If I do the following:
<cflocation url="https://accounts.google.com/o/oauth2/auth?scope=https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fuserinfo.email&client_id=#Application.Google.client_id#&redirect_uri=http%3A%2F%2Fwww.PhillipSenn.com%2FLR%2FGoogle%2FCallback&response_type=code" addtoken="no">
Then I get the "Allow Access" and "No Thanks" screen correctly.
I then Allow Access, and my callback screen is called correctly.
Q: What do I do now? I need to ascertain the email address of the user.
The only thing I see is: url.code, which doesn't look usable.
Do I have to then call
https://www.googleapis.com/oauth2/v1/userinfo
using something called an access_token? I don't think so because that's talking about JavaScript, and I'm doing all this server side. And besides, I don't need the user profile information - I just need their email address.
Edit:
This link looks promising.
That call gives you access_token which allows you (for a limited time) access user information. It does not matter where you use it, server side is ok.
Just make sure your request to https://www.googleapis.com/oauth2/v1/userinfo has access_token=youraccess_token as a parameter
The first time Google redirects, you have to do the following:
<form method="post" action="https://accounts.google.com/o/oauth2/token">
<input name="code" value="#url.code#">
<input name="client_id" value="#Google.client_id#">
<input name="client_secret" value="#Google.client_secret#">
<input name="redirect_uri" value="#Google.redirect_uri#">
<input name="grant_type" value="authorization_code">
<input type="submit" name="getAccessToken" value="Get Access Token">
</form>
You have to do something like the following:
<cfhttp method="post" name="qry" url="https://accounts.google.com/o/oauth2/token">
<cfhttpparam type="formfield" name="code" value="#url.code#">
<cfhttpparam type="formfield" name="client_id" value="#Google.client_id#">
<cfhttpparam type="formfield" name="client_secret" value="#Google.client_secret#">
<cfhttpparam type="formfield" name="redirect_uri" value="#Google.redirect_uri#">
<cfhttpparam type="formfield" name="grant_type" value="authorization_code">
</cfhttp>
<cfdump var="#qry#">
Related
Anyone have any experience with the EZ Text API and ColdFusion? I'm trying this call:
<cfhttp url="https://app.eztexting.com/sending/messages?format=JSON"
method="POST" result="objGet" charset="utf-8">
<cfhttpparam type="header" name="Content-Type" value="application/x-www-form-urlencoded">
<cfhttpparam type="formfield" name="User" value="xxx" />
<cfhttpparam type="formfield" name="Password" value="xxx"/>
<cfhttpparam type="formfield" name="PhoneNumbers[]" value="9999999999" />
<cfhttpparam type="formfield" name="MessageTypeID" value="1" />
<cfhttpparam type="formfield" name="Message" value="Hello" />
</cfhttp>
... which is returning a status code of 200 and trying to redirect to their home page.
Their tech support can only tell me that I should use curl which is not installed on the server that I need it on. I have used curl successfully in my devel environment, so I'm sure that the url and credentials are good.
Any thoughts are welcome! Thanks.
I'm guessing you're using the REST API. If yes, the reason it's redirecting you to the home page is because the URL is incorrect. Apparently the format parameter is case sensitive. So ?format=JSON should be changed to ?format=json (all lower case).
Making that minor adjustment to your code example:
<cfhttp url="https://app.eztexting.com/sending/messages?format=json"
method="POST" result="objGet" charset="utf-8">
...
</cfhttp>
... returns the expected JSON response for bogus credentials, instead of the html for the home page:
{
"Response": {
"Status": "Failure",
"Code": 401,
"Errors": [
"Authorization Required"
]
}
}
Once you get past this issue, you may want to double check your formfield names. The API lists the parameter name PhoneNumbers, not PhoneNumbers[].
I am trying to get the "access token" from WNS via a ColdFusion request but I get a "Bad Request" response. I believe I have everything set up correctly following the instructions here. My devices are registering the URI's to my backend.
Here is a simple code snippet;
(I've hidden the secret key of course)
<cfhttp url="https://login.live.com/accesstoken.srf" method="post" result="httpResp">
<cfhttpparam type="header" name="Content-Type" value="application/x-www-form-urlencoded" />
<cfhttpparam type="URL" name="grant_type" value="client_credentials" />
<cfhttpparam type="URL" name="client_id" value="ms%2Dapp%3A%2F%2Fs%2D1%2D15%2D2%2D1197233413%2D3602308102%2D1084427847%2D2188608249%2D1036687727%2D3580410356%2D2392468796" />
<cfhttpparam type="URL" name="client_secret" value="************************" />
<cfhttpparam type="URL" name="scope" value="notify.windows.com" />
I am also getting failed response when I test the URL directly via the browser. Appreciate your help.
Thank you,
Ian.
I think your cfhttpparam fields now set to "URL" should actually be set to "FORMFIELD" based on the example on MSDN.
<cfhttpparam type="FORMFIELD" name="grant_type" value="client_credentials" />
<cfhttpparam type="FORMFIELD" name="client_id" value="..." />
<cfhttpparam type="FORMFIELD" name="client_secret" value="************************" />
<cfhttpparam type="FORMFIELD" name="scope" value="notify.windows.com" />
The example appears to put thes in the content area (showing a raw post) - so these are form fields of a post, not URL fields right?
In my attempts to get the necessary code so I can generate my refresh token, I ran this URL:
https://accounts.google.com/o/oauth2/auth?scope=https://www.googleapis.com/auth/drive.file&redirect_uri=--mywebsite--&response_type=code&client_id=--myclientid--
And my received code contains a trailing hash tag, which throws an (expected) error when I try to execute:
<cfhttp url="https://accounts.google.com/o/oauth2/token" method="post">
<cfhttpparam name="code" value="4/UXF5F5TlIuFsXrav-DvIrebMR8NST9WK-EPmThmx7l0#" type="formfield"> <!-- Sample code value -->
<cfhttpparam name="client_id" value="--myclientid--" type="formfield">
<cfhttpparam name="client_secret" value="[client secret]" type="formfield">
<cfhttpparam name="redirect_uri" value="--mywebsite--">
<cfhttpparam name="grant_type" value="authorization_code" type="formfield">
</cfhttp>
ColdFusion was looking at the following text:formfieldThe CFML compiler was processing:An expression that began on line 2, column 86.The expression might be missing an ending #, for example, #expr instead of #expr#.The tag attribute value, on line 2, column 34.A cfhttpparam tag beginning on line 2, column 10.
I tried adding a second hashtag to make it literal but I receive { "error" : "invalid_grant", "error_description" : "Invalid code." } response.
Am I missing something painfully obvious here? The tutorial I was following is at http://www.brandiandjohn.com/post.cfm/oauth-2-google-and-cfml-without-cfoauth
In order to continue with the existing code, you need to escape #. You can do that, by adding an extra # at the end. For eg
<!---
<cfset value="4/UXF5F5TlIuFsXrav-DvIrebMR8NST9WK-EPmThmx7l0#">
<cfoutput>#value#</cfoutput>
Error
--->
<cfset value="4/UXF5F5TlIuFsXrav-DvIrebMR8NST9WK-EPmThmx7l0##">
<cfoutput>#value#</cfoutput>
Output: 4/UXF5F5TlIuFsXrav-DvIrebMR8NST9WK-EPmThmx7l0#
So, you can try the below code:-
<cfhttp url="https://accounts.google.com/o/oauth2/token" method="post">
<cfhttpparam name="code" value="4/UXF5F5TlIuFsXrav-DvIrebMR8NST9WK-EPmThmx7l0##" type="formfield"> <!-- Sample code value -->
<cfhttpparam name="client_id" value="--myclientid--" type="formfield">
<cfhttpparam name="client_secret" value="[client secret]" type="formfield">
<cfhttpparam name="redirect_uri" value="--mywebsite--">
<cfhttpparam name="grant_type" value="authorization_code" type="formfield">
</cfhttp>
The hashtag error was a red herring. I got around this by making the call to get the code and then the access token as a single action. By passing in url.code I received the necessary credentials.
<cfhttp url="https://accounts.google.com/o/oauth2/token" method="post">
<cfhttpparam name="code" value="#url.code#" type="formfield">
<cfhttpparam name="client_id" value="--myclientid--" type="formfield">
<cfhttpparam name="client_secret" value="[client secret]" type="formfield">
<cfhttpparam name="redirect_uri" value="--mywebsite--">
<cfhttpparam name="grant_type" value="authorization_code" type="formfield">
</cfhttp>
<cfdump var="#foo.filecontent#">
Manually pasting the code into the cfhttpparam tag, even without the hashtag, would throw a 400 error. This way, it does not.
The user agent that sent you the code should have stripped the "#" character, see: Google OAuth service redirects to URL with a # sign at the end. Apparently it did not (and as such that user agent is broken) but you can strip it manually in your code before sending if off.
I have the following code, but I keep getting connection failure.
<cfhttp method="GET" url="https://XXXXXX.fogbugz.com/api.asp" result="LogonAttempt">
<cfhttpparam type="URL" name="cmd" value="logon" />
<cfhttpparam type="URL" name="email" value="XXXXX"/>
<cfhttpparam type="URL" name="password" value="XXXXXX"/>
</cfhttp>
If I make a call to Google or any other page it works fine. Any idea on how to fix this?
Using CF9
I would double check your url, I was able to confirm that my fogbuzz account was available by only switching the url and logon credentials. Tested in CF10 local instance.
To trouble shoot further please post at least the partial error or response.
I am trying to solve a problem that occurs with Authorize.net. The SessionToken is generated while in test mode through a test account. Now, a new SessionToken is generated each time the form is previewed through the test account or the actual account.
A hidden input field is shown each time when the form is accessed in preview mode. I have generated a hidden input field on my form by using a toBase64() string combined from the x_login and the x_tran_key. The output is this:
<INPUT TYPE="HIDDEN" NAME="SessionToken" ID="SessionToken" VALUE="TXpOSFRUWXpXbk40VjNSeg==TlRsU2JqaHFOM2RLZFd0RU5VdzJadz09">
in the forms hidden input field for SessionToken as you can see above.
When generating my own SessionToken for processing, the error shown after trying to process the https://test.authorize.net/gateway/transact.dll shows this:
(46) Your session has expired or does not exist. You must log in again
to continue working.
The only way for the form to actually work is after grabbing the SessionToken code from the form in preview mode. For example: Go to Account --> Settings --> Payment Form --> Preview --> and viewing and copying the code from view frame source. It looks like this:
<INPUT TYPE="HIDDEN" NAME="SessionToken" ID="SessionToken" VALUE="jMsCez2DId$VvgF4s4Hbjbe$Uv6WnJh8cEKBD5HqTUEqlHoRBebKZ07bp4RZdpwOPnGabB3pbcWFppJCph7dg6HjQeroJvlay6mQm5ocjkZPq44uT4nqeg2zWhX13b7Blp$qN7ZDzQ5HF1abfukJTQAA,jMsCez2DId$VvgF4s4Hbjbe$Uv6WnJh8cEKBD5HqTUEqlHoRBebKZ07bp4RZdpwOPnGabB3pbcWFppJCph7dg6HjQeroJvlay6mQm5ocjkZPq44uT4nqeg2zWhX13b7Blp$qN7ZDzQ5HF1abfukJTQAA">
Finally, if I use the value:
jMsCez2DId$VvgF4s4Hbjbe$Uv6WnJh8cEKBD5HqTUEqlHoRBebKZ07bp4RZdpwOPnGabB3pbcWFppJCph7dg6HjQeroJvlay6mQm5ocjkZPq44uT4nqeg2zWhX13b7Blp$qN7ZDzQ5HF1abfukJTQAA
as the SessionToken as:
<cfset SessionToken = 'jMsCez2DId$VvgF4s4Hbjbe$Uv6WnJh8cEKBD5HqTUEqlHoRBebKZ07bp4RZdpwOPnGabB3pbcWFppJCph7dg6HjQeroJvlay6mQm5ocjkZPq44uT4nqeg2zWhX13b7Blp$qN7ZDzQ5HF1abfukJTQAA'>
and process the form it works. But it only works one time for the current session if signed into the Test Account.
All help is appreciated of course. This is the last part to the code I need and just can not figure out how to make it work. I need to fetch the response for the SessionToken to populate the SessionToken hidden field input on the form.
I am not using the CFHTTP method because the form is on the website and when the payment form loads the SessionToken is needed. Meaning that the submit/sending... button on the form is submitted it then processes the payment and displays the receipt.
If you download the Coldfusion sample code from Authorize.net you will notice you do not need a SessionToken. See below:
Source: http://developer.authorize.net/downloads/samplecode/
<cfhttp method="Post" url="https://test.authorize.net/gateway/transact.dll">
<!--- the API Login ID and Transaction Key must be replaced with valid values --->
<cfhttpparam type="Formfield" name="x_login" value="API_LOGIN_ID">
<cfhttpparam type="Formfield" name="x_tran_key" value="TRANSACTION_KEY">
<cfhttpparam type="Formfield" name="x_delim_data" value="TRUE">
<cfhttpparam type="Formfield" name="x_delim_char" value="|">
<cfhttpparam type="Formfield" name="x_relay_response" value="FALSE">
<cfhttpparam type="Formfield" name="x_type" value="AUTH_CAPTURE">
<cfhttpparam type="Formfield" name="x_method" value="CC">
<cfhttpparam type="Formfield" name="x_card_num" value="4111111111111111">
<cfhttpparam type="Formfield" name="x_exp_date" value="0115">
<cfhttpparam type="Formfield" name="x_amount" value="19.99">
<cfhttpparam type="Formfield" name="x_description" value="Sample Transaction">
<cfhttpparam type="Formfield" name="x_first_name" value="John">
<cfhttpparam type="Formfield" name="x_last_name" value="Doe">
<cfhttpparam type="Formfield" name="x_address" value="1234 Street">
<cfhttpparam type="Formfield" name="x_state" value="WA">
<cfhttpparam type="Formfield" name="x_zip" value="98004">
<!--- Additional fields can be added here as outlined in the AIM integration
guide at: http://developer.authorize.net --->
<!--- The following fields show an example of how to include line item details, they are commented out by default.
<cfhttpparam type="Formfield" name="x_line_item" value="item1<|>golf balls<|><|>2<|>18.95<|>Y">
<cfhttpparam type="Formfield" name="x_line_item" value="item2<|>golf bag<|>Wilson golf carry bag, red<|>1<|>39.99<|>Y">
<cfhttpparam type="Formfield" name="x_line_item" value="item3<|>book<|>Golf for Dummies<|>1<|>21.99<|>Y">
--->
</cfhttp>
Hope this helps.