1

I have been working with MapMyFitness API. I had it working and the authorization ran smoothly. Within the last two months it seems that something has either changed with my code or with their API.

During the request I make the following call:

header("Location: http://api.mapmyfitness.com/3.1/oauth/authorize?oauth_token=123456789&oauth_callback=mysite.com/authorize.php);

It correctly sends me to the MapMyFitness site to grant access. I enter in a valid username and password and then it redirects me to:

http://api.mapmyfitness.com/3.1/oauth/mysite.com/authorize.php?oauth_token=123456789

Of course the website and token are made up for this example. If I remove the first part and am left with the actual callback, mysite.com/authorize.php?oauth_token=123456789 it runs correctly.

It appears that MapMyFitness is not correctly handling my callback and adding its oauth url.

If I add http:// to the callback I get the error:

Unknown request token ""Array ( [oauth_token] => 


f36a684c04ef71d0a129dd59f5bbc1ed0514b4598 [oauth_callback] => SITE [PHPSESSID] => 
p284bpatpiuu78t0105qal4ql4 [fbsr_44829295357] => om1lyMi6U5iIyXqI3nfoWSBW5IoNV8skkJ-
fvW5qec8.eyJhbGdvcml0aG0iOiJITUFDLVNIQTI1NiIsImNvZGUiOiJBUUFkSExOMkc0eWEtZk1NOF91WGtaNDhKMWN
DSmFQVnZEVm95RjZEdXRsNDVuYVRIUHNRdGxMRVhIQW9QSnJrNnhqWlZreTN6NzZCV1RTQWNaTXVTdl9HWEFNMDJkQ3p
1OE80dkhYT3lhUmdHVWl3bmdqcFF4SXYwQl9PUURNRlJzaG5wMDh2bjQ5UUI2S191ZHR5dXB5Z1dwbFNRdndqYTBiQ0h
IVExWN0ZialM5cnpjRGtnS0tVN2xyRVFXMVM2RTNkTzRQZHM1TnJjX0RrLVp3alEyRS0iLCJpc3N1ZWRfYXQiOjEzNjM
4ODQ3NTgsInVzZXJfaWQiOiIxMjcxODUyNTg0In0 [__utma] => 
252565653.331108727.1353966538.1363678118.1363880367.12 [__utmc] => 252565653 [__utmv] => 
252565653.|1=sex=M=1^2=age_group=35to44=1^3=membership=free=1^4=logged_in=is_logged_in=1 
[__utmz] => 252565653.1363678118.11.4.utmcsr=mapmyrun.com|utmccn=
(referral)|utmcmd=referral|utmcct=/api/3.1/oauth/authorize 
[mp_d4aec1d8aa5a6d2aebd49ec451910dea_mixpanel] => {"distinct_id": "13d37eedea042c-0033ca7c4-
376f6050-1aeaa0-13d37eedea1e62","$initial_referrer": "$direct","$initial_referring_domain":
 "$direct","$search_engine": "google"} [optimizelyBuckets] => {} [optimizelySegments] => 
{"173102711":"safari","173022868":"false","172178767":"referral"} [__gads] => 
ID=2f74fc63a6725ad5:T=1362443034:S=ALNI_MblJOxnkm6q4rFDE8wihC_cUXHETQ [mmfsessid] => 
5a0f4259-05ae-4fe9-a45e-aa9f90afdfba [fbm_44829295357] => base_domain=.mapmyfitness.com 
[optimizelyEndUserId] => oeu1353966536109r0.12621341994963586 )
jhanifen
  • 4,441
  • 7
  • 43
  • 67
user2189549
  • 11
  • 3
  • You're missing the protocol part in `oauth_callback=mysite.com/authorize.php`. It should be `oauth_callback=http://mysite.com/authorize.php` or `https`, whichever applies. – Bibhas Debnath Mar 20 '13 at 09:40
  • I've tried adding http:// and https:// and both ways cause an error and the 'grant access' page throws and error and does not load. – user2189549 Mar 21 '13 at 15:56
  • Unless you specify what error, no one is psychic here. – Bibhas Debnath Mar 21 '13 at 16:43
  • I added the error to the original post for using http:// – user2189549 Mar 21 '13 at 17:42
  • If I don't use http:// I am allowed to go to the grant access page. After entering a valid user/password. I am given the following error: Not Found The requested URL /3.1/oauth/semlerHealthPerks.com/authorize.php was not found on this server. – user2189549 Mar 21 '13 at 17:44

2 Answers2

1

What happens if you add the full url for your callback in the initial call? i.e.

oauth_callback=http://mysite.com/authorize.php
Jon Susiak
  • 4,948
  • 1
  • 30
  • 38
  • It fails and does not even open the grant access page from MMF. It gives the error: Unknown request token ""Array ( [oauth_token] => 123456789 [oauth_callback] => http://mysite.com/authorize.php ...... – user2189549 Mar 20 '13 at 17:12
  • this is a dummy token, it's not the real one – user2189549 Mar 21 '13 at 16:30
  • I believe you are wrong. As I stated in the post. If I use mysite.com/authorize for the callback. I make it to the 'grant access' page. After entering a valid MMF user and password I am sent to a false address: http://api.mapmyfitness.com/3.1/oauth/mysite.com/authorize.php?oauth_token=123456789. If I remove api.mapmyfitness.com/3.1/oauth everything works correctly. This is why I believe MMF is providing a false callback from the grant access page. – user2189549 Mar 21 '13 at 17:06
0

Try urlencoding your oauth_callback value, e.g.:

http://api.mapmyfitness.com/3.1/oauth/authorize?oauth_callback=http%3A%2F%2Fmysite.com%2Fauthorize.php...
Matt McClure
  • 16,009
  • 2
  • 28
  • 30