Saturday, 24 March 2012

Flickr and OAuth


What is Flickr?
I think you landed on this page because you know what Flickr is, so let’s come to the point and discuss about the API.

Why am explaining?
Although each and everything, about API, is well documented on Flickr website here, I'm just trying to explain the whole process by dividing it into small parts.

Old Authentication API
The current Flickr authorization scheme is not the first one it used. In the early days of Flickr, users granted the power to an app to act on their behalf by giving  the apps their Flickr username and password. Doing so meant that in order to revoke  an app’s permission, users would have to change their Flickr password. Of course, doing that would also instantly revoke permissions of other third-­party apps with knowledge of the user’s password. The new authorization scheme is meant to correct obvious problems with the old scheme. Why should you as a user have to use your Flickr password for anything other than your dealings with Flickr? Why should revoking permissions to one app mean revoking permissions to other apps?

Old Authentication API will be deprecated
After July 31st, 2012 Flickr will no longer support the old Authentication API. Check here.

OAuth API
New Flickr API is based on OAuth, an open standard for authorization. In this case users are not required to submit their credentials to third party. They can allow or revoke limited permissions given to a particular app at any given time without changing their access credentials. Site like Facebook and Twitter are already using this spectrum. Flickr support OAuth 1.0a only.


Web based Application API Authentication Although Flickr provides API support for web based applications, desktop application and mobile applications. Here we will discuss only about the first one. The whole process is divided into number of steps :




1)     Get your api key


Go to the url : http://www.flickr.com/services/apps/create/apply/ and create your application. I opted for Non-commercial one. Following screen will appear :





Enter your app name and description. Click on submit button. Next screen would show you the API Key and secret.


 

2)     Configure your key
 
In figure 2 there is a ‘Edit auth flow for this app’ link. Click on it. You will get the following screen.

 
Add description, confirm app type, enter callback url and upload app logo. Save Changes.
 
3)    Make signing request and get request token : 

You must sign all requests to the Flickr API. Currently, Flickr only supports HMAC-SHA1 signature encryption. For this you have to create a base string, one of the most crucial part of API implementation.

The base string is constructed by concatenating the HTTP verb, the request URL, and all request parameters sorted by name, using lexicograhpical byte value ordering, separated by an '&'.

To make an ‘Request Token’ request we have to sent number of parameters to Flickr and if  the request is successful, Flickr would return oauth_token, oauth_token_secret and oauth_callback_confirmed.


 
Use the following code to make token request.

 
<?php

$mt                    = microtime();
$rand                  = mt_rand();
$oauth_nonce           = md5($mt . $rand);
$request_token_url     = "http://www.flickr.com/services/oauth/request_token";
$nonce                 = $oauth_nonce;
$timestamp             = gmdate('U'); //It must be UTC time
$cc_key                = "3a540b0a1863d48b8d9e484726aa8864";
$cc_secret             = "ad5ee477b09a5bb7";
$sig_method            = "HMAC-SHA1";
$oversion              = "1.0";
$callbackURL           = "http://www.techaviator.com/shiv/flickr/callback.php";

$basestring = “oauth_callback=".urlencode($callbackURL)."&oauth_consumer_key=".$cc_key."&oauth_nonce=".$nonce."&oauth_signature_method=".$sig_method."&oauth_timestamp=".$timestamp."&oauth_version=".$oversion;

$baseurl         = "GET&".urlencode($request_token_url)."&".urlencode($basestring);

$hashkey         = $cc_secret."&";
$oauth_signature = base64_encode(hash_hmac('sha1', $ baseurl, $hashkey, true));

$fields = array(
           'oauth_nonce'=>$nonce,
           'oauth_timestamp'=>$timestamp,
           'oauth_consumer_key'=>$cc_key,
           'oauth_signature_method'=>$sig_method,
           'oauth_version'=>$oversion,
           'oauth_signature'=>$oauth_signature,
           'oauth_callback'=>$callbackURL
     );

$fields_string = "";

    
//You have to encode each and every field again
foreach($fields as $key=>$value)               
$fields_string .= "$key=".urlencode($value)."&";

$fields_string = rtrim($fields_string,'&');
$url = $request_token_url."?".$fields_string;

$ch         = curl_init(); 
     $timeout    = 5; // set to zero for no timeout 
     curl_setopt ($ch, CURLOPT_URL, $url); 
curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1); 
curl_setopt ($ch, CURLOPT_CONNECTTIMEOUT, $timeout); 
$file_contents = curl_exec($ch); 
curl_close($ch); 

$rsp_arr = explode('&',$file_contents); 
print "<pre>";
print_r($rsp_arr); die;
?>

This will return you the following output :

Array
(
    [0] => oauth_callback_confirmed=true
    [1] => oauth_token=72157629276100562-4e2af5338eb15b36
    [2] => oauth_token_secret=5f943a1134aca412
)

Make a note that oauth_token is a crucial part of API and would be used 
to get Access token of users.

Note : $hashkey is a combination of secret key and oauth_token_secret 
concatenated with &. As at this step we are not having any  
oath_token_secret available so second part is empty.
 
$hashkey         = $cc_secret."&";

4)    Getting the User Authorization :

After getting request token now the app is ready to represent in front of it’s users. It’s done through Flickr Authorization page.

An application should never request more permissions than it needs to operate. The permissions field is a string, representing the permission level. Each level implies the level below it. Possible permissions are:
  • read - permission to read private information
  • write - permission to add, edit and delete photo metadata (includes 'read')
  • delete - permission to delete photos (includes 'write' and 'read')
For example, the permission w allows an application to read and write on behalf of the user.
We are making request for read operation so I have used perms=read
Request Flow :


 
Use the above retrieved request token to make the request:
http://www.flickr.com/services/oauth/authorize
?oauth_token=72157629276100562-4e2af5338eb15b36&perms=read
 
Following screen will appear:
 
 

User will provide access credentials and would move to the next screen.


 
Click on ‘OK, I’LL Authorize IT’ and it will redirect the user to callback url we had mentioned in step 2, with two parameters oauth_token and oauth_verifier as follow :

http://www.techaviator.com/shiv/flickr/callback.php?
oauth_token=72157629276100562-4e2af5338eb15b36&oauth_verifier=8def44af662a7909
 
5)  Exchanging the Request Token for an Access Token :  
 
After the user authorizes your application, you can exchange the approved Request Token  for an Access Token. This Access Token should be stored by your application, and used to make authorized requests to Flickr.

This is only step where we are going to use request token and request token secret to get access token and access token secret. Afterwards we will use only  Access Token and Access Token Secret to get user information.

Flow :

 

You will use the parameters oauth_token and oauth_token_secret got in step 3 
and oauth_verifier got in step 4.  
 
You can use the following code snippet to make access token request.
 
<?php
…………………………………
………………………………..
$request_token_url = ‘http://www.flickr.com/services/oauth/access_token’;

$basestring = "oauth_consumer_key=".$cc_key."&oauth_nonce=".$nonce."&oauth_signature_method=".$sig_method."&oauth_timestamp=".$timestamp."&oauth_token=".$oauth_token."&oauth_verifier=".$oauth_verifier."&oauth_version=".$oversion;

$basestring = "GET&".urlencode($request_token_url)."&".urlencode($basestring);
$hashkey = $cc_secret."&".$oauth_token_secret;

$oauth_signature = base64_encode(hash_hmac('sha1', $basestring, $hashkey, true));

$fields = array(
           'oauth_nonce'=>$nonce,
           'oauth_timestamp'=>$timestamp,
           'oauth_verifier'=>$oauth_verifier,
           'oauth_consumer_key'=>$cc_key,
           'oauth_signature_method'=>$sig_method,
           'oauth_version'=>$oversion,
           'oauth_token' => $oauth_token,
           'oauth_signature'=>$oauth_signature 
     );

 $fields_string = "";
 foreach($fields as $key=>$value)    
           $fields_string .= "$key=".urlencode($value)."&";
 $fields_string = rtrim($fields_string,'&');
  
 $url = $request_token_url."?".$fields_string;
 ……………………………………
 ……………………………………
?>

If I will show the output in array, in my case, it will return following :


Array
(
    [0] => fullname=Shiv%20Modi
    [1] => oauth_token=72157629284623082-8dacad4ddbdc3fa2
    [2] => oauth_token_secret=4395d8b77ac3ee29
    [3] => user_nsid=63219840%40N08
    [4] => username=Modi%27s%20Screen
)
 
Here oauth_token is acess_token and oauth_token_secret is acces_token_secret. 
Store them in database for future reference and to access private data of users.
 
6)  Calling the Flickr API with OAuth (using access token) :

All authorization process is complete or you can say crucial part of authentication is over, a big relief!!!. Now we will use access_token, api_key and other credentials and parameters to get contact list, photo list, upload photos etc. Flickr requires HMAC-SHA1 encryption because all requests are being made insecurely using HTTP.

This is the last step of the whole process.



Here we are going to make a request to get contact list of the user.

Function : flickr.contacts.getList

I am using json format to get output in json itself.

Use following code to make request.

<?php
     ………………………………..
     ………………………………...
     $oauth_token_secret = "4395d8b77ac3ee29";
     $oauth_token        = "72157629284623082-8dacad4ddbdc3fa2";
     $basestring = "format=json&method=flickr.contacts.getList&nojsoncallback=1&oauth_consumer_key=".$cc_key."&oauth_nonce=".$nonce."&oauth_signature_method=".$sig_method."&oauth_timestamp=".$timestamp."&oauth_token=".$oauth_token."&oauth_version=".$oversion;
     $basestring = "GET&".urlencode($request_token_url)."&".urlencode($basestring);
     $hashkey    = $cc_secret."&".$oauth_token_secret;
     $oauth_signature = base64_encode(hash_hmac('sha1', $basestring, $hashkey, true));
     $fields = array(
           'method'=>'flickr.contacts.getList',
           'oauth_nonce'=>$nonce,
           'oauth_timestamp'=>$timestamp,
           'oauth_consumer_key'=>$cc_key,
           'oauth_signature_method'=>$sig_method,
           'oauth_version'=>$oversion,
           'oauth_token' => $oauth_token,
           'oauth_signature'=>$oauth_signature,
           'format'=>'json',
           'nojsoncallback'=>'1'
     );
     $fields_string = "";
     foreach($fields as $key=>$value) {
           $fields_string .= "$key=".urlencode($value)."&";
     }
     $fields_string = rtrim($fields_string,'&');
     $url           = $request_token_url."?".$fields_string;
     …………………………………
     ………………………………….
?>

If you will print the output, it would appear just like this :

{"contacts":{"page":1, "pages":1, "per_page":1000, "perpage":1000, "total":2, "contact":[{"nsid":"@user_id", "username":"@username", "iconserver":"0", "iconfarm":0, "ignored":0, "realname":"", "friend":"0", "family":"0", "path_alias":null, "location":""}, {"nsid":"@user_id", "username":"@username", "iconserver":"0", "iconfarm":0, "ignored":0, "realname":"Friend", "friend":"0", "family":"0", "path_alias":null, "location":""}]}, "stat":"ok"}

 
Congrats!!! The process gets complete.

If you wanna go in more detail, check here :

http://www.wackylabs.net/2011/12/oauth-and-flickr-part-1/
http://www.wackylabs.net/2011/12/oauth-and-flickr-part-2

written by Sam Judson, an OAuth expert.


Errors : 


1) oauth_problem=timestamp_refused (check that your time is the Unix epoch time, in seconds, and that it’s UTC, not your local time)

2) oauth_problem=nonce_used (each request to Flickr should have a unique random string identifier), or oauth_problem=signature_invalid&debug_sbs=GET&http%3A%2F%2Fwww.flickr.com...

3) signature invalid is one of the most common error you may face or i would say you will definitely face, while implementing OAuth API. If you get the signature invalid error, it means that your request is generally correct but the signature is wrong. This is a tough problem since any tiny error in the base string algorithm will completely spoil the signature. To help resolving this issue, Flickr provides its own version of the base string, which you can compare to yours. I usually compare them in a Notepad by pasting the two strings one below another.

OAuth signature looks like a random string so it’s hard to debug. Therefore before searching for other problems in your code, make sure that your signature generation algorithm works correctly.

Note : 1) Alternatively, one can obtain the response in the JSON format, using two additional parameters: format=json and nojsoncallback = 1.

2) Use proper hashkey.


At any time, if you find any problem with OAuth process, feel free to comment here. I would try to solve your problem as soon as possible.

Thanks!!!!!!!!!!! Enjoy Programming :)






29 comments:

  1. thanks this is really useful post for every one
    that is a simple code after then read complete documentation, read this post carefully all complete post with error part and apply that's code according to your function's calling setting

    ReplyDelete
  2. dear I am getting invalid signature problem please help

    ReplyDelete
  3. Have you followed all the steps carefully? Please let me know on which step you are getting this error?

    ReplyDelete
  4. what is your "request_token_url" in the example of flickr.contacts.getList

    ReplyDelete
  5. @chutium : Don't ask mine find your own "request_token_url". Moreover that is dynamic and it will get changed with each and every request because oauth_timestamp(timestamp) can be used only once.

    ReplyDelete
  6. dear sir
    please tell me How to use Post method with curl for add a comment on a photo

    ReplyDelete
    Replies
    1. Hi, to post comments on a photo you have to use flickr.photosets.comments.addComment method

      For documentation you can check
      http://www.flickr.com/services/api/explore/flickr.photosets.comments.addComment

      To use curl use following code block

      $ch = curl_init();
      $timeout = 0; // set to zero for no timeout
      curl_setopt ($ch, CURLOPT_URL, $url);
      curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1);
      curl_setopt ($ch, CURLOPT_CONNECTTIMEOUT, $timeout);
      curl_exec($ch);
      curl_close($ch);
      where $url is complete request url.

      Delete
  7. Anonymous said...
    dear sir I am using this code
    after then I receive signature_invalid error message
    I am use photo id for add comment on particular photo not for photoset

    my code is this

    ReplyDelete
  8. public function flickr_comment_post($photo_id) {

    $mt = microtime();
    $rand = mt_rand();
    $nonce = md5($mt . $rand);
    $sig_method = "HMAC-SHA1";
    $oversion = "1.0";
    $timestamp = gmdate('U'); //It must be UTC time
    $request_token_url = "http://api.flickr.com/services/rest";
    $method = "flickr.photos.comments.addComment"; //Post a comment
    $photo_id = $photo_id;
    $comment_text = $this->data['commentbox']['comment_text'];

    $setting = $this->Setting->find('first');
    $cc_key = $setting['Setting']['flickr_api_key'];
    $cc_secret = $setting['Setting']['flickr_secret_key'];;

    $flickrOauthInfo = $this->Session->read('flickrOauthInfo');
    $oauth_token = explode('=',$flickrOauthInfo[1]);
    $oauth_token_secret = explode('=',$flickrOauthInfo[2]);
    $user_id = explode('=',$flickrOauthInfo[3]);

    ReplyDelete
  9. $flickrOauthInfo = array(
    'oauth_token' => $oauth_token[1],
    'oauth_token_secret' => $oauth_token_secret[1],
    'user_id' => $user_id[1]
    );
    $fieldsInfo = array(
    'nonce' => $nonce,
    'nojsoncallback' => '1',
    'format' => 'json',
    'sig_method' => 'HMAC-SHA1',
    'oversion' => '1.0',
    'timestamp' => $timestamp,
    'cc_key' => $cc_key,
    'cc_secret' => $cc_secret,
    'request_token_url' => $request_token_url,
    'oauth_token' => $flickrOauthInfo['oauth_token'],
    'oauth_token_secret' => $flickrOauthInfo['oauth_token_secret'],
    'user_id' => $flickrOauthInfo['user_id']
    );

    ReplyDelete
  10. $basestring = "format=".$fieldsInfo['format']."&method=".$method."&nojsoncallback=".$fieldsInfo['nojsoncallback']."&oauth_consumer_key=".$fieldsInfo['cc_key']."&oauth_nonce=".$fieldsInfo['nonce']."&oauth_signature_method=".$fieldsInfo['sig_method']."&oauth_timestamp=".$fieldsInfo['timestamp']."&oauth_token=".$fieldsInfo['oauth_token']."&oauth_version=".$fieldsInfo['oversion']."&user_id=".$fieldsInfo['user_id']."&photo_id=".$photo_id."&comment_text=".$comment_text;
    $basestring = "get&".urlencode($request_token_url)."&".urlencode($basestring);
    //pr($basestring);
    pr(urldecode($basestring));
    $hashkey = $cc_secret."&".$oauth_token_secret[1];
    $oauth_signature = base64_encode(hash_hmac('sha1', $basestring, $hashkey, true));
    $fields = array(
    'method' => $method,
    'oauth_nonce' => $fieldsInfo['nonce'],
    'oauth_timestamp' => $fieldsInfo['timestamp'],
    'oauth_consumer_key' => $fieldsInfo['cc_key'],
    'oauth_signature_method' => $fieldsInfo['sig_method'],
    'oauth_signature' => $oauth_signature,
    'oauth_version' => $fieldsInfo['oversion'],
    'oauth_token' => $fieldsInfo['oauth_token'],
    'format' => $fieldsInfo['format'],
    'nojsoncallback' => $fieldsInfo['nojsoncallback'],
    'user_id' => $fieldsInfo['user_id'],
    'photo_id' => $photo_id,
    'comment_text' => $comment_text
    );
    //pr($fields);
    $fields_string = "";
    foreach($fields as $key=>$value) {
    $fields_string .= "$key=".urlencode($value)."&";
    }
    $fields_string = rtrim($fields_string,'&');
    $url = $request_token_url."?".$fields_string;

    ReplyDelete
  11. $ch = curl_init();
    $timeout = 0; // set to zero for no timeout
    curl_setopt ($ch, CURLOPT_URL, $url);
    curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1);
    curl_setopt ($ch, CURLOPT_CONNECTTIMEOUT, 0);
    $file_contents = curl_exec($ch);
    curl_close($ch);


    pr(urldecode($file_contents));

    exit;




    this is my code in to a function

    ReplyDelete
    Replies
    1. Hi Sohanlal,

      I was out of station for last 15 days so was not able to answer on your questions. I hope you had found the answer. But still i'm going to answer your question so that in future if somebody visits the page could found the answer.

      Delete
    2. Please note that to post comments following things you should keep in mind :

      1) Write permission is required.
      2) flickr.photos.comments.addComment method needs to be used to post comments on a photo.
      3) If in your comment some spaces or some special characters are there then for base string you have to encode the string using rawurlencode() method of PHP. So one extra encoding layer is required.

      Delete
    3. @SohanLal: In case of Basestring whole line should have keys in ascending order. For example in your case it should be :

      $basestring = "comment_text=".rawurlencode($comment_text)."&format=".$fieldsInfo['format']."&method=".$method."&nojsoncallback=".$fieldsInfo['nojsoncallback']."&oauth_consumer_key=".$fieldsInfo['cc_key']."&oauth_nonce=".$fieldsInfo['nonce']."&oauth_signature_method=".$fieldsInfo['sig_method']."&oauth_timestamp=".$fieldsInfo['timestamp']."&oauth_token=".$fieldsInfo['oauth_token']."&oauth_version=".$fieldsInfo['oversion']."&photo_id=".$photo_id."&user_id=".rawurlencode($user_id[1]);

      and

      $fields array should also be in key ascending order format.

      Rest is ok. It would solve your problem. Thanks :)

      Delete
  12. Hi,
    I'm blocked at step 5.
    I've put the snippet code in the callback.php file, the file that I've set into the flickr redirect.

    I've not understood how to catch and print the returning array:

    Array
    (
    [0] => fullname=Shiv%20Modi
    [1] => oauth_token=72157629284623082-8dacad4ddbdc3fa2
    [2] => oauth_token_secret=4395d8b77ac3ee29
    [3] => user_nsid=63219840%40N08
    [4] => username=Modi%27s%20Screen
    )

    thanks!!

    ReplyDelete
    Replies
    1. Are you getting any error on screen?

      Delete
  13. Shiv,

    Thanks for the guide! It's been really useful so far, but I have a few questions.

    Do I use a header reference with the authstring to redirect the user?

    How do you store oauth_token_secret that you get from the request token? I'm unable to store it in a session due to the Flickr redirect, or pass it in through the URL.

    Any help would be great!


    Thanks,

    Hareesh Nagaraj

    ReplyDelete
  14. Hi Hareesh,

    Yes, you can use header reference for redirection. You have to store it between step 3 and step 4 and then pass them in url of step 4.

    If not working please paste code here.

    Thanks

    ReplyDelete
  15. I need some help. I'm trying to upload a photo. I have successfully acquired my access token and access token secret. When I go to upload my photo I'm getting this error:




    Here is my code:



    function BuildBaseString($baseURI, $method, $params) {
    $r = array();
    ksort($params);
    foreach($params as $key=>$value) {
    $r[] = "$key=" . rawurlencode($value);
    }
    return $method."&" . rawurlencode($baseURI) . '&' . rawurlencode(implode('&', $r)); //return complete base string
    }

    function BuildAuthorizationHeader($oauth) {
    $r = 'Authorization: OAuth ';
    $values = array();
    foreach($oauth as $key=>$value) {
    $values[] = "$key=\"" . rawurlencode($value) . "\"";
    }
    $r .= implode(', ', $values);
    return $r;
    }

    $url = "http://api.flickr.com/services/upload/";
    $consumer_key = 'key';
    $consumer_secret = 'secret';
    $oauth_token = 'token';
    $oauth_token_secret = 'token secret';
    $oauth = array( 'oauth_nonce' => SHA1(time()),
    'oauth_timestamp' => time(),
    'oauth_consumer_key' => $consumer_key,
    'oauth_signature_method' => 'HMAC-SHA1',
    'oauth_version' => '1.0',
    'oauth_token' => $oauth_token,
    'oauth_token_secret' => $oauth_token_secret
    );
    $base_info = BuildBaseString($url, 'POST', $oauth);
    $hashkey = $consumer_secret."&".$oauth_token_secret;
    $oauth_signature = base64_encode(hash_hmac('sha1', $base_info, $hashkey, true));
    $oauth['oauth_signature'] = $oauth_signature;
    ksort($oauth);
    $photo = "/path/to/image.jpg";
    $fh = fopen($photo,'r');
    $imgdata = fread($fh,filesize($photo));
    $args = array("photo" => $imgdata);
    $boundary = uniqid();
    $header = array("POST ".$url." HTTP/1.1","Host: api.flickr.com","Content-Type: multipart/related; boundary=".$boundary,"Content-Length: ".strlen($data),BuildAuthorizationHeader($oauth), "Expect:");
    $ch = curl_init();
    curl_setopt($ch, CURLOPT_URL, $url);
    curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "POST");
    curl_setopt($ch, CURLINFO_HEADER_OUT,1);
    curl_setopt($ch, CURLOPT_HTTPHEADER, $header);
    curl_setopt($ch, CURLOPT_HEADER,1);
    curl_setopt($ch, CURLOPT_POST, 1);
    curl_setopt($ch, CURLOPT_POSTFIELDS, $args);
    curl_setopt($ch, CURLOPT_RETURNTRANSFER,1);
    curl_setopt($ch, CURLOPT_SSL_VERIFYPEER,0);
    curl_setopt($ch, CURLOPT_FOLLOWLOCATION,1);
    curl_setopt($ch, CURLOPT_UPLOAD,1);
    $exec = curl_exec($ch);
    curl_close($ch);
    ?>




    Any and all help will greatly appreciated

    ReplyDelete
    Replies
    1. Dude, can you please post error message here.

      Delete
    2. sorry about that...

      This is the error I'm getting.

      Delete
    3. Dude you have posted code only i think. I am not able to see any error message. If you posted and it's not getting displayed here then push an email to me on : dirtyhandsphp@gmail.com

      Delete
  16. Shiv, your explanation has been superbly useful. Thank you!

    ReplyDelete
  17. Hello Sir, I am using below code still getting signature invalid error
    $mt = microtime();
    $rand = mt_rand();
    $nonce = md5($mt . $rand);
    $timestamp = gmdate('U');
    $request_token_url = "https://api.flickr.com/services/rest";
    $cc_key = FLICKR_API_KEY;//"c2ebdd04abe5fa8962aaed93cf6ce54a";
    $cc_secret = FLICKR_API_SECRET;//"fdd18c0bd7efd8d3";
    $sig_method = "HMAC-SHA1";
    $oversion = "1.0";
    $callbackURL = FLICKR_CALLBACK_URL;//"http://localhost";
    $oauth_token_secret = $customer_api_accounts->oauth_secret;
    $oauth_token = $customer_api_accounts->oauth_token;
    $basestring = "format=json&method=flickr.photo.getList&nojsoncallback=1&oauth_consumer_key=".$cc_key."&oauth_nonce=".$nonce."&oauth_signature_method=".$sig_method."&oauth_timestamp=".$timestamp."&oauth_token=".$oauth_token."&oauth_version=".$oversion;
    $basestring = "GET&".rawurlencode($request_token_url)."&".rawurlencode($basestring);
    $hashkey = $cc_secret."&".$oauth_token_secret;
    $oauth_signature = base64_encode(hash_hmac('sha1', $basestring, $hashkey, true));
    $fields = array(
    'method'=>'flickr.contacts.getList',
    'oauth_nonce'=>$nonce,
    'oauth_timestamp'=>$timestamp,
    'oauth_consumer_key'=>$cc_key,
    'oauth_signature_method'=>$sig_method,
    'oauth_version'=>$oversion,
    'oauth_token' => $oauth_token,
    'oauth_signature'=>$oauth_signature,
    'format'=>'json',
    'nojsoncallback'=>'1'
    );
    $fields_string = "";
    foreach($fields as $key=>$value) {
    $fields_string .= "$key=".rawurlencode($value)."&";
    }
    $fields_string = rtrim($fields_string,'&');
    $url = $request_token_url."?".$fields_string;


    $ch = curl_init();
    $timeout = 5; // set to zero for no timeout
    curl_setopt ($ch, CURLOPT_URL, $url);
    curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1);
    curl_setopt ($ch, CURLOPT_CONNECTTIMEOUT, 0);
    $file_contents = curl_exec($ch);
    curl_close($ch);
    print_r($file_contents);

    ReplyDelete
  18. getting error as oauth_problem=signature_invalid&debug_sbs=GET&https%3A%2F%2Fapi.flickr.com%2Fservices%2Frest&format%3Djson%26method%3Dflickr.contacts.getList%26nojsoncallback%3D1%26oauth_consumer_key%3D06ee7c511a77ee2f1d2849bf3c177286%26oauth_nonce%3Ddd52dfe77b504bed7779acc05df147bd%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1433753719%26oauth_token%3D72157652318394400-bc1ecc7b1af0a340%26oauth_version%3D1.0

    ReplyDelete
    Replies
    1. Till step 5 everything is working fine?

      Delete


  19. I am trying to upload a photo on flickr using flickr api along with oauth in PHP. But i am getting an error "oauth_problem=signature_invalid". My base string and string returned from server are also same except for the photo part.

    Base string=
    POST&https%3A%2F%2Fup.flickr.com%2Fservices%2Fupload%2F&oauth_consumer_key%3Db81ffb68a59859ff286ccae322ca1e75%26oauth_nonce%3D93bac56a14066f9b68ad1efac618e644%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1483508769%26oauth_token%3D72157678382075066-dde078f3080c848c%26oauth_token_secret%3Dee557d225424cece%26oauth_version%3D1.0%26tags%3DDPZFlickr%26title%3Dtatoo.

    which is used to generate the signature.and after obtaining the signature when i do http request to upload the photo in which the url now includes the signature generated and photo that is when,server returns the below URL with error as signature invalid.

    &debug_sbs=POST&https%3A%2F%2Fup.flickr.com%2Fservices%2Fupload%2F&oauth_consumer_key%3Db81ffb68a59859ff286ccae322ca1e75%26oauth_nonce%3Dc01e3dd11c8cc7a114bce7a9e16deba4%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1483338927%26oauth_token%3D72157678382075066-dde078f3080c848c%26oauth_version%3D1.0%26photo%3D%2540%252Ftmp%252Fphp6A8M5M%26tags%3DDPZFlickr%26title%3Dtatoo.

    below is the code snippet for uploading a photo the same
    $requestParams = ($parameters == NULL ? array() : $parameters);

    $requestParams = array_merge($requestParams, $this->getOauthParams());

    $requestParams['oauth_token'] = $this->getOauthData(self::OAUTH_ACCESS_TOKEN);
    $requestParams['oauth_token_secret'] = $this->getOauthData(self::OAUTH_ACCESS_TOKEN_SECRET);
    $photo = $requestParams['photo'];
    unset($requestParams['photo']);
    $this->sign(self::UPLOAD_ENDPOINT, $requestParams);
    $requestParams['photo'] = $photo;

    $xml = $this->httpRequest(self::UPLOAD_ENDPOINT, $requestParams);


    Any help is appreciated.

    ReplyDelete

Thanks for your valuable comments.

Odoo 10: Close wizard and open standard form

Hi, Today we are going to learn how to open standard form after saving data in wizard. Let's say I have created an wizard to fill bas...