|
|
 Susan Lowry - 2018-11-01 14:13:56 I'm trying to use your OAuth package to connect to Withings, but I'm having trouble. Perhaps it's because they have switched to OAuth2, but I'm not sure. I've tried switching things in the oauth_configuration.json file for Withings to have it use OAuth2, but perhaps I've done it wrong or not done enough. When the Process() function is called, it brings up the Withings login screen for granting permission, but then it just keeps bringing that screen up again and again and never gets to the line after the line that calls the Process function.
I knew nothing about OAuth before trying to do this so it's probably because of my lack of knowledge, but I'm hoping that you can help me.
Susan Lowry - 2018-11-02 21:02:06 - In reply to message 1 from Susan LowryMore information: When the Process() function is called, Withings sends back the authentication code and state. But then you need to go to another URL to ask for the access token. When I use this code, which is provided by Withings at http://developer.withings.com/oauth2/#tag/OAuth-2.0, it returns the access token and other information (expires_in, token_type, scope, refresh_token and userid), but I don't know where that should be put within your code or what to do from there in using your code:
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, "https://account.withings.com/oauth2/token");
curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE);
curl_setopt($ch, CURLOPT_HEADER, FALSE);
curl_setopt($ch, CURLOPT_POSTFIELDS, [
'grant_type' => 'authorization_code',
'client_id' => $client->client_id,
'client_secret' => $client->client_secret,
'code' => $_GET['code'],
'redirect_uri' => $client->redirect_uri
]);
$rsp = curl_exec($ch);
curl_close($ch);
Susan Lowry - 2018-11-06 23:13:36 - In reply to message 2 from Susan LowryI figured out that at the place in the oauth_client.php code where it is comparing state and stored_state (line 2970), state is the value that I set it to, but stored_state is some random bunch of characters. If I hard-code stored_state back to what it should be, then I got it to work. I haven't yet tracked down where it is storing the wrong value of state in the database.
 Manuel Lemos - 2018-11-07 04:52:43 - In reply to message 1 from Susan LowryHello Susan,
Sorry for the delay. I was attending a Google event in Mountain View when you posted.
What is necessary is to create a new configuration entry for Withings to use OAuth2 in the oauth_configuration.json file.
I am not having much time but I can help you to do it by yourself. Please try this:
1. Edit the oauth_configuration.json file
2. Copy an entry that uses OAuth 2.0 to create a new configuration maybe called Withings2
3. Edit the parameters of that entry to match the ones Withings with OAuth 2.0 requires.
If you face any difficulties just reply here so I can help you to clarify any matters.
If all goes well, we would love that you can share your new configuration for Withings so others can also benefit from that.
primeapple - 2019-10-18 17:57:10 - In reply to message 4 from Manuel LemosHi Manuel,
I created a new entry as follows:
"Withings2":
{
"oauth_version": "2.0",
"dialog_url": "https://account.withings.com/oauth2_user/authorize2?client_id={CLIENT_ID}&response_type=code&state={STATE}&redirect_uri={REDIRECT_URI}&scope={SCOPE}",
"reauthenticate_dialog_url": "https://account.withings.com/oauth2_user/authorize2?client_id={CLIENT_ID}&response_type=code&state={STATE}&redirect_uri={REDIRECT_URI}&scope={SCOPE}prompt=login",
"access_token_url": "https://account.withings.com/oauth2/token?grant_type=authorization_code",
"access_token_authentication": "basic"
}
However, when the flow returns to the redirect_uri with the code and state to retrieve the token it fails as the Withings API requires the token URL be called as POST call and parameters must be set in the body request and not in the url.
OAuth client: Could not retrieve the OAuth access token. Error: it was not possible to access the OAuth access token: it was returned an unexpected response status 400 Response: {"errors":[{"message":"invalid_request: The client id was not specified in the request"}]}
primeapple - 2019-10-18 18:16:18 - In reply to message 5 from primeappleAs an update, got it to work as follows:
"Withings2":
{
"oauth_version": "2.0",
"dialog_url": "https://account.withings.com/oauth2_user/authorize2?client_id={CLIENT_ID}&response_type=code&state={STATE}&redirect_uri={REDIRECT_URI}&scope={SCOPE}",
"reauthenticate_dialog_url": "https://account.withings.com/oauth2_user/authorize2?client_id={CLIENT_ID}&response_type=code&state={STATE}&redirect_uri={REDIRECT_URI}&scope={SCOPE}prompt=login",
"access_token_url": "https://account.withings.com/oauth2/token"
}
Thanks for a great library!
Manuel Lemos - 2019-12-06 02:26:53 - In reply to message 6 from primeappleSorry for the delay. I did not test your configuration but I want to include it in the next release of the package.
Would it be possible for you to supply an example script like others that come with the package in which you can just insert the values of client_id and client_secret to see it working with their API accounts?
|
