I am trying to access weather API through flash.However, stuck on the last step, of getting values from the API in exchange of access token.The problem is that the access token must be passed through authorization header, and Flash has no way to send the authorization header.That is, it doesnot allow it for security reasons.Is their any solution available for this problem ?
Reference :
https://developer.yahoo.com/oauth2/guide/apirequests/
It says :
Making API Requests ¶ To make API requests, include the access token
in the Authorization header. Note that API requests must be made
securely over HTTPS. The header content comprises of the word Bearer
followed by the access token. Sample Request Header ¶
GET https://social.yahooapis.com/v1/user/abcdef123/profile?format=json
Authorization: Bearer [place your access token here]
Here is the code I am using :
var url = "http://weather.yahooapis.com/forecastrss?w=2444293&u=f"
var access_token = < access token here >
var encoder: Base64Encoder = new Base64Encoder();
encoder.insertNewLines = false;
encoder.encode(access_token);
var urlRequest: URLRequest = new URLRequest("./proxyForYahoo.php");
var urlLoader: URLLoader = new URLLoader();
urlLoader.addEventListener(Event.COMPLETE, onComplete);
urlLoader.addEventListener(HTTPStatusEvent.HTTP_STATUS, onHTTPStatus);
urlLoader.addEventListener(IOErrorEvent.IO_ERROR, onIOError);
urlLoader.addEventListener(SecurityErrorEvent.SECURITY_ERROR, onSecurityError);
urlRequest.method = URLRequestMethod.GET;
urlRequest.contentType = "application/json";
urlRequest.requestHeaders = new Array(
new URLRequestHeader('Authorization', 'Bearer ' + encoder.toString()),
new URLRequestHeader('Accept', 'application/json'),
new URLRequestHeader('Content-Type', 'application/json')
);
var urlVars: URLVariables = new URLVariables();
urlVars.data = url;
urlRequest.data = urlVars;
urlLoader.load(urlRequest);
function onComplete(e: Event): void {
trace("completed---");
trace(e.target.data);
}
function onHTTPStatus(e: Event): void {
trace("onHTTPStatus");
trace(e.target.data);
}
function onIOError(e: Event): void {
trace("onIOError");
}
function onSecurityError(e: Event): void {
trace("onSecurityError");
}
Yahoo proxy :
<?php
$url = $_REQUEST['data'] ;
$ch = curl_init();
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2);
curl_setopt ($ch, CURLOPT_URL, $url);
curl_setopt ($ch, CURLOPT_HEADER, 0);
ob_start();
curl_exec ($ch);
curl_close ($ch);
$string = ob_get_contents();
$content = ob_end_clean();
echo $string;
?>
For further reading see : https://developer.yahoo.com/weather/#get-started=
Below is an example AS3 code for getting Yahoo Weather data without involving Oauth tokens.
Here you would only need a PHP proxy if your SWF is running from non-HTTPS web location. In such a case, just write a PHP version of that getYahooWeather function where it echo's back the str_YahooResponse to any requesting loaders..
Test : Simply update str_Woeid = "2444293"; and test compile.
var str_Woeid : String = "";
var str_YahooRequest : String = "";
var str_YahooResponse : String = "";
var Weather_Loader:URLLoader = new URLLoader();
//# get Yahoo response into : str_YahooResponse : via function
str_Woeid = "2444293"; //# the WOEID of Weather request
getYahooWeather(str_Woeid, "json"); //# choose : "xml" OR "json"
function getYahooWeather( inputStr : String, fmt : String = null ) : void
{
if (fmt == "xml") { fmt = "format=xml" }
else { fmt = "format=json" }
str_YahooRequest = ("https://query.yahooapis.com/v1/public/yql?"
+ fmt //either: =json OR =xml
+ "&q=SELECT%20*%20FROM%20weather.forecast%20WHERE%20u=%27"
+ "f" //temperature fomat : f = farenheit, c = celsius
+ "%27%20AND%20woeid%20=%20%27"
+ inputStr //the WOEID
+ "%27");
Weather_Loader.addEventListener(Event.COMPLETE, onLoaded);
Weather_Loader.load(new URLRequest(str_YahooRequest));
}
function onLoaded(evt:Event) : void
{
//# put weather data to string (then parse as JSON or XML)
str_YahooResponse = evt.target.data;
trace("Yahoo Weather Data ::::::::: " + str_YahooResponse);
}
Now you can use the updated string str_YahooResponse with relevant parser...
for example as : myJSON.parse(str_YahooResponse);.
Related
I'm following this guide on how to write to my database with an authenticated user. I have set the rules properly and am able to post if all the writes are true just fine. When I pass the oauthToken I get when I follow this guide I get "Invalid claim "kid" in auth header". I've seen other questions with this result but I don't think they're doing the exact same things as I am nor are they using the same language.
So how do I authenticate properly? I can get the token and everything else just fine.
Current rule set:
{
"rules": {
"location": {
"$user_id": {
".read": all,
".write": "$user_id === auth.uid"
}
}
}
}
My code:
private function submitNewData(localId:String, authToken:String):void
{
var data:Object = new Object();
data.location = "w0.0rld";
data.description = "hello";
var request:URLRequest = new URLRequest("https://" + FIREBASE_PROJECT_ID + ".firebaseio.com/location/" + uid + ".json?auth=" + authToken);
request.data = JSON.stringify(data);
request.method = URLRequestMethod.POST;
var loader:URLLoader = new URLLoader();
loader.addEventListener(Event.COMPLETE, entrySent);
loader.load(request);
}
private function entrySent(event:flash.events.Event):void
{
trace(event.currentTarget.data); //Invalid claim 'kid' in auth header
}
I've got my manifest file with my version number and an options page. Is there a way to display the installed version and latest available version on the options page without needing to do it manually?
You can get the current version of your extension using chrome.runtime.getManifest().version.
In order to get the "latest version" of your extension, you need to download updates.xml, and extract the version number:
var extensionID = chrome.i18n.getMessage('##extension_id');
var currentVersion = chrome.runtime.getManifest().version;
var url = 'https://clients2.google.com/service/update2/crx?x=id%3D' + extensionID + '%26v%3D' + currentVersion;
var x = new XMLHttpRequest();
x.open('GET', url);
x.onload = function() {
var doc = new DOMParser().parseFromString(x.responseText, 'text/xml');
// Get and show version info. Exercise for the reader.
};
x.send();
If you want to customize your request with PHP, avoiding to update the extension every time Google changes the API, I suggest the following
update_info.php (from your site):
<?php
$last_ver;
$googleupdate = 'http://clients2.google.com/service/update2/crx?response=updatecheck&x=id%3D__id__%26uc';
$ver = $_POST['ver'];
$id = $_POST['id'];
//filter/control for post request very fast for this example
if(isset($id) && isset($ver)){
if(strlen($id)>0){
$urlupdate = str_replace('__id__', $id, $googleupdate);
$last_ver = _GetLastVersion($urlupdate);
if($last_ver>0 && $last_ver>$ver){
echo 'New version available, v'.$last_ver;
}else{
echo 'Your version is update';
}
}else{
echo 'Insert id for response';
}
}else{
echo 'Insert data for response';
}
//if your server do not connect with file_get_contents() use this function
function getContent ($url) {
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_setopt($ch, CURLOPT_RETURNTRANSFER,true);
$output = curl_exec($ch);
$info = curl_getinfo($ch, CURLINFO_HTTP_CODE);
curl_close($ch);
if ($output === false || $info != 200) {
$output = null;
}
return $output;
}
//this function return 0 if error or not content load
function _GetLastVersion($url){
try {
$last=0;
//if you have proble you can use getContent($url)
$xmlcontent = file_get_contents($url);
if($xmlcontent){
$doc = new DOMDocument();
$doc->loadXML($xmlcontent);
$items = $doc->getElementsByTagName('updatecheck');
foreach ($items as $item) {
if($item->getAttribute('version')>0){
return $item->getAttribute('version');
}
}
return $last;
}else{
return 0;
}
} catch (Exception $e) {
return 0;
}
}
?>
in your extension send request to your webpage, now you are in control of your script, you can decide which answer back every time
Below is the code taken from Arun Nagarajan's Example: I am tried the same code to check.. But Its not installing properly. (I removed my redirect url, client id and secret in the below). Please tell me what wrong in the below code.
var AUTHORIZE_URL = 'https://accounts.google.com/o/oauth2/auth';
var TOKEN_URL = 'https://accounts.google.com/o/oauth2/token';
var REDIRECT_URL = 'exec';
var tokenPropertyName = 'GOOGLE_OAUTH_TOKEN';
var CLIENT_ID = '';
var CLIENT_SECRET = '';
function doGet(e) {
var HTMLToOutput;
if(e.parameters.state){
var state = JSON.parse(e.parameters.state);
if(state.action === 'çreate'){
var meetingURL = createMeetingNotes();
HTMLToOutput = '<html><h1>Meeting notes document created!</h1> <click here to open</html>';
}
else if (state.ids){
var doc = DocsList.getFileById(state.ids[0]);
var url = doc.getContentAsString();
HTMLToOutput = '"<html><a href="' +url+'"</a></html>"';
}
else {
zipAndSend(state.ecportIds.Session.getEffectUser().getEmail());
HTMLToOutput = '"<html><h1>Email sent. Check your Inbox.</h1></html>"';
}
}
else if(e.parameters.code){
getAndStoreAccessToken(e.parameters.code);
HTMLToOutput = '<html><h1>App is installed. You can close this window now or navigate to your </h1>Google Drive</html>';
}
else {
HTMLToOutput = '<html><h1>Install this App into your google drive </h1>Click here to start install</html>';
}
return HtmlService.createHtmlOutput(HTMLToOutput);
}
function getURLForAuthorization() {
return AUTHORIZE_URL + '?response_type=code&client_id=' + CLIENT_ID + '&redirect_uri=' + REDIRECT_URL + '&scope=https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fdrive.install+https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fuserinfo.email';
}
function getAndStoreAccessToken(code) {
var parameters = { method : 'post',
payload : 'client_id='+ CLIENT_ID + '&client_secret=' + CLIENT_SECRET + '&grant_type=authorization.code&redirect_uri=' + REDIRECT_URL};
var response = UrlFetchApp.fetch(TOKEN_URL.parameters).getContentText();
var tokenResponse = JSON.parse(response);
UserProperties.getProperty(tokenPropertyName, tokenResponse.access_token);
}
function getUrlFetchOptions() {
return {'contentType' : 'application/json',
'headers' : {'Authorization': 'Bearer ' + UserProperties.getProperty(tokenPropertyName),
'Accept' : 'application/json'}};
}
function IsTokenValid() {
return UserProperties.getProperty(tokenPropertyName);
}
The error showing is: Bad request:undefined
I think the error is inside the function called : getAndStoreAccessToken.
var parameters = { method : 'post',
payload : 'client_id='+ CLIENT_ID + '&client_secret=' + CLIENT_SECRET + '&grant_type=authorization.code&redirect_uri=' + REDIRECT_URL};
Please tell me the correct url format for payload.
The error seems in this line -
var response = UrlFetchApp.fetch(TOKEN_URL.parameters).getContentText();
I think you want TOKEN_URL , parameters (note the comma)
First, if you are trying to access Google Drive from within google apps script, what is the purpose of the authorization? Google drive is available w/o authorization. Are you trying to make your application utilize the gDrive of other users (or on behalf of other users)?
Second, instead of manually performing the authorization, which is very hard to troubleshoot, you can take advantage of Class OAuthConfig which simplifies the authorization/request process. The only disadvantage is that OAuthConfig currently uses OAuth1.0 (which is currently deprecated). Although it's particular use is Fusion Tables, and not drive, this library makes great use of OAuthConfig and .fetch and I have used it to model my own OAuth functions. My example below works great. The googleAuth() function sets up the authorization and then the rest of the application can make authorized requests using UrlFetchApp.fetch(url,options) while google does all the authorization stuff in the background.
function googleAuth(oAuthFields) {
var oAuthConfig = UrlFetchApp.addOAuthService(oAuthFields.service);
oAuthConfig.setRequestTokenUrl("https://www.google.com/accounts/"+
"OAuthGetRequestToken?scope=" + oAuthFields.scope);
oAuthConfig.setAuthorizationUrl("https://www.google.com/accounts/OAuthAuthorizeToken");
oAuthConfig.setAccessTokenUrl("https://www.google.com/accounts/OAuthGetAccessToken");
oAuthConfig.setConsumerKey(oAuthFields.clientId);
oAuthConfig.setConsumerSecret(oAuthFields.clientSecret);
return {oAuthServiceName:oAuthFields.service, oAuthUseToken:"always"};
}
function fusionRequest(methodType, sql, oAuthFields, contentType) {
var fetchArgs = OAL.googleAuth(oAuthFields);
var fetchUrl = oAuthFields.queryUrl;
fetchArgs.method = methodType;
if( methodType == 'GET' ) {
fetchUrl += '?sql=' + sql;
fetchArgs.payload = null;
} else{
fetchArgs.payload = 'sql='+sql;
}
if(contentType != null) fetchArgs.contentType = contentType;
Logger.log(UrlFetchApp.getRequest(oAuthFields.queryUrl, fetchArgs));
var fetchResult = UrlFetchApp.fetch(oAuthFields.queryUrl, fetchArgs);
if( methodType == 'GET' ) return JSON.parse(fetchResult.getContentText());
else return fetchResult.getContentText();
}
I am new to Flex and also new to writing a client for a web service.
My question is more about Flex (Flash Builder 4.5) APIs, what APIs to use.
I want to access a web service, and create a Flex / AIRwrapper for it,
which anyone can use.
Here is the spec of webservice.
I have to do a post on POST https://build.phonegap.com/api/v1/apps
content type has to be "multipart/form-data"
JSON bodies of requests are expected to have the name 'data' and will be something like this:
data={"title":"API V1 App","package":"com.alunny.apiv1","version":"0.1.0","create_method":"file"}
include a zip file in the multipart body of your post, with the parameter name 'file'.
I want to make a 'multipart/form-data' Post and send one string and one zip file.
My first question to self was if I send both string + binary data in the body,
how will server understand where string end and where zip file starts?
Then I read how text + binary data can be sent through "multipart/form-data" post request. There has to be some boundaries.
After this I read and example in flex and tried following it.
http://codeio.wordpress.com/2010/04/03/5-minutes-on-adobe-flex-mimic-file-upload-for-in-memory-contents/
but it doesn't seem to be working for me.
public function createNewApp(cb:Function , appFile : File):void
{
var service:HTTPService = new HTTPService();
service.url = ROOT+"apps";
service.showBusyCursor = true;
service.addEventListener(ResultEvent.RESULT, function(e:ResultEvent):void {
//translate JSON
trace(e.result);
var result:String = e.result.toString();
var data:Object = JSON.parse(result);
cb(data.link);
});
service.addEventListener(FaultEvent.FAULT, defaultFaultHandler); //todo : allow user to add his own as well
authAndUploadNewApp(service,appFile);
}
private function authAndUploadNewApp(service:HTTPService,appFile : File):void {
var encoder:Base64Encoder = new Base64Encoder();
encoder.encode(username + ":"+password);
service.headers = {Accept:"application/json", Authorization:"Basic " + encoder.toString()};
service.method ="POST";
var boundary:String = UIDUtil.createUID();
service.contentType = "multipart/form-data; boundary=—————————" + boundary;
var stream:FileStream = new FileStream();
stream.open(appFile, FileMode.READ);
var binaryData:ByteArray = new ByteArray();
var fileData : String = new String();
stream.readBytes(binaryData);
stream.close();
fileData = binaryData.readUTFBytes(binaryData.bytesAvailable); // I think this is where I have problem.... how do
//how do i converrt this bytearray/stream of data to string and send it in my post request's body - i guess if this step work rest should work..
var params: String = new String();
var content:String = "—————————" + boundary + "nr";
content += 'Content-Disposition: form-data; name="data";' + '{"title":"ELS test app 2","package":"com.elsapp.captivate","version":"12.3.09","create_method":"file"}' + "nr";
content += "—————————" + boundary + "nr";
content += 'Content-Disposition: form-data; name="file";' + fileData + "nr";
content += "—————————–" + boundary + "–nr";
service.request = content;
service.send();
}
I'm trying to upload file to box using v2. The only result i get is the error while uploading. I'm able to authenticate, get the auth token but not able to upload, I have given the code which i'm using. If i'm wrong anyway just correct me. Any help will be appreciated!!
public function upload(argFile:flash.filesystem.File):void{
argFile.addEventListener(Event.COMPLETE,
function onComplete(event:Event):void
{
trace("complete:"+event.toString());
}
);
argFile.addEventListener(IOErrorEvent.IO_ERROR,
function onIOError(event:IOErrorEvent):void
{
trace("Error:"+event.toString());
}
);
var url:String = "https://api.box.com/2.0/files/data";
// Setup the custom header
var customHeader:String = "BoxAuth api_key=" + api_key + "&auth_token=" + auth_token;
var headers:Array = [
new URLRequestHeader("Authorization", customHeader)
];
// create the url-vars
var urlVars:URLVariables = new URLVariables();
urlVars.filename1 = '#'+argFile.name;
urlVars.folder_id = "0";
// create the url-reqeust
var request:URLRequest = new URLRequest();
request.contentType = "application/octet-stream";
request.method = URLRequestMethod.POST;
// set ther url
request.url = url;
// set the header
request.requestHeaders = headers;
// set the vars
request.data = urlVars;
try {
argFile.upload(request);
} catch (e:Error)
{
trace(e.toString(), "Error (catch all)");
}
}