If you are a deal aggregator, catalogue provider or even a merchant who wishes to create link for your visitors to submit deals to OzBargain (similar to what Lasoo has done, from this announcement), you can link to OzBargain's deal submission form with some fields pre-filled.

URL: https://www.ozbargain.com.au/deals/submit

Query String Parameters:

URL to submit the latest eBay Group Buy Deal.

https://www.ozbargain.com.au/deals/submit?edit[title]=eBay+Group+Buy+Deal&edit[url]=https://groupbuy.ebay.com.au/

OzBargain provides authentication / authorization with OAuth 2.0. Currently it's in internal alpha testing. Please use Contact Form to request registration of a new client.

Assume

• client_id=testapp
• client_secret=testsecret
• redirect_uri=testapp://example.com/

To request authorization from a logged in user, redirect the user to this URL:

https://www.ozbargain.com.au/oauth/authorize?client_id=testapp&response_type=code&state=test

Note:

• state needs to be present and best to be a random string that can be verified later.
• If redirect_uri is not configured on the OzBargain Authorization Controller, it can be passed in as part of URL using redirect_uri in query string parameter.

After the user accepted the authorization request, OzBargain will then redirect to

testapp://example.com/?code=<authorization_token>&state=test

Your website / app can then use <authorization_token> to request access token to access OzBargain on behalf of the user. To request access token, HTTP POST to the following URL:

https://www.ozbargain.com.au/oauth/token

with

client_id=testapp&client_secret=testsecret&grant_type=authorization_code&code=<authorization_token>

as POST data (Content-Type: application/x-www-form-urlencoded). If successful, OAuth server will return the access token in JSON.

{
  "access_token": "e8cc0eaee04c0dbe19ced626ffc4aefac2770b67",
  "expires_in": 7200,
  "refresh_token": "87eebc12677da143d2757621b65f4f98aebe0489",
  "scope": null,
  "token_type": "Bearer"
}

access_token can be used by your website / app to access OzBargain resources as that user. refresh_token can be used to generate a new access token after the initial one has expired. Note that by default, OzBargain has 2 hour expiry for access_token and 2 week expiry for refresh_token.

You are able to log into the OzBargain website using access token obtained from OAuth. Use the following URL:

https://www.ozbargain.com.au/oauth/login?access_token=<access_token>&destination=<destination>

Parameters:

• access_token – 40 character access token obtained from work-flow above.
• destination – OzBargain page to be redirected to after logging in. For example node/12345 or <front> for Front Page.

Note that if access_token is invalid, the browser will be redirected to user-login page with error message.

Your website / app can issue authenticated API calls or download RSS pages as a logged in user using Bearer Authentication. Add the following header to your request:

Authorization: Bearer <access_token>

Note that if access_token is invalid, HTTP response “403 Access Denied” will be returned.

As default access_token expires after 2 hours, you will need to have user authorise again, or use the refresh token to obtain a new set of access/refresh token (before the existing refresh token expires). To get a new refresh token, HTTP POST to the following URL:

https://www.ozbargain.com.au/oauth/token

with POST data:

client_id=testapp&client_secret=testsecret&grant_type=refresh_token&refresh_token=<refresh_token>

If <refresh_token> is valid, the following JSON will be returned:

{
  "access_token": "ccbb1f1b98660c469bdaf7280e09d5134263c35a",
  "expires_in": 7200,
  "refresh_token": "cda24fea9a82ff69844416d2ea4b32bb9efe5bf1",
  "scope": null,
  "token_type": "Bearer"
}

Note that <refresh_token> is one-use only, and you must grab the updated <access_token> and <refresh_token>.

To retrieve information about OzBargain user associated with an access_token, issue an HTTP GET request on the following URL:

https://www.ozbargain.com.au/oauth/resource?access_token=<access_token>

JSON result will be returned, and if successful:

{
  "success": true,
  "message": "OAuth2 token verified.",
  "user": {
    "uid": 2,
    "name": "testuser",
    "email": "[email protected]",
    "role": "User",
    "penalised": false
  }
}

OzBargain is currently testing Firebase cloud messaging integration. Here are some support API.

To register/activate/deactivate an instance for message delivery, use the following URL as endpoint. Use Bearer authorization with OAuth2 access token. <uid> is the numeric number of the user to update the setting, and it must be the same as the authenticated user.

https://www.ozbargain.com.au/ozbapi/user/<uid>/firebase

Parameters are send in via POST data in URL encoded form.

$ curl -F 'code=1234567890' -F 'name=TestClient' \
    -H 'Authorization: Bearer 0987654321'
    https://www.ozbargain.com.au/ozbapi/user/2/firebase
{"result":true,"message":"Instance has been registered"}

$ curl -F 'code=1234567890' -F 'active=0' \
    -H 'Authorization: Bearer 0987654321'
    https://www.ozbargain.com.au/ozbapi/user/2/firebase
{"result":true,"message":"Instance has been deactivated"}

(OzBargain.com.au Logo)

png | svg

(Just a simple [Oz])

png | svg

(The flat / non-gradient version of [Oz])

png | svg