php - Dropbox API Redirection Loop -


i using php sdk provided dropbox core api. have minor bug... file being redirected time click on allow button... below index file:

index.php

<?php session_start();  ini_set("display_errors",1); require_once __dir__.'/dropbox-sdk/dropbox/strict.php';  $appinfofile = __dir__."/appinfo.json";  // note: should using composer's global autoloader. these examples // work people don't have composer, we'll use library's "autoload.php". require_once __dir__.'/dropbox-sdk/dropbox/autoload.php';  use \dropbox dbx;  $requestpath = init(); echo "request path = ".$requestpath."<br>"; if ($requestpath === "/") {      $dbxclient = getclient();      if ($dbxclient === false) {         echo "path: ".getpath("dropbox-auth-start")."<br>";die;         header("location: ".getpath("dropbox-auth-start"));         exit;     }      $path = "/";//debug completed      if (isset($_get['path'])) $path = $_get['path'];     $entry = $dbxclient->getmetadatawithchildren($path);      echo "client<pre>";     print_r($dbxclient);     echo "</pre>";     echo "entry".$entry;die;     if ($entry['is_dir']) {         echo renderfolder($entry);     }     else {         echo renderfile($entry);     } } else if ($requestpath == "/download") {     //die("download");     $dbxclient = getclient();      if ($dbxclient === false) {         header("location: ".getpath("dropbox-auth-start"));         exit;     }      if (!isset($_get['path'])) {         header("location: ".getpath(""));         exit;     }     $path = $_get['path'];      $fd = tmpfile();     $metadata = $dbxclient->getfile($path, $fd);      header("content-type: $metadata[mime_type]");     fseek($fd, 0);     fpassthru($fd);     fclose($fd); } else if ($requestpath === "/upload") {     //die("upload");     if (empty($_files['file']['name'])) {         echo renderhtmlpage("error", "please choose file upload");         exit;     }      if (!empty($_files['file']['error'])) {         echo renderhtmlpage("error", "error ".$_files['file']['error']." uploading file. see <a href='http://php.net/manual/en/features.file-upload.errors.php'>the docs</a> details");         exit;     }      $dbxclient = getclient();      $remotedir = "/";     if (isset($_post['folder'])) $remotedir = $_post['folder'];      $remotepath = rtrim($remotedir, "/")."/".$_files['file']['name'];      $fp = fopen($_files['file']['tmp_name'], "rb");     $result = $dbxclient->uploadfile($remotepath, dbx\writemode::add(), $fp);     fclose($fp);     $str = print_r($result, true);     echo renderhtmlpage("uploading file", "result: <pre>$str</pre>"); } else if ($requestpath === "/dropbox-auth-start") {     //die("dropbox-auth-start");     $authorizeurl = getwebauth()->start();     header("location: $authorizeurl"); } else if ($requestpath === "/dropbox-auth-finish") {     //die("dropbox-auth-finish");     try {         list($accesstoken, $userid, $urlstate) = getwebauth()->finish($_get);         // didn't pass in $urlstate finish, , we're assuming session can't         // tampered with, should null.         assert($urlstate === null);     }     catch (dbx\webauthexception_badrequest $ex) {         respondwitherror(400, "bad request");         // write full details server error log.         // important: never show $ex->getmessage() string user -- contain         // sensitive information.         error_log("/dropbox-auth-finish: bad request: " . $ex->getmessage());         exit;     }     catch (dbx\webauthexception_badstate $ex) {         // auth session expired. restart auth process.         header("location: ".getpath("dropbox-auth-start"));         exit;     }     catch (dbx\webauthexception_csrf $ex) {         respondwitherror(403, "unauthorized", "csrf mismatch");         // write full details server error log.         // important: never show $ex->getmessage() string user -- contains         // sensitive information used bypass csrf check.         error_log("/dropbox-auth-finish: csrf mismatch: " . $ex->getmessage());         exit;     }     catch (dbx\webauthexception_notapproved $ex) {         echo renderhtmlpage("not authorized?", "why not?");         exit;     }     catch (dbx\webauthexception_provider $ex) {         error_log("/dropbox-auth-finish: unknown error: " . $ex->getmessage());         respondwitherror(500, "internal server error");         exit;     }     catch (dbx\exception $ex) {         error_log("/dropbox-auth-finish: error communicating dropbox api: " . $ex->getmessage());         respondwitherror(500, "internal server error");         exit;     }      // note: real web app store access token in database.     $_session['access-token'] = $accesstoken;      echo renderhtmlpage("authorized!",             "auth complete, <a href='".htmlspecialchars(getpath(""))."'>click here</a> browse."); } else if ($requestpath === "/dropbox-auth-unlink") {     //die("dropbox-auth-unlink");     // "forget" access token.     unset($_session['access-token']);     echo renderhtmlpage("unlinked.",             "go <a href='".htmlspecialchars(getpath(""))."'>home</a>."); } else {     //die("else part");     echo renderhtmlpage("bad url", "no handler $requestpath");     exit; }  function renderfolder($entry) {     // todo: add token counter csrf attacks.     $upload_path = htmlspecialchars(getpath('upload'));     $path = htmlspecialchars($entry['path']);     $form = <<<html <form action='$upload_path' method='post' enctype='multipart/form-data'> <label for='file'>upload file:</label> <input name='file' type='file'/> <input type='submit' value='upload'/> <input name='folder' type='hidden' value='$path'/> </form> html;      $listing = '';     foreach($entry['contents'] $child) {         $cp = $child['path'];         $cn = basename($cp);         if ($child['is_dir']) $cn .= '/';          $cp = htmlspecialchars($cp);         $link = getpath("?path=".htmlspecialchars($cp));         $listing .= "<div><a style='text-decoration: none' href='$link'>$cn</a></div>";     }      return renderhtmlpage("folder: $entry[path]", $form.$listing); }  function getappconfig() {     global $appinfofile;      try {         $appinfo = dbx\appinfo::loadfromjsonfile($appinfofile);     }     catch (dbx\appinfoloadexception $ex) {         throw new exception("unable load \"$appinfofile\": " . $ex->getmessage());     }      $clientidentifier = "examples-web-file-browser";     $userlocale = null;      return array($appinfo, $clientidentifier, $userlocale); }  function getclient() {     if(!isset($_session['access-token'])) {         return false;     }      list($appinfo, $clientidentifier, $userlocale) = getappconfig();     $accesstoken = $_session['access-token'];     return new dbx\client($accesstoken, $clientidentifier, $userlocale, $appinfo->gethost()); }  function getwebauth() {     list($appinfo, $clientidentifier, $userlocale) = getappconfig();     $redirecturi = "http://localhost/myapi/dropbox/";//success.php";//geturl("dropbox-auth-finish");     $csrftokenstore = new dbx\arrayentrystore($_session, 'dropbox-auth-csrf-token');     return new dbx\webauth($appinfo, $clientidentifier, $redirecturi, $csrftokenstore, $userlocale); }  function renderfile($entry) {     $metadatastr = htmlspecialchars(print_r($entry, true));     $downloadpath = getpath("download?path=".htmlspecialchars($entry['path']));     $body = <<<html <pre>$metadatastr</pre> <a href="$downloadpath">download file</a> html;      return renderhtmlpage("file: ".$entry['path'], $body); }  function renderhtmlpage($title, $body) {     return <<<html <html> <head> <title>$title</title> </head> <body> <h1>$title</h1> $body </body> </html> html; }  function respondwitherror($code, $title, $body = "") {     $proto = $_server['server_protocol'];     header("$proto $code $title", true, $code);     echo renderhtmlpage($title, $body); }  function geturl($relative_path) {     if (isset($_server['https']) && $_server['https'] !== 'off') {         $scheme = "https";     } else {         $scheme = "http";     }     $host = $_server['http_host'];     $path = getpath($relative_path);     return $scheme."://".$host.$path; }  function getpath($relative_path) {     if (php_sapi === 'cli-server') {         return "/".$relative_path;     } else {         echo "server values:<pre>";         print_r($_server);         echo "</pre>";         return $_server["script_name"]."/".$relative_path;     } }  function init() {     global $argv;      // if run command-line script, launch php built-in web server.     if (php_sapi === 'cli') {         launchbuiltinwebserver($argv);         assert(false);     }      if (php_sapi === 'cli-server') {         // when we're running under php's built-in web server, routing here.         return $_server['script_name'];     }     else {         // when we're running under cgi or mod_php.         if (isset($_server['path_info'])) {             return $_server['path_info'];         } else {             return "/";         }     } }  function launchbuiltinwebserver($argv) {     // built-in web server available in php 5.4+.     if (version_compare(php_version, '5.4.0', '<')) {         fprintf(stderr,         "unable run example. version of php used run script (".php_version.")\n".         "doesn't have built-in web server. need php 5.4 or newer.\n".         "\n".         "you can still run example if have web server supports php 5.3.\n".         "copy dropbox php sdk web server's document path , access there.\n");         exit(2);     }      $php_file = $argv[0];     if (count($argv) === 1) {         $port = 5000;     } else if (count($argv) === 2) {         $port = intval($argv[1]);     } else {         fprintf(stderr,         "too many arguments.\n".         "usage: php $argv[0] [server-port]\n");         exit(1);     }      $host = "localhost:$port";     $cmd = escapeshellarg(php_binary)." -s ".$host." ".escapeshellarg($php_file);     $descriptors = array(             0 => array("pipe", "r"), // process' stdin. we'll close right away.             1 => stdout, // relay process' stdout ours.             2 => stderr, // relay process' stderr ours.     );     $proc = proc_open($cmd, $descriptors, $pipes);     if ($proc === false) {         fprintf(stderr,         "unable launch php's built-in web server. used command:\n".         " $cmd\n");         exit(2);     }     fclose($pipes[0]); // close process' stdin.     $exitcode = proc_close($proc); // wait process exit.     exit($exitcode); } ?>

fyi: in dropbox app have set redirect uri : "localhost/myapi/dropbox/"... going loop... can 1 solve this? thought change redirect uri success.php there other way solve this?

update:

i pasting success.php file:

success.php

<?php session_start(); ini_set("display_errors",1);  # include dropbox sdk libraries require_once "dropbox-sdk/dropbox/autoload.php"; use \dropbox dbx;  $dbxclient = new dbx\client($_session['access-token'], "php-picpixa/1.0");//this line giving error $accountinfo = $dbxclient->getaccountinfo();  echo "account info:<pre>"; print_r($accountinfo); echo "</pre>";  $f = fopen("working-draft.txt", "a"); $result = $dbxclient->uploadfile("/working-draft.txt", dbx\writemode::add(), $f); fclose($f); print_r($result);  $foldermetadata = $dbxclient->getmetadatawithchildren("/"); print_r($foldermetadata);  $f = fopen("working-draft.txt", "w+b"); $filemetadata = $dbxclient->getfile("/working-draft.txt", $f); fclose($f); echo "<br>file meta data:<br><pre>"; print_r($filemetadata); echo "</pre>"; ?>

to access full project please download from: https://www.dropbox.com/sh/ps90blb2uujbxxh/aabdbu39upjsoeilwxsnjuffa

thank you,

it looks commented out code have redirected dropbox-auth-finish. since you're never going there, you're never finishing auth process , never setting $_session['access-token'] anything.


Comments

Post a Comment

Popular posts from this blog

commonjs - How to write a typescript definition file for a node module that exports a function? -

consider, toml node module can use: // toml.d.ts declare module toml { export function parse(value:string):any; } declare module "toml" { export = toml; } then: /// <reference path="../../../../../defs/toml/toml.d.ts"/> import toml = require('toml'); toml.parse(...); however, node module export single function, such 'glob' ( https://github.com/isaacs/node-glob ). the node usage of module be: var glob = require("glob") glob("*.js", {}, callback(err, files) { ... }); you'd naively expect this: // glob.d.ts declare function globs(paths:string, options:any, callback:{(err:any, files:string[]):void; ...but because typescripts 'import' semantics bit strange, seems can use 'import .. = require()' statement alias modules . trying call: /// <reference path="../../../../../defs/glob/glob.d.ts"/> import blog = require('glob'); results in: error ts2072: mod
Read more

openid - Okta: Failed to get authorization code through API call -

i'm integrating okta own idp server using okta's api. i'm implementing authorization code flow following steps below: in own server, use /api/v1/authn endpoint sessiontoken. use sessiontoken obtain authorization calling endpoint: /oauth2/v1/authorize?client_id=" + clientid + "&sessiontoken=" + sessiontoken + "&response_type=code&response_mode=query&scope=openid&redirect_uri=" + redirecturl + "&state=evanyang&nonce=" it's supposed return response status code 302 , location header containing redirect url code value. however, keep getting response status code 200 , without location header, html body saying "you using unsupported browser." , "javascript disabled on browser." according api documentation: http://developer.okta.com/docs/api/resources/oidc.html#authentication-request , sessiontoken parameter sufficient this: an okta one-time sessiontoken. allows api-based
Read more

thorough guide for profiling racket code -

did googling ("racket profiling", "racket measure performance"), didn't find , there no examples in docs. did google "profile" search on htdp - no luck. (profile (f ...)) output isn't obvious other small snippets. ideally want python's python -m cprofile usage examples. when search "python profiling", both duckduckgo , google give top result: 26.4. python profilers . (although scanned quickly, seems more of reference "thorough usage guide" examples. if had else in mind, perhaps please link that?) the equivalent racket documentation be: profile: statistical profiler . a usage example: #lang racket (require profile) (profile-thunk (thunk (function-to-profile arg0 arg1) )) here (thunk e) convenience (lambda () e) . bigger example: #lang racket (module mod racket (provide f) (define (f) (for/list ([i 10000]) i))) (require (prefix-in mod: 'mod)) (define (f) (for ([i 10000
Read more