I'm trying to get the status from facebook users, who connect to my app with offline_access and read_stream permissions.
All the processes will use subscription to get notification about new feeds, and then take access to status of the user, who changed it.
The code for subscription works great, I get all info as it should be, but the problem starts with second part - every time I try to access user status via
$objFacebook->api('/'USER_ID'/statuses?access_token=TOKEN', 'get', $params);
I get the exception:
An access token is required to request this resource
I tried to set access_token which I got when connected to my website via facebook login, also tried to set the whole session in similar way as it is done here:
Array
(
[access_token] => ...
[base_domain] => ...
[expires] => 0
[secret] => ...
[session_key] => ...
[sig] => ...
[uid] => ...
)
but it didn't help. On the other side, when I copied my access_token generated via facebook developers (http://developers.facebook.com/docs/reference/api/user/) it works correctly, so it looks like my app generates an incorrect access token.
Do you have any idea where the problem can be?
To connect I use facebook-php-2.0 library.
You should upgrade to version 3 of the PHP SDK. We made some changes to the cookie format and other things you can read about here. Version 2 will stop working on September 1st, so you'll need to upgrade soon anyways. Once you've done that, things should work for you.
P.S. You probably will want to use the "/posts" connection rather than than the "/statuses" connection of the User object as it will also give you any posts the user made that include attachments. The "/statuses" connection will only return text-only posts the user made. We'll update the documentation to clarify that.
Related
I've been working with the Podio API for nearly a year now and have rarely had issues, but I recently ran into one that I can't figure out. I'm not even sure how to test what is going on. When an item is created, I have a webhook to a script which will send an http GET request to an item and perform a number of functions. The script runs just fine and has never run into any issues, unless I create a number of items in quick succession (15 or so). If I do this, a certain number will finish successfully, and then I will suddenly get the following error with each new call:
2016-11-14 16:41:14 401 GET /item/514610204
2016-11-14 16:41:14 Reponse: {"error_parameters":{},"error_detail":null,"error_propagate":false,"request":{"url":"http:\/\/api.podio.com\/item\/514610204","query_string":"","method":"GET "},"error_description":"invalid_request","error":"unauthorized"}
If I wait a minute or so, it begins working again.
I'm authenticating with username and password. Does anyone know what is going on or how to check what is going on? The podio.log has not been helpful in this situation.
(UPDATE)
The issue is that I am hitting an authentication request rate limit because I haven't been using a session manager. I'm now attempting to do this, but having issues. My code using the Redis setup is as follows:
require_once 'models/PodioRedisSession.php';
Podio::set_debug(true, 'file');
Podio::setup($client_id, $client_secret,array(
"session_manager" => "PodioRedisSession"
));
Podio::$auth_type = array(
"type" => "password",
"identifier" => "MY_EMAIL"
);
Podio::$oauth = self::$session_manager->get(Podio::$auth_type); //ERROR IS ON THIS LINE
if (!Podio::is_authenticated()) {
Podio::authenticate_with_password('MY_EMAIL', 'MY_PASSWORD');
}
which gives me the following error: Cannot access self:: when no class scope is active.
Am I on the right track to get the session manager working with password authentication? The error occurs on the commented line.
(UPDATE)
I was finally able to get the system running properly. The code above is correct. The server just needed to be reset (Windows server) for Redis to take affect.
If your script is authenticating to Podio each time an item is created, it is possible that you are running into the Podio API’s rate limit on authentication requests.
Are you generating a new auth token each time the script is triggered by your webhook? The Podio client libraries include some general documentation on session management that may be useful!
To avoid hitting this limit you should authenticate with the API once and then store the oauth and refresh tokens that at are returned from the API. Redis will do the trick. Then you use the oauth token for all subsequent requests.
An example can be found here [1]
Your oauth token will be valid for at most 28 days. When it's no longer valid you will need to obtain a new oauth token using the refresh token you received when you first authenticated. [2]
[1] https://developers.podio.com/authentication/username_password
[2] https://developers.podio.com/authentication
As per the API: https://github.com/justintv/Twitch-API/blob/master/v3_resources/channel_feed.md#get-feedchannelposts
I have tried using PHP and cUrl to get the latest channel feed comments. This is the URL I am polling:
https://api.twitch.tv/kraken/feed/:username/posts
Obviously with :username as my actual username. I am also passing:
"oauth_token" => "[MY OAUTH TOKEN]"
I know that this procedure normally works because I am using it to get normal info about the channel and followers info. Though trying it with the feed posts I get this message back (after JSON decoding it):
Array
(
[error] => Forbidden
[status] => 403
[message] => Channel feed is disabled
)
When I set up the authorization for the account using oauth I included the following scope for allows:
user_read user_blocks_edit user_blocks_read user_follows_edit channel_read channel_editor channel_commercial channel_stream channel_subscriptions user_subscriptions channel_check_subscription chat_login channel_feed_read channel_feed_edit
As far as I know that is everything so not sure why it's coming up as forbidden, and as I mentioned I am using other parts of the API so not sure whats wrong here... Any ideas or help is greatly appreciated :)
I am by no means an expert on twitch's API but I'll give it a shot. Looking through their github documentation it shows 3 ways of sending access token for authentication.
Is it possible you're sending the token in the HTTP body? It explicitly states that this won't work with GET and DELETE methods, which could be giving you an error when trying to GET channel feed posts. Hope this helps.
EDIT: Yousimply don't have channel feed enabled on your account. It's currently opt-in because it's in beta. See: http://help.twitch.tv/customer/portal/articles/2377877-how-to-use-channel-feed
I have successfully implemented "Login with Google" feature and everything works perfectly but I would like to add one extra feature - "Disconnect Your Google Account".
I can easily remove a row from "auth" table (user_id, source, source_id) but I would like to remove it from:
https://security.google.com/settings/security/permissions
too!
I guess I have to use a PHP client library for accessing Google APIs: https://github.com/google/google-api-php-client
And that's okay. But I'm not sure about sending GET and POST requests - when user is logging first time I can save in my database data such as:
(
[access_token] => MY_ACCESS_TOKEN
[token_type] => Bearer
[expires_in] => 3599
[id_token] => MY_ID_TOKEN
)
But what about expiring? They don't login everytime - they will be logged for couple of weeks or even months and that means my token data can expired?
Thank you.
The latest specification for connecting to the BigCommerce API recommends using OAuth since the simple auth method will soon be deprecated.
I have been using the BigCommerce API within some PHP scripts that access the Store API for my store. These scripts do relatively simple things like update product names, update product prices, etc.
I'm confused as to how I transfer these scripts over to use the new OAuth system. Everything I am reading makes it seem like OAuth is based around developing an actual app that a user installs and authorizes to access their store. However, this is clearly not my use case, and has left me very confused.
A simple example would be a script to retrieve products from my store. I would simply run this code in a PHP file:
Bigcommerce::configure(array(
'store_url' => 'https://www.my-store.com',
'username' => 'my_username',
'api_key' => 'xxxxxxxxxxxxxxxxxxxxxxxxxxxx'
));
Bigcommerce::setCipher('RC4-SHA');
Bigcommerce::verifyPeer(false);
Bigcommmerce::getProducts();
How can I achieve this same thing using OAuth? Is it even possible?
I would probably create a quick "app" to get a Client ID, Client Secret & Token. Then use those credentials for authentication externally. So you would install an "authentication app" but execute your code from outside of BC.
Note that this is not that different from how an installed app that is iframed in works.
PS, I have not actually tried this but in theory it should work.
I realize this may be a bit off-topic as I see you're using PHP and my experience has been with C# but thought I'd add my comments on the issue so maybe someone will benefit:
I've been working on this same type of oauth token issue and the docs haven't been much help, but once I got going I finally managed to get the app setup by creating my SSL callback page locally on my server. Once I specified that URL in the app settings I was all set. The caveat being I had to do perform the 'install' from the server itself since it wasn't a public URL while logged into BC as the store owner. I was then able to get the temporary token from the querystring and post back to https://login.bigcommerce.com/oauth2/token and obtain the permanent token from the response stream.
One thing their API rep did mention that may be of interest is that eventually you're going to need to refresh the 'permanent' token every 60-90 days or so once they get their end in order.
#developerscott is perfectly correct, but just to add on to your question on how to achieve the same thing as your code using oAuth with the BC PHP API SDK
Once you have an oAuth access token and the client_id of an app you created, you can use them to utilize oAuth in your PHP scripts. You just need to provide those credentials into the Bigcommerce::configure() method like so, instead of the username and api_key properties:
Bigcommerce::configure(array(
'store_hash' => 'abcdef',
'client_id' => '123xxxx321',
'auth_token' => 'xxxxxxxxxxxxxxxxxxxxxxxxxxxx'
));
Bigcommerce::setCipher('RC4-SHA');
Bigcommerce::verifyPeer(false);
Bigcommmerce::getProducts();
I found a whole bunch of related questions here, but since Twitter had made a lot of changes in its API, most of them are outdated (+ nothing actually solved my problem).
So My website is a semi social network (with posts, likes comments etc). The user has the option to post to twitter and facebook through my site. Everything is working just fine, posts are finding their way to both FB and TW.
I'm using Twitter oauth php library, posting is done like so:
$response = $connection->post("statuses/update", array('status' => "Tweet"));
but when if I want to verify user's credentials like so:
$response = $connection->get("account/verify_credentials.json");
I get:
[0] => stdClass Object
(
[message] => Sorry, that page does not exist
[code] => 34
)
I don't think the problem is in the authentication process nor in the app settings, for I was able to post a tweet but got that same error, both using the same access token (and obviously the same app).
apparently you get this 34 error for a variety of cases, the documentations is so ambiguous about it.
So any troubleshooting techniques are appreciated.
Just use
$response = $connection->get("account/verify_credentials"); // Remove the .json