Composer required?

Huh. And the url is the same redirect URL as in you have set in the register client page? It’s case sensitive, last I checked.

If you do print_r($result) (Where $result is the return from the get_tokens function) what does it give you?

url is the same… as is said… the code worked perfectly just a few days ago.

the $result you mean is what I meant with $tokens. It’s empty.

$oauth_client = new Patreon\OAuth($client_id, $client_secret);
$tokens = $oauth_client->get_tokens($_GET[‘code’], “##myurl##”);

echo "Token: ";
print_r($tokens);

produces=>

Token:

This is very odd… I’m using the same code, and it’s working for me. You still have error reporting turned on, I assume?

yes, it’s on.

I found the problem. I added a print_r for the direct response I’m getting from the Patreon API and it’s a cloudflare security check response instead of an object.

Please complete the security check to access api.patreon.com

Why do I have to complete a CAPTCHA?

Completing the CAPTCHA proves you are a human and gives you temporary access to the web property.

What can I do to prevent this in the future?

If you are on a personal connection, like at home, you can run an anti-virus scan on your device to make sure it is not infected with malware.

If you are at an office or shared network, you can ask the network administrator to run a scan across the network looking for misconfigured or infected devices.

Cloudflare Ray ID: 3baaa13609972714 • Your IP: XXXXX • Performance & security by Cloudflare

Hey Glaap,

I’m sorry you find Composer confusing. We went with Composer because it’s far and away the most used code distribution and dependency manager in PHP. Asking an open source PHP library to not use Composer is like asking an open source Ruby library not to use gem, or a python library not to use pip, or a javascript library to not use npm.

Regarding documentation: the first section of our README says that the way to get our library is through Packagist, which is the main Composer distribution channel. As Composer is so universally used, there are documents all over the web about how to use it, for all different skill levels. We’ll highlight that section more, and perhaps link out to some Intro to Composer docs if more developers write in with confusion (you’re the first one so far :slight_smile:)

Regarding my notes about how to use Composer: were you able to upload your vendor/ folder to your server once you ran php composer.phar install locally?

i’m not using composer. i’m using version 1 of the php script which worked perfectly until just a few days ago.

if you keep supporting this everything’s fine.

however… it doesn’t work anymore right now, because of your cloudflare problems that I’ve seen other people with v2 post about as well.

today I’m getting yet another response:

{“error”: “invalid_grant”}

The problem I’m having with the API is that the same script sometimes works and sometimes it doesn’t.

I highly recommend you move to version 0.2 of the script. Documentation, support, and new features will all be built on the latest versions of library as the community and tooling grows.

Regarding Cloudflare: We are not in control of Cloudflare’s anti-spam detection controls, but we’ve emailed their support team asking for insight as to why your usage was marked as spam.

Regarding “invalid_grant”: Invalid grant means that the grant code parameter you are receiving as part of step 3 is not being properly provided back to step 4 in a timely manner. Grant codes last one hour – perhaps you’ve hard-coded an older grant code? If you could provide more detail it would be very helpful in debugging :smiley:

I think I’ve made it clear that I won’t go through the whole composer hassle several times. :wink:
I’m not a PHP expert anymore and this whole process is just too complicated for me.
As you can see in this post there are other people still using v1 too.

I guess cloudflare thinks the server is a user spamming site requests. If one person were to send in that many requests to cloudflare as a server using the API, I’d send a security block, too. But for a server, I doubt my 12 patrons send too many requests.

The Invalid Grant thing was indeed just a temporary problem I had because I had commented out the code that saves the access token and reloaded the page. Thanks.
Everything works now. The question is only how long until Cloudflare thinks my server is spamming again.

Sounds good! We’ll let you know if there are any more questions from us to help debug the Cloudflare issue, but our hope is that they can resolve it on their end.

1 Like