Instagram Like API. Posting a like through curl and php - api

I am trying to figure out how to POST a like for Instagram. Click here to view my website for testing this API.
http://ewands.no-ip.biz/Intern/guangjian/instagram/
This is my first time trying the Instagram API. Google it but no tutorial is found on this topic. Below are my PHP code.
Getting the media id:
$api = file_get_contents("http://api.instagram.com/oembed?url=http://instagram.com/p/n5DyHnKWoo");
$apiObj = json_decode($api,true);
$media_id = $apiObj['media_id'];
After the like button is clicked, the URL becomes http://ewands.no-ip.biz/Intern/guangjian/instagram?api=like, so from PHP we run the code below:
if($_GET['api'] == 'like'){
header('location:https://api.instagram.com/oauth/authorize/?client_id=3548d38f15b54dbfb744bf0705fa8198&redirect_uri=http://ewands.no-ip.biz/intern/guangjian/instagram?function=like&response_type=code');
The above will redirect the page to http://ewands.no-ip.biz/intern/guangjian/instagram/?function=like&code=3b50fdbcd0184f979b31f5b0d12354c4 <-- Instagram server added a random code, next, use curl to get the access token:
}
if($_GET['function'] == 'like') {
$code = $_GET['code'];
$url = "https://api.instagram.com/oauth/access_token";
$access_token_parameters = array(
'client_id' => '3548d38f15b54dbfb744bf0705fa8198',
'client_secret' => '97e12a30416d4436a52107d0d1820e91',
'grant_type' => 'authorization_code',
'redirect_uri' => 'http://ewands.no-ip.biz/intern/guangjian/instagram?function=like',
'code' => $code
);
$curl = curl_init($url);
curl_setopt($curl,CURLOPT_POST,true);
curl_setopt($curl,CURLOPT_POSTFIELDS,$access_token_parameters);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false);
$result = curl_exec($curl);
curl_close($curl);
$arr = json_decode($result,true);
$token = $arr['access_token'];
I have tested that I am able to get the token, so far so good, then the next part does not work, I am just trying my luck, since I am not familiar with curl and there are no tutorial out there from Googling for Instagram API tutorial.
$url = 'https://api.instagram.com/v1/media/'.$media_id.'/likes';
$curl = curl_init($url);
curl_setopt($curl,CURLOPT_POST,true);
curl_setopt($curl,CURLOPT_POSTFIELDS,'access_token='.$token);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false);
$result = curl_exec($curl);
}


Instagram returns a # in the token return which renders it useless for $_GET.
The token is only supposed to be used one.
You manually copy it from the URI and then use it accordingly in your code.
It is HIGHLY insecure.
You're over thinking it.

Related

Using OAuth to access 3dCart api

Trying to authorize an 'app' in 3dcart
The api is fairly well documented using Swagger and they have this page w/ instructions https://apirest.3dcart.com/v1/getting-started/index.html#getting-started
You are supposed to make this first call, which is supposed to give you token you use in the subsequent step
https://apirest.3dcart.com/oauth/authorize?
Client_Id=22613fdfc5a6200bece02a29524XXXXX
&state=12345
&response_type=code
&store_url=www.***********.com
&redirect_uri=www.!!!!!!!!!!.com <============== WHAT SHOULD THIS BE
Using postman, I can play with the various parameters.
I beleive clientId should be the guid-ish string you get associated w/ each store that has subscribed to your app.
Store Url - i know this. Should I include the https:// protocol in the string?
It sounds like STATE is just something you pass in and the store parrots it back to you.
redirect_uri - not sure what this is/ should be
I can get status 200 OK, but i am getting an HTML page .
Pasting same URL in a browser, I am getting a login page. I login as an admin user and then get 404 because it is redirecting me to the redirect_uri
??? I really just want to login. I tried passing in a blank uri and omitting the parameter. Both yield
Status 400 Error 101 redirect_uri is required
Am I doing this correctly? Is there an example of authorizing so you can use the API?
I have downloaded the GIT repository. That helps a bit, but still missing something
tyia

Using the URL you're talking about will allow the customer to grant access to your application. The Redirect URI in the URL you have the customer click on MUST match the Redirect URI you have set up on your app in 3dcart Developer.
After that, there are 5 steps to getting the Authorization Token and then use it to work with the 3dcart API.
The redirect URI is your endpoint where 3dcart will send the code.
Step one:
Set up your Redirect URIs: under the Oauth tab on your application on 3dcart Developers
Step 2:
3dcart will post to this URL a "Code". You can get this from the URL with GET
$code = $_GET['code'];
Step 3:
Use Curl (or whatever) to make a postback to 3dcart with the code
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, "https://apirest.3dcart.com/oauth/token");
curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE);
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "POST");
$data = array('Code' => $code, 'client_id' => '{your public app key}', 'client_secret' => '{your private app key}', 'grant_type' => 'authorization_code');
curl_setopt($ch, CURLOPT_POSTFIELDS, $data);
curl_setopt($ch, CURLOPT_HTTPHEADER, array(
'application/x-www-form-urlencoded'
));
$response = curl_exec($ch);
Step 4:
parse the response to get the access_token:
$info = json_decode($response, true);
$access_token = $info['access_token'];
Step 5:
Use the Access token to make calls to 3dcart using the following parameters in curl
$auth = array(
"Content-Type: application/xml",
"Accept: application/json",
"Authorization: Bearer $access_token",
);
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, "https://apirest.3dcart.com/3dCartWebAPI/v2/{API END POINT}");
curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE);
curl_setopt($ch, CURLOPT_HEADER, FALSE);
curl_setopt($ch, CURLOPT_HTTPHEADER, $auth);
$response = curl_exec($ch);
curl_close($ch);

Setting up a Discord oauth2 login on my website (with PHP?)

So I'm having troubles learning how to set up a login through discord on my site. I've been browsing for literally hours and haven't been able to find anything I understand...
At the moment, I have created the discord application, giving me a client ID and client secret, as well as a link back to my localhost:
https://discordapp.com/api/oauth2/authorize?client_id=550631359337594881&redirect_uri=http%3A%2F%2Flocalhost&response_type=code&scope=identify
At the moment I have it set up to redirect from a button to that URL, which then sends me to discord to accept. It then returns me to http://localhost?code=CODE_HERE
However, I don't know what I am supposed to do with this code. I am trying to set it up so that it will show the person's username with hashtag thing, and their profile picture.
I am currently using HTML, CSS, JS, and PHP on the site, but I think I might need to use something else, but I don't know how to set that up, or what it is I need. I am running my local server with XAMPP. I'd prefer if it is just PHP, but I'm open to other options.
Does anyone know how I can convert the code to a username + image?
Thanks in advance!

Try this
Credits to: eslachance
<?php
ini_set('display_errors', 1);
ini_set('display_startup_errors', 1);
ini_set('max_execution_time', 300); //300 seconds = 5 minutes. In case if your CURL is slow and is loading too much (Can be IPv6 problem)
error_reporting(E_ALL);
define('OAUTH2_CLIENT_ID', '1234567890'); //Your client Id
define('OAUTH2_CLIENT_SECRET', 'verysecretclientcode'); //Your secret client code
$authorizeURL = 'https://discordapp.com/api/oauth2/authorize';
$tokenURL = 'https://discordapp.com/api/oauth2/token';
$apiURLBase = 'https://discordapp.com/api/users/#me';
session_start();
// Start the login process by sending the user to Discord's authorization page
if(get('action') == 'login') {
$params = array(
'client_id' => OAUTH2_CLIENT_ID,
'redirect_uri' => 'https://yoursite.location/ifyouneedit',
'response_type' => 'code',
'scope' => 'identify guilds'
);
// Redirect the user to Discord's authorization page
header('Location: https://discordapp.com/api/oauth2/authorize' . '?' . http_build_query($params));
die();
}
// When Discord redirects the user back here, there will be a "code" and "state" parameter in the query string
if(get('code')) {
// Exchange the auth code for a token
$token = apiRequest($tokenURL, array(
"grant_type" => "authorization_code",
'client_id' => OAUTH2_CLIENT_ID,
'client_secret' => OAUTH2_CLIENT_SECRET,
'redirect_uri' => 'https://yoursite.location/ifyouneedit',
'code' => get('code')
));
$logout_token = $token->access_token;
$_SESSION['access_token'] = $token->access_token;
header('Location: ' . $_SERVER['PHP_SELF']);
}
if(session('access_token')) {
$user = apiRequest($apiURLBase);
echo '<h3>Logged In</h3>';
echo '<h4>Welcome, ' . $user->username . '</h4>';
echo '<pre>';
print_r($user);
echo '</pre>';
} else {
echo '<h3>Not logged in</h3>';
echo '<p>Log In</p>';
}
if(get('action') == 'logout') {
// This must to logout you, but it didn't worked(
$params = array(
'access_token' => $logout_token
);
// Redirect the user to Discord's revoke page
header('Location: https://discordapp.com/api/oauth2/token/revoke' . '?' . http_build_query($params));
die();
}
function apiRequest($url, $post=FALSE, $headers=array()) {
$ch = curl_init($url);
curl_setopt($ch, CURLOPT_IPRESOLVE, CURL_IPRESOLVE_V4);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE);
$response = curl_exec($ch);
if($post)
curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($post));
$headers[] = 'Accept: application/json';
if(session('access_token'))
$headers[] = 'Authorization: Bearer ' . session('access_token');
curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
$response = curl_exec($ch);
return json_decode($response);
}
function get($key, $default=NULL) {
return array_key_exists($key, $_GET) ? $_GET[$key] : $default;
}
function session($key, $default=NULL) {
return array_key_exists($key, $_SESSION) ? $_SESSION[$key] : $default;
}
?>

You have the code which is used to authenticate with many endpoints of the discord API. You need the http://discordapp.com/api/users/#me Endpoint. You authenticate with the Authorization Header. Take a look at the Developer Portal to find out more about your endpoint

Instagram API: OAuthPermissionsException in Sandbox mode

I'm trying to post a comment on an Instagram post using the API in sandbox mode but I'm getting the following error:
"code": 400, "error_type": "OAuthPermissionsException", "error_message": "This client has not been approved to access this resource."
I'm using the admin user in sandbox mode, the post I'm commenting on belongs to the same admin user.
Any ideas what I'm doing wrong?
Here's the code I'm using:
$url = 'https://api.instagram.com/v1/media/' . $post_id . '/comments';
$data = array('access_token' => $instagram_access_token, 'text' => $comment_text);
$curl = curl_init($url);
curl_setopt($curl, CURLOPT_POST, true);
curl_setopt($curl, CURLOPT_POSTFIELDS, http_build_query($data));
curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
$response = curl_exec($curl);
curl_close($curl);

You have to authenticate with comments scope permission and then do the comments post API call:
https://www.instagram.com/developer/authorization/

How to get youku access_token

Where can I find the access_token, refresh_token in my youku account?
I found out how to upload video to youku.com using external script with the use of a API, but I need access_token, refresh_token to use it.

You need to authorize your Youku app and to use the get code to obtain a token.
Go to https://openapi.youku.com/v2/oauth2/authorize?client_id={YOURCLIENTID}&response_type=code&redirect_uri={YOURCALLBACKURL}.
Accept the authorization. You will be redirected to your callback URL. Be careful, it should be the same than the one you entered while creating your Youku application (same protocol too).
Use the get parameter code to get your access token by doing a POST CURL call to https://openapi.youku.com/v2/oauth2/token with the following parameters
if(isset($_GET['code']))
{
$url = "https://openapi.youku.com/v2/oauth2/token";
$params = array(
"client_id" => $client_id,
"client_secret" => $client_secret,
"grant_type" => 'authorization_code',
"code" => $_GET['code'],
"redirect_uri" => $callback_url
);
$str_params = http_build_query($params);
$ch = curl_init();
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, $str_params);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
$result = curl_exec($ch);
echo $result;
}
The $result will be a json array containing the access_token {"access_token":"3cc08bffcd48a86a0e540f9ed1be42f4","expires_in":"2592000","refresh_token":"f8d78ce2005c9d1e0b62cd29f61ba3f9","token_type":"bearer"}
More infor here : http://open.youku.com/docs/docs?id=101

You can find the Youku api here: http://open.youku.com/docs/tech_doc.html
It is in Chinese, so I suggest you open this link using google chrome, then right click the page (after it is finished loading) and press 'Translate to English'
Hope this helps

Authentication Errors Trying to Access to the Google Analytics API via http (not using oAuth)

I'm trying to build a simple script to import page view counts for articles published via my CMS. I easily constructed my query using the Google Analytics API query builder which quickly returns the desired result. A scheduled job on my web server will run the query once per day and update and page view counts.
Because I'm only pulling in pageviews, I believe it wasn't necessary to go through the entire oAuth process. This Google account has only one web property and only one profile, so there isn't a routine needed to derive that.
I registered an app and created an API key. I have ensured that Google Analytics is turned on for this profile. Based on my reading of the API, I believe I can pass this key as an http parameter to properly authorize the query.
When I run the query via http, I get an authorization error (401). The query is included below:
https://www.googleapis.com/analytics/v3/data/ga?ids=ga%3A[MY ID]&metrics=ga%3Apageviews&start-date=2012-08-09&end-date=2012-08-23&max-results=50&key=[MY API KEY]
I've Googled many examples of this, but they all seemed to implementing a very elaborate (and in my use case unnecessary) authentication routine. But maybe I'm missing something.
Many thanks in advance.
Kris, frustrated Googler

Use this example to fix 401 error http://dumitruglavan.com/ganalytics-class-access-google-analytics-data-api-with-php/
You need to authorize:
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, "https://www.google.com/accounts/ClientLogin");
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_POST, true);
$data = array(
'accountType' => 'GOOGLE',
'Email' => $email,
'Passwd' => $password,
'service' => 'analytics',
'source' => ''
);
curl_setopt($ch, CURLOPT_POSTFIELDS, $data);
$output = curl_exec($ch);
$info = curl_getinfo($ch);
curl_close($ch);
$auth = '';
if($info['http_code'] == 200) {
preg_match('/Auth=(.*)/', $output, $matches);
if(isset($matches[1])) {
$auth = $matches[1];
} else {
throw new Exception('Login failed with message: ' . $output);
}
}
And after authorize send authorization token in headers:
$headers = array("Authorization: GoogleLogin auth=$auth");
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
$output = curl_exec($ch);
$info = curl_getinfo($ch);
curl_close($ch);