-
Notifications
You must be signed in to change notification settings - Fork 19
Home
- A good initial password based call for token (closest to old Wallabag plugin behavior)
POST '.$wallabag_url.' + 'oauth/v2/token' \
grant_type=password \
client_id='.$wallabag_client_id.' \
client_secret='.$wallabag_client_secret.' \
username='.$wallabag_username.' \
password='.$wallabag_password.'
- or try it the curl way
curl -s "'.$wallabag_url.' + '/oauth/v2/token?grant_type=password&client_id=' + '.$client_id.' +'&client_secret=' + '.$client_secret.' + '&username=' + '.$wallabg_username.' + 'wallabag&password=' + '.$wallabag_password.'"
- Both methods should RETURN (a variation of)
HTTP/1.1 200 OK
// I skipped some lines here //
{
"access_token": "A_RANDOM_STRIG_ACCESS",
"expires_in": 3600,
"refresh_token": "A_RANDOM_STRING_REFRESH",
"scope": null,
"token_type": "bearer"
}
the refresh call server response set is the same as the initial auth call response set
- example server response on expired token
{
"error": "invalid_grant",
"error_description": "The access token provided has expired."
}
- the call to refresh
POST '.$wallabag_url.' + '/oauth/v2/token' \
grant_type=refresh_token \
client_id='.$client_id.' \
client_secret='.$client_secret.' \
refresh_token='.$refresh_token.'
- with a POST
POST '.$wallabag_url.' + '/api/entries.json' \
"Authorization:Bearer '.$access_token.'" \
url="'.$article_url.'"
- with curl
curl "'.$wallabag_url.' + '/api/entries.json' + '?access_token=' + '.$access_token.' + '&url=' + '.$article_url'"
- success response
HTTP/1.1 200 OK
- HTTP/1.1 400 Bad Request
{
"error": "invalid_grant",
"error_description": "Invalid username and password combination"
}
or
{
"error": "invalid_client",
"error_description": "The client credentials are invalid"
}