Mobli Oauth Scopes - authentication

I'm having an issue with the access token. Every token I get has a empty scope. Though in my authorize URL, I have set scopes in various combinations. I receive all the token info, but scope is always blank. Below is an example of the authorze URL & output of token.
Auth Url:
https://oauth.mobli.com/authorize?client_id=xxx&response_type=code&state=fa90532ac5dc926609a484b60d9d457e&redirect_uri=http%3A%2F%2Fcontestis.localhost%2Fapis%2Fmobli%2Fweb%2Findex.php&scope=advanced+basic
Token Output:
Array ( [access_token] => xx [token_type] => mobli_user_related [expires_in] => 7776001 [refresh_token] => xx [user] => Array ( [id] => xx13030 [username] => XX [first_name] => XX [last_name] => XX ) [scopes] => )

Related

Getting the "The provided value for the 'redirect_uri' is not valid" error when I try to get the access token

When I try to get the token I get the error:
The provided value for the 'redirect_uri' is not valid. The value must exactly match the redirect URI used to obtain the authorization code.
My redirect uri exactly matches so I don't understand why it is happening.
$TOKEN_ENDPOINT = 'https://login.microsoftonline.com/common/oauth2/v2.0/token';
$params = array(
'grant_type' => 'authorization_code',
'code' => $azureCode,
'clientId' => '7c09ab71-***-****-****-53d7c4438112',
'clientSecret' => 'bnot*******20*[',
'redirect_uri' => 'https://testing.****.com/outlookOauthCallback.php',
'urlAuthorize' => $AUTHORIZATION_ENDPOINT,
'urlAccessToken' => $TOKEN_ENDPOINT,
'urlResourceOwnerDetails' => '',
'scope' => 'Calendars.ReadWrite User.Read'
);
$response = $client->getAccessToken($TOKEN_ENDPOINT, 'authorization_code', $params);
(Trust me the part I turned into stars is exactly the same because I copy pasted)
Even in the response where I returned the params it is exactly the same:
Array
(
[grant_type] => authorization_code
[code] => M51b1b*****-daeec54627b2
[clientId] => 7c09ab71-a*****d7c4438112
[clientSecret] => bnotxds&*&QB***cVLF20*[
[redirect_uri] => https://testing.****.com/outlookOauthCallback.php
[urlAuthorize] => https://login.microsoftonline.com/common/oauth2/v2.0/authorize
[urlAccessToken] => https://login.microsoftonline.com/common/oauth2/v2.0/token
[urlResourceOwnerDetails] =>
[scope] => Calendars.ReadWrite User.Read
)
So how can it still be giving me this error? What am I missing here?
You need specify the redirect_uri in the request url. Something like
var href = 'login.microsoftonline.com/common/oauth2/…'; href += client_id + '&resource=webdir.online.lync.com&redirect_uri=' + window.location.href;

foursquare api return Consumer disabled

We got problem when integrating foursquare api, when our user try to login by foursquare, it got error like
Array (
[meta] => Array (
[code] => 403
[errorType] => not_authorized
[errorDetail] => Consumer disabled.
[requestId] => 5bcec530dd579757288953cb
)
[response] => Array ( )
)

Is there any concept like google plus app access token

I am currently developing an app for Google+. Is there any way to fetch/search public data with out user authentication, I mean, using an app access token
https://www.googleapis.com/oauth2/v1/activities
Yes, see https://developers.google.com/+/api/oauth#apikey which talks about using an API Key instead of using a user login.
Quoting that page:
For Google+ API calls that do not need to identify a particular user, you can use your application API key. This is useful for server-side applications, or web applications that do not require the user to sign in with Google.
[...]
After you have an API key, your application can append the query parameter key=yourAPIKey to all request URLs. The API key is safe for embedding in URLs; it doesn't need any encoding.
You can get the API key via the new Developers Console by going to http://console.developers.google.com/ and selecting your project, then clicking on the APIs & auth tab on the left and then Credentials. There should be a section on the right Public API Access with a button to press to create a new key if one doesn't already exist.
Still no luck,
Here is the response :
Array
(
[url] => https://www.googleapis.com/oauth2/v1/activities?query=stackoverflow&maxResults=100&orderBy=recent&key=54XXXXXXX4723.apps.googleusercontent.com
[content_type] => text/html; charset=UTF-8
[http_code] => 404
[header_size] => 390
[request_size] => 262
[filetime] => -1
[ssl_verify_result] => 0
[redirect_count] => 0
[total_time] => 0.813163
[namelookup_time] => 0.411874
[connect_time] => 0.454496
[pretransfer_time] => 0.605186
[size_upload] => 0
[size_download] => 9
[speed_download] => 11
[speed_upload] => 0
[download_content_length] => -1
[upload_content_length] => 0
[starttransfer_time] => 0.813109
[redirect_time] => 0
[certinfo] => Array
(
)
[primary_ip] => XXX.XXX.XXX.XX
[primary_port] => 443
[local_ip] => 192.XXX.XXX.XXXX
[local_port] => 52227
[redirect_url] =>
)
The answer around the key is correct for general public access. However, the URL you are using is not correct. You want the activities list API I suspect: https://developers.google.com/+/api/latest/activities/list
GET https://www.googleapis.com/plus/v1/people/{userId}/activities/public?key={YOUR_KEY}

$facebook->getSignedRequest(); return the correct value in iframe while return null on my server side

i am building a fan gate for my site to give out some coupon.
here is my code:
<?php
require_once 'facebook.php';
$app_id = "xxxxxxxxxxxxxxx";
$app_secret = "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx";
$facebook = new Facebook(array(
'appId' => $app_id,
'secret' => $app_secret,
'cookie' => true
));
print_r($_REQUEST);
$signed_request = $facebook->getSignedRequest();
echo "<pre>";
print_r($facebook->getSignedRequest());
echo "</pre>";
$signed_request = $_REQUEST["signed_request"];
list($encoded_sig, $payload) = explode('.', $signed_request, 2);
$data = json_decode(base64_decode(strtr($payload, '-_', '+/')), true);
$like_status = $signed_request["page"]["liked"];
print_r($facebook);
?>
I find that the return value of $facebook->getSignedRequest(); is different when i am visiting my apps via apps.facebook.com/xxxxxxxxxxxxxxxxxxxxxx/ and when i am visiting www.coupon.mysite.com/facebook/index.php
via apps.facebook.com/xxxxxxxxxxxxxxxxxxxxxx/:
Facebook Object ( [appId:protected] => 15255288xxxxxxxx [appSecret:protected] => XXXXXXXXXXXXXXXXXXXX[user:protected] => [signedRequest:protected] => Array ( [algorithm] => HMAC-SHA256 [issued_at] => xxxxxxxxxxxxx[user] => Array ( [country] => hk [locale] => en_US [age] => Array ( [min] => 21 ) ) ) [state:protected] => [accessToken:protected] => [fileUploadSupport:protected] => )
via www.coupon.mysite.com/facebook/index.php:
Facebook Object ( [appId:protected] => xxxxxxxxxxxxxxxxxxx[appSecret:protected] => xxxxxxxxxxxxxxxxxx[user:protected] => [signedRequest:protected] => [state:protected] => [accessToken:protected] => [fileUploadSupport:protected] => )
so the fan gate wont work because $facebook->getSignedRequest(); always return null in my server side. I have do the searching for this problem for some days already and still dont understand what is the problem.
Any help is very much appreciated.
^ ... continue from the comments:
First of all, if you do this, your users will hate you; secondly, that plugin is bit of a scam - all it does is uses cookies to store if user has liked a page - but if you delete your cookies, you will be locked out of the content because you won't be able to like the page again. Furthermore, it won't work without Javascript.
All the plugin does is it hooks into the "like" action when user clicks on the like button via
FB.Event.subscribe('edge.create', function(href, response){});
facebook graph api determine if user likes url

PHP_Incomplete_Class Object / Different responses from print_r

When I issue a print_r ($_SESSION) on my local server I receive the following
Array
(
[group] => Rich Primosch
[ok] => 1
[golfer] => Fritz Davis
[uniq] => 38
[fname] => Fritz
[lname] => Davis
[hphone] => 352-487-0597
[cphone] => 352-487-6189
[email] => fritz#hadleyvillage.org
[vid] => 527571
[handicap] => 23
[admin] => 0
[page] => signup.php
)
However when I issue the same print_r ($_SESSION) on the webhost's server I get this response
Array
(
[group] => __PHP_Incomplete_Class Object
(
[__PHP_Incomplete_Class_Name] => window
[curdate] => 1293771600
[datetime] => 1293813211
[monplay] => 1294030800
[wedplay] => 1294203600
[friplay] => 1294376400
[monclose] => 1293750000
[wedclose] => 1293922800
[friclose] => 1294030740
[monopen] => 1293426000
[wedopen] => 1293426000
[friopen] => 1293426000
[ismonopen] =>
[iswedopen] => 1
[isfriopen] => 1
)
[ok] => 1
[golfer] => mysqli_result Object
(
)
[uniq] => 175
[fname] => Fritz
[lname] => Davis
[hphone] => 352-487-0597
[cphone] => 352-487-6189
[email] => fritz#hadleyvillage.org
[vid] => 723234
[handicap] => 23
[admin] => 0
[page] => signup.php
)
Why I even see the incomplete class object, I have no idea. It is never assigned to a $_SESSION variable and yes, the class definition is included before session_start().
There are several differences in the two responses. My question is why? Is there a difference in settings somewhere or is there a programming error.
I have seen many references to the PHP_Incomplete_Class Object but they all say make sure that the class definition proceeds session_start. In my case it does but that should be inconsequential because I only use the object on one page and do not store it in a session.
Suggestions are appreciated.
-dmd-
try var_dump instead in both machines, it may say something interesting, "group" value seems to be an object, of what type? does it have a __sleep() magic method?
ensure your test machine and production server has the same php version to better understand the issue.
#see http://www.php.net/manual/en/language.oop5.serialization.php