When i open url to get_recent_post , it's fine. JSON data are showing.
But when i open get_post , it's only showing
{"status":"error","error":"Include 'id' or 'slug' var in your request."}
I DO not undrestand in under post
How to add post ID to JSON URL?
please help me
Related
I am trying to use WordPress' media_sideload_image with a remotely hosted image in S3 in order to save it into WordPress' media gallery.
But for whatever reason, I always get a forbidden response no matter what I try and do regarding request options for the WordPress request. Visiting the URL directly in the browser works, wget works, postman works.
Does anyone have any ideas on how to make WordPress be able to successfully download this file?
Here's the code I'm using:
$attachment_ID = media_sideload_image('https://s3.amazonaws.com/mlsgrid/images/0788b2c2-d865-496b-bad3-69ebe9c1db79.png');
And here's the WordPres error response I get:
object(WP_Error)[2090]
public 'errors' =>
array (size=1)
'http_404' =>
array (size=1)
0 => string 'Forbidden' (length=9)
public 'error_data' =>
array (size=1)
'http_404' =>
array (size=2)
'code' => int 403
'body' => string '<?xml version="1.0" encoding="UTF-8"?>
<Error><Code>AccessDenied</Code><Message>Access Denied</Message><RequestId>39B59073BBC1205F</RequestId><HostId>6TwMl4cMbLXzr7jbx6ykQKaQuk0Rn5Oyc2Q3+02zmgtNoDqUvcg8VY32qGuS1ZMzgpZuLAefK3g=</HostId></Error>' (length=243)
protected 'additional_data' =>
array (size=0)
empty
Thanks!
After digging around WordPress' request functionality, it looks like it is setting a referer header on each request to be the same as the URL being fetched and I guess Amazon S3 rejects requests with a referer header set? (not sure if that is specific to the bucket I'm fetching images from or true across every single bucket).
Here's how I got it working by removing the referer header from the request, basically just filter for all S3 URLs and remove the referer request header.
// Remove referer from request headers if the URL is an S3 bucket.
add_action( 'http_api_curl', function ($ch, $parsed_args, $url) {
$s3_url = 'https://s3.amazonaws.com';
if (substr($url, 0, strlen($s3_url)) === $s3_url) {
curl_setopt($ch, CURLOPT_HTTPHEADER, ['Referer:']);
}
}, 10, 3);
Im making a request to another wordpress site on our network as below.
//Send the request to update the submission post
$response = wp_remote_request( $this->urls->assign_url, array(
'headers' => array(
'Content-Type' => 'application/json; charset=utf-8',
'Authentication' => 'Basic '.base64_encode('somename:somepassword')
),
'body' => json_encode($array),
'method' => 'POST',
'data_format' => 'body'
)
);
Im making this request via ajax.
The callback function is being called and sends back data.
Im also logged into the remote site.
Im using a nonce and the user being authorised in the headers is a valid user.
All I keep getting back is:
body: "{"code":"rest_not_logged_in","message":"You are not currently logged in.","data":{"status":401}}"
Ive only just started getting this since I updated the remote wordpress version. It was working fine before that.
Any thoughts.
I believe in order to authenticate the way you want to, you need to use a plugin - the built-in authentication method is not ideal for offsite requests since it is cookie based.
https://developer.wordpress.org/rest-api/using-the-rest-api/authentication/#authentication-plugins
I'm trying to use the Wordpress API wp_get_current_user(), however it's always returning the 0 user, with empty data. I am on a fresh install of Wordpress and I have just created my own theme and added an API hook.
I see lots of guides/info on grabbing data using Nonce from a separate client/computer, but I'm just trying to get the $user from the same browser that should be already logged in via the wordpress admin interface. I've verified that my browser has cookies set. My understanding of verification is that wp_get_current_user() should be able to use these cookies to verify my user and return data. .
Just to show I am logged into wordpress
This is my functions.php
located under wp-content/themes/myapi/functions/
add_action('rest_api_init', function () {
register_rest_route( 'api', 'test',array(
'methods' => 'GET',
'callback' => 'logged_in_wp',
));
});
function logged_in_wp($request){
if ( is_user_logged_in() ) {
return new WP_Error( 'me', 'me', array( 'status' => 200 ) );
}
return new WP_Error( 'not-logged in WP', 'not-logged in WP', array( 'status' => 400 ) );
}
?>
I'm using the following URL to access the data
http://localhost:8080/?rest_route=/api/test
I'm expecting it to return a me,me,200, instead, i'm only seeing the not-logged-in 400 error.
so what is the difference between localhost:8080 and localhost:8080?rest_route=/api/test that wordpress cannot figure out that I am logged in?
So, I'm guessing since nobody is answering and based on the readings I've done. What I'm asking for is impossible. It seems it is a security response by wordpress. You will need to authenticate even if the user is logged into Wordpress on the same domain/browser.
What do you use to test your request?
Using postman, you can insert useful parameters which will help you on authentication. Hence if you want to logged in using the WordPress Rest api, you must insert information of the current user properly in the section Authorization (Chose basic authentication and inside, fill the username and the password of an existing account (in this case Admin) and try it again.
Here is what i did for an exemple:
Sample image for the authorization which will soon help to know about the current user login
next using
$user_id = username_exists($username);
$user = get_user_meta($user_id);
$response['code'] = 200;
using "get_user_meta(wp_get_current_user()->ID, 'nickname', true);"
you can now determine the current user been logged.
Here in this sample if you make good use of the above information, you can create a good function "logged_in_wp()".
Here is my result on postman
I hope this will help you by the way
Our LinkedIn APP no longer works with the evolution of V2. I have tried a couple of times and failed to create the correct token. I am seeking help to create the correct authorization link to get the token. Error from the App is currently "Empty oauth2 access token"
I created a new LinkedIn app to replace our old one. I have tried to follow the instructions from LinkedIn and Microsoft but my efforts have produced the following error
My most recent attempt was:
https://www.linkedin.com/oauth/v2/authorization?response_type=code&client_id=78xaqf0ereiisy&redirect_uri=https://www.gachina.com&state=gachina&scope=r_emailaddress r_liteprofile w_member_social
I received: https://www.gachina.com/?code=AQS65Njp1F9-L-mKSrAJKZeQ-ij2OX7wboTc30-hrfQIwwJ0yfWd4FBqxLl-ZXHmL5HurKud4t9WcGeHB62EfPNcy3ddoqT1LztUHhR59iL-Q8f9WLrX03d9e3OCTmY-3vR8a_4ENeIN0GFpeLy7DKRDmuUNcQ82UwScqhApdtwzEBw-_Y0duYG87Lc1KQ&state=gachina
then I used the format shown here:
https://learn.microsoft.com/en-us/linkedin/shared/authentication/authorization-code-flow
https://www.linkedin.com/oauth/v2/accessToken?grant_type=authorization_code&code={authorization_code_from_step2_response}&redirect_uri=hhttps%3A%2F%2Fdev.example.com%2Fauth%2Flinkedin%2Fcallback&client_id={your_client_id}&client_secret={your_client_secret}
with
https://www.linkedin.com/oauth/v2/accessToken?grant_type=authorization_code&code=AQS65Njp1F9-L-mKSrAJKZeQ-ij2OX7wboTc30-hrfQIwwJ0yfWd4FBqxLl-ZXHmL5HurKud4t9WcGeHB62EfPNcy3ddoqT1LztUHhR59iL-Q8f9WLrX03d9e3OCTmY-3vR8a_4ENeIN0GFpeLy7DKRDmuUNcQ82UwScqhApdtwzEBw-_Y0duYG87Lc1KQ&redirect_uri=https://www.gachina.com/auth/Linkedin/callback&client_id=78xaqf0ereiisy&client_secret={client_secret}
but I receive the following upon submitting the above link with our {client secret} in place
{"error":"invalid_redirect_uri","error_description":"Unable to retrieve access token: appid/redirect uri/code verifier does not match authorization code. Or authorization code expired. Or external member binding exists"}
I am doing all of this within minutes. So, I do not believe there is an expiration of code.
Can you help identify the error of steps or code to receive a Token?
This will return the access token
$params = array('grant_type' => 'authorization_code',
'client_id' => $this->api_key,
'client_secret' => $this->api_secret,
'code' => $_GET['code'],
'redirect_uri' => base_url().$this->redirect,
);
// Access Token request
$url = 'https://www.linkedin.com/oauth/v2/accessToken?' . http_build_query($params);
$data_len = strlen(http_build_query($params));
// Tell streams to make a POST request
$context = stream_context_create(
array('http' =>
array('method' => 'POST','header'=> 'Content-Length: 0'
)
)
);
// Retrieve access token information
$response = file_get_contents($url, false, $context);
$token = json_decode($response);
return $token->access_token;
I am hitting RestfulServer via an ajax call (url: BaseHref + "api/v1/Post/" + postId + '/PostTracks' to retrieve DataObject relations:
public function PostTracks(){
$controller = Controller::curr();
$request = $controller->getRequest();
$passkey = $request->getHeader('passkey');
$tracks = $this->owner->Tracks();
$set = array();
foreach($tracks as $track)
{
$set[] = array(
'm4aURL' => $track->m4a()->URL,
'oggURL' => $track->ogg()->URL,
'Title' => $track->Title
);
}
$this->outputJSON(200, $set);
}
At the top of the method I am trying to grab the value of a custom header that I sent in my ajax call via the beforeSend method. I have verified that the header is sent in the request to RestfulServer controller, but am having trouble getting the value.I am not getting anything for the value of $passkey.
How can I get header info from a RestfulServer controller. I don't understand why getRequest isn't working since RestfulServer extends from Controller.
You can use print_r($request->getHeaders()) to see all the headers attached to the request. In any case, I suspect the issue is with the casing of "passkey". By default SilverStripe will parse header names in CamelCaseFormat - so I suspect the header will be called Passkey or PassKey.
One nice way to debug issues with request is using Debug::dump($request->getHeaders()) or Debug::log($request->getHeaders()).
The latter will write a log file to the site that you can then track if you have terminal access to the server by "tail -f debug.log", or downloading them again and again.
That way you can see what logs out when you cant drirectly access the url.