[[help:api]]
This is an old revision of the document!
API and the OzBargain Logos
Deal Submission
If you are a deal aggregator, catalogue provider or even a merchant who wishes to create link for your visitors to submit deals to OzBargain (similar to what Lasoo has done, from this announcement), you can link to OzBargain's deal submission form with some fields pre-filled.
URL: https://www.ozbargain.com.au/deals/submit
Query String Parameters:
Parameter | Pre-filled field |
---|---|
edit[title] | Title |
edit[url] | URL/Link |
edit[start] | Start Date (format: yyyy-mm-dd) |
edit[expiry] | Expiry Date (format: yyyy-mm-dd) |
edit[coupon] | Coupon Code |
Example
URL to submit the latest eBay Group Buy Deal.
https://www.ozbargain.com.au/deals/submit?edit[title]=eBay+Group+Buy+Deal&edit[url]=https://groupbuy.ebay.com.au/
OAuth 2
OzBargain provides authentication / authorization with OAuth 2.0. Currently it's in internal alpha testing. Please use Contact Form to request registration of a new client.
Endpoints
Authorization | https://www.ozbargain.com.au/oauth/authorize |
---|---|
Access Token | https://www.ozbargain.com.au/oauth/token |
Login | https://www.ozbargain.com.au/oauth/login |
User Info | https://www.ozbargain.com.au/oauth/authorize |
Workflow
Assume
client_id=testapp
client_secret=testsecret
redirect_uri=testapp://example.com/
To request authorization from a logged in user, redirect the user to this URL:
https://www.ozbargain.com.au/oauth/authorize?client_id=testapp&response_type=code&state=test
Note:
state
needs to be present and best to be a random string that can be verified later.- If
redirect_uri
is not configured on the OzBargain Authorization Controller, it can be passed in as part of URL usingredirect_uri
in query string parameter.
After the user accepted the authorization request, OzBargain will then redirect to
testapp://example.com/?code=<authorization_token>&state=test
Your website / app can then use <authorization_token>
to request access token to access OzBargain on behalf of the user. To request access token, HTTP POST to the following URL:
https://www.ozbargain.com.au/oauth/token
with
client_id=testapp&client_secret=testsecret&grant_type=authorization_code&code=<authorization_token>
as POST data (Content-Type: application/x-www-form-urlencoded
). If successful, OAuth server will return the access token in JSON.
{ "access_token": "e8cc0eaee04c0dbe19ced626ffc4aefac2770b67", "expires_in": 7200, "refresh_token": "87eebc12677da143d2757621b65f4f98aebe0489", "scope": null, "token_type": "Bearer" }
access_token
can be used by your website / app to access OzBargain resources as that user. refresh_token
can be used to generate a new access token after the initial one has expired. Note that by default, OzBargain has 2 hour expiry for access_token
and 2 week expiry for refresh_token
.
Login via Access Token
You are able to log into the OzBargain website using access token obtained from OAuth. Use the following URL:
https://www.ozbargain.com.au/oauth/login?access_token=<access_token>&destination=<destination>
Parameters:
access_token
– 40 character access token obtained from work-flow above.destination
– OzBargain page to be redirected to after logging in. For examplenode/12345
or<front>
for Front Page.
Note that if access_token
is invalid, the browser will be redirected to user-login page with error message.
Bearer Authentication
Your website / app can issue authenticated API calls or download RSS pages as a logged in user using Bearer Authentication. Add the following header to your request:
Authorization: Bearer <access_token>
Note that if access_token
is invalid, HTTP response “403 Access Denied” will be returned.
Refresh Access Token
As default access_token
expires after 2 hours, you will need to have user authorise again, or use the refresh token to obtain a new set of access/refresh token (before the existing refresh token expires). To get a new refresh token, HTTP POST to the following URL:
https://www.ozbargain.com.au/oauth/token
with POST data:
client_id=testapp&client_secret=testsecret&grant_type=refresh_token&refresh_token=<refresh_token>
If <refresh_token>
is valid, the following JSON will be returned:
{ "access_token": "ccbb1f1b98660c469bdaf7280e09d5134263c35a", "expires_in": 7200, "refresh_token": "cda24fea9a82ff69844416d2ea4b32bb9efe5bf1", "scope": null, "token_type": "Bearer" }
Note that <refresh_token>
is one-use only, and you must grab the updated <access_token>
and <refresh_token>
.
Get User Info
To retrieve information about OzBargain user associated with an access_token
, issue an HTTP GET request on the following URL:
https://www.ozbargain.com.au/oauth/resource?access_token=<access_token>
JSON result will be returned, and if successful:
{ "success": true, "message": "OAuth2 token verified.", "user": { "uid": 2, "name": "testuser", "email": "[email protected]", "role": "User", "penalised": false } }
Firebase Cloud Messaging
OzBargain is currently testing Firebase cloud messaging integration. Here are some support API.
To register/activate/deactivate an instance for message delivery, use the following URL as endpoint. Use Bearer authorization with OAuth2 access token. <uid>
is the numeric number of the user to update the setting, and it must be the same as the authenticated user.
https://www.ozbargain.com.au/ozbapi/user/<uid>/firebase
Parameters are send in via POST data in URL encoded form.
Parameter | Value |
---|---|
code | Instance ID |
name | Name of this instance (optional) For example “Android Phone” |
active | 0 or 1 to activate/deactivate already registered instance (optional) |
Example
$ curl -F 'code=1234567890' -F 'name=TestClient' \ -H 'Authorization: Bearer 0987654321' https://www.ozbargain.com.au/ozbapi/user/2/firebase {"result":true,"message":"Instance has been registered"} $ curl -F 'code=1234567890' -F 'active=0' \ -H 'Authorization: Bearer 0987654321' https://www.ozbargain.com.au/ozbapi/user/2/firebase {"result":true,"message":"Instance has been deactivated"}
OzBargain Logos
(OzBargain.com.au Logo)
(Just a simple [Oz])
(The flat / non-gradient version of [Oz])