search

cosenary / Instagram-PHP-API

An easy-to-use PHP Class for accessing Instagram's API.
http://cosenary.github.com/Instagram-PHP-API
BSD 3-Clause "New" or "Revised" License
1.46k stars 782 forks source link

getLoginUrl() #184

Open benguela opened 8 years ago

benguela commented 8 years ago

Hey guys,

My oauth login for some reason has stopped working on a site I implemented over a year ago. This is how I got the login url

$config = array(
  "apiKey" => "...",
  "apiSecret" => "...",
  "apiCallback" => ".."
);
$instagram = new Instagram($config);
$loginUrl = $instagram->getLoginUrl();

when the browser loads the $loginUrl page instagram displays the following error

"This page could not be loaded. If you have cookies disabled in your browser, or you are browsing in Private Mode, please try enabling cookies or turning off Private Mode, and then retrying your action."

I can get around this problem by unticking Disable implicit OAuth on instagrams Manage Clients dashboard.

But why do I have to uncheck this now when using this library?

doniz commented 8 years ago

i saw instagram added permissions like facebook to be reviewed, so if you want to use the app now, instagram should check your permissions.

screen shot 2015-12-15 at 11 49 38

One more issue i found for this api: https://github.com/cosenary/Instagram-PHP-API/blob/master/src/Instagram.php#L74

now it should be:

<?php

    /**
     * Available scopes.
     *
     * @var string[]
     */
    private $_scopes = array('basic', 'likes', 'comments', 'relationships', 'public_content', 'follower_list');
ghost commented 8 years ago

Hm, strange, benguela, because I tried to use getLoginUrl() method after updating Instagram API with enabled Disable Implicit OAuth flag and it worked correctly.

The difference in Authorize URL between Server-side (Explicit) Flow and Client-Side (Implicit) Authentication is in responce_type parameter:

so, we have response_type=code and response_type=token respectively.

Ok, let's take a look on Deprecated Instagram Developer documentation Authorization section:

Step One: Direct your user to our authorization URL https://api.instagram.com/oauth/authorize/?client_id=CLIENT-ID&redirect_uri=REDIRECT-URI&response_type=code

and

Client-Side (Implicit) Authentication https://api.instagram.com/oauth/authorize/?client_id=CLIENT-ID&redirect_uri=REDIRECT-URI&response_type=token

Nothing changed. Maybe error in other code functionality?