The below php script is our rest api to retrieve customer info as admin -The script is getting the admin login and authorize page correctly but after the authorize it is giving the error
OAuthException Object ( [message:protected] => Invalid auth/bad request (got a 403, expected HTTP/1.1 20X or a redirect) [string:Exception:private] => [code:protected] => 403 [file:protected] => /home/xxxx/public_html/oauth_admin.php [line:protected] => 39 [trace:Exception:private] => Array ( [0] => Array ( [file] => /home/xxxxx/public_html/oauth_admin.php [line] => 39 [function] => fetch [class] => OAuth [type] => -> [args] => Array ( [0] => http://www.xxxxx.com/api/rest/customers [1] => Array ( ) [2] => GET [3] => Array ( [Content-Type] => application/xml [Accept] => / ) ) ) ) [previous:Exception:private] => [lastResponse] => {"messages":{"error":[{"code":403,"message":"Access denied"}]}} [debugInfo] => Array ( [sbs] => xxxxx [body_recv] => {"messages":{"error":[{"code":403,"message":"Access denied"}]}} ) ))
I have tried every blog/post to try get this working and at this stage no doubt its something very obvious but I cant spot it...help greatly appreciated!
<?php
$callbackUrl = "http://www.site2.com/oauth_admin.php";
$temporaryCredentialsRequestUrl = "http://www.site1.com/oauth/initiate?oauth_callback=" . urlencode($callbackUrl);
$adminAuthorizationUrl = 'https://www.site1.com/admin/oauth_authorize';
$accessTokenRequestUrl = 'http://www.site1.com/oauth/token';
$apiUrl = 'http://www.site1.com/api/rest';
$consumerKey = 'xxxxx';
$consumerSecret = 'xxxxx';
session_start();
if (!isset($_GET['oauth_token']) && isset($_SESSION['state']) && $_SESSION['state'] == 1) {
$_SESSION['state'] = 0;
}
try {
$authType = ($_SESSION['state'] == 2) ? OAUTH_AUTH_TYPE_AUTHORIZATION : OAUTH_AUTH_TYPE_URI;
$oauthClient = new OAuth($consumerKey, $consumerSecret, OAUTH_SIG_METHOD_HMACSHA1, $authType);
$oauthClient->enableDebug();
if (!isset($_GET['oauth_token']) && !$_SESSION['state']) {
$requestToken = $oauthClient->getRequestToken($temporaryCredentialsRequestUrl);
$_SESSION['secret'] = $requestToken['oauth_token_secret'];
$_SESSION['state'] = 1;
header('Location: ' . $adminAuthorizationUrl . '?oauth_token=' . $requestToken['oauth_token']);
exit;
} else if ($_SESSION['state'] == 1) {
$oauthClient->setToken($_GET['oauth_token'], $_SESSION['secret']);
$accessToken = $oauthClient->getAccessToken($accessTokenRequestUrl);
$_SESSION['state'] = 2;
$_SESSION['token'] = $accessToken['oauth_token'];
$_SESSION['secret'] = $accessToken['oauth_token_secret'];
header('Location: ' . $callbackUrl);
exit;
} else {
$oauthClient->setToken($_SESSION['token'], $_SESSION['secret']);
$resourceUrl = "$apiUrl/customers";
//$oauthClient->fetch($resourceUrl);
$oauthClient->fetch($resourceUrl, array(), 'GET', array('Content-Type' => 'application/xml', 'Accept' => '*/*'));
$customers = json_decode($oauthClient->getLastResponse());
print_r($customers);
}
} catch (OAuthException $e) {
print_r($e);
}