Answer + new question
I found out that the code below works just fine on a LIVE server. LinkedIN blocked all requests from localhost.
That established; Does anybody know how to test an application from localhost with LinkedIN OAuth? Because doing this on a live server sucks!
Old Question
I'm trying to connect with Zend_OAuth to LinkedIN. This code used to work, but now it returns an error in http request while I'm trying to retrieve an access token.
Tried checking the LinkedIN api, but the code still seems valid. Tried several scripts but all with the same result.
The config is setup in the preDispatch of my controller
$this->configLinkedin = array(
'version' => '1.0',
'siteUrl' => 'http://'.$_SERVER['HTTP_HOST'].$this->view->baseUrl(false).'/news/index/connectlinkedin',
'callbackUrl' => 'http://'.$_SERVER['HTTP_HOST'].$this->view->baseUrl(false).'/news/index/connectlinkedin',
'requestTokenUrl' => 'https://api.linkedin.com/uas/oauth/requestToken',
'userAuthorisationUrl' => 'https://api.linkedin.com/uas/oauth/authorize',
'accessTokenUrl' => 'https://api.linkedin.com/uas/oauth/accessToken',
'consumerKey' => 'XXX',
'consumerSecret' => 'XXX'
);
And the code in the action to connect to linkedIN is
$this->consumer = new Zend_Oauth_Consumer($this->configLinkedin);
if(!empty($_GET) && isset($_SESSION['LINKEDIN_REQUEST_TOKEN']))
{
$token = $this->consumer->getAccessToken($_GET, unserialize($_SESSION['LINKEDIN_REQUEST_TOKEN']));
// Use HTTP Client with built-in OAuth request handling
$client = $token->getHttpClient($this->configLinkedin);
// Set LinkedIn URI
$client->setUri('https://api.linkedin.com/v1/people/~:(id,first-name,last-name,picture-url)');
// Set Method (GET, POST or PUT)
$client->setMethod(Zend_Http_Client::GET);
// Get Request Response
$response = $client->request();
$this->NewsService->TokenSocialMedia(
$token,
'linkedin',
serialize($response->getBody())
);
$_SESSION['LINKEDIN_REQUEST_TOKEN'] = null;
$this->_helper->flashMessenger(array('message' => $this->view->translate('The CMS is successfully connected to your linkedin account'), 'status' => 'success'));
$this->_helper->redirector('settings#settingSocial', 'index');
}
else
{
$token = $this->consumer->getRequestToken();
$_SESSION['LINKEDIN_REQUEST_TOKEN'] = serialize($token);
$this->consumer->redirect();
}
What am I missing or doing wrong? I use a similair setup for Twitter and that works fine.
UPDATE 20 September 211
I found out that this rule is returning the error:
$token = $this->consumer->getRequestToken();
I'm still clueless why, and reading the linkedin api doesn't help a bit. Will keep you posted.
I got similar problem and after adding openssl extension it was solved
try adding to php.ini this line:
extension=php_openssl.dll
I got the same issue, try to turn off ssl before asking the new consumer :
$httpConfig = array(
'adapter' => 'Zend\Http\Client\Adapter\Socket',
'sslverifypeer' => false
);
$httpClient = new HTTPClient(null, $httpConfig);
OAuth::setHttpClient($httpClient);
Related
OK, I'm trying to use Hybridauth with laravel 4. However I seem to be getting the very common when trying to log in with facebook:
Authentication failed! Facebook returned an invalid user id.
I have read all the other posts, and have had no luck, so just hoping someone may be able to help me.
I followed this tutorial: http://www.mrcasual.com/on/coding/laravel4-package-management-with-composer/
And have tried several other configurations to no success.
Here is my config/hybridauth.php
<?php
return array(
"base_url" => "http://myapp.dev/social/auth/",
"providers" => array (
"Facebook" => array (
"enabled" => true,
"keys" => array ( "id" => "****", "secret" => "****" ),
),
),
);
And here is my route:
Route::get('social/{action?}', array("as" => "hybridauth", function($action = "")
{
// check URL segment
if ($action == "auth") {
// process authentication
try {
Hybrid_Endpoint::process();
}
catch (Exception $e) {
// redirect back to http://URL/social/
return Redirect::route('hybridauth');
}
return;
}
try {
// create a HybridAuth object
$socialAuth = new Hybrid_Auth(app_path() . '/config/hybridauth.php');
// authenticate with Facebook
$provider = $socialAuth->authenticate("Facebook");
// fetch user profile
$userProfile = $provider->getUserProfile();
}
catch(Exception $e) {
// exception codes can be found on HybBridAuth's web site
return $e->getMessage();
}
// access user profile data
echo "Connected with: <b>{$provider->id}</b><br />";
echo "As: <b>{$userProfile->displayName}</b><br />";
echo "<pre>" . print_r( $userProfile, true ) . "</pre><br />";
// logout
$provider->logout();
}));
So, when I access "myapp.dev/social" I'm brought to the facebook sign up page everthing seems to work fine, asks me to allow permissions to myadd.dev. After I click OK I am brought to the following URL: http://myapp.ie/social#_=_ where the error is displayed.
Not sure if this is relevant:
Just from observing other sites that in-cooperate a facebook login.. the redirect URL looks something like http://somesite.dev/subdomain/#_=_ . In other words they have a slash before the #=. Is this my problem, how do I fix it?? Very new to hybridauth so any help greatly appreciated thanks.
Oh I do realize that this post is very similar to other posts but I have yet to find a solution.
UPDATE: the exact error: Authentification failed. The user has canceled the authentication or the provider refused the connection.
In base_facebook.php do following
public static $CURL_OPTS = array(
CURLOPT_CONNECTTIMEOUT => 50,
CURLOPT_RETURNTRANSFER => true,
CURLOPT_TIMEOUT => 60,
CURLOPT_USERAGENT => 'facebook-php-3.2',
CURLOPT_SSL_VERIFYPEER => false,
CURLOPT_SSL_VERIFYHOST => false,
);
protected $trustForwarded = true;
protected $allowSignedRequest = false;
CURLOPT_SSL_VERIFYPEER => false,
CURLOPT_SSL_VERIFYHOST => false
at modules/hybridauth/Hybrid/thirdparty/Facebook/base_facebook.php:128
solved!
For anyone else this is what worked for me: I reset app secret and now works great. No idea why my first app secret key did not work. Spent a ridiculous amount of time trying to fix this error.
Had this error in the past. Solved by modyfying Hybridauth's code myself.
In thirdparty/Facebook/base_facebook.php make sure $CURL_OPTS array uses:
CURLOPT_SSL_VERIFYPEER => false
In my case I was closing session files for performance improvements so I added:
session_start()
inside Storage.php wherever HA::STORE session var is being updated/unset.
Let me know if it helps.
CURLOPT_SSL_VERIFYPEER => false & resetting my app secret key didn't work for me. I was getting this error because of some conflict with privileges I had previously setup. Removing the app from my facebook account did the trick (under privacy settings -> apps).
REMOVE THE TRAILING SLASH !!! (in config/hybridauth.php)
"base_url" => "http://myapp.dev/social/auth/",
should be
"base_url" => "http://myapp.dev/social/auth",
My case was a little bit more specific, but just in case: Be carefull with redirects!
I had an SSL Certificate installed and a redirect to force the user over https, but when I first configured HybridAuth I didn't took this into account. The facebook request was being redirected over to https causing the $_REQUEST data to be lost in the process.
For me the change was, in Hybrid/config.php:
"base_url" => "http://my-site.com/"
to
"base_url" => "https://my-site.com/"
I was having the same issue (although using HybridAuth on Yii) and turns out my app on Facebook was still in Sandbox mode. No source code changes needed on HybridAuth, just needed to turn off Sandbox Mode for the app and suddenly everything worked. Hope this helps.
This happened to me because my SSL is terminated in AWS's load balancer
Just update the config file in your app/config to include the trustForwarded setting
<?php
return array(
'base_url' => 'http://website.com/oauth/auth',
'providers' => array (
'Facebook' => array (
'enabled' => true,
'keys' => array ( 'id' => 'redacted', 'secret' => 'redacted' ),
'trustForwarded' => true,
),
),
);
I had the exact same error message on a wordpress installation using Hybridauth. To find the problem I set up an isolated test with the Facebook PHP SDK (which Hybridauth uses) just to find out that curl_exec was not enabled on my host. Happily, an easy fix.
If you are on apache open you php.ini and delete curl_exec from this line:
disable_functions = curl_exec
Reload your apache configuration and voila :)
Hope this will help somebody.
I have been madly trying to get access token for my users since long. I read at many sites to get it somehow by using getSession() and getting access_token from it... it gives me undefined function error.. I googled that too and all solutions said to use the updated SDK but mine is updated and it still won't work... so I finally got another solution to getting access token but this seems to be giving same access token for all users... any idea where the problem lies? All users certainly can't have same token right?
$app_id = $facebook->getAppId();
$app_secret = $facebook->getApiSecret();
function callFb($url, $params)
{
$ch = curl_init();
curl_setopt_array($ch, array(
CURLOPT_URL => $url,
CURLOPT_POSTFIELDS => http_build_query($params),
CURLOPT_RETURNTRANSFER => true,
CURLOPT_VERBOSE => true
));
$result = curl_exec($ch);
curl_close($ch);
return $result;
}
$params=array('client_id'=>$app_id, 'type'=>'client_cred', 'client_secret'=>$app_secret);
$url = "https://graph.facebook.com/oauth/access_token";
$access_token = callFb($url, $params);
$access_token = substr($access_token, strpos($access_token, "=")+1, strlen($access_token));
The issue is that you are asking for type=client_cred, which tells Facebook that you don't want access token for a user, but an access token for the app. This is used for doing things like accessing insights, the realtime updates API, and public data. If you want to get user data, you should not be passing that flag.
If you really do want to roll your own access to the Graph API, you can certainly do that, following the instructions at https://developers.facebook.com/docs/authentication/ .
You say you're using the PHP SDK but I don't see any mention of it anywhere in your code.
The proper way is this:
<?php
require('facebook.php');
$fb = new Facebook(array('appId' => APP_ID, 'secret' => SECRET));
$user = $fb->getUser();
// if we have a valid user, we're logged in
if ($user)
{
// do stuff with the API using the $fb object
}
else
{
// redirect the user to the authentication page
header("Location: ".$fb->getLoginUrl());
}
Example largely paraphrased from Facebook's SDK Github.
I have the following code:
$twitter = new Zend_Service_Twitter(array('username' => $this->site->twitter_username, 'accessToken' => $this->site->twitter_password));
$response = $twitter->account->verifyCredentials();
print_r($response);
$twitter->account->endSession();
My username is my Login Username on twitter, my $this->site->twitter_password is my Access Token (oauth_token)
Yet I get:
Zend_Rest_Client_Result Object ( [_sxml:protected] => SimpleXMLElement Object ( [request] => /account/verify_credentials.xml [error] => Could not authenticate you. ) [_errstr:protected] => )
I'm unsure where I'm going wrong, any ideas?
I recently blogged about this and have included some instructions that should get you going, let me know if you need any more pointers.
PHP Using Zend framework to display new tweets as KDE notifications
I've written a script that authenticates against Google's OAuth API for Latitude, using Net::OAuth. It correctly authenticates (as I can successfully fetch data out of the API). However, when I try to add an historical entry, I get a 401 Unknown authorization header response. I'm using the following code:
my $location_data = $json->encode(\%data);
$request = Net::OAuth->request("protected resource")->new(
consumer_key => $c_key,
consumer_secret => $c_secret,
token => $token,
token_secret => $token_secret,
verifier => $verifier,
request_url => 'https://www.googleapis.com/latitude/v1/location',
request_method => 'POST',
signature_method => $s_method,
timestamp => time,
nonce => &nonce(),
extra_params => {
key => $s_key
}
);
$request->sign;
$ua->default_header("Authorization", $request->to_authorization_header);
$ua->default_header("Content-Type", "application/json");
my $res = $ua->post('https://www.googleapis.com/latitude/v1/location?key=' . $s_key,
Content => $location_data);
All of the variables are used in the fetch portion of the API, so I know those are all ok. I'm not sure if I'm using the correct URL to post against, and I've tried what's in the sample above, as well as $request->to_url.
Any suggestions would be greatly appreciated.
After some back and forth with the Latitude API team, it was determined that this error comes from the fact that the Content-Type is not actually being set to application/json. Changing the above code to:
$ua->default_header("Authorization", $request->to_authorization_header);
my $res = $ua->post('https://www.googleapis.com/latitude/v1/location?key=' . $s_key,
'Content-Type' => 'application/json',
Content => $location_data);
And everything works as expected.
I have a web app that allows users to connect Facebook account with their account on my site. When the user decides to connect with Facebook, the app requests publish_stream and offline_access permissions, and then stores the Facebook uid and session_key for each user. All this works fine right now.
My problem is migrating to Facebook's new OAuth 2.0 system. I'd like to transform the session keys I have into access tokens. I followed these instructions and everything seemed to work fine; Facebook returned a bunch of access tokens. However, none of them work. When I try to go to a URL such as https://graph.facebook.com/me?access_token=TOKEN-HERE, I get an error that says "Error validating client".
What am I doing wrong?
Also, I'm under the impression that access tokens work just like session keys in that once I have one, I can use it forever (since I request offline_access permissions). Is that correct?
Update:
Below are the exact steps I took to convert a session key into an access token, along with the output I got. Hopefully that will help bring my problem to light.
Step 1: Convert Session Key to Access Token
Code:
$session_key = '87ebbedf29cc2000a28603e8-100000652996522';
$app = sfConfig::get('app_facebook_prod_api'); // I happen to use Symfony. This gets an array with my Facebook app ID and secret.
$post = array(
'type' => 'client_cred',
'client_id' => $app['app_id'],
'client_secret' => $app['secret'],
'sessions' => $session_key
);
$options = array(
CURLOPT_POST => 1,
CURLOPT_HEADER => 0,
CURLOPT_URL => 'https://graph.facebook.com/oauth/exchange_sessions',
CURLOPT_FRESH_CONNECT => 1,
CURLOPT_RETURNTRANSFER => 1,
CURLOPT_POSTFIELDS => http_build_query($post)
);
$ch = curl_init();
curl_setopt_array($ch, $options);
$result = curl_exec($ch);
curl_close($ch);
var_export(json_decode($result));
Output:
array (
0 =>
stdClass::__set_state(array(
'access_token' => '251128963105|87ebbedf29cc2000a28603e8-100000652996522|Dy8CcJzEX8lYRrJE9Xk1EoW-BW0.',
)),
)
Step 2: Test Access Token
Code:
$access_token = '251128963105|87ebbedf29cc2000a28603e8-100000652996522|Dy8CcJzEX8lYRrJE9Xk1EoW-BW0.';
$options = array(
CURLOPT_HEADER => 0,
CURLOPT_URL => 'https://graph.facebook.com/me?access_token=' . $access_token,
CURLOPT_FRESH_CONNECT => 1,
CURLOPT_RETURNTRANSFER => 1,
);
$ch = curl_init();
curl_setopt_array($ch, $options);
$result = curl_exec($ch);
curl_close($ch);
var_export(json_decode($result));
Output:
stdClass::__set_state(array(
'error' =>
stdClass::__set_state(array(
'type' => 'OAuthException',
'message' => 'Error validating client.',
)),
))
From reading your post here is my understanding -
You are tranforming session keys into access keys for each user in your system and storing these keys.
You then test the key using your own page. (Graph.facebook.com/me etc...)
If this is the case
A) You cannot use another users key with your own key. Going to graph.facebook.com would only be valid for the user that the key belongs to and if they were logged in. So for example, if you have my access key you could visit http://graph.facebook.com/YOURID....) but for graph.facebook.com/me to work you would have to be logged in as me.
B) These keys expire every 3 hours (Or there abouts) so it may no longer be valid.
The Platform Upgrade Guide has a section about OAuth 2.0 which includes the instructions for exchanging a session_key for an access_token. You should use this if you already have stored session keys.
For new users, you should use one of the new SDKs or the OAuth2 flow directly which will give you an access token to begin with.