Greetings!

This is just a quick note to let you know that calls for 'friends who have the app installed' will be capped returning 200 friends. This list includes all of your top friends and randomizes additional friends to total 200.

This is is a bug fix, as this function never quite worked properly.  Let me know if you have any questions

Rhonda

 

Hi, I am trying to create an external application. i succeded till getting the access token back. but after getting the access token how do i get the currently logged in user's information. Coz along with the access token i dont get any other information like user ID or anything like that.

what i believe is that without getting the userid we cannot get the user profile details. http://api.myspace.com/v1/users/{userid}/profile.

so without getting the userid i cannot go forward.. can u suggest anything on this.

Coz i have been stuck at this point from sometime now.

Thanks

Hi.

 You need to use http://api.myspace.com/v2/people/@me/@self

    signed with consumerSecret&tokenSecret plus access token  (access token must be in query too, before signing of course).

BTW 

 Can we use access token and token secret to get info from v1 of Rest api e.g (http://api.myspace.com/v1/users/{userid}/profile).

 I tried and i failed (got 401 error) .

 I also published an app (appid=116917) (installable set to false) , installed it on user account (via direct link to app) and can't query with v1 version of Rest api (401 error)  (not using access_token only oauth signing with oauth_token = "" and oauth_token_secret = ""). It worked during developing.

I can use http://api.myspace.com/v2/people/@me/@self after getting access token but still can't query v1 rest api signing request with oAuth authorized signing (access token, token secret) ?

HELP 

  

  

hey thanks,
i tried the following url
its working fine for me only
http://api.myspace.com/v2/people/@me/@self


after authorizing the user's other than me( developer) it doesn't redirect back to the callbackURL.
for other user's it redirects back to the user's home page.

is it necessary that each user has to install the application.. if not please give me a solution for it.

Are you aware of that:

 

Solocoo Developer:

Are you aware of that:

External URL:

 

The domain of your external app. This domain must match the domain provided in the oauth_callback parameter when requesting session based authentication.

 

in your application settings? 

 

I have set the external site settings as follows
External URL : http://localhost/test/formMyspace.aspx

External Domain : http://localhost/

I am not sure whether this is correct or not.

With this settings when i am doing the login process myself the myspace login page gets redirected to the oauth_callBackURL

But if any user other than me does this process,, ie after the entering the login credentilas in myspace they are redirected to the myspace home page itself..

Isn't it too strange. ie it allows only the devloper these facilities.. then why should myspace provide these features..??????????????????

 1. Publish your app

2. http://developer.myspace.com/Community/blogs/devteam/archive/2008/09/22/fixing-oauth-404-errors-with-data-availability.aspx 

yeah..,,, i get your point.. but the thing is that its getting redirected properly when i am logging in and authorizing. ie if i act as the user... then my question is that it should be working for other user's tooooo... what difference is it gonna make if i publish the application or not. its gonna give the same issues...


Did u get my point
Hisham

and one more thing what i suggest you is that,,, please try to run your application with u user other than you. then i believe you will come to know the problem...

Stick to my guidelines and everything will be working smoothly.

 My app works for every user no matter what :)

rgds Paweł Śreniawa-Pisarski

BTW

Signing v1 Restful requests with token_secret and token in query finally works!

rgds 

 Can you tell me how to sign the request with token and token secret?

 I am new to myspace development..

 I will be happy if you provide sample code for me..

 Thanks in advance for your respons,

Sivalingaraja

Hello,

Oauth 1.0 and 1.0A Steps - Making Proper API Calls:

Oauth 1.0
1.      http://api.myspace.com/request_token?{oauth-signed-parameters} <http://api.myspace.com/request_token?%7boauth-signed-parameters%7d>  

(signed oauth request, returns request_token and the secret in the body)

2.      http://api.myspace.com/authorize?oauth_token={your-request-token}&oauth_callback={your-callback-url} <http://api.myspace.com/authorize?oauth_token=%7byour-request-token%7d_callback=%7byour-callback-url%7d <http://api.myspace.com/authorize?oauth_token=%7byour-request-token%7d&oauth_callback=%7byour-callback-url%7d> >

 (on success authorizes the request_token so you can get an access_token and redirect you to callback)

3.      http://api.myspace.com/access_token?oauth_token={your-request-token}&{oauth-signed-parameters} <http://api.myspace.com/access_token?oauth_token=%7byour-request-token%7d%7boauth-signed-parameters%7d <http://api.myspace.com/access_token?oauth_token=%7byour-request-token%7d&%7boauth-signed-parameters%7d> >

(signed oauth request, returns access_token and the secret in response body)

4.      store the access_token and secret associated and use it to make other api calls


Oauth 1.0A
1.       http://api.myspace.com/request_token?oauth_callback={your-callback-uri}&{more-oauth-signed-parameters} <http://api.myspace.com/request_token?oauth_callback=%7byour-callback-uri%7d%7bmore-oauth-signed-parameters%7d <http://api.myspace.com/request_token?oauth_callback=%7byour-callback-uri%7d&%7bmore-oauth-signed-parameters%7d> >

 

(signed oauth request, returns ex.  oauth_token=ADiOqxLWJmtUH2vX6lB%EvqTseiJPPOp&oauth_token_secret=48ec4365fd62475b88ebaac47ba14&oauth_callback_confirmed=true)

(notice the additional parameter called oauth_callback_confirmed, this means it's 1.0A)

2.      http://api.myspace.com/authorize?oauth_token={your-request-token} <http://api.myspace.com/authorize?oauth_token=%7byour-request-token%7d_callback=%7byour-callback-url%7d <http://api.myspace.com/authorize?oauth_token=%7byour-request-token%7d&oauth_callback=%7byour-callback-url%7d> >

(notice that there is no oauth_callback passed into this one)

(an additional parameter is returned on the callback redirect oauth_verifier=961d535d-d6ab-4507-91e8-35c79b8c6691)

3.      http://api.myspace.com/access_token?oauth_token={your-request-token}&oauth_verifier={oauth-verifier-from-authorize}&{oauth-signed-parameters} <http://api.myspace.com/access_token?oauth_token=%7byour-request-token%7d_verifier=%7boauth-verifier-from-authorize%7d%7boauth-signed-parameters%7d <http://api.myspace.com/access_token?oauth_token=%7byour-request-token%7d&oauth_verifier=%7boauth-verifier-from-authorize%7d&%7boauth-signed-parameters%7d> >

(signed oauth request, returns access_token and the secret in response body)


Properly encoding your requests:

The base string needs to be percent encoded as below (that's a DIFFERENT scheme than url encoded!):

Base string
GET&http://api.myspace.com/access_token= <http://api.myspace.com/access_token&oauth_token=> {your-token}

GET is percent encoded and http://api.myspace.com/access_token is also percent encoded.

Each parameter in the base is percent encoded and then the whole thing is percent encoded, like so:

PercentEncode(PercentEncode(oauth_token)=PercentEncode({your-token}&other-parameters-done-the-same))

Percent encoding is defined in rfc3986:

http://tools.ietf.org/html/rfc3986
http://labs.apache.org/webarch/uri/rfc/rfc3986.html#percent-encoding

A percent-encoding mechanism is used to represent a data octet in a component when that octet's corresponding character is outside the allowed set or is being used as a delimiter of, or within, the component. A percent-encoded octet is encoded as a character triplet, consisting of the percent character "%" followed by the two hexadecimal digits representing that octet's numeric value. For example, "%20" is the percent-encoding for the binary octet "00100000" (ABNF: %x20), which in US-ASCII corresponds to the space character (SP). Section 2.4 describes when percent-encoding and decoding is applied.
pct-encoded = "%" HEXDIG HEXDIG
The uppercase hexadecimal digits 'A' through 'F' are equivalent to the lowercase digits 'a' through 'f', respectively. If two URIs differ only in the case of hexadecimal digits used in percent-encoded octets, they are equivalent. For consistency, URI producers and normalizers should use uppercase hexadecimal digits for all percent-encodings.

Also, be sure to exclude the status parameter from the base string used to generate your signature, and put it in the post body.

POSTing addendum: when you POST, you need to make sure the Content-Length header matches the size of the content in the body. Also, we attempt to read the OAuth parameters from the body content if the HTTP method is POST/PUT and the ContentType is application/x-www-form-urlencoded.  If that is the case, we try to read the OAuth params from the key/value pairs.

Additionally, if you want a more thorough overview of the entirety of Oauth, please see the docs here: http://tools.ietf.org/html/draft-hammer-oauth-08

 If you have a more specific question, you may want to use fiddler and email developerrelations@myspace-inc.com your session so we can troubleshoot it if you are having oauth issues.

thanks,

Joel