PHP Classes

Problem with Microsoft and Yahoo authentication

Recommend this page to a friend!

      PHP OAuth Library  >  All threads  >  Problem with Microsoft and Yahoo...  >  (Un) Subscribe thread alerts  
Subject:Problem with Microsoft and Yahoo...
Summary:I have some questions about the parameters for CallApi method
Messages:26
Author:Fernando Nascimento
Date:2012-09-25 21:40:21
Update:2013-06-21 04:30:52
 
  1 - 10   11 - 20   21 - 26  

  11. Re: Problem with Microsoft and Yahoo...   Reply   Report abuse  
Picture of Manuel Lemos Manuel Lemos - 2012-10-05 10:25:35 - In reply to message 10 from Arno Buizer
I just realized that the version of the HTTP class on the site was not up to date. That is why the SASL authentication disabling was not working. I just updated the HTTP class now.

Thank you for the support.

  12. Re: Problem with Microsoft and Yahoo...   Reply   Report abuse  
Picture of Manuel Lemos Manuel Lemos - 2012-10-05 10:36:44 - In reply to message 8 from Matt Carpenter
It seems the problem is that the example code was not demonstrating the right flow and was calling the API even before an access token was obtained. That is why Yahoo was requesting the missing authorization value.

I have just uploaded versions of the example code that add the necessary checks.

Yahoo and Flickr API also seem to require that the format and other parameters be part of the signed values and the OAuth class was not considering values passed in the URL.

So, now you need to remove any query parameters from the URL and pass them in the call parameters array.

Since Yahoo ignores those parameters if they are passed in the HTTP Authorization header, I added a workaround in the class to force all OAuth parameters to be passed in the API call URL.

I have added a new example to login with a Yahoo account to demonstrate how it works in practice.

It should work now. Just let me know if you find other problems. Thank you for reporting.

  13. Re: Problem with Microsoft and Yahoo...   Reply   Report abuse  
Picture of Arno Buizer Arno Buizer - 2012-10-05 13:41:32 - In reply to message 12 from Manuel Lemos
Hi,
For yahoo you're example works (but I do not get any userinfo return, maybe because I connect to yahoo with Google..)

But both my previously working Google login and your example do not work anymore and return this error:
Fatal error: Cannot use object of type stdClass as array in [myservers internal path]/voorleden/apis/oauth_client.php on line 1385
(extra context: I am running on a https server, so only change in your example is this: http => https
$client->redirect_uri = 'https://'.$_SERVER['HTTP_HOST'].
dirname(strtok($_SERVER['REQUEST_URI'],'?')).'/login_with_google.php';

in my app I use this (more universeel):
$client->redirect_uri = 'https://'.$_SERVER['HTTP_HOST'].
dirname(strtok($_SERVER['REQUEST_URI'],'?'))."/".basename($_SERVER["PHP_SELF"])."?oaserver=$server";

(the last part because I need to tell my script which server type (Google/Facebook/ etc) is in use... (lets say to combine your seperate examples in one file...)

  14. Re: Problem with Microsoft and Yahoo...   Reply   Report abuse  
Picture of Matt Carpenter Matt Carpenter - 2012-10-05 14:44:44 - In reply to message 13 from Arno Buizer
This worked like a charm for me. Updated the query to return the contact list and everything looks good. I haven't had a chance to test Facebook or Google.

Thank you so much Manuel! This is great work. I really appreciate the help.

  15. Re: Problem with Microsoft and Yahoo...   Reply   Report abuse  
Picture of Manuel Lemos Manuel Lemos - 2012-10-05 21:31:00 - In reply to message 13 from Arno Buizer
Yes, while fixing and inconsistency with the documentation it broke the access token retrieval from OAuth 2 servers like Google. The problem is fixed now and the fixed version was uploaded. Just let me know if you find any more problems.

As for the redirect_uri variable, I could make it detect automatically if you are on SSL but it would probably only work with Apache. I may update the example scripts anyway.

  16. Re: Problem with Microsoft and Yahoo...   Reply   Report abuse  
Picture of Arno Buizer Arno Buizer - 2012-10-10 20:44:31 - In reply to message 15 from Manuel Lemos
as of today I was able to implement your new version, so I skipped one.
this implementation of version oauth-api-2012-10-10 went flawless!
Thanks for your work on it. I still have problems with Yahoo, but the problem can be the validation of the domain for the Yahoo App.
(my domain: https://de-lichtstad-nl.ssl.eatserver.nl/voorleden/ is a sub/sub domain of my provider, by which he lets his clients use their https certificate for free. Yahoo cannot handle this extra layer I think.
This results in a warning from Yahoo anywhere in the process of authentication. At this moment I do not have the time to get deeper into this, to found out where I get stuck...)
I had just a quick look on your blog about this package and I am impressed! A good article with lots of information about Oauth and your package (and how to use it). Good work!

  17. Re: Problem with Microsoft and Yahoo...   Reply   Report abuse  
Picture of Manuel Lemos Manuel Lemos - 2012-10-11 01:48:16 - In reply to message 16 from Arno Buizer
Yahoo needs special care. Parameters need to be passed in the parameters argument array, not in the URL, so they can be signed. Take a look at the Yahoo example script to see how it should be.

  18. Re: Problem with Microsoft and Yahoo...   Reply   Report abuse  
Picture of Fernando Nascimento Fernando Nascimento - 2012-10-18 00:26:53 - In reply to message 17 from Manuel Lemos
Hi Manuel,

Thanks for your support.
I'm still having some problems with yahoo. I already updated my code with your latest versions and my authentication code is exactly like yours.
Oauth class is returning the following error:

Could not retrieve the OAuth access. Error: it was not possible to access the OAuth request token: it was returned an unexpected response status 401 Response: oauth_problem=timestamp_refused&oauth_acceptable_timestamps=1350515616-1350516816

Can you assist me with this one?

Thanks again for your time

  19. Re: Problem with Microsoft and Yahoo...   Reply   Report abuse  
Picture of Manuel Lemos Manuel Lemos - 2012-10-18 02:13:30 - In reply to message 18 from Fernando Nascimento
The error message suggests that the timestamp sent to the site is invalid. This suggests your server machine time may be wrong. If you are in Linux try running ntp to synchromize time from a reliable time server.

  20. Re: Problem with Microsoft and Yahoo...   Reply   Report abuse  
Picture of Arno Buizer Arno Buizer - 2012-10-20 16:05:37 - In reply to message 17 from Manuel Lemos
Hi,
I tried to use your example for yahoo with my yahoo App and I get this result:
you have logged in successfully with Yahoo!
[]
NULL

The NULL is output from: var_dump($user)

I did not get a login request for Yahoo and even after manually login to Yahoo, this info didnot change.
Strange is also that when changing the APPid and secret, I also get this same response...
I only added my APPid and secret to your examplefile: login_with_yahoo.php
(version oauth-api 12-10-10 and http 12-10-05 (on IE9))
Any suggestions what/how I can investigate what happens here?

 
  1 - 10   11 - 20   21 - 26