douhuan3420 2015-02-17 15:27
浏览 65
已采纳

使用OAuth for Instagram进行身份验证,无需弹出窗口

I'm trying to use OAuth for Instagram to authenticate, planning to use PHP and cURL. The first step is retrieving a "code" e.g:

fd7d5f6cde6c47e4a86ba28b22ac4583

I've worked with the Twitter API before and it works in a similar way. I exchange the code for an access_token and then I can authenticate.

The issue is that the way to authenticate is to hit a button on a window that says "I give permission". Here is that window:

enter image description here

My question : is there a way to do this without requiring hitting this URL?

For example, is there a way for me to automate this process using my script? When I worked with Twitter, I was able to use cURL to go to this link and pass the authentication, to then retrieve this code.

This is part of a project that will only be used by me essentially to retrieve my own recent instagrams. I don't want visitors to my site to be presented with having to hit "authorise" every time they turn up.

At the moment I'm simply doing this, is there anything I can add to the URL to automatically authorise?

$auth_request_url = 'https://api.instagram.com/oauth/authorize/?client_id='.$client_id.'&redirect_uri='.$redirect_url .'&response_type=code';
/* Send user to authorisation */
header("Location: ".$auth_request_url);

Below is an example of the code that works but only once:

$url = "https://api.instagram.com/oauth/access_token";
    $access_token_parameters = array(
        'client_id'                =>     $client_id,
        'client_secret'            =>     $client_secret,
        'grant_type'               =>     'authorization_code',
        'redirect_uri'             =>     $redirect_url,
        'code'                     =>     $code
    );

$curl = curl_init($url);    // we init curl by passing the url
    curl_setopt($curl,CURLOPT_POST,true);   // to send a POST request
    curl_setopt($curl,CURLOPT_POSTFIELDS,$access_token_parameters);   // indicate the data to send
    curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);   // to return the transfer as a string of the return value of curl_exec() instead of outputting it out directly.
    curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false);   // to stop cURL from verifying the peer's certificate.
    $result = curl_exec($curl);   // to perform the curl session
    curl_close($curl);   // to close the curl session

    $arr = json_decode($result,true);

I got the $code from the end of the URL manually. But it expires after one use. So I need to work out how to run and retrieve the $code each time I want to execute the script.

  • 写回答

2条回答 默认 最新

  • douxiong0668 2015-02-17 15:35
    关注

    The approval should only be required the first time that your client asks a user for it and there's no way to avoid that. You're obtaining information from an end user and it would be a huge security hole if clients could get that information or permissions from users without requiring their explicit approval at least once. But after the first time, consent should be stored and reused for your client.

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论
查看更多回答(1条)

报告相同问题?

悬赏问题

  • ¥20 机器学习能否像多层线性模型一样处理嵌套数据
  • ¥20 西门子S7-Graph,S7-300,梯形图
  • ¥50 用易语言http 访问不了网页
  • ¥50 safari浏览器fetch提交数据后数据丢失问题
  • ¥15 matlab不知道怎么改,求解答!!
  • ¥15 永磁直线电机的电流环pi调不出来
  • ¥15 用stata实现聚类的代码
  • ¥15 请问paddlehub能支持移动端开发吗?在Android studio上该如何部署?
  • ¥20 docker里部署springboot项目,访问不到扬声器
  • ¥15 netty整合springboot之后自动重连失效