Jump to content
Sign in to follow this  
Followers 2
Zor

Sample PHP code for OAuth token retrieval

Recommended Posts

I've been using the API for several years but have drifted away from some of the work for awhile and was unaware that a "new" API was implemented. As a result, none of my API apps work anymore.

 

I had an "oauth" PHP script that I used to use to generate a token that I could then use in my apps when calling the GC API. That script stills generates Oauth tokens but when I try to use those tokens all I get is "not authorized". I'm guessing that either the tokens aren't valid because it's using the old API, or my app is using the tokens I have wrong because it's accessing the old API.

 

Can someone take a look at this code and give me any insight as to what needs to change for me to get codes using the new API, or if I can still use this.  Here's the PHP I was using to generate an OAuth token:

 

<?php

include_once "OAuth.php";


$key = 'MyKey'; //prod

$secret = 'MyKey'; //prod

$geoauth = 'https://www.geocaching.com/OAuth/mobileoauth.ashx'; // prod

$sig_method = new OAuthSignatureMethod_HMAC_SHA1();
$auth_consumer = new OAuthConsumer($key, $secret, NULL);

$oauth_token = $_GET['oauth_token'];

if (empty($oauth_token)) {
  $params = array();
  $params['oauth_callback'] = 'http://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'];
  $req = OAuthRequest::from_consumer_and_token($auth_consumer, NULL, "GET", $geoauth, $params);
  $req->sign_request($sig_method, $auth_consumer, NULL);

  $ch = curl_init($req->to_url());
  
  curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
  $output = curl_exec($ch);
  curl_close($ch);

  parse_str($output);

  if (empty($oauth_token) || empty($oauth_token_secret)) {
    echo 'Could not get an auth token<br>';
    echo 'Error returned:'.$output;
    die();
  }

  setcookie('auth', $oauth_token_secret, 0);

  header('Location: ' . $geoauth . "?oauth_token=" . urlencode($oauth_token));
} else {
  $auth_token = new OAuthConsumer($key, $_COOKIE["auth"], NULL);
  $params = array();
  $params['oauth_verifier'] = $_GET['oauth_verifier'];
  $params['oauth_token'] = $oauth_token;
  $req = OAuthRequest::from_consumer_and_token($auth_consumer, $auth_token, "GET", $geoauth, $params);
  $req->sign_request($sig_method, $auth_consumer, $auth_token);

  $ch = curl_init($req->to_url());
  curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
  $output = curl_exec($ch);
  curl_close($ch);

  parse_str($output);

  if (empty($oauth_token)) {
    echo 'Could not get a auth access token';
    die();
  }

  echo 'The auth access token is ' . $oauth_token;
}

?>

Share this post


Link to post
1 hour ago, Zor said:

I'm guessing that either the tokens aren't valid because it's using the old API

 

Probably this as all apps using the old API no longer work. There's been a loooong period of time for API devs to prep for a complete move to the new API. I'd say, get your updated for the new API and get it working, rather than spending time trying to make your old api access work ;)

Share this post


Link to post

Yes, the old API is now deprecated and no longer accessible. The old OAuth1 tokens should still work, however that wont last as Geocaching HQ is moving to OAuth2. As far as I know, they haven't announced when OAuth1 access will be retired.

Share this post


Link to post

Wow, this is new info for me as well! I have been busy with other stuff and have completely missed all about the new API!  I apparently have to update my CacheMaid app and have to start with oauth2!! Is it the same key and secret for oauth2 as I have used for oauth1?

Share this post


Link to post
19 hours ago, onspot said:

Wow, this is new info for me as well! I have been busy with other stuff and have completely missed all about the new API!  I apparently have to update my CacheMaid app and have to start with oauth2!! Is it the same key and secret for oauth2 as I have used for oauth1?

Geocaching HQ has been sending out regular correspondence about this to their API partners for over a year. It shouldn't be a surprise. I guess you are no longer on their list or perhaps your email doesn't match what they  have. If you want to keep CacheMaid going, I suggest contacting them directly.

Share this post


Link to post
On 6/23/2019 at 4:16 PM, Corfman Clan said:

Geocaching HQ has been sending out regular correspondence about this to their API partners for over a year. It shouldn't be a surprise. I guess you are no longer on their list or perhaps your email doesn't match what they  have. If you want to keep CacheMaid going, I suggest contacting them directly.

My bad, I have to many mail accounts to check ☹️ but now I'm looking at converting the app.

Share this post


Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
Sign in to follow this  
Followers 2

×
×
  • Create New...