Sample Code - REST - need help -
1,197 views
Skip to first unread message
Brian
Nov 8, 2009, 10:36:37 PM11/8/09
to FatSecret Platform API
Hi all,
So, after reading the post by "lost" and the replies and Donna's
effort to help (appreciated) Im kind of in the same boat here and
perhaps i can explain why and maybe even have someone explain why not.
Kind of feels to me after reading a ton of oauth stuff on the web...
that there are very few people who actually understand what the hell
they are doing, and a whole lot that are just parroting the same thing
someone else printed.
Personally, im a vbscript guy and am writing a site in classic ASP
that will simply use a couple of php modules to send/retrieve data
from fat secret API..
Myself, knowing very little php ive run into pretty much a brick wall
using the fatsecret sample code.
However, using this handy test client
http://term.ie/oauth/example/client.php
I am able to return full xml on simple request IE food id and recipe
id using basic querystring and info from my config.
IE Endpoint: http://platform.fatsecret.com/rest/server.api?method=recipes.search&recipe.id=91&page_number=5
with my consumer key and my consumer secret returns a nice happy xml
feed of the data i asked for.
Viewing a dump of that request shows me:
request url:
http://platform.fatsecret.com/rest/server.api?method=recipes.search&oauth_consumer_key=xxx&oauth_nonce=3b7d40b26393ac668296e9d3b4add48f&oauth_signature=x9OnSZCcQqN0WB2%2FIT6sreDZ97g%3D&oauth_signature_method=HMAC-SHA1&oauth_timestamp=1257736081&oauth_version=1.0&page_number=5&recipe_id=91
OAuthRequest Object
(
[parameters:OAuthRequest:private] => Array
(
[oauth_version] => 1.0
[oauth_nonce] => 3b7d40b26393ac668296e9d3b4add48f
[oauth_timestamp] => 1257736081
[oauth_consumer_key] => xxxx
[method] => recipes.search
[recipe_id] => 91
[page_number] => 5
[oauth_signature_method] => HMAC-SHA1
[oauth_signature] => x9OnSZCcQqN0WB2/IT6sreDZ97g=
)
[http_method:OAuthRequest:private] => GET
[http_url:OAuthRequest:private] =>
http://platform.fatsecret.com/rest/server.api?method=recipes.search&recipe.id=91&page_number=5
[base_string] => GET&http%3A%2F%2Fplatform.fatsecret.com%2Frest
%2Fserver.api&method%3Drecipes.search%26oauth_consumer_key%xxxx
%26oauth_nonce%3D3b7d40b26393ac668296e9d3b4add48f
%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp
%3D1257736081%26oauth_version%3D1.0%26page_number%3D5%26recipe_id%3D91
)
so it appears that googles oauth test code is talking fine with
fatsecret API
Here is where i go south.
I need to access and use a few of the REST api methods that require an
oauth token: IE:
http://platform.fatsecret.com/api/Default.aspx?screen=rapiref&method=profile.get
so i try to send
http://platform.fatsecret.com/rest/server.api?method=profile.get&id=11
(where 11 is one of my users)
all i get is an error for a missing token...which makes sense since
there is freaking way to create a token ;)
I assume i need another function to run that runs the signature
generating string again after recieving the signature and this creates
a token i send back again?
So... all that mumbo jumbo aside...
Let me ask this in plain english,
Does ANYONE have a page of sample code that shows both a function to
access a fatscret oauth (token required) method and a function for
running / retrieving / accessing / tokenizing in order to return token
protected info?
lol...yah..that was plain english... :)
Is there a rule against people posting working code examples of using
Oauth with fs?
if no one can help or doesnt want to help here...
Can you point me to someone i might HIRE to write up the queries and
configs i will need?
im kind of up against it, searched hi and low for a dietary database
to use for a client and fatsecret is a godsend as far as how close it
is to what i need... but since i can t use the javascript api by
itself i MUST find a way to pull some user activity out of profiles to
print back to my site.
Thanks in advance to anyone who can help.
So, after reading the post by "lost" and the replies and Donna's
effort to help (appreciated) Im kind of in the same boat here and
perhaps i can explain why and maybe even have someone explain why not.
Kind of feels to me after reading a ton of oauth stuff on the web...
that there are very few people who actually understand what the hell
they are doing, and a whole lot that are just parroting the same thing
someone else printed.
Personally, im a vbscript guy and am writing a site in classic ASP
that will simply use a couple of php modules to send/retrieve data
from fat secret API..
Myself, knowing very little php ive run into pretty much a brick wall
using the fatsecret sample code.
However, using this handy test client
http://term.ie/oauth/example/client.php
I am able to return full xml on simple request IE food id and recipe
id using basic querystring and info from my config.
IE Endpoint: http://platform.fatsecret.com/rest/server.api?method=recipes.search&recipe.id=91&page_number=5
with my consumer key and my consumer secret returns a nice happy xml
feed of the data i asked for.
Viewing a dump of that request shows me:
request url:
http://platform.fatsecret.com/rest/server.api?method=recipes.search&oauth_consumer_key=xxx&oauth_nonce=3b7d40b26393ac668296e9d3b4add48f&oauth_signature=x9OnSZCcQqN0WB2%2FIT6sreDZ97g%3D&oauth_signature_method=HMAC-SHA1&oauth_timestamp=1257736081&oauth_version=1.0&page_number=5&recipe_id=91
OAuthRequest Object
(
[parameters:OAuthRequest:private] => Array
(
[oauth_version] => 1.0
[oauth_nonce] => 3b7d40b26393ac668296e9d3b4add48f
[oauth_timestamp] => 1257736081
[oauth_consumer_key] => xxxx
[method] => recipes.search
[recipe_id] => 91
[page_number] => 5
[oauth_signature_method] => HMAC-SHA1
[oauth_signature] => x9OnSZCcQqN0WB2/IT6sreDZ97g=
)
[http_method:OAuthRequest:private] => GET
[http_url:OAuthRequest:private] =>
http://platform.fatsecret.com/rest/server.api?method=recipes.search&recipe.id=91&page_number=5
[base_string] => GET&http%3A%2F%2Fplatform.fatsecret.com%2Frest
%2Fserver.api&method%3Drecipes.search%26oauth_consumer_key%xxxx
%26oauth_nonce%3D3b7d40b26393ac668296e9d3b4add48f
%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp
%3D1257736081%26oauth_version%3D1.0%26page_number%3D5%26recipe_id%3D91
)
so it appears that googles oauth test code is talking fine with
fatsecret API
Here is where i go south.
I need to access and use a few of the REST api methods that require an
oauth token: IE:
http://platform.fatsecret.com/api/Default.aspx?screen=rapiref&method=profile.get
so i try to send
http://platform.fatsecret.com/rest/server.api?method=profile.get&id=11
(where 11 is one of my users)
all i get is an error for a missing token...which makes sense since
there is freaking way to create a token ;)
I assume i need another function to run that runs the signature
generating string again after recieving the signature and this creates
a token i send back again?
So... all that mumbo jumbo aside...
Let me ask this in plain english,
Does ANYONE have a page of sample code that shows both a function to
access a fatscret oauth (token required) method and a function for
running / retrieving / accessing / tokenizing in order to return token
protected info?
lol...yah..that was plain english... :)
Is there a rule against people posting working code examples of using
Oauth with fs?
if no one can help or doesnt want to help here...
Can you point me to someone i might HIRE to write up the queries and
configs i will need?
im kind of up against it, searched hi and low for a dietary database
to use for a client and fatsecret is a godsend as far as how close it
is to what i need... but since i can t use the javascript api by
itself i MUST find a way to pull some user activity out of profiles to
print back to my site.
Thanks in advance to anyone who can help.
John
Nov 9, 2009, 5:07:43 PM11/9/09
to FatSecret Platform API
Hi Brian,
Sorry but there are no vbscript experts here ;)
There is no rule against posting code up, and in fact we encourage it
as long as keys/secrets are not divulged.
It appears that the problem you are having is not knowing how to get
the oauth_token and oauth_token_secret which are required for any REST
API calls that performs some sort of action on a profile. The
oauth_token / oauth_token_secret is the "identifier" for an individual
profile that tells us which profile to perform the action on.
There are two ways of getting an oauth_token.
One is to use the profile.create REST API call and save the auth_token
and auth_secret from the result of that call. You can optionally pass
through your own user ID such as 11 and use the profile.get_auth REST
API call to get the oauth credentials for user ID 11 in the future.
You should then be able to use the oauth test client with the
oauth_token / oauth_token_secret to test this out the profile.get call
which returns information for a profile.
The other is the 3-legged scenario if you are building an application
for existing FatSecret.com members. You can find all the information
here: http://platform.fatsecret.com/api/Default.aspx?screen=rapitlsa
The libraries we provide show how to generate a new oauth_token /
oauth_token_secret for a new profile in PHP, .NET and JAVA and can be
found under our resources page.
I hope this helps,
The FatSecret Platform team.
On Nov 9, 2:36 pm, Brian <brian.h...@gmail.com> wrote:
> Hi all,
> So, after reading the post by "lost" and the replies and Donna's
> effort to help (appreciated) Im kind of in the same boat here and
> perhaps i can explain why and maybe even have someone explain why not.
>
> Kind of feels to me after reading a ton of oauth stuff on the web...
> that there are very few people who actually understand what the hell
> they are doing, and a whole lot that are just parroting the same thing
> someone else printed.
>
> Personally, im a vbscript guy and am writing a site in classic ASP
> that will simply use a couple of php modules to send/retrieve data
> from fat secret API..
>
> Myself, knowing very little php ive run into pretty much a brick wall
> using the fatsecret sample code.
>
> However, using this handy test client
>
> http://term.ie/oauth/example/client.php
>
> I am able to return full xml on simple request IE food id and recipe
> id using basic querystring and info from my config.
>
> IE Endpoint:http://platform.fatsecret.com/rest/server.api?method=recipes.search&r...
>
> so i try to sendhttp://platform.fatsecret.com/rest/server.api?method=profile.get&id=11
Sorry but there are no vbscript experts here ;)
There is no rule against posting code up, and in fact we encourage it
as long as keys/secrets are not divulged.
It appears that the problem you are having is not knowing how to get
the oauth_token and oauth_token_secret which are required for any REST
API calls that performs some sort of action on a profile. The
oauth_token / oauth_token_secret is the "identifier" for an individual
profile that tells us which profile to perform the action on.
There are two ways of getting an oauth_token.
One is to use the profile.create REST API call and save the auth_token
and auth_secret from the result of that call. You can optionally pass
through your own user ID such as 11 and use the profile.get_auth REST
API call to get the oauth credentials for user ID 11 in the future.
You should then be able to use the oauth test client with the
oauth_token / oauth_token_secret to test this out the profile.get call
which returns information for a profile.
The other is the 3-legged scenario if you are building an application
for existing FatSecret.com members. You can find all the information
here: http://platform.fatsecret.com/api/Default.aspx?screen=rapitlsa
The libraries we provide show how to generate a new oauth_token /
oauth_token_secret for a new profile in PHP, .NET and JAVA and can be
found under our resources page.
I hope this helps,
The FatSecret Platform team.
On Nov 9, 2:36 pm, Brian <brian.h...@gmail.com> wrote:
> Hi all,
> So, after reading the post by "lost" and the replies and Donna's
> effort to help (appreciated) Im kind of in the same boat here and
> perhaps i can explain why and maybe even have someone explain why not.
>
> Kind of feels to me after reading a ton of oauth stuff on the web...
> that there are very few people who actually understand what the hell
> they are doing, and a whole lot that are just parroting the same thing
> someone else printed.
>
> Personally, im a vbscript guy and am writing a site in classic ASP
> that will simply use a couple of php modules to send/retrieve data
> from fat secret API..
>
> Myself, knowing very little php ive run into pretty much a brick wall
> using the fatsecret sample code.
>
> However, using this handy test client
>
> http://term.ie/oauth/example/client.php
>
> I am able to return full xml on simple request IE food id and recipe
> id using basic querystring and info from my config.
>
>
> with my consumer key and my consumer secret returns a nice happy xml
> feed of the data i asked for.
>
> Viewing a dump of that request shows me:
>
> request url:http://platform.fatsecret.com/rest/server.api?method=recipes.search&o...
> with my consumer key and my consumer secret returns a nice happy xml
> feed of the data i asked for.
>
> Viewing a dump of that request shows me:
>
> OAuthRequest Object
> (
> [parameters:OAuthRequest:private] => Array
> (
> [oauth_version] => 1.0
> [oauth_nonce] => 3b7d40b26393ac668296e9d3b4add48f
> [oauth_timestamp] => 1257736081
> [oauth_consumer_key] => xxxx
> [method] => recipes.search
> [recipe_id] => 91
> [page_number] => 5
> [oauth_signature_method] => HMAC-SHA1
> [oauth_signature] => x9OnSZCcQqN0WB2/IT6sreDZ97g=
> )
>
> [http_method:OAuthRequest:private] => GET
> [http_url:OAuthRequest:private] =>http://platform.fatsecret.com/rest/server.api?method=recipes.search&r...
> (
> [parameters:OAuthRequest:private] => Array
> (
> [oauth_version] => 1.0
> [oauth_nonce] => 3b7d40b26393ac668296e9d3b4add48f
> [oauth_timestamp] => 1257736081
> [oauth_consumer_key] => xxxx
> [method] => recipes.search
> [recipe_id] => 91
> [page_number] => 5
> [oauth_signature_method] => HMAC-SHA1
> [oauth_signature] => x9OnSZCcQqN0WB2/IT6sreDZ97g=
> )
>
> [http_method:OAuthRequest:private] => GET
> [base_string] => GET&http%3A%2F%2Fplatform.fatsecret.com%2Frest
> %2Fserver.api&method%3Drecipes.search%26oauth_consumer_key%xxxx
> %26oauth_nonce%3D3b7d40b26393ac668296e9d3b4add48f
> %26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp
> %3D1257736081%26oauth_version%3D1.0%26page_number%3D5%26recipe_id%3D91
> )
>
> so it appears that googles oauth test code is talking fine with
> fatsecret API
>
> Here is where i go south.
>
> I need to access and use a few of the REST api methods that require an
> oauth token: IE:http://platform.fatsecret.com/api/Default.aspx?screen=rapiref&method=...
> %2Fserver.api&method%3Drecipes.search%26oauth_consumer_key%xxxx
> %26oauth_nonce%3D3b7d40b26393ac668296e9d3b4add48f
> %26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp
> %3D1257736081%26oauth_version%3D1.0%26page_number%3D5%26recipe_id%3D91
> )
>
> so it appears that googles oauth test code is talking fine with
> fatsecret API
>
> Here is where i go south.
>
> I need to access and use a few of the REST api methods that require an
>
> so i try to sendhttp://platform.fatsecret.com/rest/server.api?method=profile.get&id=11
Brian
Nov 9, 2009, 8:26:02 PM11/9/09
to FatSecret Platform API
Hey John,
Thank you for the info..
I am in fact storing the auth_token and auth_secret after creating
profile...
So i simply send that as part of querystring when making a request to
the api that requires it?
Assuming i need to pass these values thru the generate signature base
function as well?
Thanks in advance!
Thank you for the info..
I am in fact storing the auth_token and auth_secret after creating
profile...
So i simply send that as part of querystring when making a request to
the api that requires it?
Assuming i need to pass these values thru the generate signature base
function as well?
Thanks in advance!
John
Nov 10, 2009, 12:40:59 AM11/10/09
to FatSecret Platform API
You will need to add oauth_token to the querystring. The complete list
of required and optional parameters for any REST API call can be found
in the documentation. This will affect the signature base string
generated as all querystring parameters are normalized as per the
OAuth specifications.
The other thing to note is that the key you sign the signature base
string with is different. Because you have passed in an oauth_token
you now sign the signature base string with '<consumer secret>&<oauth
secret>' (note the '&' between the secrets). This produces the
oauth_signature which you append to the querystring and send through
to FatSecret as a request.
of required and optional parameters for any REST API call can be found
in the documentation. This will affect the signature base string
generated as all querystring parameters are normalized as per the
OAuth specifications.
The other thing to note is that the key you sign the signature base
string with is different. Because you have passed in an oauth_token
you now sign the signature base string with '<consumer secret>&<oauth
secret>' (note the '&' between the secrets). This produces the
oauth_signature which you append to the querystring and send through
to FatSecret as a request.
Reply all
Reply to author
Forward
0 new messages