search

codeswholesale / codeswholesale-sdk-php

A PHP wrapper for CodesWholesale's API
Apache License 2.0
36 stars 21 forks source link

cannot authenticate #1

Closed jmgunn87 closed 10 years ago

jmgunn87 commented 10 years ago

I have replaced the list products example with my client id and secret but it throws an exception when i try to connect.

Fatal error: Uncaught exception 'fkooman\OAuth\Client\TokenResponseException' with message 'missing field 'access_token'' in 
codeswholesale-sdk-php/vendor/fkooman/php-oauth-client/src/fkooman/OAuth/Client/TokenResponse.php on line 33

fkooman\OAuth\Client\TokenResponseException: missing field 'access_token' in 
codeswholesale-sdk-php/vendor/fkooman/php-oauth-client/src/fkooman/OAuth/Client/TokenResponse.php on line 33

When I print_r inside that function I see that the response from the server is this,

Array
(
    [error] => unauthorized
    [error_description] => No client with requested id: <my cid>
)
codeswholesale commented 10 years ago

Hi!

Have you changed the endpoint from SANDBOX to LIVE ?

From:

   'cw.endpoint_uri'  =>; \CodesWholesale\CodesWholesale::SANDBOX_ENDPOINT,

To:

   'cw.endpoint_uri'  =>; \CodesWholesale\CodesWholesale::LIVE_ENDPOINT,

Best regards Adam

jmgunn87 commented 10 years ago

I have tried both endpoints

codeswholesale commented 10 years ago

Please try these credentials against sandbox

    'cw.client_id' => 'ff72ce315d1259e822f47d87d02d261e',
    'cw.client_secret' => '$2a$10$E2jVWDADFA5gh6zlRVcrlOOX01Q/HJoT6hXuDMJxek.YEo.lkO2T6',
codeswholesale commented 10 years ago

Let me know if sandbox works for you, we will try with the production's credentials.

jmgunn87 commented 10 years ago

that works for me it seems.

jmgunn87 commented 10 years ago

so it looks like this is an issue with the api keys generated for my account

codeswholesale commented 10 years ago

can you email at devteam@codeswholesale.com your account name ? I'll check that

jmgunn87 commented 10 years ago

sure, thank you. Can I ask, what type of authentication scheme is this code actually using? I see basic auth settings in the code and do you have an example of authenticating using cURL?

codeswholesale commented 10 years ago

Np and sure. We are running with OAuth2 scheme using grant_type = client_credentials.

I don't have any cURL example but tomorrow I can prepare you a preview of request for auth (as in few minutes I have to leave).

Just describing as a first request you should get access token from our endpoint:

https://sandbox.codeswholesale.com/oauth/token

While accessing this endpoint you should provide in POST params client_id (your cid) and client_secret (your password) and grant_type = 'client_credentials'. As a result we send json message with access token.

For every next request you must append token to headers of your requests as follow:

Authorization:Bearer 75113929-f550-1f92-8bbx-84f8911aa83fy

Hope that helps.

jmgunn87 commented 10 years ago

that all seems understandable except i have been sending the client_id and secret as a json POST body

jmgunn87 commented 10 years ago

thanks for the help

codeswholesale commented 10 years ago

Is it working now? And yes as we have https you can send that through GET

jmgunn87 commented 10 years ago

your quicker than me! I am going to take a look tonight and I will get back to you. Thanks for he support

codeswholesale commented 10 years ago

Okie dokie just shout when you have any other questions

codeswholesale commented 10 years ago

Oh, I meant post params! It will be more secured.

jmgunn87 commented 10 years ago

so, i am trying to do this with node.js

var request = require('request');
var clientId = 'ff72ce315d1259e822f47d87d02d261e';
var clientSecret = '$2a$10va$E2jVWDADFA5gh6zlRVcrlOOX01Q/HJoT6hXuDMJxek.YEo.lkO2T6';

request.post({
  url: 'https://sandbox.codeswholesale.com/oauth/token',
  followRedirect: false,
  strictSSL: false,
  headers: {
    Accept: 'application/json'
  },
  form: {
    client_id: clientId,
    client_secret: clientSecret,
    grant_type: "client_credentials"
  }
}, function (err, res, body) {
  console.log(res.headers);
  console.log(err, body);
});

everything seems correct? but i get bad credentials as an error message...

codeswholesale commented 10 years ago

Hello the client secret is wrong

var clientSecret = '$2a$10va$E2jVWDADFA5gh6zlRVcrlOOX01Q/HJoT6hXuDMJxek.YEo.lkO2T6';
// should be
var clientSecret = '$2a$10$E2jVWDADFA5gh6zlRVcrlOOX01Q/HJoT6hXuDMJxek.YEo.lkO2T6';
codeswholesale commented 10 years ago

POST query with curl

curl -k --data "grant_type=client_credentials&client_id=ff72ce315d1259e822f47d87d02d261e&client_secret=$2a$10$E2jVWDADFA5gh6zlRVcrlOOX01Q/HJoT6hXuDMJxek.YEo.lkO2T6" https://sandbox.codeswholesale.com/oauth/token
jmgunn87 commented 10 years ago

excellent, both methods work for me now, thank you.

On Mon, May 26, 2014 at 10:12 AM, codeswholesale notifications@github.comwrote:

POST query with curl

curl -k --data "grant_type=client_credentials&client_id=ff72ce315d1259e822f47d87d02d261e&client_secret=$2a$10$E2jVWDADFA5gh6zlRVcrlOOX01Q/HJoT6hXuDMJxek.YEo.lkO2T6" https://sandbox.codeswholesale.com/oauth/token

— Reply to this email directly or view it on GitHubhttps://github.com/codeswholesale/codeswholesale-sdk-php/issues/1#issuecomment-44171337 .

codeswholesale commented 10 years ago

great, I'm closing this issue