Closed matamalabs closed 1 month ago
Hi, this is not a bug as this library does not offer a Garmin provider class (yet). I'm going to re-label this issue in order to add support for it. Is there a public available API documentation and/or can you provide me with details?
@matamalabs btw where does the method in your code snippet get the $verifier
from? It seems that this parameter is undefined there, which will cause the underlying methods to remove it from the request.
Hi, this is not a bug as this library does not offer a Garmin provider class (yet). I'm going to re-label this issue in order to add support for it. Is there a public available API documentation and/or can you provide me with details?
The Garmin Connect API is private so I'm not available to provide you. You can register on https://developer.garmin.com/gc-developer-program/health-api/
@matamalabs btw where does the method in your code snippet get the
$verifier
from? It seems that this parameter is undefined there, which will cause the underlying methods to remove it from the request.
Actually, I do:
public function getRequestAuthorization(RequestInterface $request, AccessToken|null $token = null):RequestInterface{
$token ??= $this->storage->getAccessToken($this->name);
if($token->isExpired()){
throw new InvalidAccessTokenException;
}
$query = $request->getUri()->getQuery();
$queryList = explode("=", $query);
$params = [
'oauth_consumer_key' => $this->options->key,
'oauth_nonce' => $this->nonce(),
'oauth_signature_method' => 'HMAC-SHA1',
'oauth_timestamp' => time(),
'oauth_token' => $token->accessToken,
'oauth_version' => '1.0',
'oauth_verifier' => $queryList[1],
];
$params['oauth_signature'] = $this->getSignature(
$request->getUri(),
$params,
$request->getMethod(),
$token->accessTokenSecret,
);
$header_auth = sprintf('OAuth %s', QueryUtil::build($params, null, ', ', '"'));
return $request->withHeader('Authorization', $header_auth);
}
From $request param I can get the oauth_verifier, which is added to uri in sendAccessTokenRequest method.
$verifier could be an optional param in getRequestAuthorization method to make the $params with oauth_verifier?
Adding a non-interface parameter to this method is not advised as it is used in several places. This is a provider specific quirk that deviates from the RFC as the oauth_verifier
parameter is usually only used during token requests - the getRequestAuthorization()
method on the other hand is used for API requests with an existing token.
You can simplify fetching the parameter from the URI btw with the following:
$queryList = QueryUtil::parse($request->getUri()->getQuery());
Wait, I need to correct myself: the getRequestAuthorization()
method is also used in the token request method, where the verifier is added from the incoming callback:
Wait, I need to correct myself: the
getRequestAuthorization()
method is also used in the token request method, where the verifier is added from the incoming callback:
In that getRequestAuthorization method from sendAccessTokenRequest method is where I'm needing the oauth_verifier to build the $params array.
In fact, getRequestAuthorization method is only used in sendAccessTokenRequest method.
In that getRequestAuthorization method from sendAccessTokenRequest method is where I'm needing the oauth_verifier to build the $params array
That is the $_GET
parameter from the incoming callback then, which you need to add to the getAccessToken()
method as shown in the example:
In that getRequestAuthorization method from sendAccessTokenRequest method is where I'm needing the oauth_verifier to build the $params array
That is the
$_GET
parameter from the incoming request then, which you need to add to thegetAccessToken()
method as shown in the example:
I do that but I need the oauth_verifier in getRequestAuthorization method to build the $params aray such as:
public function getRequestAuthorization(RequestInterface $request, AccessToken|null $token = null):RequestInterface{
$token ??= $this->storage->getAccessToken($this->name);
if($token->isExpired()){
throw new InvalidAccessTokenException;
}
$query = $request->getUri()->getQuery();
$queryList = explode("=", $query);
$params = [
'oauth_consumer_key' => $this->options->key,
'oauth_nonce' => $this->nonce(),
'oauth_signature_method' => 'HMAC-SHA1',
'oauth_timestamp' => time(),
'oauth_token' => $token->accessToken,
'oauth_version' => '1.0',
'oauth_verifier' => $queryList[1],
];
$params['oauth_signature'] = $this->getSignature(
$request->getUri(),
$params,
$request->getMethod(),
$token->accessTokenSecret,
);
$header_auth = sprintf('OAuth %s', QueryUtil::build($params, null, ', ', '"'));
return $request->withHeader('Authorization', $header_auth);
}
To get the User Access Token for Garmin Connect Api the header "Authorization OAuth..." needs the oauth_verifier to work fine.
Hmm, let me check what the other OAuth1 providers do with this parameter in the signature array, to see if this could be added in general (this might take me a moment).
Hmm, let me check what the other OAuth1 providers do with this parameter in the signature array, to see if this could be added in general (this might take me a moment).
Sure. Thanks.
Ok that was a larger rework - I've added a separate method for the request headers, as the oauth_verifier
is, in fact, part of the signature as per RFC. I can't recall why I still had it in the request URL instead - I think that's a remnant from earlier twitter implementations or something. Funny enough that all of the built-in providers seem to support both (or don't even check for the verifier... who knows).
Can you please check out from dev-main#06f74facb4bbc7167a71a7533bda46832dd660fd
and let me know if the update works for you?
Ok that was a larger rework - I've added a separate method for the request headers, as the
oauth_verifier
is, in fact, part of the signature as per RFC. I can't recall why I still had it in the request URL instead - I think that's a remnant from earlier twitter implementations or something. Funny enough that all of the built-in providers seem to support both (or don't even check for the verifier... who knows).Can you please check out from
dev-main#06f74facb4bbc7167a71a7533bda46832dd660fd
and let me know if the update works for you?
Hi. Sorry for letting you know so late. The update is working for me.
Thank you so much and great job!
That's great news! I'm going to tag it as version 1.0.1
then, which you can use in your composer.json
.
Would you mind sharing your Garmin provider class so that I can add it to the library? Unfortunately applying for API access there has several requirements I cannot fulfil.
To get the User Access Token from Garmin Connect Api, I've used the public method getAccessToken in OAuth1Provider.php. In the public method getRequestAuthorization I've added oauth_verifier in the params:
Because without oauth_verifier I got an error in the response from Guzzle.