I installed the Google Opauth Strategy and it's working brilliantly. The LinkedIn one acts a little differently; in the directions for this strategy it specifies that no OAuth Redirect URL is needed (on the LinkedIn Developer website). I tried leaving this out, and kept getting this error:
'Invalid redirect_uri. This value must match a URL registered with the API Key.'
This error is also on the demo for the plugin here: http://opauth.org/#demo
So I changed it up a bit and placed my redirect URL there just in case, like my Google one has, and it seemed to have worked! It took me to the LinkedIn login screen, I put in my credentials, and it redirected me back to my application. The trouble is, no data was returned this time.
My defaults in LinkedInStrategy.php looks like this:
public $defaults = array(
'redirect_uri' => 'http://example.com/users/login',
'response_type' => 'code',
'scope' => 'r_fullprofile r_emailaddress r_contactinfo'
);
In my controller I have this:
$_SESSION['log'] = $this->data;
And in my view I have this:
debug($_SESSION['log']);
This is just to see if the data is setting. When I log in with GoogleStrategy.php settings, this line displays all of the data and I use it to log me in. Perfect. But with the LinkedIn strategy, I just get an empty array. Anybody have any ideas?
Edit:
According to the LinkedIn API documentation here, my code returned is the correct code returned upon successful authentication (redirect uri, code, and state in the response URL). So I know everything's correct thus far to connect, just obtaining the data must be different than the $this->data return method stated in the regular Opauth documentation.
I solved it! I changed the redirect_uri back to default:
'redirect_uri' => '{complete_url_to_strategy}oauth2callback',
In the LinkedIn Developer API area, I placed this URL in the OAuth 2.0 Redirect URLs:
http://example.com/auth/linkedin/oauth2callback
So the OAuth Redirect URL DOES need to be set, unlike their instructions here.
2. Create LinkedIn application at https://www.linkedin.com/secure/developer
Enter your domain at JavaScript API Domain
There is no need to enter OAuth Redirect URL
Furthermore, it specifically has to be http://www.example.com/auth/linkedin/oauth2callback. If it is not that URL exactly, it will not work, unless you change some of the config files yourself and the name of functions. My error was that I set a custom page for it to go to, rather than going through its oath2callback function THEN heading to the redirect page.
Related
A am just beginning to familiarize myself with the eBay RESTFUL API, forgive me this basic question, but I found no answer yet.
I have an eBay account since many years ago. I registered a developer account (same eMail address) recently, and I got the Tokens for Sandbox and Production. I have successfully used public APIs like list items, search items, and such, to verify the tokens, by querying some items in eBay.
How do I preceed from here to access data specific to my eBay account, like, for instance, the list of purchases and sales? Somehow I need to connect my app to my live eBay account, I guess, and give my app permissions to read data, but I could not find any matching setting in my eBay account settings nor in the API calls.
Please guide me through the next step: how do I give my app the required permissions, and how do I build a simple read-only query to query, for instance, the items I have purchased.
I think this question does not depend on any programming language, feel free to use any programming language you like.
Many Thanx!
Ok so if we are talking only about Authorization token and calling seller api like orders (in ebay it's called fullfilments i believe).
We need to start with creating User Token.
You can create one here:
Then you need to add ebay redirect URL:
I don't know much about Auth'n'Auth so I will talk only about OAuth
After adding new redirect URL you should add url address for authorization success and failure.
You will be redirected there after authorization.
Now we can test if generation of token works.
For this example i did set my redirect url like that:
We need to click "Test Sign-in" (set radio button to OAuth before)
You should be redirected to website:
You need to sign in with account which have access to sandbox.ebay.com or ebay.com (depends if you are on sandbox or production environment)
After logging in I don't remember if there will be another window with confirmation of App scopes to confirm (I already done it before).
But if that is the case just click confirm button.
Now you should be redirected to https://localhost.com which we did set up as our success redirect url
Url should look like that
https://localhost.com/?code=v%5E1.1%0VeMTI%3D%3D&expires_in=299
That code parameter is much longer btw. And you can see that it's url encoded so you need to decode it before using
And now you are almost at home :D
You have 300 seconds to call a POST request to authorize with that code parameter.
POST https://api.sandbox.ebay.com/identity/v1/oauth2/token
Header required
Remember first screen shot?
You need to go there and get your App ID, Cert ID then concatenate it with ":" then encode it to Base64 and add before that value "Basic " keyword.
In pseudo code it should looks like that:
Authorization:Basic Base64.encode(AppID + ":" + CertID)
Body required
format of Body needs to be "x-www-form-urlencoded" (key:value format basically)
here you need
grant_type:authorization_code
code:{code}
redirect_uri:{redirect_name}
{code} - is value from success authorization url
{redirect_name} - you can find it on screen below marked with red circle
If you did everything right you should get response from ebay
{
"access_token": "v^1.1#i^1#r^0VbbxW1wjv4HZGAAA",
"expires_in": 7200,
"refresh_token": "v^1.1#i^1#f^0#r^FDQ=",
"refresh_token_expires_in": 47304000,
"token_type": "User Access Token"
}
You should save that data, access_token is used for accessing data, refresh_token is used to refresh access_token.
Example request with authToken
GET https://api.sandbox.ebay.com/sell/fulfillment/v1/order?filter=creationdate:[2022-03-31T08:25:43.511Z..]
You need Authroization header:
Authorization:Bearer v^1.1#i^1#r^0VbbxW1wjv4HZGAAA
That's it I guess. To implement that into your app you need to be able to generate the first url which you are redirected to after clicking "Test Sign-in" and that's basically it.
Btw you refresh token like that
POST https://api.sandbox.ebay.com/identity/v1/oauth2/token
Body x-www-form-urlencoded
grant_type:refresh_token
refresh_token:v^1.1#i^1#f^0#r^FDQ=
Header
Authorization:Basic Base64.encode(AppID + ":" + CertID)
I hope that will help someone. :)
I am using Google's PHP API client within a Laravel application to authorize a user via OAuth2 for the Analytics read-only API. I've used similar code on a previous project without issues, but this time it takes me to either Google's My Account page, or YouTube's account page, depending on the account I try to authorize with.
I have verified it is receiving the correct redirect_uri.
Here's some relevant code:
$google = new \Google_Client();
$google->setAuthConfig(resource_path('../client_secrets.json'));
$google->setRedirectUri(url()->to('/google/authorize'));
$google->addScope(\Google_Service_Analytics::ANALYTICS_READONLY);
$google->setAccessType("offline");
$google->setApprovalPrompt('force');
// No code? Then we need to authorize with Google.
if (! $request->has('code')) {
$authUrl = $google->createAuthUrl();
return redirect()->to($authUrl);
}
FIXED.
Turns out Google was redirecting properly but for some reason the code wasn't recognizing it had the code query value attached properly. Split the redirect to a different method and got it working that way.
Error : Security header is not valid
Array
(
[TIMESTAMP] => 2014%2d04%2d29T07%3a24%3a29Z
[CORRELATIONID] => 6af6749c848d6
[ACK] => Failure
[VERSION] => 109%2e0
[BUILD] => 10800277
[L_ERRORCODE0] => 10002
[L_SHORTMESSAGE0] => Security%20error
[L_LONGMESSAGE0] => Security%20header%20is%20not%20valid
[L_SEVERITYCODE0] => Error
)
I am getting this error again and again and cannot move ahead. I had checked all the api username, password and signature, all are correct, but the main problem is that, all the things are already stored in paypal sandbox account but it cannot give back to the page. I mean to say transection is shown in sandbox account but it cannot send forward to the display page. Am I wrong somewhere?
generally this error means you are not using the correct API credentials. If you are convinced your credentials are correct then take a look at your endpoint. Sandbox credentials will not be valid in the production environment and live credentials will produce this error in the sandbox
I had this issue because my login contained "+"(plus) sign. Finally I manually decoded it to "%2B" as described here http://www.zen-cart.com/showthread.php?80849-Plus-sign-%28-quot-quot-%29-in-user-name-causes-security-header-failure-in-Paypal-Express-Checkou and the issue gone.
It doesn't always mean invalid API credential or wrong endpoint
If you're absolutely sure in this info, check the encoding you're making your request with - it should be UTF-8 without Byte-Order Mark (BOM), e.g (in Visual C# .NET)
var requestEncoding = new UTF8Encoding(false); // UTF-8 without BOM
using (var streamWriter = new StreamWriter(request.GetRequestStream(), requestEncoding))
{
streamWriter.Write(requestBody);
}
This is not a default value, and it helped me after an hour of checking everything
Of course, make sure all of your parameters are URL encoded, too
API_USERNAME
API_PASSWORD
API_SIGNATURE
PAYPAL_URL
apart from them change this too:
**
(from Sandbox > Live)**
Wrong credentials Make sure that you've put your API Username, API Password and API Signature correctly. Sometimes it happens that during copy and paste there is accidently a space added, this would trigger this error. Doublecheck this settings in the SDK or in the admin panel of your third party shopping cart.
Wrong Endpoint This error would come up if you send the data to the wrong endpoint. Make sure that you sending the live credentials and data to our live endpoint. When you want to test your store make sure that you use our test endpoint and the credentials from your sandbox test account. If you are using a third party shopping cart, make sure that your store is running in test or live mode, regarding which credentials you are using.
FOR LIVE
https://api-3t.paypal.com/nvp?&user=xxxxxxxxxx&pwd=xxxxxxxxxx&signature=xxxxxxxxxx&version=70.0&METHOD=SetExpressCheckout&RETURNURL=http://www.paypal.com/test.php&CANCELURL=http://www.paypal.com/test.php&PAYMENTACTION=Sale&AMT=50&CURRENCYCODE=USD
FOR SANDBOX
https://api-3t.sandbox.paypal.com/nvp?&user=xxxxxxxxxx&pwd=xxxxxxxxxx&signature=xxxxxxxxxx&version=70.0&METHOD=SetExpressCheckout&RETURNURL=http://www.paypal.com/test.php&CANCELURL=http://www.paypal.com/test.php&PAYMENTACTION=Sale&AMT=50&CURRENCYCODE=USD
For reffrence link
In my application I allow users to connect their Facebook accounts via oauth for the purpose of posting via our interface. We support both page accounts and regular accounts that simply manage pages.
We also inspect the result of the opengraph API call to get a valid URL to their profile, or page. The primary endpoint we use is https://graph.facebook.com/me (with oauth credentials). For some page-only accounts, the returned object has a 'link' value that, when entered into a web browser, 404s.
The bad URLs I have seen fall into two distinct cases:
The URL can be of the form 'www.facebook.com/{page_id}' which 404s on some pages, but not others.
The URL can be of the form 'www.facebook.com/profile.php?id={user_id}' which more often than not 404s.
The only URL format I have seen that works for all accounts is www.facebook.com/profile.php?id={page_id}. In the first case, we detect that the 'link' field isn't of the proper form (using profile.php?id=...), and construct a URL with the proper structure, and it works.
My next heuristic I'm considering adding is to see if the URL is of the proper form....but uses the {user_id} as the id argument to profile.php, and just construct the URL using the {page_id}. Obviously, this is getting ridiculous.
So, is there a good way to know if an account will give back a link that is invalid? Is this a bug in the API? What is the most reliable way to, given a User on the open graph API, to get a working link to their profile/page?
Using 'www.facebook.com/{page_id}' or 'www.facebook.com/profile.php?id={user_id}' will always work - they are both the same. The only reason you'll see a 404 is if the Page has been unpublished / deleted or if the user has deactivated their account.
Introduction:
Hi everyone, i am currently writting a lib to make generic OAuth Requests in C#.
The first part, of getting a Token and a Token secret is working for Twitter and Linkedin already ( RequestTokens ), but as soon as i jump to the Authorization part it does not work for Linkedin,but it does for twitter.
Useful Informations
I am currently using a method to generate AUTHORIZATION_URL for the Request. For Example :
https://api.linkedin.com/uas/oauth/authorize?MyToken
Same for Twitter,using its own url. Both services are getting a correctly generated URL, and the window that pops up when i copy it in the browser is correcly.
After the user hits the button, different things happens depending on the service.
1 - Twitter : The browser redirects me to the Callback Page, and on the url there is a Verifier that i am currently parsing and storing it. Perfect.
2 - LinkedIn : In the sample i have,everything works just as twitter does, but when i use my own lib, there is no redirect for the callback url,instead, i am getting redirected to a url with a oob? tag, and a verifier number is shown in the screen, instead of appearing in the querystring.
Doubt:
What should i do to make sure that the OAuth method i will be using is the Normal one,instead of the Out Of Band method. I am making sure that the CALLBACK URL that i set in the lib, is being used for the Signature on the First Request (REQUEST_TOKEN STEP). Also, twitter works when i do this.
Any idea of whats happening ? Let me know if there is any useful information i can add to make sure that my question will be as complete as possible.
Thanks in advance
I solved it.
I forgot to add the Callback parameter to the Signature in the BaseGenerator,instead, it was commented.
Thanks anyways for everyone