Podio API authentication error after refresh (PodioConnectionError)

Answered

Comments

16 comments

  • Andreas Garnæs

    Hi Michael,

    If you can share the entire code snippet, I'll try help you out. :)

    Thanks,
    Andreas

    1
    Comment actions Permalink
  • Andreas Garnæs

    The issue is that session management is not enabled by default. When you reload the page the second time, the script tries to authenticate with the same code a second time (hence giving an error). If you add a session manager as described here, it should all just work(tm): http://podio.github.io/podio-php/sessions/

    1
    Comment actions Permalink
  • Tikboy

    Here it is andreas. Thanks in advance!

    <html><head></head><body>

    <?php
    require_once './PodioAPI.php';

    define("REDIRECT_URI", 'http://localhost/podio/');
    define("CLIENT_ID", 'podioapitest-musmij');
    define("CLIENT_SECRET", 'Y0GXKBi7WgEep1IcrJ5GNJ6r8Utv7CWuURCc0JwOw3QZpGUwnTrbUBGoRkGQOZXw');

    $api = Podio::setup(CLIENT_ID, CLIENT_SECRET);

    if (!isset($_GET['code']) && !Podio::is_authenticated()) {
    $auth_url = rawurldecode(Podio::authorize_url(REDIRECT_URI));
    // Podio::authorize_url prepends 'https://podio.com/oauth/authorize?client_id=podioapitest-bh9oo0&redirect_uri='
    print "<a href='{$auth_url}'>Login with Podio Account</a>";
    }
    elseif (Podio::is_authenticated()) {
    print "You were already authenticated and no authentication is needed.";
    }
    elseif (isset($_GET['code'])) {
    // User is being redirected back from podio.com after authenticating.
    // The authorization code is available in $_GET['code']
    // We use it to finalize the authentication
    // If there was a problem $_GET['error'] is set:
    if (isset($_GET['error'])) {
    print "There was a problem. The server said: {$_GET['error_description']}";
    }
    else {
    // Finalize authentication. Note that we must pass the REDIRECT_URI again.
    print "hello";
    $auth = rawurldecode(REDIRECT_URI);
    Podio::authenticate_with_authorization_code($_GET['code'], $auth);
    print "You have been authenticated! <br /><br>";

    $access_token = Podio::$oauth->access_token;
    $expires_in = Podio::$oauth->expires_in;
    $refresh_token = Podio::$oauth->refresh_token;
    
    print "Access Token = {$access_token}<br>";
    print "Expires In {$expires_in}<br>";
    print "Refresh Token {$refresh_token}<br><br>";
    
    print "The access token is automatically saved in a session for your convenience.<br><br>";
    
    $status = PodioUserStatus::get();
    $orgdata = PodioOrganization::get_all();
    
    $apps = PodioApp::get_all( $attributes = array() );
    print "Your user id is <b>{$status->user->id}</b> and you have <b>{$status->mail}</b> unread messages or notification.<br><br>";
    foreach ($orgdata as $org => $orgv){
    print "{$orgdata[$org]->name} <br />";
    
        foreach ($orgdata[$org]->spaces as $keyspaces => $works){print "--{$orgdata[$org]->spaces[$keyspaces]->name} <br />";} print "<br><br>";
    }print "hi";
    

    }
    }
    ?>

    </body></html>

    0
    Comment actions Permalink
  • Tikboy

    awesome! Thanks!

    0
    Comment actions Permalink
  • Tikboy

    If it's ok. can you help me again? Im just really noob in API.

    How should I use PodioUserStatus::get() or PodioOrganization::get_all(); now? Because im getting a new error now:

    Fatal error: Uncaught PodioAuthorizationError: "invalid_request" Request URL: http://api.podio.com/user/status Stack Trace: #0

    0
    Comment actions Permalink
  • Andreas Garnæs

    Can you share a full snippet again, please?

    0
    Comment actions Permalink
  • Tikboy

    I was able to do it but then back to previous problem: im getting error when I refresh

    <html><head></head><body>

    <?php
    session_start('PodioSession');
    require_once './PodioAPI.php';
    require_once './session.php';

    define("REDIRECT_URI", 'http://localhost/jpodio/');
    define("CLIENT_ID", 'podioapitest-musmij');
    define("CLIENT_SECRET", 'Y0GXKBi7WgEep1IcrJ5GNJ6r8Utv7CWuURCc0JwOw3QZpGUwnTrbUBGoRkGQOZXw');

    $hey = array("session_manager" => "PodioSession");
    Podio::setup(CLIENT_ID, CLIENT_SECRET, $hey);

    if (Podio::is_authenticated() || isset($_GET['code'])) {
    print "Authenticated! <br /><br>";

    Podio::authenticate_with_authorization_code($_GET['code'], REDIRECT_URI);
    
    //Get all organizations
    $orgdata = PodioOrganization::get_all();
    
    foreach ($orgdata as $org => $orgv){
        print "{$orgdata[$org]->name} <br />";
        foreach ($orgdata[$org]->spaces as $keyspaces => $works){print "--{$orgdata[$org]->spaces[$keyspaces]->name} <br />";} print "<br><br>";
    }
    
    Podio::$debug = true;
    

    }
    else {
    $auth_url = rawurldecode(Podio::authorize_url(REDIRECT_URI));
    // Podio::authorize_url prepends 'https://podio.com/oauth/authorize?client_id=podioapitest-bh9oo0&redirect_uri='
    print "<a href='{$auth_url}'>Login with Podio Account</a>";
    }

    ?>

    </body></html>

    0
    Comment actions Permalink
  • Andreas Garnæs

    Hi Michael,

    Did you also copy/paste the PodioBrowserSession-implementation from the documentation? http://podio.github.io/podio-php/sessions/#example-store-access-tokens-in-browser-session-cookie

    Also, the name of this class needs to match the one you pass to Podio::setup, e.g.

    Podio::setup(CLIENTID, CLIENT_SECRET, array("session_manager" => "PodioBrowserSession"));
    

    Best,
    Andreas

    0
    Comment actions Permalink
  • Tikboy

    Yes, I did and saved it in session.php

    I changed Podio::Setup now to same class but still an error when I refresh

    Here's my Session Code (copy-paste)

    <?php

    class PodioBrowserSession {

    /**
    * For sessions to work they must be started. We make sure to start
    * sessions whenever a new object is created.
    */

    public function __construct() {
    if(!session_id()) {
    session_start();
    }
    }

    /**
    * Get oauth object from session, if present. We ignore $auth_type since
    * it doesn't work with server-side authentication.
    */
    public function get($auth_type = null) {
    // Check if we have a stored session
    if (!empty($_SESSION['podio-php-session'])) {

      // We have a session, create new PodioOauth object and return it
      return new PodioOAuth(
        $_SESSION['podio-php-session']['access_token'],
        $_SESSION['podio-php-session']['refresh_token'],
        $_SESSION['podio-php-session']['expires_in'],
        $_SESSION['podio-php-session']['ref']
      );
    }
    
    // Else return an empty object
    return new PodioOAuth();
    

    }

    /**
    * Store the oauth object in the session. We ignore $auth_type since
    * it doesn't work with server-side authentication.
    */
    public function set($oauth, $auth_type = null) {
    // Save all properties of the oauth object in a session
    $_SESSION['podio-php-session'] = array(
    'access_token' => $oauth->access_token,
    'refresh_token' => $oauth->refresh_token,
    'expires_in' => $oauth->expires_in,
    'ref' => $oauth->ref,
    );
    }

    }
    ?>

    0
    Comment actions Permalink
  • Andreas Garnæs

    Could you share the full code again please, preferably somewhere that preserves formatting like https://gist.github.com or similar?

    Thanks,
    Andreas

    0
    Comment actions Permalink
  • 0
    Comment actions Permalink
  • Andreas Garnæs

    Hi Michael,

    Thanks for sharing the code :)

    From reading your code, I believe the issue when you refresh is that you call with an authorization code you've already used. You should only call Podio::authenticate_with_authorization_code if you're not authorized and never with the same authorization code. Your condition on line 14 Podio::is_authenticated() || isset($_GET['code'] is true whenever $_GET['code'] is present, even if you've already authenticated once.

    Best,
    Andreas

    0
    Comment actions Permalink
  • Tikboy

    But the problem after removing that is that I don't know how I can access the data. Because now im getting this error:

    Fatal error: Call to undefined method Podio::get_all()

    everytime I call Podio::get_all();

    i.e: $orgdata = Podio::get_all();

    0
    Comment actions Permalink
  • Andreas Garnæs

    Hi Michael,

    Sorry for the late reply, I've been away for two weeks.

    The function Podio::get_all() is not defined. Maybe the documentation on accessing items is helpful? http://podio.github.io/podio-php/items/

    Best,
    Andreas

    0
    Comment actions Permalink
  • Tikboy

    No worries. I thought you got tired of my questions. haha. Sorry, just a newbie in this thing. Any books that you can recommend that can help me learn APIs in general?

    0
    Comment actions Permalink
  • Andreas Garnæs

    That's a very open-ended question that Google is probably better at answering than I :)

    0
    Comment actions Permalink

Please sign in to leave a comment.

Powered by Zendesk