I try to get the Live Delegated Authentication to work for the purpose of reading the email addresses.
I am doing this in PHP with the help of the windowslivelogin library. The problem is that I get an error.
I'm not sure what I'm doing wrong, i registered my application on the Azure webpage and got the appid and the secret into the code. This is what i use to initialize the Live Library :
$o = new WindowsLiveLogin();
$o->setAppId('000000004801B670');
$o->setSecret('secret');
$o->setSecurityAlgorithm('wsignin1.0');
$o->setDebug(true);
$o->setPolicyUrl('http://www.google.com/aides.html');
$o->setReturnUrl("http://michaelp.dev.gamepoint.net/framework/mainsite/contactimporter/?service=live");
return $o;
Then I call
$this->LiveLibrary->getLoginUrl()
And after I Login in to Live, it posts 2 things back, $_POST['stoken'] and $_POST['action'].
As soon as I call
$this->LiveLibrary->processLogin($_REQUEST);
It fails and gives back an error that the token is invalid.
I tried getting Consent straight away by making redirecting to
$this->LiveLibrary->getConsentUrl("Contacts.View");
But that gives an 3007 error and says that it cant share the information
According to MS this means the following :
3007
Consent Service API failed in the <method name> method. The application verifier is invalid.
The offer security level requires that a valid application verifier be passed with the request.
I am using the following URL, generated by the library
https://consent.live.com/Delegation.aspx?ps=Contacts.Invite&ru=http%3A%2F%2Fmichaelp.dev.gamepoint.net%2Fframework%2Fmainsite%2Fcontactimporter%2F%3Fservice%3Dlive&pl=http%3A%2F%2Fwww.google.com%2Faides.html&app=appid%3D000000004801B670%26ts%3D1251722931%26sig%3DD2gkM%252F%252FwlRXXfS64NMrV%252Bkt50v6dAOcESblfRk7j%252FUE%253D
I don't understand most of the documentation Microsoft has on this thing, I think its really unclear and chaotic. Also the Sample I tried doesn't work. I get an error message, it can't validate/decode the token. Same I get when I try the processLogin().
Thanks in Advance,
Michael
Related
I am trying to set up Oauth with the YouTube Data API. I had a Laravel app which has Socialite set up. Out of the box YouTube isn't set up with this but I saw that there is a provider for YouTube here:
https://socialiteproviders.netlify.app/providers/you-tube.html
I have done all of the steps outlined on the page along with all routes that I need. I have also done the Oauth set up on Google Developer Console and got the client ID/secret key and set the callback.
When I use the login URL it works where I'm redirected for login with Google. The problem comes when the callback URL is reached. I get the error:
ErrorException
Undefined index: items
This occurs on the provider callback function which has the code:
$user = Socialite::driver('youtube')->user();
I have tried using stateless:
$user = Socialite::driver('youtube')->stateless()->user();
But get the same error. All caches have been cleared. I am pretty sure that the setup was done correctly as I'm also using the Twitch provider from https://socialiteproviders.netlify.app/providers/twitch.html which the setup was similar and it works correctly.
Please can anyone advise? Thanks.
Try selecting the fields you want to access first:
$user = Socialite::driver('youtube')->fields([
'items'
])->user();
I'm facing the same issue. Is it possible that the API has changed? If I take a look at the raw response there
I also stumbled onto this issue:
When I tested it, I did not got the error, but my colleague did so I figured it had something to do with the account that tried to connect.
I changed my approach from:
$user = Socialite::driver('youtube')->stateless()->user();
And just received tokens by doing this:
$socialite = Socialite::driver('youtube');
$code = $request->input('code');
$response = $socialite->getAccessTokenResponse($code);
$response will contain an array of tokens. I used these tokens to connect it to an existing user in my database.
I don't know if this is the solution for your workflow, but it is a way to get around the mysterious error.
The issue is due to YouTube no longer automatically creating a channel for your google/gmail account like it did in the past. This results in responses completely missing an items array.
if you dd($response->getBody()->getContents()) the response for an account that throws an error you'll see this.
I've made a pull request for this here. https://github.com/SocialiteProviders/YouTube/pull/8
The Paysafe API was working perfectly fine in localhost, I was able to complete payment to Netbanx. I started to integrate the system on the website. I have a page for billing information, then a page for card payment where I use paysafe.js to create a token.
Then, I use PHP to get response from the server. This works in local. But online, this last part where I try to settle a payment, I get an error 500. I think it could be because the server is not using HTTPS. I want to know if it's possible that the error 500 is coming from the fact we don't have HTTPS or if it's something else?
P.S: It's complicated to access to the server because of bureaucracy, I don't want to make all the process if it's sure it's not that!
Thank you!
P.S.: I also tried using curl instead, and the response was bool(false).
require_once("config.php");
use Paysafe\Environment;
use Paysafe\PaysafeApiClient;
use Paysafe\CardPaymentService;
use Paysafe\CardPayments\Authorization;
$client = new PaysafeApiClient($paysafeApiKeyId, $paysafeApiKeySecret, Environment::TEST, $paysafeAccountNumber);
$info = new Authorization(array(
//PAYMENT ARRAY (Getting POST variable from previous page)
));
$response = $client->cardPaymentService()->authorize($info);
$statut = $response->status;
That Environment::TEST obviously does not match the production environment (or host-name).
Just enable PHP error reporting for your IP only, in order not to possibly leak any details.
Also check the console there (if any), if that host if even authorized to access the API.
I mean, HTTP500 is an error description just alike "it does not work".
I'm implementing OpenId Connect into my Yii2 app using the yii2-authclient library. I can login and exchange the code for a token with no problems. I've followed most of the code examples on the web and set a successCallback function that gets called once a user successfully logs in. It looks like this:
public function successCallback(ClientInterface $client)
{
$attributes = $client->getUserAttributes();
}
This code gets called, but calling getUserAttributes() results in the following error:
Exception – yii\authclient\InvalidResponseException
Request failed with code: 400, message:
{"error":"invalid_request","error_description":"Token not provided"}
The logs on the id server show a blank client and user, with an error of invalid_token.
I took a close look at the request I make and I see an access_token element. Any ideas what the problem might be? I can provide more information if necessary.
I figured it out. The problem was that the yii2-authclient library was sending the token as a GET parameter and the ID server was expecting it as a POST param. I upgraded the yii2-authclient library and that solved the problem since a recent change sends the parameter as POST instead of GET.
I am trying to retrieve the contents of my calendar using the Outlook REST API, but I am getting weird error responses.
The code is based on the example code supplied by Microsoft in https://github.com/microsoftgraph/php-connect-rest-sample
I have created an application and specified it want access to calendar.read and changed the scope in the testcode, Constants::SCOPE, to include this scope.
After succesfully retrieving a token I can verify that the application requests and sets the correct privileges. After that I try to retrieve the events in my calendar as described at the documentation: https://msdn.microsoft.com/en-us/office/office365/api/calendar-rest-operations#get-series-master-and-single-events-rest
I use the Advanced REST client add-on for Chrome to create a GET request with the following specs:
Url: https://outlook.office.com/api/v2.0/me/events
Headers:
Authorization: Bearer [token]
Prefer: outlook.timezone=Europe/Berlin
The response I get is a 401 status code with the following content for the X-Ms-Diagnostics header:
2000010;reason="ErrorCode: 'PP_E_RPS_CERT_NOT_FOUND'. Message: 'Certificate cannot be found. Certificate required for the operation cannot be found.%0d%0a Internal error: spRPSTicket->ProcessToken failed. Failed to call CRPSDataCryptImpl::UnpackData:Certificate cannot be found. Certificate required for the operation cannot be found.%0d%0a Internal error: Failed to decrypt data. :Failed to get session key. RecipientId=293577. spCache->GetCacheItem returns error.:Cert Name: (null). SKI: d6c3dacffd2b3fba2fb3d6c2b0fcd78680a3acd1...'";error_category="invalid_msa_ticket"
The Www-Authenticate header specifies 'error="invalid_token"' while the token was just received.
Any idea what I am doing wrong?
I think another thing you might be able to check out is the scope when you request the v2 endpoint. for V2 endpoint, the scope is different between Graph API and outlook api. you need to specify scope as "https://outlook.office.com/calendars.read" instead of Graph scope.
I hope it will help.
Basically, the message means that the token you're trying to use is not valid for the operation.
I went through this. This is how I've solved:
I use the suggested scopes here (I was creating an event): https://msdn.microsoft.com/office/office365/APi/calendar-rest-operations#create-events
To get the authorization code I used this URL schema:
https://login.live.com/oauth20_authorize.srf?client_id=[YourClientID]&scope=[ScopeYouNeed]&response_type=code&redirect_uri=[YourRedirectURI]
Then I get the refresh & the access token. And now it's working!
You need to just change the URL from https://outlook.office.com/api/v2.0/me/events to https://graph.microsoft.com/v1.0/me/events
I'm trying to use the OAuthProvider library from PHP.net and of course, it's not documented. I've followed Rasmus' tutorial and I've followed djpate.com's tutorial and neither of them to work for me and Rasmus doesn't link to any source, the source he does link to for examples is confusing and of course, doesn't work when ran.
I seem to always get a "signatures do not match" error which I don't understand really, because I've followed the tutorials to a T.
What's the flow supposed to be anyway?
1. Create consumer key/secret. Check.
2. Get the access token? I get errors -- Where does the signature come from?
3. Get the request token? I get error
I'm trying to create an OAuthProvider so that I can create 1 consumer account that can call my API remotely and it seems like this is very poorly documented for a beginner... in PHP land anyway.
If anyone has any working OAuthProvider libraries or can explain this to me in more detail I would greatly appreciate it.
Thanks in advance.
http://oauth.net/core/1.0a/ tells you the basic flow.
A consumer gets a consumer key and secret.
The consumer gets a request token.
The consumer redirects the user to the provider's authentication endpoint.
The user signs the request token (or doesn't).
The consumer swaps a authentication token for their signed request token.
The consumer uses their authentication token to access protected information.
http://oauth.net/core/1.0a/#signing_process describes how a request is signed.
"The signature process encodes the Consumer Secret and Token Secret
into a verifiable value which is included with the request."
If you are using the pecl oauth/oauthprovider code, the signature is automatically generated on both sides for you (undocumented but true). You can check to see what the signature is by putting the following in the oauthexception catch section in the provider:
catch (OAuthException $E)
{
error_log(print_r($this->provider, true));
echo OAuthProvider::reportProblem($E);
$this->oauth_error = true;
}
and the following in your oauth consumer oauthexception catch section:
catch(OAuthException $E)
{
error_log(print_r($oauth, true));
echo $E->getMessage();
}
In this way you can check your error logs to find out what the signatures are and whether they do in fact not match.
I am having similar error. This seems to be caused, in my case, due to a signature mismatch in http vs https url.
I would check if you are getting re-directed between http and https.