to magento path /oauth/token/request. I have, even though the documentation says it doesn't require it (but for testing) added the verifier string to the request...
Pasting the code in here would make for a very long post and the code is working fine albeit it seems something is missing? If I use the verifier string in the consumer key it gives me the following error instead:
oauth_problem=Consumer+key+is+not+the+correct+length
Does anyone have any nuggets of information that the following links are missing that's tripping me up?
http://devdocs.magento.com/guides/v2.0/howdoi/webapi/integration.html
http://devdocs.magento.com/guides/v2.0/get-started/authentication/gs-authentication-oauth.html#pre-auth-token
I have found this on github, some people have seemed to work it out but not forthcoming with the details of how? github
This error occurs if you already have a request token created in Magento DB table oauth_token (if you're like me and developing an app and raising requests over and over to test), clear this table of its entries (request and verify) before retrying and this error won't appear.
2020 UPDATE:
This answer is still valid. Sometimes you may need to clear the Magento cache also after clearing the oauth_token table entries.
This url:
https://graph.facebook.com/v2.2/389546181070007/feed?access_token={token}&appsecret_proof={secret}&fields=name
And:
https://graph.facebook.com/v2.2/186726524843032/feed?access_token={token}&appsecret_proof={secret}&fields=name
have both valid pageID's and the same access_token and appsecret. The token I'm getting with:
https://graph.facebook.com/oauth/access_token?client_id={app_id}&client_secret={app_secret}&grant_type=client_credentials'
Yet the first one throws an exception and the second one works fine and returns the feed list.
The exception thrown is: FacebookAuthorizationException' with message 'Unsupported get request.
Have tried to use a different app and more things... been struggling with this issue for 6 hours now.
Has anyone any idea how it is possible that one page works and the other doesn't?
When I try to visit the first page on Facebook, I only get “Sorry, this page isn't available”.
That means that either that page is not published yet, or has some access restrictions in place. In both cases, you can not “see” it via API, when you use an app access token.
You will need to use either a page access token for that page, or a user access token for a user that has the right to see the page.
Today, after we migrated to the new members permissions api, everything goes wrong.
Im using the cosumer key and secret that i've got from the linkedin api dashboard itself with the oauth token and secret as well.
There is 3 kind of problems that keeps on coming:
first one:
{"errorCode": 0,"message": "Could not find person based on: ~","requestId": "7GPT96SW3C","status": 404,"timestamp": 1369827647671}
second:
<error><status>401</status><timestamp>1369826490661</timestamp><request-id>ZYWPUD43G3</request-id><error-code>0</error-code><message>[unauthorized]. The token used in the OAuth request is not valid. ******</message></error>
third:
com.linkedin.anet.auth.pub.ANetAuthException: other: anetID=*****
has anyone got some of these too? if yes, so how did you solved them?
thanks!
Once you have authenticated the user, you no longer need to make the access token calls - simply store the access token and reuse that for the subsequent requests.
Check are you sending a request once or twice for authentication, there may be the case your token getting replaced by another request.
I've gotten the "401<" and fixed it by correcting the URL which I was formatting incorrectly and consequently requesting a resource that did not exists (reported as unauthorized). You probably have the same issue with your 404 error. Can you please post the specific URLs you are using. That would give a little more insight. Also, make sure that you are not passing params via GET when you should be passing them via POST and that all your POST requests are via HTTPS
Currently I'm using the iOS api to get the access token and passing it to a webview as a cookie. In the webview (because part of my app is iOS and the other part is html5 but I don't want to make the users log in twice) I'm grabbing the access token on the server side.
I'm setting the access token (using the Facebook PHP SDK) with the setAccessToken() function but immediately after, when I call getUser() I'm always getting 0 back.
I know that the SDK in general works as all of the code I am using is working for the normal "web" version. Other people seem to have gotten this working so I'm hopeful that this is actually possible. Been stuck on this for a while so would greatly appreciate any help / advice on getting this working soon! Thanks!
In all my code, I now do not do "getUser" to find if the token is valid, but a "/me" call. getUser() often fails where "/me" works. So you're not alone with that finding. Then I get the userID from the /me call instead. All wrapped in try/catch, of course :)
Another tip: you say you're passing the session as a cookie - hopefully that's a cookie that you control? In my experience, don't mix "cookie" and "not cookie" mode - if you've manually handling with get/setAccessToken in one system, then turn off cookies everywehere (webview, php server, Javascript etc). After this, I've not had problems passing the tokens in what I'm trying to do.
Another thing to watch for, if you "setAccessToken" and it's invalid, the PHP SDK will clear out your session valiables if you have any. Not just PHP session variables, but all of them.
And finally, I've also had /me return logical values, but with things like FirstName as blank. Not ironed out why this happens, yet (and probably never will), but something else to program for when sharing tokens.
It's Facebook. Never meant to be easy {grin}.
Hope that helps.
I'm developing a PHP script to display a page with some charts and stats about my Analytics profile. I'm sending 3 or 4 ajax asynchronous calls to the server; the server then fetch data using google-api-php-client . There are about 10 requests to Google for each page refresh.
The problem is i'm getting totally random exceptions from the api:
Fatal error: Uncaught exception 'apiAuthException' with message 'Error
refreshing the OAuth2 token, message: ' in apiOAuth2.php on line 242
One time i successfully get the data, one time not. This is very annoying because i cannot find why. What could be? The asynch calls maybe?
User quota is set to 1000 requests/second just to be sure. Eventually i get 'User quota exceded' from the api, something quite impossible.
I answer to myself because i found the problem (was my bad):
I store the access token into an encrypted file
Even if the access token should be offline it's not really offline: it expires but contains a refresh token that APIs will send to get a new fresh access token
The new access token should be saved again into the file (i save it into __destruct() method of my wrapper class) and used for the next request (i was not saving it!)