Hi,

I need give access for a CakePHP App to the method "user.get", I have rewritten the user.get method to fetch the User by e-mail (ap_user.get).

The code is working very well using Session, however my CakePHP App don't have the Drupal Session info, only the API-Key for that I need to remove the "$sid" reference from my code:

global $user;
$webservice 	= 'http://localhost/services/json';
$api_key 		= '48afc1w3q3539000c6b14ec9fx3177ae';
$domain 		= $_SERVER['HTTP_HOST'];
$timestamp 		= (string) time();
$nonce 			= user_password();
$sid 			= $user->sid;
$method 		= 'ap_user.get';
$hash 			= hash_hmac('sha256', $timestamp.';'.$domain.';'.$nonce.';'.$method, $api_key);


$ch = curl_init();
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_URL, $webservice);

$data = array(
	'method'			=> '"'.$method.'"',
	'hash'				=> '"'.$hash.'"',
	'domain_name'		=> '"'.$domain.'"',
	'domain_time_stamp' => '"'.$timestamp.'"',
	'nonce' 			=> '"'.$nonce.'"',
//	'sessid'			=> '"'.$sid.'"',
	'mail'				=> '"foo@bar.com"'
);

curl_setopt($ch, CURLOPT_POSTFIELDS, $data);
$result = curl_exec($ch);
var_dump($result);

- I have already unchecked the Session checkbox on Keys Settings
- I have granted access to the Anonymous user for user_services module.

However is still returning the following error:

string(77) "{ "#error": false, "#data": { "#error": true, "#message": "Access denied" } }"

Note: dis-commenting the: // 'sessid' => '"'.$sid.'"', will make the code run perfectly! =(

Any ideas?
Thank you

Comments

wils.solutions’s picture

wils.solutions commented

Hi,

Just to register.
The problem was in my custom module implementation.
You need to make sure to pass the the following params:

      '#callback'	=> 'ap_user_service_get',
      '#access callback'  => 'ap_user_service_get_access',

problem fixed.
tkx

marcingy’s picture

marcingy commented
Status: Active » Closed (fixed)