PHP : generate a token using a Post method

Question

Good day,

Before getting back on Stackoverflow, I have been googling the entire afternoon without being really successful.

What I am trying to do is to get a token from myfox api by referring to their doc which says

A fresh token must be generated to be able to perform API calls. The token can be requested by calling the following method https://api.myfox.me/oauth2/token and providing the parameters below (through POST): client_id, client_secret, username, password and grant_type set to password.

Hence my code :

function getToken()
{
$clientID = "a65000ee0c57f2e37260e90c375c3";
$clientSecret = "MyLongSecretCode";
$exportFile = "myfile.txt";
$userName = "somebody@somewhere.com";
$userPass = "myPassword123";
$sourceWebsite = "https://api.myfox.me/oauth2/token?client_id=" . $clientID .  "&client_secret=" . $clientSecret . "&username=" . $userName . "&password=" . $userPass . "&grant_type=password";

file_put_contents($exportFile, fopen($sourceWebsite , 'r'));
}

All I'm getting is a PHP error which says that the method is not allowed.

Any idea what I am missing here?

Many thanks for your kind help on this subject.

Edit 17.03.2017 :

I have been told by other users that I might be able to achieve this by using curl and it looks like, again, by reading the documentation that this is something that I can do :

A fresh token must be generated to be able to perform API calls. The token can be requested by calling the following method https://api.myfox.me/oauth2/token and providing the parameters below (through POST): client_id, client_secret, username, password and grant_type set to password. curl -u CLIENT_ID:CLIENT_SECRET https://api.myfox.me/oauth2/token -d 'grant_type=password&username=YOUR_USERNAME&password=YOUR_PASSWORD' or curl https://api.myfox.me/oauth2/token -d 'grant_type=password&client_id=CLIENT_ID&client_secret=CLIENT_SECRET&username=YOUR_USERNAME&password=YOUR_PASSWORD'

Now, for my question : is there a way to translate this curl -u query into a php instruction and to output the contents to a file out of it that would look like :

{"access_token":"********************************","expires_in":3600,"token_type":"Bearer","scope":null,"refresh_token":"********************************"}

Thanks again for your help.

file_put_contents by default will do a `GET` request, not a `POST`. You would either need to [create a stream context](https://php.net/stream_context_create) and tell that to use post and pass the post data properly or use another tool like curl which allows for easier posting, but is a little more complicated overall to use. Both will do the same thing. — Jonathan Kuhn, Mar 16 '17 at 17:43
Possible duplicate of [How to post data in PHP using file\_get\_contents?](http://stackoverflow.com/questions/2445276/how-to-post-data-in-php-using-file-get-contents) — Jonathan Kuhn, Mar 16 '17 at 17:48
@JonathanKuhn: thanks and I will look at this post . So sorry if it is a duplicate. One more question in the example you've provided me with. In my example, 'var1' => 'some content', the var1 would be 'client_id' and 'some content' would be 'a65000ee0c57f2e37260e90c375c3'. Am I correct ? — Laurent, Mar 16 '17 at 17:50
That's ok. While it isn't an exact correlation, that post should answer this question which is why I marked it as duplicate. I understand that if you have never done this before, it might be a little hard to understand what you need to search for. — Jonathan Kuhn, Mar 16 '17 at 17:53
@JonathanKuhn Thanks. Basically I tried the post method, but I am not successful. I am getting a 'Bad Request' error message. — Laurent, Mar 16 '17 at 18:02
Just a guess, but you need to send the data over as post data. It's not passed through the URL like you are doing here. In the top answer from the duplicate question, you can see they are creating an array called `$postdata` that they are passing under the `$opts` array. That holds the posted data. You would not send the data through the URL like you are doing here where you pass `https://URL/token?client_id=" . $clientID . "&client_secret=" . $clientSecret...etc`. Passing through the URL like that is considered bad for secret data like keys/tokens or passwords. — Jonathan Kuhn, Mar 16 '17 at 18:34
Try using Curl or if you want to make it a little easier look at using Guzzle. — Pitchinnate, Mar 16 '17 at 19:27
@Pitchinnate: thanks - do you know if I could use Guzzle on a Synology? — Laurent, Mar 17 '17 at 05:59
@JonathanKuhn: You are absolutely correct. On the other hand, this post query will only be performed on my LAN (not called via an external website). The idea is to retrieve a token every hour (because it expires after 3600 seconds) and to save the JSON extract to a file that would be stored on my Synology NAS. I also had a look with curl but am a little bit lost with the numerous extensions. The doc says that I could indeed use curl, but I am not quite sure how to do that. — Laurent, Mar 17 '17 at 06:04
@Laurent I believe the only requirement for guzzle is curl being turned on. Not sure what a Synology is, and if you asking if you can run php curl on it or make a php curl request to it. — Pitchinnate, Mar 17 '17 at 13:54

score 0 · Accepted Answer · answered Mar 17 '17 at 14:38

Thanks all a lot for your hints, here is a script that is working :

I hope that this script (and this post) can at some point be helpful to someone else. I wish you a very nice week-end.

<?php

$clientID = 'b85036758c385c3cd0c57f2e37260f91';
$clientSecret = 'MyLongSecretCode';
$username = 'myemailaddress@provider.net';
$passwd = 'mypassword';

// Get cURL resource
$curl = curl_init();
// Set some options - we are passing in a useragent too here
curl_setopt_array($curl, array(
    CURLOPT_RETURNTRANSFER => 1,
    CURLOPT_URL => 'https://api.myfox.me/oauth2/token',
    CURLOPT_USERAGENT => 'Codular Sample cURL Request',
    CURLOPT_POST => 1,
    CURLOPT_POSTFIELDS => array(
        'grant_type' => 'password',
        'client_id' => $clientID,
        'client_secret' => $clientSecret,
        'username' => $username,
        'password' => $passwd
    )
));
// Send the request & save response to $resp
$resp = curl_exec($curl);   

echo $resp;

// Close request to clear up some resources
curl_close($curl);

?>

PHP : generate a token using a Post method

1 Answers1