I have an iPhone app which creates a facebook session and I would like to restore this session on my server to hand off some of the work. I have the iPhone app working perfectly fine, it's just that I am having problems restoring the session - the documentation is lacking, at best (from http://wiki.developers.facebook.com/index.php/Facebook_Connect_for_iPhone -"If you want to call the API from your servers, you just need to get the sessionKey and sessionSecret properties from the session and send them back to your servers", that's it).
I think I have a decent start from what docs I have found, and my php page looks like:
require_once 'facebook.php';
$appapikey = 'key';
$appsecret = 'secret';
$userid = 'id';
$sessionKey = 'key';
$facebook = new Facebook($appapikey, $appsecret);
$facebook->set_user($userid,$sessionKey);
However, when I try to login to this page I get the following error:
Fatal error: Uncaught exception 'FacebookRestClientException' with message 'Session key invalid or no longer valid'
I know that the session is valid because I am still logged in on my iPhone app. Does anybody know how to restore a session that was started on Facebook Connect?
Thank you
i spent a lot of time to find answer but found it already:
$this->facebook = new Facebook($appapikey, $appsecret);
$this->facebook->set_user($fb_id, $sessionKey, null, $sessionSecret);
just post sessionSecret with sessionKey to your server and use it with set_user API method
works perfect for me :)
Related
I'm trying to access users playlist tracks by using the client credentials flow.
Spotify getting playlist documentation: https://developer.spotify.com/web-api/get-playlists-tracks/
Spotify getting client credentials documentation: https://developer.spotify.com/web-api/authorization-guide/
First question, is it possible to get a users playlist tracks using client credentials flow? I'm using this flow since I'm unable to pop up a login box for the user to login.
Secondly, I've tried using https://github.com/jwilsson/spotify-web-api-php client credentials flow (Docs: http://jwilsson.github.io/spotify-web-api-php/authorization.html) by practically copying the code at the bottom of that page:
<?php
include('vendor/autoload.php');
$session = new SpotifyWebAPI\Session('Tobys client id', 'Tobys secret', 'http://localhost/callback');
// Request a access token with optional scopes
$scopes = array(
'playlist-read-private',
'user-read-private'
);
$session->requestCredentialsToken($scopes);
$accessToken = $session->getAccessToken(); // We're good to go!
// Set the code on the API wrapper
$api->setAccessToken($accessToken);
$playlists = $api->getUserPlaylists('USER_ID', array(
'limit' => 5
));
foreach ($playlists->items as $playlist) {
echo '' . $playlist->name . ' <br>';
}
This gives me Notice: Undefined variable: api in /var/www/html/dev/testing.php on line 16
I've also tried creating the API variable using $api = new SpotifyWebAPI\SpotifyWebAPI(); but this says I need user information/ tokens.
Thanks.
First question, is it possible to get a users playlist tracks using
client credentials flow?
Yes, retrieving tracks for a playlist doesn't require user authentication as part of the access token.
I've also tried creating the API variable using $api = new
SpotifyWebAPI\SpotifyWebAPI(); but this says I need user information/
tokens.
Looking at the code (Session class, SpotifyWebapi class), it does look like you should set this up by doing
$api = new SpotifyWebAPI\SpotifyWebAPI();
$session = new SpotifyWebAPI\Session($clientId, $clientSecret, $redirectUri);
$api->setAccessToken($session->getAccessToken());
When that's set up you should be good to use the getUserPlaylists method like you're doing in your example code.
So I want to implement Facebook login on my site. I have dowloaded the SDK, created an app and pasted the app id and secret in.
The problem I am getting is that, while the login flow appears to work and I am getting values returned ok from
facebook->getUser()
and
facebook->getAccessToken()
Calls to
$user_profile = $facebook->api('/me','GET')
throw an exception saying I have no access token.
Since this is unmodified example code straight from the SDK I'm kind of at a loss - if the coding example given doesn't work how am I supposed to figure anything out? :)
Same issue with the code on this page:
https://developers.facebook.com/docs/php/howto/profilewithgraphapi/
Basically that does the same thing but handles the exception so I go round and round in a "login to facebook" loop.
I can see the app added to the list in my facebook profile OK when I log in so that side appears to be working. It seems that either the SDK is broken or the access token I'm getting back is for some reason not valid.
Any help or pointer as to what I've missed would be much appreciated!
Thanks
Justin
Try this
$config['cookie'] = true;
and relogin.
This is from the PHP code I use to login.
Here is the complete flow of the code hope this helps.
Say the page for the FB connect is login.php and I will have the following PHP code on the top of the page
require_once 'src/facebook.php'; //include the facebook php sdk
$facebook = new Facebook(array(
'appId' => FACEBOOK_APP_ID,
'secret' => FACEBOOK_APP_SECRET,
'cookie' => true,
'domain'=> FACEBOOK_CONNECT_DOMAIN
));
$user = $facebook->getUser();
if($user){
// lets set the access token before making a api call.
$new_access_token = $facebook->getAccessToken();
$facebook->setAccessToken($new_access_token);
$user_profile = $facebook->api('/me','GET')
......
......
}else{
// display the fb login
}
I travel a lot and I had a cool idea of making a site, whereiskavi.com, to just show the city I'm in at the time. Simple, I use latitude! Or so I thought.
My research has presented me with a challenge. oauth needs to be prompted from the browser, and obviously I can't authorize every hit. Now I've used apps that don't constantly re-prompt me for authorization, but so far the only way I've been able to do this is to acquire an oauth json string and paste it in, then wait for it to expire. This code below works, but only till an expiration date.
My question - how do I permanently authorize my app to see my account always?
Here's my successful code, so far:
<?php
require_once '../../src/Google_Client.php';
require_once '../../src/contrib/Google_LatitudeService.php';
require_once 'gogeocode-0.2/src/GoogleGeocode.php';
$client = new Google_Client();
$client->setClientId('0000000000000.apps.googleusercontent.com');
$client->setClientSecret('abcdefghijklmnopqrstuvwxyz');
$client->setApplicationName("whereiskavi.com");
$mapsApiKey = 'mApSApIKEy';
$access_token = '{"access_token":"CENSORSHIP_YEAH","token_type":"Bearer","expires_in":3600,"refresh_token":"THIS_MIGHT_BE_SENSITIVE DATA","created":1351291247}';
$client->setAccessToken($access_token);
$service = new Google_LatitudeService($client);
$location = $service->currentLocation->get();
$geo = new GoogleGeocode($mapsApiKey);
$result = $geo->geocode( $location['latitude'].', '.$location['longitude']);
$result = $result['Placemarks'][0];
echo '<h1>'.strtoupper($result['Locality'].', '.$result['AdministrativeArea']).'</h1>';
?>
I really just need to figure out how to have perpetual oauth sessions or something!
My understanding is that the token will live as long as you want it to (Ie. until you revoke it).
I've tried your code above, but am getting the following error:
Fatal error: Uncaught exception 'Google_AuthException' with message 'Error refreshing the OAuth2 token, message: '{ "error" : "invalid_grant" }'
Even tho I have set my clientID/secret etc as configured with Google.
Well, folks, it seems that the API was slightly misleading for me. I've had the same access token in this for almost a month and it seems to keep renewing its self. I'll leave this question open in case anyone has more info - we'll see if it lasts 2 months!
I'm working on building a small web app connecting into the instagram API. Currently using this library on GitHub which makes things a bit easier. I can connect and initially login fine, and the page will display all user data.
But once you refresh the page all the data is lost, and it appears the script can't find my access token anymore. I tried storing this into a PHP session variable - but maybe I'm doing the whole process incorrectly? I just want to keep the same user session throughout an entire website once the OAuth is performed.
You can check out the small app live here: http://spyrestudios.com/demos/instagram-api/index.php
Additionally my callback URL is http://spyrestudios.com/demos/instagram-api/instagammy.php - this is the script which will work right after you connect. But try refreshing the page and all the data is gone! Also here is my bit of code which *should use the library to store the current user's access token:
session_start();
require_once 'Instagram.php'; // the library code
$config = array(
'client_id' => 'f0d225aa955c4bd9ae563f87f831efab', // Your client id
'client_secret' => '377b77afc1274a89bd2df7d77e934689', // Your client secret
'grant_type' => 'authorization_code',
'redirect_uri' => 'http://spyrestudios.com/demos/instagram-api/instagammy.php', // The redirect URI you provided when signed up for the service
);
// Instantiate the API handler object
$instagram = new Instagram($config);
$accessToken = $instagram->getAccessToken();
$_SESSION['InstagramAccessToken'] = $accessToken;
Really struggling for a solution, so I'd appreciate any help I can get. Willing to post examples of my code if needed..
Thanks in advance!
What you have already looks fine (although I have no experience in Instagram), assuming that $accessToken is actually being stored correctly in the session.
But surely at some point you need to feed back in $accessToken so that it can be verified. Like I said, I've not used Instagram before, so I don't know how you would do this.
Just in case you still care..
The problem is that refreshing is hitting the oauth landing page again when you refresh or back, but there is no authorization for it to collect the information from. In theory you could just wrap your setting of the session variable around a check:
$instagram = new Instagram($config);
$accessToken = $instagram->getAccessToken();
if ($accessToken != '')
$_SESSION['InstagramAccessToken'] = $accessToken;
That would stop an unwanted to call to your oauth landing page from clearing the current session value.
But better still would be to have the landing page redirect to a different page for the display. ie have your instagammy.php end there and add a
header("Location: http://spyrestudios.com/demos/instagram-api/dosomethinghere.php");
die();
That way the user won't ever see the "instagammy.php" page in their history and won't be able to go back to it.
This work for me, instead the original file instagammy.php
$instagram = new Instagram($config);
if ($_SESSION['InstagramAccessToken'] == ''){
$accessToken = $instagram->getAccessToken();
$_SESSION['InstagramAccessToken'] = $accessToken;
}else{
$accessToken = $_SESSION['InstagramAccessToken'];
$instagram->setAccessToken($_SESSION['InstagramAccessToken']);
}
I'm writing some backend script for a twitter app and heres how it's going
On the app you click a button that sends you to login.php on my server which logs into my database connects to twitter with my consumer key and secret: $to = new TwitterOAuth($consumer_key, $consumer_secret);
$tok = $to->getRequestToken();
$request_link = $to->getAuthorizeURL($tok);
and then writes the token and secret to the database, sets a session equal to the id in the database of the token and secret and then redirects to the "$request_link"
You then go through the process of logging in and such on twitter and it redirects you to callback.php on my server
Callback.php consists of logging into the database again, getting the new token and secret, and then writing the new token and secret to the database and then prompts you to go back to the app
Then on the app, all I'm trying to do is access the basic credentials$to->get('account/verify_credentials') and it keeps coming back "could not authenticate you"
What am I doing wrong?? Thank you for all the help :)
This is how your last $to should be built before calling verify_credentials:
$to = new TwitterOAuth($consumer_key, $consumer_secret, $tok['oauth_token'], $tok['oauth_token_secret']);
$to->get('account/verify_credentials');
Make sure $tok is the oauth_token and oauth_token_secret you got from:
$tok = $to->getAccessToken();
I assume all the calls are from the same server so there should not be any time sync issues.