Nextend Social login flow rest api

Resolved sarahgeara
(@sarahgeara)

3 years, 11 months ago

I’m trying to use the plugin to obtain user authentication through the use of the REST API, made available to the pluign.
endpoint: wp-json / nextend-social-login / v1
from what I understand from the code it would be enough to pass the provider es “google” and google access_token

but this returns “Request is missing required authentication credential. Expected OAuth 2 access token, login cookie or other valid authentication credential.”

although I set the token in “The authorization data”,
what would be the exact work flow to get a social login via REST API?

Please i need help

@sawasblog can you help me please i saw that you had the same issue and it’s solved

Thanks

Viewing 15 replies - 1 through 15 (of 20 total)

1 2 →

Plugin Support Laszlo
(@laszloszalvak)

3 years, 11 months ago

Hi @sarahgeara

This is another topic where I described how you can use the REST API of Nextend Social Login exactly: https://wordpress.org/support/topic/rest-api-social-login-work-flow/#post-12026347
You will probably also find some other useful information in that topic.

Anyways your problem will most likely be related to the format of your access token.
As you can see here:
https://gist.github.com/nextend/b733d402ee2e2cee59b632f6e4741a9d
you need to use it in JSON format, e.g.:
{"access_token":"xxxxxxxxx","expires_in":3600,"id_token":"xxxxxxxxx","token_type":"Bearer"}
So this entire string is the access token, not only the “access_token” part of it.

And this access token needs to be posted to the REST API of Nextend Social Login.
For example:

Google:
https://example.com/wp-json/nextend-social-login/v1/google/get_user

Facebook:
https://example.com/wp-json/nextend-social-login/v1/facebook/get_user

In the topic I linked above, you will find more details.

Best regards,
Laszlo.
Thread Starter sarahgeara
(@sarahgeara)

3 years, 11 months ago
i am getting the serverAuthCode and the idToken after i logged in with my user from my mobile app and then i am using this rest api https://example.com/wp-json/nextend-social-login/v1/google/get_user and passing in the body:
please note that i am filling the access_token with the serverAuthCode and the id_token with idToken like this:
{
“access_token”: “xxxxxxxxxxxxxxxxxxxxx”,
“id_token”: “xxxxxxxx”,
“token_type”: “bearer”,
“expires_in”: 5183946,
}

Please advice
- This reply was modified 3 years, 11 months ago by sarahgeara.
Thread Starter sarahgeara
(@sarahgeara)

3 years, 11 months ago

@laszloszalvak is this right? please advice
Plugin Support Laszlo
(@laszloszalvak)

3 years, 11 months ago
Hi @sarahgeara

First of all please revoke the access token that you shared the credentials above, since it is not secure sharing it publicly. For this you should go to your Google account > Seciroty: https://myaccount.google.com/security and at “Third-party apps with account access” you should select the app this access token belongs to and click “Remove access”.

As for the access token it self:
The access token should be returned by the social media after you authenticated and authorized your App. So you shouldn’t build it you manually.
If you inspect this file:
- wp-content/plugins/social-login/nextend-facebook-connect/includes/oauth2.php
specifically the authenticate() method, you can see how we get the access token exactly.

Once you got the access token I would suggest testing it first with a form like the one you find here: https://gist.github.com/nextend/4d3c701c8d99972824025e4dfdeccac0
( Don’t forget to replace the domain in the link with your own domain: https://xyz.com/wp-json/nextend-social-login/v1/google/get_user )
- This reply was modified 3 years, 11 months ago by Laszlo.
Thread Starter sarahgeara
(@sarahgeara)

3 years, 11 months ago

@laszloszalvak i got the access_token object automatically generated and send it in the body of rest api https://example.com/wp-json/nextend-social-login/v1/google/get_user
but still getting the same error.

Thread Starter sarahgeara
(@sarahgeara)

3 years, 11 months ago

@picaland @sawasblog can you please help me also???
Plugin Support Laszlo
(@laszloszalvak)

3 years, 11 months ago
Hi @sarahgeara

I just checked my json encoded access token on my local test site with both the test form: https://gist.github.com/nextend/4d3c701c8d99972824025e4dfdeccac0
and another CURL script I just wrote, and both worked fine for me. So I assume the problem will still be related to your access token.

So what I would suggest is testing the REST API with an access_token that you receive with Nextend Social Login, this way you can ensure that the access token is fine.
For this you could open up this file:
- wp-content/plugins/nextend-facebook-connect/includes/oauth2.php
find this code part around line 138:
$accessTokenData = json_decode(wp_remote_retrieve_body($request), true);
and you could write out the access token just before that line like:
echo wp_remote_retrieve_body($request);exit;

then you could check this access token both with your modified test form:
https://gist.github.com/nextend/4d3c701c8d99972824025e4dfdeccac0

You can also give it a try in this curl script:
https://www.dropbox.com/s/tu68ht3k7re5tp9/curltest.php?dl=1
-don’t forget to modify the url in the $url variable with your own domain.
-don’t forget to replace the value of the access_token in the $access_token variable with your own json encoded access token.
Once it is done, you could upload it to your server then open it in the browser.
If the access token is fine:
-and there is a user already registered with the access token it will return the ID of the user.
-and there is no user registered with the access token, yet then it will return empty string
If the access token is not fine, you will receive an error message like the one you received so far.

Anyways please note that we can not provide support for custom coding.
- This reply was modified 3 years, 11 months ago by Laszlo.
- This reply was modified 3 years, 11 months ago by Laszlo.
Thread Starter sarahgeara
(@sarahgeara)

3 years, 11 months ago
@laszloszalvak how i can access this file wp-content/plugins/social-login/nextend-facebook-connect/includes/oauth2.php???
- This reply was modified 3 years, 11 months ago by sarahgeara.
Plugin Support Laszlo
(@laszloszalvak)

3 years, 11 months ago
Hi @sarahgeara

Sorry, I just corrected the path in my previous reply to:
wp-content/plugins/nextend-facebook-connect/includes/oauth2.php
and you can find it on your server, at your WordPress installation folder.
To inspect and modify it you could use an FTP client like FileZilla: https://filezilla-project.org/
where you should use your FTP credentials.
- This reply was modified 3 years, 11 months ago by Laszlo.
Thread Starter sarahgeara
(@sarahgeara)

3 years, 11 months ago

@laszloszalvak i did what you suggested. i got the access token from the nextend social plugin from the file in you reply above, and i’ve tried it in the rest api of your plugin
…/wp-json/nextend-social-login/v1/google/get_user

it returned the same error!!!!!

Why it’s working on the website and not from the rest apiii !!!

Please helppp!!!!

Thread Starter sarahgeara
(@sarahgeara)

3 years, 11 months ago

@laszloszalvak please not that i am passing the access_token object in the body of my request !!!!
Plugin Support Laszlo
(@laszloszalvak)

3 years, 11 months ago
Hi @sarahgeara

If you posted the access token in the request body with wp_remote_post, e.g.:
```
<?php

    $myData  = array(
        'access_token' => '{ "access_token": "xxxxxxxxxxxxx", "expires_in": 3600, "refresh_token": "xxxxxxxxxxxx", "scope": "openid https://www.googleapis.com/auth/userinfo.profile https://www.googleapis.com/auth/userinfo.email", "token_type": "Bearer", "id_token": "xxxxxxxxxx" }'
    );
    $request = wp_remote_post('http://example.com/wp-json/nextend-social-login/v1/google/get_user', array(
        'body' => $myData,
    ));
    $response = wp_remote_retrieve_body($request);
    var_dump($response);
    exit;
```
That should also work fine.

As I mentioned earlier, we can not provide support for problems related to custom coding. But please open a support ticket directly at:
https://nextendweb.com/contact-us/nextend-social-login-support/?ref=https://wordpress.org/support/topic/nextend-social-login-flow-rest-api/#post-12839745
and I will check this on your site.
Thread Starter sarahgeara
(@sarahgeara)

3 years, 11 months ago

Thank you for your reply , i opened a ticket.

Thread Starter sarahgeara
(@sarahgeara)

3 years, 11 months ago

@laszloszalvak when will they replyy ?? i will got the answer by email ??

Plugin Author Nextendweb
(@nextendweb)

3 years, 11 months ago

@sarahgeara Laszlo will be available on Monday.

Probably you’re doing something wrong. As I saw in your email you are sending the access_token value as a post body, but you should send it as a parameter. That WordPress PHP example what Laszlo sent you works fine and you should implement it properly in the programming language that you use. Maybe it is better to search for solution at stackoverflow or ask this question there: “How to post a HTTP param in Android{Replace with your language}?”

Here is a 100% working HTML form what you should implement in your language: https://gist.github.com/nextend/9185400d84d945702dc685941a11b8c1