I'm trying to make an application that can help me post art in various platforms at once in a timed manner.
So what I'm trying to do is just get the authentication code from DeviantArt using the Authentication Code Grant from their API in PHP, then I'll take that code and put it on my application so I can use it to get the Access Token and post art on my account.
I've made the PHP code below to do a GET request to https://www.deviantart.com/oauth2/authorize and it successfully sent me to the authentication page. But when I log in to my account, it gives me a 403 Forbidden Access error. The API requires me to publish my app and whitelist the OAtuth2 Redirect URI, and I've already done that.
Here's the code in poster/assets/php/authDeviantArt.inc.php:
<?php
if(isset($_POST["submit"])){
$result = file_get_contents("https://www.deviantart.com/oauth2/authorize?response_type=code&client_id=9685&redirect_uri=http://myipaddress:80/poster/requestAuthorization.php", false);
echo $result;
} ?>
And here's the file in the URI that DeviantArt should redirect me (poster/requestAuthorization.php):
<?php
if(isset($_GET["code"])){
echo $_GET["code"];
}
?>
<html>
<head>
<title>Authorization</title>
<meta charset="utf-8">
</head>
<body>
<form action="assets/php/authDeviantArt.inc.php" method="POST">
<button type="submit" name="submit">Authorization DeviantArt</button>
</form>
</body>
</html>
UPDATE 01: I've removed the port from the URI in both the whitelist and the redirect_uri, and it's still giving me the 403 error when I log in. I also discovered that if I give the redirect_uri property a URI that's not whitelisted, it will show an error page instead of asking me to log in. I've also tried to ask it to redirect me to another webpage (youtube), with no success (still giving me the 403 error).
UPDATE 02: One of the answers has suggested that the error might be because I need to send a request with a "USER-AGENT" in the header and compress it. Now my code is like this:
<?php
if(isset($_POST["submit"])){
$opts = array(
'http' => array(
'method'=>"GET",
'header'=>"User-agent: ".$_SERVER["HTTP_USER_AGENT"]
)
);
$context = stream_context_create($opts);
$result = file_get_contents("https://www.deviantart.com/oauth2/authorize?response_type=code&client_id=9685&redirect_uri=http://myipaddress/poster/requestAuthorization.php", false, $context);
echo $result;
}
?>
The code above still doesn't solve the problem, probably because I need to "compress" my HTTP GET request? I'm quite new, and I tried to do some research, but I couldn't find out how to do it.
UPDATE 03: Thanks to one of the answers below, I found out how to compress my request. Unfortunately, it didn't work. I will send the email to DeviantArt's Support team and see if they can help me. My code is like this for now:
<?php
if(isset($_POST["submit"])){
$opts = array(
'http' => array(
'method'=>"GET",
'header'=>"User-Agent: ".$_SERVER["HTTP_USER_AGENT"]."\r\n".
"Accept-Encoding: gzip\r\n"
)
);
$context = stream_context_create($opts);
$result = file_get_contents("compress.zlib://https://www.deviantart.com/oauth2/authorize?response_type=code&client_id=9685&redirect_uri=http://myipaddress/poster/requestAuthorization.php", false, $context);
echo $result;
}
?>
I found out what was the problem. Apparently, I shouldn't be getting the contents of the authentication page and echoing in my page. Instead, I should be redirecting the user to the authentication page.
<?php
if(isset($_POST["submit"])){
header("Location: https://www.deviantart.com/oauth2/authorize?response_type=code&client_id=9685&redirect_uri=http://myipaddress/poster/requestAuthorization.php");
}
?>