Users can log in to my Rails app using their LinkedIn account thanks to OAuth. However, I am having trouble displaying the user's profile image. The following URL does not load a picture:
<%= image_tag("http://api.linkedin.com/v1/people/{user-id}/picture-url") %>
How can I get the user's LinkedIn profile image to display in my Rails app?
Thanks!
Try to get the original picture with:
http://api.linkedin.com/v1/people/{user-id}/picture-urls::(original)
Update:
From current docs (recommend to read it):
Using current user (after user logged in):
http://api.linkedin.com/v1/people/~:(picture-url)
Using member_id:
http://api.linkedin.com/v1/people/id=12345:(picture-url)
Public profile:
http://api.linkedin.com/v1/people/url=<public-profile-url>:(picture-url)
Those URLs return xml, so you could parse the xml response to get picture-url string and use it as a param for image_tag. Alternatively, you can retrieve info as a json passing an extra param like:
http://api.linkedin.com/v1/people/~:(picture-url)?format=json
In both cases (xml or json), you need to extract the picture-url from api response for passing it to image_tag.
This gem omniauth-linkedin-oauth2 could probably help you.
This is my solution working perfectly:
def callback(self):
self.validate_oauth2callback()
oauth_session = self.service.get_auth_session(
data={'code': request.args['code'],
'grant_type': 'authorization_code',
'redirect_uri': self.get_callback_url()},
decoder=jsondecoder
)
me = oauth_session.get('people/~:(id,first-name,last-name,public-profile-url,email-address,picture-url,picture-urls::(original))?format=json&oauth2_access_token='+str(oauth_session.access_token), data={'x-li-format': 'json'}, bearer_auth=False).json()
social_id = 'linkedin$' + me['id']
name = me['firstName']
surname = me['lastName']
email = me['emailAddress']
url = me['publicProfileUrl']
image_small = me.get('pictureUrl', None)
image_large = me.get('pictureUrls', {}).get('values', [])[0]
return social_id, name, surname, email, url, image_small, image_large, me
Related
iam using gmail api, in my rails application to send emails. a user can authenticate to google and send emails(it will ask for user consent. upon user approval he can send emails from his account)
my requirement is i want to show the logined user, how many emails sent from his email id in my rails app. for that im using using the below end point. but im getting an error
require 'net/http'
require 'uri'
in controler
def sent_email_count
_
api_key = "api_key_contains_smal_case_capital_case_letters_and_special_symbols"
uri = URI.parse("https://www.googleapis.com/gmail/v1/users/#{current_user.email}/messages?labelIds=SENT&q=newer_than%3A1d&key={api_key}")
#gmail_response = Net::HTTP.get_response(uri)
end
in views :-
response <%= #gmail_response >
but getting unauthorized error.
sent email count :- #Net::HTTPUnauthorized:0x00007f6f5e3e2158
i tried like below also. but its not working.(string interpoltion changes for api key)
uri = URI.parse("https://www.googleapis.com/gmail/v1/users/#{current_user.email}/messages?labelIds=SENT&q=newer_than%3A1d&key=#{api_key}")
#gmail_response = Net::HTTP.get_response(uri)
uri = URI.parse("https://www.googleapis.com/gmail/v1/users/#{current_user.email}/messages?labelIds=SENT&q=newer_than%3A1d&key=api_key")
#gmail_response = Net::HTTP.get_response(uri)
can some one help me with this
Answer
You are missing the token in your code, that's why your requests are HTTP 401 Unauthorized, I strongly recommend you to use the Official documentation Quickstart In your case, you should use the list_user_messages method.
First of all list all the messages using the q parameter as in:sent which means read all the sent messages from my Gmail and then count your array of messages. Here's an example:
# ...
# Previous quickstart code
user_id = "email#example.com"
result = service.list_user_messages(user_id=user_id, q="in:sent")
puts "count : #{result.messages.length()}\n\n"
Reference
Ruby Google API Client
Method: users.messages.list
I'm using Sorcery gem with External submodule. For some reason I'm not getting an email back from Facebook and I'm pretty sure I have things configured correctly. I'm trying to troubleshoot this further but I can't figure out how to read what data IS being returned via oauth to verify where things are breaking down. Where can I pry in and read this info? Thanks!
Here is my sorcery config.
Rails.application.config.sorcery.submodules = [:external]
Rails.application.config.sorcery.configure do |config|
config.external_providers = [:facebook, :google]
config.facebook.key = "#{Rails.application.secrets.sorcery_facebook_key}"
config.facebook.secret = "#{Rails.application.secrets.sorcery_facebook_secret}"
config.facebook.callback_url = "#{Rails.application.secrets.sorcery_facebook_callback_url}"
config.facebook.user_info_path = "me?fields=email,first_name,last_name"
config.facebook.user_info_mapping = {:email => "email"}
config.facebook.access_permissions = ["email"]
config.facebook.scope = "email"
config.facebook.display = "popup"
config.facebook.api_version = "v2.5"
config.user_config do |user|
user.authentications_class = Authentication
end
config.user_class = User
end
Well, technically this answers the question of how to find out what is being returned.
Inside your oauth controller if you call access_token.get('me?fields=email') or whatever fields you're wanting you'll get a response with a URL field set. Copy that URL into a browser and you'll get a JSON list of your data. In my case I get nothing with email but I'm able to return first_name, last_name, name. Not quite sure why I still can't get email, but hopefully this helps somebody troubleshoot in the future.
Another way would be to build the URL yourself if you have the access_token available.
https://graph.facebook.com/me?access_token=<access token goes here>&fields=first_name,last_name,email
Access token is retrievable with #access_token.token from oauth controller.
UPDATE
So silly...I had the config correct, but apparently had never logged out of Facebook since I'd made the proper corrections. Logging out and having oauth connect again seems to have fixed things.
I'm trying to display Facebook profile pictures on my site, but don't want to leak the facebook id's of the people in the source.
For example, this URL: http://graph.facebook.com/4/picture will redirect to: http://profile.ak.fbcdn.net/hprofile-ak-snc4/157340_4_3955636_q.jpg when you load it in a browser. I'd like to get the 2nd url (CDN url) and use it as my img src since it doesn't show the facebook id in the url.
I'm doing this in Ruby on Rails at the moment and am curious if there's a better way that what I have done below:
def picture_square(facebook_id, secure=false)
raw_url = "http://graph.facebook.com/" facebook_id + "/picture?type=square"
if secure
binary_img = ''
open(raw_url) do |f|
binary_img = f.read
end
encoded_img = Base64.encode64(binary_img)
return 'data:image/jpg;base64,' + encoded_img.to_s
else
return raw_url
end
end
You could call this with the following HTML (using the above example):
<img src="<%= picture_square(4, true) %>"
This definitely works and uses the inline image properties to actually render the image, but it's a bit slow if you have a bunch of images that you're trying to load.
Is there a way in Ruby that I can get the redirected URL and just return that instead of trying to get the actual raw binary data and encode it to base64?
Make a call to the graph API with this url:
http://graph.facebook.com/4/?fields=picture&type=large
This will return the image you are looking for inside the json response. The other option would be to make an http request to the first url you posted and then inspect the HTTP headers to read the location header..
I'm setting the oauth_callback URL in the request header, when I do this in Twitter, it works fine and the user is redirected to the callback URL. But using Tumblr's API, the callback URL is ignored and the user is redirected to the default URL. Has anybody else experienced this? Is there anywhere else other than the header that I should be setting this? I tried passing it in as a parameter but that didn't really work either.
Any help would be appreciated.
According to Tumblr's developer blog, this was a bug in Tumblr's API and has been fixed.
Many of you have been dismayed that you could not override the
callback url when a user was attempting to authorize their
application. Good news: we’ve patched the bug that was causing this
particular issue.
Now, you can pass a url with the oauth_callback parameter and we will
redirect the user to that endpoint once you’re done.
Let’s go over a quick example.
When the user is presented with the screen to authorize your app, you
should be able to override your default callback with the
oauth_callback parameter in your url.
http://www.tumblr.com/oauth/authorize?oauth_token=your_token&oauth_callback=http%3A%2F%2Fmysite.com/oauth_callback/testing
The above url will redirect the user to
mysite.com/oauth_callback/testing and let you know if the user has
approved or denied your app.
Update March 14, 2013:
Starting today, Tumblr is no longer respecting the oauth_callback parameter. The blog post that I previously linked to has been deleted. I ended up using a variation of the accepted answer to work around it.
If you are trying a embed userid in callback url then this post can help you.
You can save your oauth token in a session and later on callback you can retrieve user from session.
on token request:
def ask_access
tumblr_consumer = get_consumer
if tumblr_consumer
#1. get a request token
request_token = tumblr_consumer.get_request_token
session[:request_token] = request_token
session[:user_token] = "#{request_token.params[:oauth_token]}_#{current_user.id}"
#2. have the user authorize
redirect_to request_token.authorize_url
else
render :text=> "Failed to acquire request token from Tumblr."
end
end
on call back:
def call_back
if params[:oauth_token] && params[:oauth_verifier]
request_token = session[:request_token]
user_id = session[:user_token].split("_")[1]
user = UserProfile.find user_id
##3. get an access token
access_token = request_token.get_access_token({:oauth_verifier => params[:oauth_verifier]})
user.tumblr_token = access_token.params[:oauth_token]
user.tumblr_secret = access_token.params[:oauth_token_secret]
user.save!
end
end
Tumblr does this (I assume) for security. They require that the callback URL is defined on application registration and they will not let it be overridden during implementation.
The security issue is to make sure that no one can steal your Application Token and try to use it to use your reputation to get access to customer's data. By forcing all callbacks to go to the default URL, they can guarantee that only your application is able get the Access Tokens.
The two ways to handle this are:
1) Have the default URL do a redirect to where you want it to go based on cookie or some other data
2) Have different application tokens for different callback URLs.
I can't respond to Jonathan Tran's answer, since my account is young, but posting the callback URL in the authorization URL no longer works, as he says. I asked on Twitter, and here was John Bunting's response:
https://twitter.com/codingjester/status/313248230987157505
I successfully was able to reroute my callback URL using the following (here in Python), after assigning all the proper keys:
consumer = oauth.Consumer(consumer_key, consumer_secret)
client = oauth.Client(consumer)
resp, content = client.request(request_token_url, "GET")
resp, content = client.request(request_token_url, "POST", body=urllib.urlencode({"oauth_callback": "[your own URL here]"}))
Tumblr implements this behavior differently from Twitter, so the same use of the Ruby OAuth library yields different results.
For your value of #callback_url, this works in Twitter:
#request_token = #oauth.get_request_token({
oauth_callback:#callback_url
})
redirect_to #request_token.authorize_url
But for Tumblr, you will be redirected to your default URL. To specify a different URL, you should do this:
#request_token = #oauth.get_request_token
redirect_to #request_token.authorize_url + '&' + { oauth_callback:#callback_url }.to_query
This is consistent with their documentation/blog post (cited in another answer). I have not checked to see if this is "correct" according to the OAuth 1.0a specification.
I have the following snippet to post to a user's feed on Facebook:
require 'httparty'
token = "..."
message = "..."
url = URI.escape("https://graph.facebook.com/me/feed?access_token=#{token}")
response = HTTParty.post(url, body: { message: message })
This posts to the wall, but no message is included. Any ideas what's wrong?
Edit:
I tried changing out the message for a caption or description and both failed as well.
Solution is to change HTTParty from using body to query for posting form data:
require 'httparty'
token = "..."
message = "..."
url = URI.escape("https://graph.facebook.com/me/feed?access_token=#{token}")
response = HTTParty.post(url, query: { message: message })
Based on the link cited above, it appears message functionality has been completely removed from the feed connection since July 12.
This is a problem for my current app as it is specifically a public opinion site. Asking users to express their opinions authentically is an important part of our design and we'd like to give them the option to post that to their feeds on Facebook as well.
Per the Facebook terms of use IV.2, "You must not pre-fill any of the fields associated with the following products, unless the user manually generated the content earlier in the workflow." The new change appears to change the terms of service: in my use, I am specifically asking the user to generate the content earlier in the workflow, but I still can't use it to pre-fill the feed dialog.
Anyone have any ideas or insight?