These are chat archives for ushahidi/Community

Jun 2016
Jun 21 2016 12:55
[Mariah, Ushahidi] Hello @ushbot I need your help with Log in API
Jun 21 2016 13:02
[David Losada, Ushahidi] Hello Mariah, how can we help? Are you trying to use the API and getting some error?
[Mariah, Ushahidi] Yes I am. Can you give me or assist me with integration of the APIs
[Mariah, Ushahidi] I'm trying to use them on mobile app I'm working on
[Mariah, Ushahidi] @ushbot
[David Losada, Ushahidi] what error are you getting?
[Mariah, Ushahidi] No, I don't have errors yet
[Mariah, Ushahidi] I meant I need the tutorial to connect or integrate the APIs
[David Losada, Ushahidi] mm.. unfortunately we don’t have a tutorial or documentation about the API yet :(
[David Losada, Ushahidi] I can share with you some sample HTTP requests, if that would help you to build the code necessary to generate them
[David Losada, Ushahidi] would that be useful?
Jun 21 2016 13:15
[Mariah, Ushahidi] @ushbot please send me the sample http requests
[Mariah, Ushahidi] to get me started with
[Mariah, Ushahidi] yeah that'd be useful. Thank you.
[David Losada, Ushahidi] ok will do, I understand it right that you are using our last version of the platform?
[Mariah, Ushahidi] yes
[Mariah, Ushahidi] version 3?
[David Losada, Ushahidi] yep, ok
[David Losada, Ushahidi] I’ll need 10-15 minutes , please make sure to check back here in a bit
[Mariah, Ushahidi] okay sure
Jun 21 2016 13:26
[David Losada, Ushahidi] one more detail, did you install it yourself? or are you using our hosting?
[Mariah, Ushahidi] Yes I installed it on our server :)
[David Losada, Ushahidi] cool ok :
[David Losada, Ushahidi] :)
Jun 21 2016 13:33

[David Losada, Ushahidi] request headers:
POST /oauth/token HTTP/1.1
Host: ( your API server host here, i.e. http://api.localhost:8080 )
Accept: application/json, text/plain, */*
Content-Type: application/json;charset=UTF-8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.8,es;q=0.6

request body:

{ "client_id": "ushahidiui", "client_secret": "35e7f0bca957836d05ca0492211b0ac707671261", "grant_type": "password", "username": "admin", "password": "admin", "scope": "posts media forms api tags savedsearches sets users stats layers config messages notifications contacts roles permissions csv dataproviders" }

which should give you a response like:

response body:


[David Losada, Ushahidi] client_id and client_secret can be adjusted per installation (they are in the database) , I’ve pasted in the example the default values
[David Losada, Ushahidi] same with username and password, those are the credentials of the user you want to log in as
[Mariah, Ushahidi] Sorry I don't get the above
[Mariah, Ushahidi] instruction
[Mariah, Ushahidi] Hmm what is the exact URL for me to get the login API?
[David Losada, Ushahidi] ahh.. it’s our chatroom integration stuff, you must not be getting all the formatted messages
[David Losada, Ushahidi] <your api server>/oauth/token
[David Losada, Ushahidi] let me put this info in a public gist
[David Losada, Ushahidi] and I’ll share the link for you
[Mariah, Ushahidi] okay sure
[Mariah, Ushahidi] Is this get or post?
[Mariah, Ushahidi] I'm getting {"error":"invalid_request","error_description":"The request is missing a required parameter, includes an invalid parameter value, includes a parameter more than once, or is otherwise malformed. Check the \"grant_type\" parameter."}
[David Losada, Ushahidi] POST
[Mariah, Ushahidi] okay
[David Losada, Ushahidi] and then a JSON object with the credentials and permissions requested
[Mariah, Ushahidi] okay
[Mariah, Ushahidi] so it says there that I need a required parameter
[David Losada, Ushahidi] did you see that link?
[Mariah, Ushahidi] hold on
Jun 21 2016 13:41
[Mariah, Ushahidi] Is is a raw request body?
[Mariah, Ushahidi] I'm getting: {
"error": "invalid_request",
"error_description": "The user credentials were incorrect."
[Mariah, Ushahidi] And are client id and client secrets constant?
Jun 21 2016 13:48
[David Losada, Ushahidi] client id , client secrets those are put in the example are the default ones that are created when you install our code from github
[David Losada, Ushahidi] unless you modified them in the database, they should be the same for you
[David Losada, Ushahidi] maybe the username and password are not admin/admin anymore for you? did you change those?
[Mariah, Ushahidi] Sorry I don't remember where to get client id and client secret
[David Losada, Ushahidi] I’m not sure it’s displayed anywhere in the UI, you would have to connect to the db server directly and check the oauth_clients table
[Mariah, Ushahidi] are these generated by the platform?
[David Losada, Ushahidi] yea, when the database is setup, tables created, etc ( when you run the bin/update script for the first time )
Jun 21 2016 13:54
[Mariah, Ushahidi] okay hold on
[Mariah, Ushahidi] okay got it
[Mariah, Ushahidi] I'll change the secret
[Mariah, Ushahidi] It's still the same :(
[Mariah, Ushahidi] I have the correct username and password
[David Losada, Ushahidi] mm .. do you have a way of seeing the raw request you are sending?
[Mariah, Ushahidi] hmm I'll try
[Mariah, Ushahidi] I'm getting bad request 400
[David Losada, Ushahidi] specially the body, and the Content-type header
Jun 21 2016 14:00
[Mariah, Ushahidi] yeah
[David Losada, Ushahidi] or if you would like to paste your code, I can look at that too
[David Losada, Ushahidi] I’ve got to jump out now though for a meeting
[David Losada, Ushahidi] but I’ll be checking back here
[Mariah, Ushahidi] sorry my mistake
[Mariah, Ushahidi] it's now working :)
[David Losada, Ushahidi] awesome! :)
[Mariah, Ushahidi] now what's next? :)
[Mariah, Ushahidi] password was incorrect
[Mariah, Ushahidi] I'm getting these results: "access_token": "GHtsYRTMLlt4rPX6cIM2PG24jHzOUlLos120Rljy",
"token_type": "Bearer",
"expires": 1466521291,
"expires_in": 3600,
"refresh_token": "W8EJAwRabB3z0vcmhblCAvTrVDofSk4sOVAaAOOt",
"refresh_token_expires_in": 604800
[David Losada, Ushahidi] so that’s part 1, you can use that token in Authorization headers
[David Losada, Ushahidi] (the access_token
[Mariah, Ushahidi] okay
[David Losada, Ushahidi] refresh the gist and you should see details at the bottom
[David Losada, Ushahidi] part 2, will be how you should refresh that token when it expires
[David Losada, Ushahidi] I’ll let you know when I’m back
[Mariah, Ushahidi] sure
Jun 21 2016 15:03
[Mariah, Ushahidi] hi @ushbot are you still there?
Jun 21 2016 15:30
[David Losada, Ushahidi] hello Mariah, back now
[Mariah, Ushahidi] hello good to know
[Mariah, Ushahidi] but it's getting late here
[David Losada, Ushahidi] I’ll expand the gist I shared with you, with information on how to refresh that token
[David Losada, Ushahidi] and well.. we’ll also be here tomorrow if you have more questions :)
[Mariah, Ushahidi] Sure I will ask you tomorrow
[Mariah, Ushahidi] but before I go, can you tell me how to do the log in first?
Jun 21 2016 15:36
[David Losada, Ushahidi] the process we went through before is the login process… using that access token is equivalent to be logged in
[Mariah, Ushahidi] hmm
[Mariah, Ushahidi] I think I'm confused
[Mariah, Ushahidi] okay I got it
[Mariah, Ushahidi] sorry
[Mariah, Ushahidi] I kinda jumbled up something
[Mariah, Ushahidi] and then what's the next step for that?
[David Losada, Ushahidi] since you’ve got the access token , you can use it for things like finding, creating or editing posts … creating saved searches … really anything that is possible to do through the web application
[David Losada, Ushahidi] the access token you get first has an expiration time, though
[David Losada, Ushahidi] so after it expires, you’ve got to remember to ask for a new one
[Mariah, Ushahidi] so how do I ask for new one?
[Mariah, Ushahidi] Yeah I noticed that it expires
[David Losada, Ushahidi] I’ll add to the gist I shared with you, it’s pretty similar
[Mariah, Ushahidi] okay thank you
Jun 21 2016 16:10
[Mariah, Ushahidi] btw, for the next questions I have, I need to get the public posts
[Mariah, Ushahidi] and also for sign up
[David Losada, Ushahidi] I’ve got some python code for getting posts (whatever posts accessible to the logged-in user) .. nothing for signing up unfortunately :(
[Mariah, Ushahidi] Can you show me the code for getting posts?
[Mariah, Ushahidi] For Sign up there's none? Hmm this is sad news :(
[Mariah, Ushahidi] how can user register?
Jun 21 2016 16:17
[David Losada, Ushahidi] through an API call, just like the rest of things, just I don’t have an example at hand
[Mariah, Ushahidi] ah okay I just need the API call and needed parameters and headers
[David Losada, Ushahidi] mm yea, actually you can access all the examples you want if you load your website in a browser like Chrome
[Mariah, Ushahidi] Where are the examples?
[David Losada, Ushahidi] if you open the "developer tools” in Chrome (under the menu View) ...
[David Losada, Ushahidi] a new window will appear
[David Losada, Ushahidi] if you go to the “Network” section of that window, there Chrome will show you all the raw HTTP requests that are going on
Jun 21 2016 16:23
[David Losada, Ushahidi] so.. if you click on sign up and do the process, at the same time in the Network window the requests involved will be added
[Mariah, Ushahidi] ah okay I will try first
[David Losada, Ushahidi] sorry it’s so crude... just suggesting because that may be faster than writing for us to have time to write this down nicely
[Mariah, Ushahidi] No worries, I'll try to check this out
[David Losada, Ushahidi] here’s more or less what you should see:
[David Losada, Ushahidi] if you click the XHR button I circled , it will only show you requests that are relevant to the API , instead of all the stuff like loading, images, styles, etc
[Mariah, Ushahidi] okay thanks. So the API for sign up is:
[Mariah, Ushahidi] right?
Jun 21 2016 16:28
[Mariah, Ushahidi] Also does it need to pass access_token?
[Mariah, Ushahidi] hmm
[David Losada, Ushahidi] yep seems to be, more like /api/v3/register
[David Losada, Ushahidi] I don’t think you would need it
[David Losada, Ushahidi] information and operations that are public don’t require it
[Mariah, Ushahidi] okay got it
[Mariah, Ushahidi] This is the request header: Accept:application/json, text/plain, */*
Accept-Encoding:gzip, deflate
Authorization:Bearer Q0FvgNaFxjaiEQY93Y6041AJgOQhdunLa0g4LJ4S
[David Losada, Ushahidi] yes looks like it, the “Request payload” probably has the most useful stuff (for POST and PUT requests)
Jun 21 2016 16:33
[Mariah, Ushahidi] yeah
[Mariah, Ushahidi] I'll check on my mobile app right now
[Mariah, Ushahidi] I'm getting 400 code
Jun 21 2016 16:40
[David Losada, Ushahidi] the response body from the server usually includes some detail about the error
Jun 21 2016 16:46
[Mariah, Ushahidi] hmm I don't see any details about the error :(
Jun 21 2016 17:16
[Mariah, Ushahidi] anyway, we can continue this tomorrow. Thanks for the help @ushbot