xfrocks / bdapi Goto Github PK

Would it be possible to add suport for the POST scope to be able to push alerts to users? Would be very helpful to give users notifications of things that have happened with the application they have signed in with without the need of creating conversations or posts with their user tag in it.

Link:

/test-sub/components/1/test Does not work
/test-sub/components/test&param_id=1 Work

It is possible to upgrade users with this API ?
If yes how ?
I seen nothing related to user upgrade in the docs...
Thanks in advance.

Hi,

When i click on the 'Authorize Access' button, at example.com/account/authorize, it redirect me to the callback url, but the parameters are after a '#', not a '?', so i can't get them using PHP.

eg : https://www.gobelinland.fr/callback.php#access_token=blabla&user_id=1

Zend_Db_Statement_Mysqli_Exception: Mysqli prepare error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '))' at line 15 - library/Zend/Db/Statement/Mysqli.php:77

#0 /domain.com/xenforo/library/Zend/Db/Statement.php(115): Zend_Db_Statement_Mysqli->_prepare('?????SELECT nod...')
#1 /domain.com/xenforo/library/Zend/Db/Adapter/Mysqli.php(381): Zend_Db_Statement->__construct(Object(bdCloudServerHelper_Db_Adapter_Mysqli), '?????SELECT nod...')
#2 /domain.com/xenforo/library/Zend/Db/Adapter/Abstract.php(478): Zend_Db_Adapter_Mysqli->prepare('?????SELECT nod...')
#3 /domain.com/xenforo/library/bdCloudServerHelper/Db/Adapter/Mysqli.php(69): Zend_Db_Adapter_Abstract->query('?????SELECT nod...', Array)
#4 /domain.com/xenforo/library/XenForo/Model.php(219): bdCloudServerHelper_Db_Adapter_Mysqli->query('?????SELECT nod...', Array, 2)
#5 /domain.com/xenforo/library/XenForo/Model/Forum.php(106): XenForo_Model->fetchAllKeyed('?????SELECT nod...', 'node_id')
#6 /domain.com/xenforo/library/bdApi/Extend/Model/Forum.php(22): XenForo_Model_Forum->getForums(Array, Array)
#7 /domain.com/xenforo/library/bdApi/Extend/Model/Forum.php(17): bdApi_Extend_Model_Forum->getForums(Array, Array)
#8 /domain.com/xenforo/library/bdApi/ControllerApi/Forum.php(141): bdApi_Extend_Model_Forum->getForumsByIds(Array, Array)
#9 /domain.com/xenforo/library/bdApi/ControllerApi/Node.php(25): bdApi_ControllerApi_Forum->_getAll(151)
#10 /domain.com/xenforo/library/XenForo/FrontController.php(351): bdApi_ControllerApi_Node->actionGetIndex()
#11 /domain.com/xenforo/library/bdApi/Data/Helper/Batch.php(52): XenForo_FrontController->dispatch(Object(XenForo_RouteMatch))
#12 /domain.com/xenforo/library/bdApi/ControllerApi/Batch.php(49): bdApi_Data_Helper_Batch::doJob('GET', 'https://...', Array)
#13 /domain.com/xenforo/library/XenForo/FrontController.php(351): bdApi_ControllerApi_Batch->actionPostIndex()
#14 /domain.com/xenforo/library/XenForo/FrontController.php(134): XenForo_FrontController->dispatch(Object(XenForo_RouteMatch))
#15 /domain.com/xenforo/api/index.php(58): XenForo_FrontController->run()
#16 {main}

https://xenforo.com/community/posts/1060100
http://swagger.io

Regarding this chunk of code:

Since the API has been written, Google has moved away form authenticating with only Google+ and now uses a more generic sign-in authentication, See here: https://developers.google.com/identity/sign-in/android/backend-auth

This error popped up after upgrading to the latest version on master.

This occurs when making an authorization request when the board user is not logged in.

Server Error

openssl_encrypt(): IV passed is 16 bytes long which is longer than the 0 expected by selected cipher, truncating

    XenForo_Application::handlePhpError()
    openssl_encrypt() in bdApi/ShippableHelper/Crypt.php at line 70
    bdApi_ShippableHelper_Crypt::_aes128_encrypt() in bdApi/ShippableHelper/Crypt.php at line 26
    bdApi_ShippableHelper_Crypt::encrypt() in bdApi/Crypt.php at line 21
    bdApi_Crypt::encrypt() in bdApi/Crypt.php at line 52
    bdApi_Crypt::encryptTypeOne() in bdApi/XenForo/ControllerPublic/Error.php at line 40
    bdApi_XenForo_ControllerPublic_Error->actionAuthorizeGuest() in XenForo/FrontController.php at line 351
    XenForo_FrontController->dispatch() in XenForo/FrontController.php at line 134
    XenForo_FrontController->run() in /home/nginx/domains/xxxx/public/xf/index.php at line 13

Hi!

Currently, the forum API does not contain the parent category. I made a minor patch to add a new property, but was wondering if you would consider it.

In prepareApiDataForForum in bdApi_Extend_Model_Forum, I added the following:

$data['category'] = array(
    'parent_category_id' => $forum['parent_node_id']
);

Ideally, I'd like to also add more information from the parent category, such as the category description, but I'm not sure how to do that.

Hi,
I'm facing this error since I installed a SSL certificate on the domain:

Error=com.android.volley.NoConnectionError: javax.net.ssl.SSLHandshakeException: javax.net.ssl.SSLProtocolException: SSL handshake aborted: ssl=0x5f53f1f0: Failure in SSL library, usually a protocol error
error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure (external/openssl/ssl/s23_clnt.c:741 0x59c648f0:0x00000000)

This is happening only on android versions lower than M

I tried those solutions but with no luck:
https://stackoverflow.com/questions/29916962/javax-net-ssl-sslhandshakeexception-javax-net-ssl-sslprotocolexception-ssl-han
https://stackoverflow.com/questions/32184787/com-android-volley-noconnectionerror-javax-net-ssl-sslhandshakeexception-javax

https://stackoverflow.com/questions/30925213/ssl-exception-when-using-volley

Whin using http not https there is no issue
The issue occurs only when using https on Android version lower than M
Any help will be appreciated
Thank you

Is there any way to force the end user to accept the oauth API usage?

I'm curious if it's possible for us to disable the "grant access" stuff? I'm only going to allow this api to be used for my own apps and not public, and I want to avoid my users having to click grant. I would ideally like to make it so that if they are logged in it just auto redirects them back with auth token instead of them having to click button first.

Is this possible? Thanks.

Hello,
The first I wanna say thanks to developer, bdApi so good for Xenforo.
But I've a trouble with Thread Prefix, how can I create a Thread with the Prefix?

Thanks too much!

While logged into XenForo, I try to run the following admin commands and it says I'm not logged in.

GET /api/index.php?users/me

Request
array(0) {
}
Response (403)
array(1) {
  ["error"] => string(34) "You must be a logged-in, registered member of this site to perform this action. "
}

How can I connect the API with the forums so that it can read authentication tokens?

I am trying to implement the XenForoAuth MediaWiki extension.

Fatal error: Uncaught TypeError: Argument 1 passed to XenForo_Application::handleException() must be an instance of Exception, instance of Error given in /home/cuongphonghoi.com/public_html/library/XenForo/Application.php:375 Stack trace: #0 [internal function]: XenForo_Application::handleException(Object(Error)) #1 {main} thrown in /home/cuongphonghoi.com/public_html/library/XenForo/Application.php on line 375

Hello,

so i ran some tests and i found out that when you Use the grant password function the account will be authentified whatever password you use
you just have to make sure that the client key and client secret are correct

is it supposed to work that way ?

Best Regards,

Hi,

I've developed an extension for MediaWiki, which integrates a login with a user from XenForo using this bdApi. However, since some time, the login is not possible anymore for at least two users of this extension. The reason is, that, even with a valid oauth_token parameter, the request of the users/me endpoint fails with an error: "You've to be a member of this site". However, if I make the request in my browser (where I can reproduce this behaviour) a second time, I get all data.

Now, I'm not sure, if this is a problem with the settings of the forum, a bug in my extension or a bug in this addon. Could you help me finding this out? :)

The returned error message is:
{"errors":["Um diese Aktion durchf\u00fchren zu k\u00f6nnen, musst du ein angemeldetes und registriertes Mitglied dieser Seite sein."]}

Hi!

I've installed the latest beta and renamed the api/ directory to bdapi/ and added the setting in config.php accordingly.

XenForo's integrity check now complains an error about missing files:

Hi there,

I'm trying to get the xenforo2 branch running with XF 2.0.12.

After cloning the repository, checking out the xenforo2 branch, running composer install and importing the data via php cmd.php xf-dev:import -a Xfrocks/Api I can successfully call the /api/ endpoint.

However, opening the API settings in the AdminCP (/admin.php?api-clients/) renders an error:

Fatal error: Class 'Xfrocks\Api\DevHelper\Admin\Controller\Entity' not found in /home/[...]/forum-next/src/addons/Xfrocks/Api/Admin/Controller/Entity.php on line 7

The file containing the aforementioned class is excluded in .gitignore:

/DevHelper/Admin/Controller/Entity.php
/DevHelper/autogen.json
/_build/
/_data/
/_output/templates/admin/bdapi_entity_delete.html
/_output/templates/admin/bdapi_entity_edit.html
/_output/templates/admin/bdapi_entity_list.html
/_releases/
/vendor/

Is there any chance to get that file?

Best regards

Marcus

I was searching if there's a way to get information in json about a specific user on my forum using their username and password, such as rank or secondary rank, but failed to find any working examples.

Also, is there a proper tutorial or something to get started? I'm having a hard time finding something that clearly explains how to use the api itself.

Hello,
I've trouble when use API to post a message with some broken character such as "Hắn phóng ngựa tiến về phía Hàn Đ��"
It's show up:
Array
(
[errors] => Array
(
[0] => Xin mời nhập vào đúng nội dung.
)

[system_info] => Array
    (
        [visitor_id] => 1
        [time] => 1458285458
    )

)

But if I use this message and post directly to thread, it's successfully without errors.

Please support xenforo_consumer addon for xenforo 2.2

I am fairly new to using the API but after three days of straining my eyes I have decided to ask. I am unsure of how to use this with passport and I have tried practically everything I know.

If someone could give me an example or a repo where someone else has done it, it would make my day.

Hi,

I have configured bdapi and wordpress consumer, all working fine except when i try to logout from xenforo its not logging out user from the wordpress but its working when i logout user from the wordpress. Can you please let me know if i am missing out some option or anything.

Thanks.

I'm building an application for our site where users can signup with much simpler user interface compared to XenForo's registration page (only three form fields for username, email address, and password).

I'm checking the availability of username and email address by asking the API with a GET /users/find request.

Search by email address is only allowed for users within the admincp scope (bdApi_Model_OAuth2::SCOPE_MANAGE_SYSTEM).

I'm wondering if there's a way to enable searching by email address by a less privileged permission, maybe be adding another oAuth scope or something. It's clear, that search by email address shouldn't be allowed for users with the simple read permission for privacy reasons but on the other side I don't want grant the signup application admin permissions.

Has anyone thoughts on that?

When using, for example, PUT to update a post, under the response header, any "html" properties e.g. post_body_html or signature_html are displaying (object:XenForo_BbCode_TextWrapper) rather than the actual html. (The actual html in the JSON received on the client end is fine though).

PHP ver: 5.4.12
BDApi: 1.6.3 (downloaded from Xenforo BDApi page)

The entry "post_body_plain_text" sometimes contains bbcode. As i noticed this applies at least to the [SIZE] tag. The [FONT] tag for example is working fine.

"post_body":"[SIZE=6]mytext[\/SIZE]",
"post_body_html":"<span style=\"font-size: 22px\">mytext<\/span>",
"post_body_plain_text":"[SIZE=6]mytext[\/SIZE]",

https://github.com/xfrocks/bdApi/blob/master/docs/api.markdown#get-postspostid

Hi dev,
bdApi really great.

bdApi support thread types order by: thread_create_date, thread_create_date_reverse, thread_update_date, thread_update_date_reverse, thread_view_count, thread_view_count_reverse.

Now I want to order by the time of editing the first post.

Any ideas for that?

Thanks.

Would you like to add an API for Xenforo Resource Manager for 2.0 Version?

This is probably just an issue with my code, but whenever I attempt to retrieve an access code I get an http 403 response.
After getting the code from oauth/authorize, I attempt to get an access code using RFC 6749's specifications.
The request data is sent below, other than some private data blurred out. (using GuzzleHttp)

response:

<html>
<head><title>403 Forbidden</title></head>
<body bgcolor="white">
<center><h1>403 Forbidden</h1></center>
<hr> (truncated...)

Again sorry if this isn't the proper place to put this, but I cannot post to your forums since I'm linked to someone's XF purchase, not having my own.

I was wondering if this library has been updated to support Xenforo 2.1 and their built in REST api yet. Their new REST api is all well and good, however it isn't a oAuth flow. This breaks all the previous apps we have integrated with our forum.

When my OAuth flow points to api/users/me with Bearer token added to authorization header - I'm receiving the error You do not have permission.

If I manually add oauth_token=token as query string parameter (for testing), the request seems to work but receive the error: Fatal error: Call to undefined method Xfrocks\Api\XF\ApiOnly\Template\Templater::func() in \htdocs\xf2.1\src\addons\Xfrocks\Api\XF\Transform\User.php on line 160

Any ideas?

Test setup is: WAMP 2.4 (Apache 2.4.4, PHP 5.6.40). XF version 2.1.1. BDAPI version 2.0.1 Beta 4.

When requesting resources, bdAPI seems to accept oauth_token request parameter.
According to specs I read, passing the access token in Authorization header is the preferred method. bdApi seems to always return "error": "invalid_request" when I attempt that form of authorization. Is it supported?

Hello Folks,

first thanks for this project it is really good,
anyway i am Using the Post Grant Password function
like this :

http://website.net/api/index.php?oauth/token&

POST /api/index.php?oauth/token& HTTP/1.0
Host: website.net
Content-Type: application/x-www-form-urlencoded
Content-Length: 113

grant%5Ftype=password&client%5Fid=xxxxxx&client%5Fsecret=xxxxxxx%5Fsecret&username=xxxxx&password=xxxxxx

this is the response I get :

HTTP/1.1 401 Unauthorized
Date: Wed, 15 Aug 2018 01:45:10 GMT
Server: Apache/2.4.33 (Win64) PHP/5.6.35
X-Powered-By: PHP/5.6.35
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Wed, 15 Aug 2018 01:45:10 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, max-age=0
Set-Cookie: xf_session=wzZmA9s_-oA6pDuwjJe8ggXI_JTqy5m8; path=/; httponly
Content-Length: 65
Connection: close
Content-Type: application/json; charset=utf-8

{"status":"error","errors":["bdapi_oauth2_error_invalid_client"]}

Any idea what is going on ?

Thanks .

someone that has an php example to create a new post with attachment

best regards

Trying to setup following for xf2.x - https://github.com/xfrocks/bdApi/tree/master/php_demo

Authentication successfully done. Getting following message "Obtained access token successfully!" and URLs with tokens.

Now don't know what to do next?
How can I post a thread into a specific forum?

I want to create a post into my XF forum using the api.

I have tried like following but no success - https://domain.com/xf-php-api/index.php?action=request&url=https://forum.domain.com/community/api/index.php?users/me/timeline&oauth_token=TOKEN_CODE&access_token=TOKEN&forum_id=18&thread_title=Thread_Title&post_body=Description

You help will be much appreciated.

Hi, I'm having a really hard time reading the documentation and understanding it in general. I have looked at your script.php example but I'm still unsure since I don't know php.

I want to get the users information like groups and etc. The only issue with that is I'm unsure as to how I can do so. My understanding is is that I need to get the access token and then use that to get the user information. Now my question is. How should the URL look like to get the access token and how should the URL look like to get the user information?

Hello,
Are there installation instructions?
Not seeing them in the readme.
Thanks,
Luke

Confirmed i have all needed required permissions, checked the group permission Can create API Client permission.
And i use super-administrator account.

But i still can't see Add Client button. Include i modify the template removed if check.

Direct view page api-clients/add, it just told me i hadn't permission to do that.

I even try turn on dev mode and add permission in plugin, still doen't work.

Beta 7 with XenForo 2.1.3 on PHP 7.2.6

In XF 1 - regular users can edit or revoke permissions for clients (and see a list of clients). This does not seem to be there in XF 2.1.4 and bd API 2.0.1 Beta 4. Is this going to be implemented?

Hi,
Thank you for this api,
Can you please give us detailed installation guide?
I can't get it to work as I don't what's the steps to prepare it.
What;s the redirect uri?
what's the fields in AdminCP and android app suppose to mean? and how to get this keys?

This file has an error, which is an extra comma at the end of line 565: $pageNavParams,

The fix is to remove the comma: $pageNavParams

You won't see this error unless you manually look at the response - the request doesn't show up in the api logs.

Hey,

the API call me all time that i should Post a Correctly Text ...

How can i post something like

[CENTER]

blalbla
[img]blA[/img]

.... and and and

can some help me ?

After installing the latest version on a XF2.1 forum I get this error when creating a new conversation:

InvalidArgumentException: Unknown column src/XF/Mvc/Entity/Entity.php:206

#0 src/addons/Xfrocks/Api/Repository/Subscription.php(424): XF\Mvc\Entity\Entity->getValue('')
#1 src/addons/Xfrocks/Api/XF/Service/Conversation/Notifier.php(31): Xfrocks\Api\Repository\Subscription->pingConversationMessage('bdapi_reply', Object(XF\Entity\ConversationMessage), Object(Siropu\AdsManager\XF\Entity\User), Object(Siropu\AdsManager\XF\Entity\User))
#2 src/XF/Service/Conversation/Notifier.php(65): Xfrocks\Api\XF\Service\Conversation\Notifier->_sendNotifications('reply', Array, Object(XF\Entity\ConversationMessage))
#3 src/XF/Service/Conversation/Replier.php(179): XF\Service\Conversation\Notifier->notifyReply(Object(XF\Entity\ConversationMessage))
#4 src/XF/Service/Conversation/Replier.php(158): XF\Service\Conversation\Replier->sendNotifications()
#5 src/XF/Service/ValidateAndSavableTrait.php(40): XF\Service\Conversation\Replier->_save()
#6 src/XF/Pub/Controller/Conversation.php(505): XF\Service\Conversation\Replier->save()
#7 src/XF/Mvc/Dispatcher.php(321): XF\Pub\Controller\Conversation->actionAddReply(Object(XF\Mvc\ParameterBag))
#8 src/XF/Mvc/Dispatcher.php(248): XF\Mvc\Dispatcher->dispatchClass('XF:Conversation', 'AddReply', Object(XF\Mvc\RouteMatch), Object(XF\Pub\Controller\Conversation), NULL)
#9 src/XF/Mvc/Dispatcher.php(100): XF\Mvc\Dispatcher->dispatchFromMatch(Object(XF\Mvc\RouteMatch), Object(XF\Pub\Controller\Conversation), NULL)
#10 src/XF/Mvc/Dispatcher.php(50): XF\Mvc\Dispatcher->dispatchLoop(Object(XF\Mvc\RouteMatch))
#11 src/XF/App.php(2177): XF\Mvc\Dispatcher->run()
#12 src/XF.php(390): XF\App->run()
#13 index.php(20): XF::runApp('XF\Pub\App')
#14 {main}

Everything else worked fine so far.

My enviroment under PHP 7.1.x and get this issues.

XenForo_Application::handlePhpError() in bdApi/Lib/oauth2-server-php/src/OAuth2/ResponseType/AuthorizationCode.php at line 89
OAuth2\ResponseType\AuthorizationCode->generateAuthorizationCode() in bdApi/Lib/oauth2-server-php/src/OAuth2/ResponseType/AuthorizationCode.php at line 59
OAuth2\ResponseType\AuthorizationCode->createAuthorizationCode() in bdApi/Lib/oauth2-server-php/src/OAuth2/ResponseType/AuthorizationCode.php at line 32
OAuth2\ResponseType\AuthorizationCode->getAuthorizeResponse() in bdApi/Lib/oauth2-server-php/src/OAuth2/Controller/AuthorizeController.php at line 90
OAuth2\Controller\AuthorizeController->handleAuthorizeRequest() in bdApi/Lib/oauth2-server-php/src/OAuth2/Server.php at line 321
OAuth2\Server->handleAuthorizeRequest() in bdApi/OAuth2.php at line 108
bdApi_OAuth2->actionOauthAuthorize2() in bdApi/XenForo/ControllerPublic/Account.php at line 395
bdApi_XenForo_ControllerPublic_Account->actionAuthorize() in XenForo/FrontController.php at line 351
XenForo_FrontController->dispatch() in XenForo/FrontController.php at line 134

The method /users/:userId/avatar seems to check the user permission to update avatar, even when an administrator(higher-privileged user) runs it.

When the user which owns the avatar can't change the avatar the api will reject the request, regardless of the executor.