There is a thread which discusses the arrival of extended permissions for OAuth. As that thread was primarily concerned with its then-forthcoming availability, I'm splitting into a new thread to discuss my (and maybe others') usage difficulty, since, as far as I'm aware, it is now available.
I keep getting an error message when I try to append any extended permissions parameters to the OAuth URL string after trying to log in.
It actually logs me in, as subsequent visits to the URL following a failure will have me logged in, and it will just ask me to authorize my app.
It still fails, though, throwing the same error screen as before upon pressing Continue.
I
think I'm doing it right.
The
Extended Permissions document on the MDP wiki states, in part:
If the API call requires a specific permission(s), the developer can request the specific permission(s) by:
- Appending a query string parameter with pipe delimited permission value(s). For e.g. to request access to ‘view full profile information,’ ‘update mood and status,’ and ‘add photos albums’ the developer would add the following - myspaceid.permissions=ViewFullProfileInfoI UpdateMoodStatus|AddPhotosAlbums.
If I follow this, adapting it for OAuth, I get an error from MySpace. I've rewritten a decent chunk of the MySpace Objective-C library for my needs, and initially, I thought I had done something wrong with my implementation. I'm not sure that's the case anymore, as I'm able to duplicate my problem with your official Objective-C API.
The
Extended Permissions document referenced above instructs us to append the requested permissions as a query string on to the URL. Easy enough, right? To try out our shiny new toy, I thought I'd try to obtain the following permissions:
ViewFullProfileInfo,
UpdateMoodStatus and
AddPhotosAlbums - just like the document example.
The query string will look like this:
&myspaceid.permissions=ViewFullProfileInfo|UpdateMoodStatus|AddPhotosAlbums
Since the URL string is hardcoded into one of the SDK classes, I'll need to modify it directly; the method is
-[OffsiteContext requestTokenTicket:didFinishWithData]. In there, I'll create a new pointer to an NSString containing the above query, send it
-encodedURLString (from an NSString category provided by the included OAuth library) so it can be useful, and attach the result onto the existing format string that makes up the authorization URL.
NSString *permissionsQueryParams = [NSString stringWithString:
@"&myspaceid.permissions=ViewFullProfileInfo|UpdateMoodStatus|AddPhotosAlbums"];
NSString *url = [NSString stringWithFormat:
@"http://api.myspace.com/authorize?oauth_token=%@&oauth_callback=%@%@",
[requestToken.key encodedURLString],
[callBackUrl encodedURLString],
[permissionsQueryParams encodedURLString]];
The complete authorization URL is now:
http://api.myspace.com/authorize?oauth_token=vukxj927%252BJdTMqXL44qBdGOT%252Fk46DOjEnuRSaqqQOBFvc2ow%252FGs2yfWTIV8rHHSnrDIIUFByT3huhzOlYe3nX87Nugd2jfrQxM9fVRfshEx%252B6%252F1k%252FDUdakGH6HRxGw4a&oauth_callback=myspaceid://oauthcallback%26myspaceid.permissions%3DViewFullProfileInfo%7CUpdateMoodStatus%7CAddPhotosAlbums
I have a teeny little test app I use for testing MySpace authentication with OAuth, mainly for making sure the MySpace library I wrote actually works. When I open the project and link it to the modified official MySpace API SDK, it looks, well, normal. From here, I click the button and I'm taken to MySpace's authorization page, as expected.
I fill in my login info, expecting to get a screen like in the
Extended Permissions document, where it asks for my permission to link certain parts of my MySpace account to this app. Instead, I get this, as demonstrated above:
Is this happening to anyone else? Or did I misinterpret the previous thread about extended permissions and they aren't actually available yet via OAuth? When the query string is removed, I'm able to log in and receive an access token, as expected.
Apologies for the verbosity, and for not following established
best practices; I just thought a chronological detail was more appropriate at the time for conveying the issue.