06-25-2015 07:13
06-25-2015 07:13
Hi,
I've just started playing around with the fitbit api today and have run into a problem - I'm using nodejs to setup an authentication request for my application.
So far I've succesfully received a request token, I then have the user sent to the authentication page on the fitbit website. Once they click approve they are redirected back to my site successfully and I receive the temporary token.
However I send a post request with the temporary token in the OAuth header to receive the access token the reponse I get back from the server is an empty array {}.
I've tried using a token I know will fail and I receive a permission denied response which implies my temporary token is being accepted by the server.
Has anyone else experienced this issue? Could it be a problem on the fitbit end or with the oauth module I am using for node.
Any help is appreciated.
Answered! Go to the Best Answer.
07-14-2015 03:44
07-14-2015 03:44
Fixed this issue, it was a problem with the way I had implemented passport for nodejs - failed to set a proper return from the final stage authentication function.
06-25-2015 10:56
06-25-2015 10:56
That endpoint doesn't return JSON and is working across the system, so let's try to find out what is wrong with this library.
Can you capture the HTTP request that your application is making? You can use a tool like Runscope Captures. You can get a free Runscope account at https://www.runscope.com/fitbit .
06-26-2015 02:47
06-26-2015 02:47
The header for my initial https request is:
{ Authorization: 'OAuth oauth_consumer_key="xxxxxx23ca8671175a51a21952ff4a9c", oauth_nonce="xxxxxxJPxT5xsvmZHVUAz068I2A5L8Ou", oauth_signature="xxxxxxhSe149%2FDFxb1H7j%2BZEZOw%3D", oauth_signature_method="HMAC-SHA1", oauth_timestamp="1435310292", oauth_version="1.0"',
host: 'api.fitbit.com' },
And this request is made to: https://api.fitbit.com/oauth/request_token
The reponse I receive is:
body: 'oauth_token=xxxxxxe788321674c18409ff0f63ac34&oauth_token_secret=xxxxxxfc48bf0ac86f9984ac370ae3cd&oauth_callback_confirmed=true' }
I then redirect to: https://www.fitbit.com/oauth/authenticate?oauth_token=xxxxxxe788321674c18409ff0f63ac34
Which takes me to the fitbit oauth approval page, upon clicking verify I am sent back to my website:
headers for request to my site:
host: 'mywerbserver.com:8060',
connection: 'keep-alive',
accept: 'text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8',
'user-agent': 'Mozilla/5.0 (Windows NT 6.2; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/43.0.2357.130 Safari/537.36',
dnt: '1',
'accept-encoding': 'gzip, deflate, sdch',
'accept-language': 'en-US,en;q=0.8',
cookie: 'cookie_notice_accepted=true; PHPSESSID=qpk2eo0c5hl51hem9de8fj8so5' },
Url including post data:
mywebserver.com:8060/authorised?oauth_token=xxxxxx703757db70337db8c5eb43b5e4&oauth_verifier=xxxxxxe8259be527d904b239966b3ee
This means I have a temporary token which is then used to make a request for an access token for which the header is:
headers:
{ Authorization: 'OAuth oauth_consumer_key="xxxxxx23ca8671175a51a21952ff4a9c", oauth_nonce="xxxxxxBSXQ7v8jc6z29aFCZPFf32Yi4j", oauth_signature="xxxxxxlimG%2FQ5Pl22DRAiRH2ui8%3D", oauth_signature_method="HMAC-SHA1", oauth_timestamp="1435310296", oauth_version="1.0"',
host: 'api.fitbit.com' },
Sent to the url: https://api.fitbit.com/oauth/access_token
As mentioned previously I receive a response with no body, however if I change my oauth token to use something other than the temporary token I receive back from fitbit I get an oauth error.
06-26-2015 03:37
06-26-2015 03:37
Just tried a different oauth library (passport) and I now get an access token back from the server. However the page gets stuck at the callback and just loads forever. I expect this is something to do with how I have my callback setup in my webserver though.
06-29-2015 01:10
06-29-2015 01:10
Currently I get a valid access token sent to my server but the client's browser hangs on the redirect from the fitbit website - it loads for about 10 minutes after the client details have been entered and then crashes saying the authentication failed.
Has anyone else had any similar problem?
07-02-2015 06:51
07-02-2015 06:51
@JeremiahFitbit I've got this live on a site right now if you could observe the loop that the authentication gets stuck in.
07-02-2015 11:37
07-02-2015 11:37
@ivan_g: I'm getting an 'unable to connect' browser error.
Via curl:
$ curl -v http://nickallott.com:8060/auth/fitbit/ * Hostname was NOT found in DNS cache * Trying 46.137.113.37... * connect to 46.137.113.37 port 8060 failed: Connection refused * Failed to connect to nickallott.com port 8060: Connection refused * Closing connection 0 curl: (7) Failed to connect to nickallott.com port 8060: Connection refused
07-03-2015 01:51
07-03-2015 01:51
@JeremiahFitbit sorry the server had gone down - someone restarted the box and the test code I'm running doesn't auto-restart yet.
The problem still persists though - when authorising an account the connection times out before it redirects to my website but I still receive a token.
The result of running curl for your convenience is:
* About to connect() to nickallott.com port 8060 (#0)
* Trying 46.137.113.37... connected
> GET /auth/fitbit HTTP/1.1
> User-Agent: curl/7.22.0 (i686-pc-linux-gnu) libcurl/7.22.0 OpenSSL/1.0.1 zlib/1.2.3.4 libidn/1.23 librtmp/2.3
> Host: nickallott.com:8060
> Accept: */*
>
< HTTP/1.1 302 Moved Temporarily
< X-Powered-By: Express
< Location: https://api.fitbit.com/oauth/authorize?oauth_token=b8f9020ee72dbfde38d01355259cecf6
< Content-Length: 0
< set-cookie: connect.sid=s%3AiWBxdUb6jjuqLeSobjuyp94-KJogceJ0.iFB9MazqLCRnYK0If%2Br9iEgc29WT4H%2Fdue6I26jXhWI; Path=/; HttpOnly
< Date: Fri, 03 Jul 2015 08:50:59 GMT
< Connection: keep-alive
<
* Connection #0 to host nickallott.com left intact
* Closing connection #0
07-14-2015 03:44
07-14-2015 03:44
Fixed this issue, it was a problem with the way I had implemented passport for nodejs - failed to set a proper return from the final stage authentication function.