All geek questions in one place

Yammer does not accept OAuth token through header during message

I am currently trying to update an application to send an OAuth token through the header instead of the query string in accordance with their new requirements. When creating a GET request with an OAuth token in the header, my request successfully validates a valid access_token. However, trying to make a message with the same token, I get 401 unauthorized access. This message with the same access token succeeds when the access token is placed in the query string.

var request = (HttpWebRequest)WebRequest.Create(yammerurl); request.Method = "POST"; request.Headers["Authorization"] = "Bearer " + access_token; request.Host = "www.yammer.com"; request.ContentType = "application/json;charset=utf-8";

This is my setting for a publication that receives an unauthorized exception, and below is my setting for a GET request that succeeds. Again, both of them use the same access token, and both methods work when the access token passes through the query string.

  string url = "https://www.yammer.com/api/v1/groups.json?mine=1"; HttpWebRequest request = (HttpWebRequest)WebRequest.Create(url); request.Headers["Authorization"] = "Bearer " + YammerAccessToken; request.Host = "www.yammer.com";

Does anyone know if my installation for publishing is incorrect, or is there another parameter I need to add? Thanks in extended.

+4
source share
1 answer

Is it because you do not specify the HTTP verb GET in the second? This is how I do it in PHP and it works great ...

I call this in my main php file ...

 $ymuser = yammer_user_by_email(' myemail@test.com ');

this function is in my inc file ...

 function yammer_user_by_email($email, $token = null){ global $YAMMER_ADMIN_TOKEN; $user = yammer_api_get('https://www.yammer.com/api/v1/users/by_email.json?email='.$email, $YAMMER_ADMIN_TOKEN); return $user[0]; }

All my HTTP calls are routed here, and the admin token is applied to the header ... function yammer_api_call ($ url, $ method = 'GET', $ body = '', $ token) {

  if ($token == null) { if (!$_SESSION['yammer_token'] || !$_SESSION['yammer_token']->access_token->token) return false; $token = $_SESSION['yammer_token']->access_token->token; } if ($method == 'GET'){ $opts = array('http' => array( 'method' => $method, 'header' => "Host: www.yammer.com\r\n" ."Authorization: Bearer " . $token . "\r\n" ) ); }else{ $opts = array('http' => array( 'method' => $method, 'header' => "Content-Type: application/x-www-form-urlencoded\r\n" ."Host: www.yammer.com\r\n" ."Authorization: Bearer " . $token . "\r\n" ."Content-Length: " . strlen($body) . "\r\n", 'content' => $body, 'timeout' => 60 ) ); } $context = stream_context_create($opts); $resp = file_get_contents($url, false, $context); //print($resp); $resp_obj = json_decode($resp); return $resp_obj; }
0
source

Source: https://habr.com/ru/post/1496214/

More articles:


All Articles