Add an external auth provider to an existing User
support, ws.webtv, api, users, add_ext_auth_provider
GET vars specific to this request:
Var | Value | Description |
go | users | The API section |
do | add_ext_auth_provider | The API action |
iq | User ID | The ID of the User in the WebTV |
Resulting Request URL:
The resulting request URL would be similar to this (don't forget to append the required info: key, timestamp, salt and signature):
https://....../api.php?go=users&do=add_ext_auth_provider&iq={user_id}&{required information}
The following POST vars are required.
Var | Value | Description |
ext_provider | (string) auth_provider | Name of the auth provider. Available options: "twitter", "facebook", "oauth", "google", "openid" |
ext_user_id | (string) external_user_id | ID of the user, from the external auth provider. |
If the request was successful, you'll receive a response containing:
• ok: The external auth provider info was successfully added to the User, in the WebTV.
Example:
{ "ok": "External Auth Provider was added successfully for the User" }
If the request failed (for example, if it was not possible to find an User with the provided User ID), you'll receive a response like the following:
{ "error": "USER_NOT_FOUND", "error_long": "It was not possible to find an User with the supplied ID" }
Possible Error Messages
Besides the general errors, this request can return the following errors:
• REQUEST_ERROR | Invalid User ID:
User ID is not numeric or lower than 1.
• REQUEST_ERROR | Wrong External Auth Provider Name:
The name of the external auth provider is not among the expected (check available options avobe).
• REQUEST_ERROR | No User ID, from the External Auth Provider, was supplied:
ext_user_id can't be an empty string.
• USER_NOT_FOUND | It was not possible to find an User with the supplied Login/Username
Preparing GET and POST data.
// The GET vars $GET_VARS = array( "go" => "users", "do" => "add_ext_auth_provider", "iq" => 38 ); // The POST vars $POST_VARS = array( "ext_provider" => "facebook", "ext_user_id" => "sdf7d8f7sdf" );
Generating the salt, timestamp, signature and sending the request
*** The following code block is common to all signed requests ***
// Collect the API Base URL and Credential info $API_URL = "https://www.mywebtvdomain.tv/api.php"; $API_KEY_ID = "1b323a1cb879fd4e66530fbad07a32ee"; $API_SHARED_SECRET = "MWIzMjNhMWNiODc5ZmQ0ZTY2NTMwZmJhZDA3YTMyZWViOTQ3MDJiOGM2ZTU2NjE3"; // keep this safe!!! // Generating salt and timestamp $salt = md5(mt_rand()); $timestamp = time(); $signature = base64_encode(hash_hmac('sha256', $salt.$timestamp, $API_SHARED_SECRET, true)); // Generating the validation signature // - Default method: using base64_encode(hash_hmac(...)) $signature = base64_encode(hash_hmac('sha256', $salt.$timestamp, $API_SHARED_SECRET, true)); // comment this line if using the next method // - Simplified method - available since v60: using md5(). // This method requires the variable $API_SIGNATURE_GENERATION_MODE = 1; in the config/Config.inc.php file. // $signature = md5($salt."-".$timestamp."-".$API_SHARED_SECRET); // you must "uncomment" this line when using the simplified method // Append the timestamp, salt, key and signature to the GET vars $GET_VARS["timestamp"] = $timestamp; // UTC timestamp $GET_VARS["salt"] = $salt; $GET_VARS["key"] = $API_KEY_ID ; // The API Key ID: This is public and is used by the API to identify the application; $GET_VARS["signature"] = $signature; // Create the request URL. Please note that if you do not use PHP buit in function // to create the HTTP query then don't forget to URL encode the values $REQUEST_URL = $API_URL."?".http_build_query($GET_VARS); // The previous will build an URL like .../api.php?go=api_subject&do=api_action&etc... // Create a new cURL resource and set the appropriate options $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, $REQUEST_URL); curl_setopt($ch, CURLOPT_POST, true); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); curl_setopt($ch, CURLOPT_HEADER, false); curl_setopt($ch, CURLOPT_POSTFIELDS, $POST_VARS); // If your PHP host does not have a valid SSL certificate, you will need to turn off SSL // Certificate Verification. This is dangerous (!), and should only be done temporarily // until a valid certificate has been installed curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false); // Turns off verification of the SSL certificate. curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); // Turns off verification of the SSL certificate. // Sending the request to the API $response = curl_exec($ch); // Processing the response if (!$response) { echo 'API call failed'; } else { print_r(json_decode($response,true)); }