سؤال
I'm just starting with the Oauth2 procedure to authenticate on a third party site. I'm using Zend Framework 1.12 so i made up my controller to handle the callback after the authorization code request. The problem is that it cannot manage the case in which the user deon't give the permission to access it's account.
The code of the CallbackController.php is the following:
https://stackoverflow.com/questions/21278925
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
Russian public function indexAction()
{
$auth_code= $this->getRequest()->getParam('code', null);
$this->view->code = $auth_code;
if ($auth_code!=null){
$client = new Zend_Http_Client('https://www.box.com/api/oauth2/token');
$client->setMethod(Zend_Http_Client::POST);
$client->setParameterPost(array(
'client_secret' => 'xxxxxxxxxxxxxxxxxxxxx',
'client_id' => 'xxxxxxxxxxxxxxxxxxxxxxxx',
'grant_type' => 'authorization_code',
'code' => $auth_code
));
$response = $client->request()->getBody();
$this->view->response= $response;
$result = json_decode($response);
// The rest of the code here
} else {
echo "The request was denied, you didn't give the autorization to access your box account.";
}
}
The view associated with this Controller is the following:
<div id="welcome">
<?php if ($this->code!=null){?>
<h1>Success!</h1>
<h3>You have successfully authorized the app to work on your box account</h3>
<div id="more-information">
<p><?php echo $this->response?></p>
<p></p>
</div>
<?php } else {?>
<h1>Failure</h1>
<h3>You haven't authorized the app to work on your box account</h3>
<div id="more-information">
<p></p>
</div>
<?php }?>
</div>
As you can see both in the controller and in the view there is an "if" statement to distinguish the case in which the user gave the autorization and the case in which the user doesn't give it. The problem is the none of those two "if" statement is executed. So i'm guessing that the presence of the access token is not the right way to check if the authorization has been give to the application to access the user data.
I find it difficult to explain but when i test it, when i try accessing the Oauth authentication, and i don't give the authorization to the app, it prompts me to a white page. The url of this white page is the following:
https://app.box.com/api/oauth2/authorize?response_type=code&client_id=xxxxxxxxxxxxxxxxx&redirect_uri=http://localhost:10088/imball-reagens/public/callback
Non of the message i've set up is evaluated. What should i do to get the right case to manage the error? Any help is much appreciated.
(I'm trying to connect to the Box-API if this is important).
المحلول
The problem was the following: the callback uri has to be ssl enabled, so it cannot be:
http://localhost:10088/imball-reagens/public/callback
but it has to be:
https://localhost:10088/imball-reagens/public/callback
To use it you have to enable openssl in your apache config. I'm on a mac, so i used this tutorial. I guess there are many more tutorial for windows and linux. Thank you all for your patience and help.
