Access token - Build2024-03-19T04:25:58Zhttp://build.ning.com/forum/topics/access-token?xg_source=msg_com_forum&id=6308082%3ATopic%3A1633&feed=yes&xn_auth=noHi,
I use NING PHP API to acc…tag:build.ning.com,2013-04-17:6308082:Comment:218922013-04-17T10:45:54.619ZLuís Gasparhttp://build.ning.com/profile/LuisGaspar
<p>Hi,</p>
<p>I use NING PHP API to access users info in three networks I own.</p>
<p>I always use the network creator credentials on every network as well as the every network API consumer / secret tokens.</p>
<p>The code I use on the three networks it's the same, but in one of my networks I randomly receive an error message saying "Only administrators can view email address of members".</p>
<p>Removing the email field in the $extraFields in the NingUser.php file is not an option to me because…</p>
<p>Hi,</p>
<p>I use NING PHP API to access users info in three networks I own.</p>
<p>I always use the network creator credentials on every network as well as the every network API consumer / secret tokens.</p>
<p>The code I use on the three networks it's the same, but in one of my networks I randomly receive an error message saying "Only administrators can view email address of members".</p>
<p>Removing the email field in the $extraFields in the NingUser.php file is not an option to me because I need to get the user email address and as stated by Devin the email field is available to the network creator.</p>
<p>This happens in both the production and test network.</p>
<p>I already checked the network creator credentials as well as the API consumer / secret values.</p>
<p>I already submitted a ticket in the network where this issue is happening but the answer I got suggest me to put the question is this forum.</p>
<p>Any advice on what could be the cause of this problem?</p>
<p><br/> Thanks,</p>
<p>Luis Gaspar</p>
<p><br/> <cite>Devin said:</cite></p>
<blockquote cite="http://build.ning.com/forum/topics/access-token?commentId=6308082%3AComment%3A3214#6308082Comment3312"><div><div class="xg_user_generated">By default, the Ning API library requests the 'email' field. This field is only accessible to the Network Creator to prevent malicious members from harvesting email addresses. You can remove this field from the request by editing the $extraFields array found in the objects/NingUser.php file.</div>
</div>
</blockquote> HiWe are building an external…tag:build.ning.com,2012-07-17:6308082:Comment:173452012-07-17T05:40:22.793ZPrabhjot Singhhttp://build.ning.com/profile/PrabhjotSingh
<p><span>Hi</span><br></br><br></br><span>We are building an external application outside NING to be used by our NING community members. We would like to implement login functionality for the members such that our members if already logged in into NING can access the external application without login. Is their any cokkies our PHP application read to know if user is already logged in or not. The other option we are trying is login using NING PHP APIs. Here we are asking user to enter email and password…</span></p>
<p><span>Hi</span><br/><br/><span>We are building an external application outside NING to be used by our NING community members. We would like to implement login functionality for the members such that our members if already logged in into NING can access the external application without login. Is their any cokkies our PHP application read to know if user is already logged in or not. The other option we are trying is login using NING PHP APIs. Here we are asking user to enter email and password which are being passed on to the NING using APIs along with consumer and secret keys. Till this points it works that returns an array with access token. But we are stuck with how to get other details like author, ning profile url, screenname etc. </span><br/><br/><span>Following is the code we are using:</span><br/><br/><span>$email = "someemail@domain.com";</span><br/><span>$password = "XXXXX" ;</span><br/><br/><br/><span>$ningApi = new NingApi();</span><br/><br/><span>$ningApi->login($email,$password);</span><br/><br/><br/><span>try</span><br/><span>{</span><br/><span>$ningApi = new NingApi($subdomain, $consumer_key, $consumer_secret, $email, $password);</span><br/><br/><span>if($ningApi)</span><br/><span>{</span><br/><span>print_r($ningApi); // THIS IS WORKING</span><br/><span>}</span><br/><br/><span>// Get the most recent photo</span><br/><span>$result = $ningApi->photo->fetchNRecent(); //THIS IS WORKING. THIS GETS THE RECENT PHOTO IN THE COMMUNITY.</span><br/><br/><span>print_r($result); //THIS IS WORKING</span><br/><br/><span>$recent = $ningApi->user->fetchRecent(); // THIS IS SHOWING 'FAIL'</span><br/><span>}</span><br/><span>catch(Exception $e)</span><br/><span>{</span><br/><span>echo "Fail";</span><br/><span>}</span><br/><br/><br/><span>Anybody have done anything of this kind??</span></p> So I got this working in Pyth…tag:build.ning.com,2012-01-25:6308082:Comment:163112012-01-25T16:52:49.115ZRyan Anonhttp://build.ning.com/profile/RyanAnon
<p>So I got this working in Python not curl. I'm not sure what was wrong with my curl, I will note that I did change apiexample to the name of the Ning network I'm working with.</p>
<p>So I got this working in Python not curl. I'm not sure what was wrong with my curl, I will note that I did change apiexample to the name of the Ning network I'm working with.</p> I'm in the same position as y…tag:build.ning.com,2012-01-25:6308082:Comment:162112012-01-25T15:17:03.545ZRyan Anonhttp://build.ning.com/profile/RyanAnon
<p>I'm in the same position as you were. I'm using curl and python to attempt to get an access token. In the end I'll use C# to interact with I've attempted to login with a user who is apart of the member role, administrator role and the creator account. For the first two I receive</p>
<p>{<br></br> "success" : false,<br></br> "reason" : "Invalid username",<br></br> "status" : 401,<br></br> "code" : 1,<br></br> "subcode" : 23,<br></br> "trace" : "c2406933-e55d-40c0-9a4c-612f56082e4c"<br></br>}</p>
<p></p>
<p>When I try…</p>
<p>I'm in the same position as you were. I'm using curl and python to attempt to get an access token. In the end I'll use C# to interact with I've attempted to login with a user who is apart of the member role, administrator role and the creator account. For the first two I receive</p>
<p>{<br/> "success" : false,<br/> "reason" : "Invalid username",<br/> "status" : 401,<br/> "code" : 1,<br/> "subcode" : 23,<br/> "trace" : "c2406933-e55d-40c0-9a4c-612f56082e4c"<br/>}</p>
<p></p>
<p>When I try to get the token using the creator account, I receive</p>
<p></p>
<p>{<br/> "success" : false,<br/> "reason" : "Only members are allowed to make this request.",<br/> "status" : 403,<br/> "code" : 2,<br/> "subcode" : 4,<br/> "trace" : "b8b79e05-0114-4c84-bad7-4ac114674bb5"<br/>}</p>
<p></p>
<p>I'm using Burp proxy and I can see I'm doing the HTTP POST. The command line I'm using is the following. Should I be replacing anything else in here with something related to my ning site? The proxy is telling me that I'm failing to authenticate to external.ningapis.com but the login is valid for the ning site.</p>
<p>curl --insecure --proxy https://localhost:8008 -u testuser@gmail.com -d "oauth_signature_method=PLAINTEXT&oauth_consumer_key=xxxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx&oauth_signature=xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx" "https://external.ningapis.com/xn/rest/apiexample/1.0/Token?xn_pretty=true"</p>
<p></p>
<p>Any pointers would be greatly appreciated.</p>
<p></p>
<p>Regards,</p>
<p> Ryan</p> I solved it: I forgot to appe…tag:build.ning.com,2011-07-12:6308082:Comment:64212011-07-12T19:30:04.190ZFranco Mercallihttp://build.ning.com/profile/FrancoMercalli
<p>I solved it: I forgot to append %26 to the end of the oauth_signature.</p>
<p>However, I'm stuck to the next step and I'm not able to use the returned credential to access a resource...</p>
<p>(<a href="http://build.ning.com/xn/detail/6308082:Comment:6610" target="_self">http://build.ning.com/xn/detail/6308082:Comment:6610</a>)</p>
<p>I solved it: I forgot to append %26 to the end of the oauth_signature.</p>
<p>However, I'm stuck to the next step and I'm not able to use the returned credential to access a resource...</p>
<p>(<a href="http://build.ning.com/xn/detail/6308082:Comment:6610" target="_self">http://build.ning.com/xn/detail/6308082:Comment:6610</a>)</p> Devin,
I tried to access the…tag:build.ning.com,2011-07-11:6308082:Comment:66072011-07-11T22:25:36.599ZFranco Mercallihttp://build.ning.com/profile/FrancoMercalli
<p>Devin,</p>
<p>I tried to access the API through poster, and I got an error message similar to the above:</p>
<p><strong>The oauth_signature is invalid. That is, it doesn't match the signature computed by the Service Provider.</strong></p>
<p>As an oauth_signature I used the consumer secret I got at the page http://test-60e19eo4d305919359c2.ning.com/main/extend/keys of my test network.</p>
<p>Is that wrong? What should I use instead?</p>
<p>I'm totally a newbie at Oauth, so I guess it's…</p>
<p>Devin,</p>
<p>I tried to access the API through poster, and I got an error message similar to the above:</p>
<p><strong>The oauth_signature is invalid. That is, it doesn't match the signature computed by the Service Provider.</strong></p>
<p>As an oauth_signature I used the consumer secret I got at the page http://test-60e19eo4d305919359c2.ning.com/main/extend/keys of my test network.</p>
<p>Is that wrong? What should I use instead?</p>
<p>I'm totally a newbie at Oauth, so I guess it's probably something very stupid on my side.</p>
<p>I attach below the screenshots of the POST I sent out and the resulting response.</p>
<p>Thanks in advance for your support.</p> By default, the Ning API libr…tag:build.ning.com,2011-04-12:6308082:Comment:33122011-04-12T16:13:40.404ZDevinhttp://build.ning.com/profile/Devin
By default, the Ning API library requests the 'email' field. This field is only accessible to the Network Creator to prevent malicious members from harvesting email addresses. You can remove this field from the request by editing the $extraFields array found in the objects/NingUser.php file.
By default, the Ning API library requests the 'email' field. This field is only accessible to the Network Creator to prevent malicious members from harvesting email addresses. You can remove this field from the request by editing the $extraFields array found in the objects/NingUser.php file. After a bit of debugging, it…tag:build.ning.com,2011-04-07:6308082:Comment:32142011-04-07T05:58:39.207ZChrishttp://build.ning.com/profile/Chris
<p>After a bit of debugging, it seems that calling "new NingApi" triggers a login with the default username / password, which is successful. Then calling "->login" triggers another login, which is unsuccessful.</p>
<p> </p>
<p>Turns out I need to call:</p>
<p> </p>
<blockquote><p>$ningApi = new NingApi($subdomain, $consumer_key, $consumer_secret, $email, $password);</p>
</blockquote>
<p> </p>
<p>and then I don't need to call "login" separately - the constructor has already done it. Nice one…</p>
<p>After a bit of debugging, it seems that calling "new NingApi" triggers a login with the default username / password, which is successful. Then calling "->login" triggers another login, which is unsuccessful.</p>
<p> </p>
<p>Turns out I need to call:</p>
<p> </p>
<blockquote><p>$ningApi = new NingApi($subdomain, $consumer_key, $consumer_secret, $email, $password);</p>
</blockquote>
<p> </p>
<p>and then I don't need to call "login" separately - the constructor has already done it. Nice one Jens!</p>
<p> </p>
<p>Now all I need to do is work out how this non-admin user can retrieve their own profile info. I keep getting the error "<span style="white-space: pre;">Only administrators can view email address of members (403) 2-4</span>" when using</p>
<p> </p>
<p></p>
<p>$NingUser= new NingUserTest();</p>
<p>$userObj = $NingUser->testFetch('screenname');</p>
<p></p>
<p> </p>
<p>where screenname is the screenname of the signed in user. It doesn't appear to be in the $ningApi object... I'll get there, but if anyone has any helpful hints like Jens did it would be great!</p> Thanks Jens. I added those th…tag:build.ning.com,2011-04-07:6308082:Comment:33042011-04-07T04:47:45.512ZChrishttp://build.ning.com/profile/Chris
<p>Thanks Jens. I added those things into the "new NingApi" line, though I have already added them to NingApi.php in the appropriate places. I also added those two lines at the end of the login function in NingApi.php</p>
<p> </p>
<p>The result is only a tiny bit different unfortunately:</p>
<p> </p>
<hr></hr><p> </p>
<div style="margin-left: 30px;"><p>NULL <br></br>1<br></br><br></br><b>Fatal error</b>: Uncaught The oauth_signature is invalid. That is, it doesn't match the signature computed by the Service…</p>
</div>
<p>Thanks Jens. I added those things into the "new NingApi" line, though I have already added them to NingApi.php in the appropriate places. I also added those two lines at the end of the login function in NingApi.php</p>
<p> </p>
<p>The result is only a tiny bit different unfortunately:</p>
<p> </p>
<hr/><p> </p>
<div style="margin-left: 30px;"><p>NULL <br/>1<br/><br/><b>Fatal error</b>: Uncaught The oauth_signature is invalid. That is, it doesn't match the signature computed by the Service Provider. (401) 1-12 thrown in <b>/home/.../ning-ning-api-php-e6e9a54/src/NingException.php</b> on line <b>56</b></p>
</div>
<p> </p>
<hr/><p> </p>
<p>I assume the new NULL is the response from the extra lines in the login function?</p>
<p> </p>
<p>If I put an incorrect password in, we get:</p>
<p> </p>
<p> </p>
<hr/><p> </p>
<div style="margin-left: 30px;"><p>NULL <br/>1<br/><br/><b>Fatal error</b>: Uncaught Invalid password (401) 1-24 thrown in <b>/home/.../ning-ning-api-php-e6e9a54/src/NingException.php</b> on line <b>56</b></p>
</div>
<p> </p>
<hr/><p> </p>
<p>I'm wondering if the problem is that I need to tell something where to find the public and private certificates...? Would this make a difference, and which should be where? (Should the public one be on Ning's servers, and the private one on mine? I do have one, I think, for the OpenSocial oauth routines, would it be the same one, or am I horribly confusing everything here?</p>
<p> </p>
<p>Thanks for the help Jens!</p> I found the problem. I put up…tag:build.ning.com,2011-04-07:6308082:Comment:33032011-04-07T04:44:46.147ZJens H. Nielsenhttp://build.ning.com/profile/JensHNielsen
<p>I found the problem. I put up a proxy between my mac and NING. The problem is that it sends two requests instead of combining them into one. I did only get debug information for the second request. When I have some time, I will change the code.</p>
<p>This is a complete hobby project so I can't devote much time to it. But we love our hobby projects he he<br></br> <br></br> <cite>Devin said:…</cite></p>
<p>I found the problem. I put up a proxy between my mac and NING. The problem is that it sends two requests instead of combining them into one. I did only get debug information for the second request. When I have some time, I will change the code.</p>
<p>This is a complete hobby project so I can't devote much time to it. But we love our hobby projects he he<br/> <br/>
<cite>Devin said:</cite></p>
<blockquote cite="http://build.ning.com/forum/topics/access-token?commentId=6308082%3AComment%3A3118&xg_source=msg_com_forum#6308082Comment3116"><div><p>For your Objective-C code that you sent me, I believe the issue is that you are trying to send the OAuth data via an 'Authorization' header during the Token request. You need to send the OAuth information as POST data for a Token request and use a 'Basic access authentication', 'Authentication' header.</p>
<p>I think your code is trying to send two Authentication headers: Basic access auth and OAuth.</p>
<p> </p>
<p>Let me know if you need me to explain it a different way, OAuth is tricky.</p>
</div>
</blockquote>