[bd] API

[bd] API 1.6.3

No permission to download
Overview Updates (13) Reviews (10) History Discussion
xfrocks said:
Please join in the discussion, there are a lot of API endpoints to cover so if we know which ones you depend on, we may prioritize them higher.
Click to expand...

My setup is - I have an XF install and a separate site. The aim is to allow people on the second site to login with their XF accounts. It's been a while since I've worked on this but I believe the endpoints we use are authorize, token and redirect.

I may also want the ability to cross post to XF from the other website if the person makes a post there - so the 2nd app may require the post scope as well as read.
 
HomerJ said:
My setup is - I have an XF install and a separate site. The aim is to allow people on the second site to login with their XF accounts. It's been a while since I've worked on this but I believe the endpoints we use are authorize, token and redirect.

I may also want the ability to cross post to XF from the other website if the person makes a post there - so the 2nd app may require the post scope as well as read.
Click to expand...
User and authorization is complete with version Alpha 2 so you should give it a go. Thread/post data, especially posting new post, is not done yet though.
 
xfrocks said:
User and authorization is complete with version Alpha 2 so you should give it a go. Thread/post data, especially posting new post, is not done yet though.
Click to expand...

I'm still having trouble authorizing with the XenForo 2 Alpha 2 version. I have more details posted on your site
 
I'm also getting a similar error with the XenForoAuth plugin and [bd] API 1.6.1. I'll see if the plugin author has encountered this issue.

PatPeter said:
I looked in the logs for [bd] API and I see that the Wiki is making the request. When I run this GET in the browser, it gives me the same result.

Code: 
GET /api/index.php?users/me

Request
array(0) {
}
Response (403)
array(1) {
  ["error"] => string(34) "You must be a logged-in, registered member of this site to perform this action. "
}

It says I'm not a logged-in user when I am in fact logged into my forums. How can I debug the API's connection to the forum?
Click to expand...
 
My WordPress user are getting a "502 Bad Gateway" error when trying to login with a connected account. This happend after switching to php 7.2 and also https.

Do you know what causing the trouble?

EDIT: I got this from the NGINX Error.log

PHP message: _xfac_api_curl POST (https://www.XXX.de/api/index.php?oauth/token/admin, array (
'oauth_token' => '48b5adb8fb7a6e875e75eeeb81f922ff97ef14dc',
'user_id' => 71015,
)) -> 200
PHP message: | HTTP/1.1 200 OK
PHP message: | Server: nginx
PHP message: | Date: Tue, 10 Jul 2018 12:41:10 GMT
PHP message: | Content-Type: application/json; charset=UTF-8
PHP message: | Content-Length: 212
PHP message: | Connection: keep-alive
PHP message: | Expires: Thu, 19 Nov 1981 08:52:00 GMT
PHP message: | Cache-control: private, max-age=0
PHP message: | X-Frame-Options: SAMEORIGIN
PHP message: | X-Xss-Protection: 1
PHP message: | Last-Modified: Tue, 10 Jul 2018 12:41:10 GMT
PHP message: | Strict-Transport-Security: max-age=0
PHP message: |
PHP message: | {"access_token":"dc32791f98b0e49aab5d1e8cf3e687d2dde6421c","expires_in":"3600","token_type":"Bearer","scope":"read post conversate admincp usercp","user_id":71015,"system_info":{"visitor_id":2,"time":1531226470}}
PHP message: _xfac_api_curl GET (https://www.XXX.de/api/index.php?users/me/&oauth_token=dc32791f98b0e49aab5d1e8cf3e687d2dde6421c, NULL) -> 200
PHP message: | HTTP/1.1 200 OK
PHP mes
2018/07/10 14:41:11 [error] 17081#17081: *4809220 upstream sent too big header while reading response header from upstream, client: 79.207.234.161, server: blog.XXX.de, request: "POST /wp-admin/user-edit.php HTTP/2.0", upstream: "fastcgi://unix:/var/run/php7.2-fpm-blog.XXX.sock:", host: "blog.XXX.de", referrer: "https://blog.XXX.de/wp-admin/user-e...tion=-1&new_role&paged=1&action2=-1&new_role2"
2018/07/10 14:41:11 [error] 17081#17081: *4809220 upstream sent too big header while reading response header from upstream, client: 79.207.234.161, server: blog.xxx.de, request: "POST /wp-admin/user-edit.php HTTP/2.0", upstream: "fastcgi://unix:/var/run/php7.2-fpm-blog.xxx.de.sock:", host: "blog.xxx.de", referrer: "https://blog.xxx.de/wp-admin/user-e...tion=-1&new_role&paged=1&action2=-1&new_role2"
2018/07/10 14:41:26 [error] 17082#17082: *4809764 FastCGI sent in stderr: "PHP message: PHP Deprecated: Function create_function() is deprecated in /var/www/share/blog.xxx.de/htdocs/wp-content/plugins/xenforo-api-consumer/includes/widget/search.php on line 78
PHP message: PHP Deprecated: Function create_function() is deprecated in /var/www/share/blog.xxx.de/htdocs/wp-content/plugins/xenforo-api-consumer/includes/widget/threads.php on line 169
 
Last edited:
i'm actually trying to run oauth authentication from symfony hwi bundle, the issue is url /api/index.php?oauth/authorize is redirecting to /account/authorize, and url is not found 404 ... does anyone uses same bundle on sf4?
 
Crazy-Achmet said:
My WordPress user are getting a "502 Bad Gateway" error when trying to login with a connected account. This happend after switching to php 7.2 and also https.

Do you know what causing the trouble?

EDIT: I got this from the NGINX Error.log

PHP message: _xfac_api_curl POST (https://www.XXX.de/api/index.php?oauth/token/admin, array (
'oauth_token' => '48b5adb8fb7a6e875e75eeeb81f922ff97ef14dc',
'user_id' => 71015,
)) -> 200
PHP message: | HTTP/1.1 200 OK
PHP message: | Server: nginx
PHP message: | Date: Tue, 10 Jul 2018 12:41:10 GMT
PHP message: | Content-Type: application/json; charset=UTF-8
PHP message: | Content-Length: 212
PHP message: | Connection: keep-alive
PHP message: | Expires: Thu, 19 Nov 1981 08:52:00 GMT
PHP message: | Cache-control: private, max-age=0
PHP message: | X-Frame-Options: SAMEORIGIN
PHP message: | X-Xss-Protection: 1
PHP message: | Last-Modified: Tue, 10 Jul 2018 12:41:10 GMT
PHP message: | Strict-Transport-Security: max-age=0
PHP message: |
PHP message: | {"access_token":"dc32791f98b0e49aab5d1e8cf3e687d2dde6421c","expires_in":"3600","token_type":"Bearer","scope":"read post conversate admincp usercp","user_id":71015,"system_info":{"visitor_id":2,"time":1531226470}}
PHP message: _xfac_api_curl GET (https://www.XXX.de/api/index.php?users/me/&oauth_token=dc32791f98b0e49aab5d1e8cf3e687d2dde6421c, NULL) -> 200
PHP message: | HTTP/1.1 200 OK
PHP mes
2018/07/10 14:41:11 [error] 17081#17081: *4809220 upstream sent too big header while reading response header from upstream, client: 79.207.234.161, server: blog.XXX.de, request: "POST /wp-admin/user-edit.php HTTP/2.0", upstream: "fastcgi://unix:/var/run/php7.2-fpm-blog.XXX.sock:", host: "blog.XXX.de", referrer: "https://blog.XXX.de/wp-admin/user-edit.php?user_id=40&wp_http_referer=/wp-admin/users.php?s=fedora&action=-1&new_role&paged=1&action2=-1&new_role2"
2018/07/10 14:41:11 [error] 17081#17081: *4809220 upstream sent too big header while reading response header from upstream, client: 79.207.234.161, server: blog.xxx.de, request: "POST /wp-admin/user-edit.php HTTP/2.0", upstream: "fastcgi://unix:/var/run/php7.2-fpm-blog.xxx.de.sock:", host: "blog.xxx.de", referrer: "https://blog.xxx.de/wp-admin/user-edit.php?user_id=40&wp_http_referer=/wp-admin/users.php?s=fedora&action=-1&new_role&paged=1&action2=-1&new_role2"
2018/07/10 14:41:26 [error] 17082#17082: *4809764 FastCGI sent in stderr: "PHP message: PHP Deprecated: Function create_function() is deprecated in /var/www/share/blog.xxx.de/htdocs/wp-content/plugins/xenforo-api-consumer/includes/widget/search.php on line 78
PHP message: PHP Deprecated: Function create_function() is deprecated in /var/www/share/blog.xxx.de/htdocs/wp-content/plugins/xenforo-api-consumer/includes/widget/threads.php on line 169
Click to expand...

you ever receive a reply for this?
 
azzurro said:
I'm also getting a similar error with the XenForoAuth plugin and [bd] API 1.6.1. I'll see if the plugin author has encountered this issue.
Click to expand...

Same issues here as well. It doesn't seem that 1.6.x behaves the same as 1.5.x. We recently upgraded to PHP 7.2, which forced an update to BD API 1.6.x, and we're a little sunk now. Our authentication bridge to our own MediaWiki is broken.
 
Can I ask what the reason for you guys updating to PHP 7.2 was? It's a bad idea to update your live environment without first simulating/testing it to make sure the software you're using is compatible with it.

Have any of you guys with issues resolved them since your last posts?

Would it not be easier to roll back your PHP update and [bd]API versions back to working ones?
 
Funar said:
Same issues here as well. It doesn't seem that 1.6.x behaves the same as 1.5.x. We recently upgraded to PHP 7.2, which forced an update to BD API 1.6.x, and we're a little sunk now. Our authentication bridge to our own MediaWiki is broken.
Click to expand...
The underlying library has been upgrade due to PHP version so 1.6 works a bit different from 1.5 regarding OAuth param/header. Everything else should be the same though.
 
Hi guys. I made autorization via grant_type=password.
I have a stupid question. Is this safe to pass client_id and client_secret to request body and share client_id and client_secret to users?

LmkPdah.jpg
 
grisha2217 said:
Hi guys. I made autorization via grant_type=password.
I have a stupid question. Is this safe to pass client_id and client_secret to request body and share client_id and client_secret to users?
Click to expand...

It's okie but should avoid if possible. e.g. if you give away the secret, random people will be able to access your public data even with restrict mode turned on.
 
You must log in or register to reply here.

Similar threads

AddonsLab
[AL] Perspective API 2.x [Paid]
Replies
1
Views
138
Ricsca
Ricsca
BassMan
[cXF] Install App Notice [Paid]
Replies
5
Views
273
BassMan
BassMan
XenForo
  • Article
XenForo 2.2.13 Released
Replies
0
Views
4K
XenForo
XenForo
JoyFreak
[JoyFreak] Open Graph Image
Replies
3
Views
380
JoyFreak
JoyFreak
mudlusamoi
Minecraft Server Checker for Threads
Replies
6
Views
671
mudlusamoi
mudlusamoi
Back
Top Bottom