
Hi Michael,
If you can share the entire code snippet, I'll try help you out. :)
Thanks,
Andreas
im trying out podio api for the first time and was able to authenticate (through server) but im getting error every time I refresh the page.
Error: Fatal error: Uncaught PodioInvalidGrantError: "Sorry, your OAuth code is invalid." Request URL: http://api.podio.com/oauth/token Stack Trace: #0
I find it weird because im able to pass the 2nd REDIRECT_URI after authentication but when I refresh the page im getting the error above.
if (isset($_GET['error'])) {
print "There was a problem. The server said: {$_GET['error_description']}";}
else {
// Finalize authentication. Note that we must pass the REDIRECT_URI again.
$auth = rawurldecode(REDIRECT_URI);
Podio::authenticate_with_authorization_code($_GET['code'], $auth);
print "You have been authenticated! <br /><br>";
}
Please sign in to leave a comment.
Hi Michael,
If you can share the entire code snippet, I'll try help you out. :)
Thanks,
Andreas
Here it is andreas. Thanks in advance!
<html><head></head><body>
<?php
require_once './PodioAPI.php';
define("REDIRECT_URI", 'http://localhost/podio/');
define("CLIENT_ID", 'podioapitest-musmij');
define("CLIENT_SECRET", 'Y0GXKBi7WgEep1IcrJ5GNJ6r8Utv7CWuURCc0JwOw3QZpGUwnTrbUBGoRkGQOZXw');
$api = Podio::setup(CLIENT_ID, CLIENT_SECRET);
if (!isset($_GET['code']) && !Podio::is_authenticated()) {
$auth_url = rawurldecode(Podio::authorize_url(REDIRECT_URI));
// Podio::authorize_url prepends 'https://podio.com/oauth/authorize?client_id=podioapitest-bh9oo0&redirect_uri='
print "<a href='{$auth_url}'>Login with Podio Account</a>";
}
elseif (Podio::is_authenticated()) {
print "You were already authenticated and no authentication is needed.";
}
elseif (isset($_GET['code'])) {
// User is being redirected back from podio.com after authenticating.
// The authorization code is available in $_GET['code']
// We use it to finalize the authentication
// If there was a problem $_GET['error'] is set:
if (isset($_GET['error'])) {
print "There was a problem. The server said: {$_GET['error_description']}";
}
else {
// Finalize authentication. Note that we must pass the REDIRECT_URI again.
print "hello";
$auth = rawurldecode(REDIRECT_URI);
Podio::authenticate_with_authorization_code($_GET['code'], $auth);
print "You have been authenticated! <br /><br>";
$access_token = Podio::$oauth->access_token;
$expires_in = Podio::$oauth->expires_in;
$refresh_token = Podio::$oauth->refresh_token;
print "Access Token = {$access_token}<br>";
print "Expires In {$expires_in}<br>";
print "Refresh Token {$refresh_token}<br><br>";
print "The access token is automatically saved in a session for your convenience.<br><br>";
$status = PodioUserStatus::get();
$orgdata = PodioOrganization::get_all();
$apps = PodioApp::get_all( $attributes = array() );
print "Your user id is <b>{$status->user->id}</b> and you have <b>{$status->mail}</b> unread messages or notification.<br><br>";
foreach ($orgdata as $org => $orgv){
print "{$orgdata[$org]->name} <br />";
foreach ($orgdata[$org]->spaces as $keyspaces => $works){print "--{$orgdata[$org]->spaces[$keyspaces]->name} <br />";} print "<br><br>";
}print "hi";
}
}
?>
</body></html>
The issue is that session management is not enabled by default. When you reload the page the second time, the script tries to authenticate with the same code a second time (hence giving an error). If you add a session manager as described here, it should all just work(tm): http://podio.github.io/podio-php/sessions/
awesome! Thanks!
If it's ok. can you help me again? Im just really noob in API.
How should I use PodioUserStatus::get() or PodioOrganization::get_all(); now? Because im getting a new error now:
Fatal error: Uncaught PodioAuthorizationError: "invalid_request" Request URL: http://api.podio.com/user/status Stack Trace: #0
Can you share a full snippet again, please?
I was able to do it but then back to previous problem: im getting error when I refresh
<html><head></head><body>
<?php
session_start('PodioSession');
require_once './PodioAPI.php';
require_once './session.php';
define("REDIRECT_URI", 'http://localhost/jpodio/');
define("CLIENT_ID", 'podioapitest-musmij');
define("CLIENT_SECRET", 'Y0GXKBi7WgEep1IcrJ5GNJ6r8Utv7CWuURCc0JwOw3QZpGUwnTrbUBGoRkGQOZXw');
$hey = array("session_manager" => "PodioSession");
Podio::setup(CLIENT_ID, CLIENT_SECRET, $hey);
if (Podio::is_authenticated() || isset($_GET['code'])) {
print "Authenticated! <br /><br>";
Podio::authenticate_with_authorization_code($_GET['code'], REDIRECT_URI);
//Get all organizations
$orgdata = PodioOrganization::get_all();
foreach ($orgdata as $org => $orgv){
print "{$orgdata[$org]->name} <br />";
foreach ($orgdata[$org]->spaces as $keyspaces => $works){print "--{$orgdata[$org]->spaces[$keyspaces]->name} <br />";} print "<br><br>";
}
Podio::$debug = true;
}
else {
$auth_url = rawurldecode(Podio::authorize_url(REDIRECT_URI));
// Podio::authorize_url prepends 'https://podio.com/oauth/authorize?client_id=podioapitest-bh9oo0&redirect_uri='
print "<a href='{$auth_url}'>Login with Podio Account</a>";
}
?>
</body></html>
Hi Michael,
Did you also copy/paste the PodioBrowserSession
-implementation from the documentation? http://podio.github.io/podio-php/sessions/#example-store-access-tokens-in-browser-session-cookie
Also, the name of this class needs to match the one you pass to Podio::setup
, e.g.
Podio::setup(CLIENTID, CLIENT_SECRET, array("session_manager" => "PodioBrowserSession"));
Best,
Andreas
Yes, I did and saved it in session.php
I changed Podio::Setup now to same class but still an error when I refresh
Here's my Session Code (copy-paste)
<?php
class PodioBrowserSession {
/**
* For sessions to work they must be started. We make sure to start
* sessions whenever a new object is created.
*/
public function __construct() {
if(!session_id()) {
session_start();
}
}
/**
* Get oauth object from session, if present. We ignore $auth_type since
* it doesn't work with server-side authentication.
*/
public function get($auth_type = null) {
// Check if we have a stored session
if (!empty($_SESSION['podio-php-session'])) {
// We have a session, create new PodioOauth object and return it
return new PodioOAuth(
$_SESSION['podio-php-session']['access_token'],
$_SESSION['podio-php-session']['refresh_token'],
$_SESSION['podio-php-session']['expires_in'],
$_SESSION['podio-php-session']['ref']
);
}
// Else return an empty object
return new PodioOAuth();
}
/**
* Store the oauth object in the session. We ignore $auth_type since
* it doesn't work with server-side authentication.
*/
public function set($oauth, $auth_type = null) {
// Save all properties of the oauth object in a session
$_SESSION['podio-php-session'] = array(
'access_token' => $oauth->access_token,
'refresh_token' => $oauth->refresh_token,
'expires_in' => $oauth->expires_in,
'ref' => $oauth->ref,
);
}
}
?>
Could you share the full code again please, preferably somewhere that preserves formatting like https://gist.github.com or similar?
Thanks,
Andreas
im sorry. here: https://gist.github.com/anonymous/eedf1574e28dd3c9da6f
Hi Michael,
Thanks for sharing the code :)
From reading your code, I believe the issue when you refresh is that you call with an authorization code you've already used. You should only call Podio::authenticate_with_authorization_code
if you're not authorized and never with the same authorization code. Your condition on line 14 Podio::is_authenticated() || isset($_GET['code']
is true whenever $_GET['code']
is present, even if you've already authenticated once.
Best,
Andreas
But the problem after removing that is that I don't know how I can access the data. Because now im getting this error:
Fatal error: Call to undefined method Podio::get_all()
everytime I call Podio::get_all();
i.e: $orgdata = Podio::get_all();
Hi Michael,
Sorry for the late reply, I've been away for two weeks.
The function Podio::get_all()
is not defined. Maybe the documentation on accessing items is helpful? http://podio.github.io/podio-php/items/
Best,
Andreas
No worries. I thought you got tired of my questions. haha. Sorry, just a newbie in this thing. Any books that you can recommend that can help me learn APIs in general?
That's a very open-ended question that Google is probably better at answering than I :)