Additional REST API Validation Help
-
Hi, first of all thank you for this amazing (free) plugin. I know everyone says it when they start a post but its true.
I’m a beginner with RESTP API / JSON / PHP, so it’s probably something very easy to solve. I’m trying to log the computer id in the database when someone activates their license. The saving part into the database is for later but first I need to get the first step working which is explained in: https://www.licensemanager.at/docs/tutorials-how-to/additional-rest-api-validation/
I added the code mentioned in that document in the functions.php. That went fine as I get the “The UUID is missing from the request.” error before amending my activation request. I’m now trying to figure out how to change my request. I’m trying things for many hours now and I’m not able to figure it out. Am I not supposed to add it in the request body like I did with Postman (see attachment below)?
Thank you very much in advance!
Screenshot Postman: https://imgur.com/rmAmYwy
-
Hi Adrian, yesterday I was implementing the additional rest api validation example, and I got the same result as you.
I noticed that in the example code they use:
// Retrieve the body parameters $body = $request->get_json_params(); // The request body was empty, or the "uuid" property is missing. if (!$body || !array_key_exists('uuid', $body)) { return new WP_Error( 'lmfwc_rest_data_error', 'The UUID is missing from the request.', array('status' => 400) ); }I read the documentation and found that $request->get_json_params(); gets the BODY of a POST request when content type is json (Content-Type: application/json)
As the activate API REST endpoint is only enabled for GET requests, I made the following change.
$body = array("uuid"=>$request['uuid']);On Postman I passed the uuid param exactly as you did and now my example is working, I will continue implementing this for my use case, I want to store a site-code or machine-id so the user can’t activate on different computers, if you are interested, I can share my progress.
Best regards
Hi @jroblesruiz,
Thank you very much for replying. I’ve used your change, and I got exited as it indeed passed the test in Postman. However I am not able to get the UUID value that I sent with postman in WordPress. To test I save a csv file with below code where I save the license key and the UUID.
$path = wp_upload_dir(); $fp = fopen($path['path']."/Test.csv", "w"); fputcsv($fp, array($licenseKey, $body['uuid'])); fclose($fp);I get a csv file with the license key, but no UUID. Do you have more luck on your side? Can you confirm you are able to see the UUID value in WordPress?
Maybe with your help I will be able to solve this. If it’s not possible maybe an alternative solution would be to add the additional info (eg UUID) as a parameter(s) in the url (next to the consumer key/secret) rather than in the body? After googling a bit I get the impression you are not supposed to use body in a GET request.
Regards,
AdrianHi Adrian, indeed there is a lot to do to make it work. In other words, the example is not functional and only illustrates what you must do. So not, the example is not saving the uuid value into de database jet and you won’t see it when export the CVS.
As you can see in this part of the example, it uses lmfwc_get_license_meta() to read the license meta and check if the uuid has been used before, but we must save the value during activation using lmfwc_add_license_meta(), and that is not done in the example. Also, you must return the uuid so you must modify the REST API response, and I would check the uuid when validating the license.
// Check if the license key already has this UUID $previousActivation = lmfwc_get_license_meta($license->getId(), 'activation_uuid', true); // Throw an error if that's the case if ($previousActivation && $previousActivation === $body['uuid']) { return new WP_Error( 'lmfwc_rest_validation_error', 'The license was already activated using this UUID.', array('status' => 403) ); }As I mentioned earlier, I will be working on the complete change to validate a site-code or machine-id, so the user could not activate on different computers, because that is what I need, so I can validate an activation code on client side.
But I’m working on change design, so it fits my needs.
It would be great if @drazenbebic, guide us on where is the best way to add a filter or an action so we can save the uuid value. I know I can do it on the same validation example but i guest it is not the best place, because that method is to extend the validation. And also would love to hear if the change I made is right or we can really use the original code with a GET request.
Regards.
P.D. @drazenbebic thank you for your excelent work.
Hi @aditheman,
On response on your post when you said BODY is not used in GET request, that was that I tried to explain, that’s why I must change the code and read the param in the GET request.
In your code If you want to read the uuid you can use $request[‘uuid’], $body is a variable (an array) for which I kept the name from the original example. So, the variable can be used on that function.
$path = wp_upload_dir(); $fp = fopen($path['path']."/Test.csv", "w"); fputcsv($fp, array($licenseKey, $request['uuid'])); fclose($fp);Regards
@jroblesruiz Sorry, I didn’t get that from your initial post. I thought that there was an issue with the get_json_params function in combination with using a body in a GET request. What you were trying to explain is that it’s a generic issue and not linked to the get_json_params function. Sorry, I’m new to all this.
Using parameters instead of the body I was able to get this fully working now. I just need to save the data in the database which shouldn’t be a problem and I don’t require to use the data later like you do to prevent an activation on another machine. For me it’s more that I’m able to monitor that one license key is not used by let’s say 50 machines. Thank you for your help!
The topic ‘Additional REST API Validation Help’ is closed to new replies.
