I'm trying to implement a simple Gmail application in a CodeIgniter framework using the Zend Oauth library (here). The stock file works fine, of course, and it's code is here if you want (the included file common.php just has the variables for my oauth keys, etc.).
However, I've been unsuccessful at porting any version of this into the CodeIgniter framework. The problem I keep having is that once I am redirected to the Google page to verify access to my Gmail account, it doesn't ever transfer me back to my own app. It just keeps refreshing the Gmail approval page.
I've tried a barebones adaptation here where I basically just copied and pasted into a controller file.
I've also tried to integrate with some database functionality and to separate retrieving an access token and accessing gmail here.
Neither of these works and just leaves me endlessly refreshing the Gmail grant access page.
Any thoughts?
It sounds like the OAuth callback url isn't being set, which explains why you're not being directed back to your application. Make sure you have the URL helper loaded in your controller $this->load->helper('url');
Related
I have an existing Wordpress website using Woocommerce for the store and need to add a new form to one of the pages. The form is created in Vue and will be speaking to a backend API running on ASP.NET.
Is there a way to hijack the authentication and authorization provided by Wordpress by the backend API? The only solution I can see atm is to either have the user login again (this time to the endpoints going to ASP.NET (super inconvenient for the user)) or somehow when a user logs into the main site, have the PHP script send that to an additional backend endpoint maybe 🤔
The page itself is inaccessible without a user being logged in however, it does mean the endpoints are still open to the world without authentication to the ASP.NET api
I am trying to build a project using CodeIgniter and for sign up purposes, I am using Hybrid Auth library. I am using a link similar to "http://localhost/project/hauth/endpoint?hauth.done=Google" as my redirect URI for facebook and google.
app is working fine with it. But the problem is I can't understand what this "hauth.done" means.
As soon as I allow the permission, it redirects me to the above provided link where I don't know how to receive data/userprofile information.
Here is updated library which works with the latest HybridAuth (v2.10) and CodeIgniter (v3.x)
https://github.com/ApacheEx/CodeIgniter-HybridAuth
hauth.done uses for finishing authorization via Hybrid_Endpoint::process(); which calls processAuthDone to save all needed tokens for later API requests.
It is because you should provide proper redirect URL when call an api and after that when Hauth redirect to your desire page you can retrieve your information according to your code reference.
Otherwise as you are using Codeigniter, in my advice use git reference where you can find complete code for your application directory. In that code they already getting user profile info.
Git repo
I have created a public mobile app that use REST API (created with PHP Slim Framework).
I'd like to restrict public access to those API to only people that are using my app, in order to avoid people to getting the API url and pasting it into their browser to easily access my content, for example.
I have found some methods for authentication, but the problem is that my app is already public so if I set an authentication method on my server, then I have to edit my client app too, but people with old app versions could not access API so the app would be useless.
What is the best options I have in this case, to set restrictions to my API without editing the client app?
Thanks
You need something from your app that can be controllable from your api. Such as modal that shows a message that they need to download the new version to continue use.
The logic will be, when the Client app tries to access your Rest API server, check the version from the client app and reject it, then have a message to download latest app.
If you don't have this, the only way you can do is notify your users about the critical update in your application.
We have a WHMCS installation and a multicraft installation and then the site itself has a login for the user's profile.
Basically what I'm looking to do is have it so if the user has a site account and they enter their login for WHMCS and multicraft basically tying their accounts together, (Real quick, I know how to process the logins for each of these systems individually so that's not my problem here) I would like to be able to have it so if they login to their site account, during the login process it also logs them into the other services in the background. I'm trying to figure out a good way to implement the "background" part of it. WHMCS has an API to validate the login but I've never worked with API's so I'm not sure yet how to exactly do that but I think I can manage that.
WHMCS API (For those interested): http://docs.whmcs.com/API:Validate_Login
What you're building is called single sign-on.
Basically, you have to tell multicraft that instead of looking at its own authentication system, call up on WHMCS to check if the user is already logged in there. The way it works with Facebook or Twitter is called OAuth: http://hueniverse.com/oauth/guide/workflow/ - I guess you should modify multicraft to support something similar. You can find libraries here: http://oauth.net/2/
There's a lib for WHMCS here: http://whmcsaddon.com/products/oauth/
Thanks in advance for reading.
I've been working with facebook login (both php and javascript sdk methods) for a couple of years and I'm facing a particular problem with new apps I'm developing.
I have an app in my localhost configured as virtual directory as follows:
http://localhost/myapp/
On facebook, the following settings of my app are pointing to that url: App Domains, Facebook Login Website, App on Facebook (https and http) and Mobile Web.
When I do the login process and point the redirect_uri to http://localhost/myapp/, it works fine, the cookie is set and I can make queries to the graph api.
The problem comes when I try to use another redirect uri like http://localhost/myapp/user_controller/register (Adds the user to the database). Although it is inside the app url configured on facebook, the SDK outputs an error message (OAuthException | An active access token must be used to query information about the current user. | Code 2500).
I figured out that, to solve this problem for a while, I have to go to the facebook app page: apps.facebook.com/myapp. I have to do it everytime my access_token has expired and, since this app is not intended to be inside facebook, I don't think that this is the best way to solve this.
I hope together we can find a good way to solve this issue and this questions helps future developers.
I'm using CodeIgniter (which I've been using about a year) and Facebook PHP SDK (downloaded directly from the github official repo) as CI library.
Thanks again.
At no point would you get that error during authentication.
I'm pretty sure that you instead have an error in your code that fails to exchange the code for the access_token on the .../register endpoint, and so you end up using an invalid access_token.