douhuan3420 2015-02-17 15:27
浏览 65
已采纳

使用OAuth for Instagram进行身份验证,无需弹出窗口

I'm trying to use OAuth for Instagram to authenticate, planning to use PHP and cURL. The first step is retrieving a "code" e.g:

fd7d5f6cde6c47e4a86ba28b22ac4583

I've worked with the Twitter API before and it works in a similar way. I exchange the code for an access_token and then I can authenticate.

The issue is that the way to authenticate is to hit a button on a window that says "I give permission". Here is that window:

enter image description here

My question : is there a way to do this without requiring hitting this URL?

For example, is there a way for me to automate this process using my script? When I worked with Twitter, I was able to use cURL to go to this link and pass the authentication, to then retrieve this code.

This is part of a project that will only be used by me essentially to retrieve my own recent instagrams. I don't want visitors to my site to be presented with having to hit "authorise" every time they turn up.

At the moment I'm simply doing this, is there anything I can add to the URL to automatically authorise?

$auth_request_url = 'https://api.instagram.com/oauth/authorize/?client_id='.$client_id.'&redirect_uri='.$redirect_url .'&response_type=code';
/* Send user to authorisation */
header("Location: ".$auth_request_url);

Below is an example of the code that works but only once:

$url = "https://api.instagram.com/oauth/access_token";
    $access_token_parameters = array(
        'client_id'                =>     $client_id,
        'client_secret'            =>     $client_secret,
        'grant_type'               =>     'authorization_code',
        'redirect_uri'             =>     $redirect_url,
        'code'                     =>     $code
    );

$curl = curl_init($url);    // we init curl by passing the url
    curl_setopt($curl,CURLOPT_POST,true);   // to send a POST request
    curl_setopt($curl,CURLOPT_POSTFIELDS,$access_token_parameters);   // indicate the data to send
    curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);   // to return the transfer as a string of the return value of curl_exec() instead of outputting it out directly.
    curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false);   // to stop cURL from verifying the peer's certificate.
    $result = curl_exec($curl);   // to perform the curl session
    curl_close($curl);   // to close the curl session

    $arr = json_decode($result,true);

I got the $code from the end of the URL manually. But it expires after one use. So I need to work out how to run and retrieve the $code each time I want to execute the script.

  • 写回答

2条回答 默认 最新

  • douxiong0668 2015-02-17 15:35
    关注

    The approval should only be required the first time that your client asks a user for it and there's no way to avoid that. You're obtaining information from an end user and it would be a huge security hole if clients could get that information or permissions from users without requiring their explicit approval at least once. But after the first time, consent should be stored and reused for your client.

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论
查看更多回答(1条)

报告相同问题?

悬赏问题

  • ¥100 Jenkins自动化部署—悬赏100元
  • ¥15 关于#python#的问题:求帮写python代码
  • ¥20 MATLAB画图图形出现上下震荡的线条
  • ¥15 关于#windows#的问题:怎么用WIN 11系统的电脑 克隆WIN NT3.51-4.0系统的硬盘
  • ¥15 perl MISA分析p3_in脚本出错
  • ¥15 k8s部署jupyterlab,jupyterlab保存不了文件
  • ¥15 ubuntu虚拟机打包apk错误
  • ¥199 rust编程架构设计的方案 有偿
  • ¥15 回答4f系统的像差计算
  • ¥15 java如何提取出pdf里的文字?