Students Creation API

johnnyak · May 27, 2020, 3:18pm

Is there a documentation or example on how to use, if there is any, API so i can create students using the API?
I tried using the endpoints from the Android mobile application but i am not able to register users.

jramnai · May 27, 2020, 3:49pm

Hi @johnnyak,

You can use this url endpoint for the registration.

johnnyak · May 27, 2020, 6:26pm

Hello @jramnai ,

Thank you for your reply.

I am able to register the user now, i am using the endpoint you are pointing to, i think it was some problem with access token that needs to be refreshed.
Which brings me to my next question.

Where can i read about best practice for the flow of register and login process?

I created a client at: https://online.my_domain_name.com/admin/oauth2/client/
And i am using the https://github.com/thephpleague/oauth2-client/ client library to test things.

When i use my php script from the browser while logged in as admin, the user registration works and i am redirected back to the other website. But when i run the php script while not logged in i am taken to the https://online.my_domain_name.com/login?next=/oauth2/authorize/confirm Sign in page.

Below is the code i am using:

/=== START CODE ===/

session_start();

require 'vendor/autoload.php';

use \League\OAuth2\Client\Provider\GenericProvider;

$provider = new \League\OAuth2\Client\Provider\GenericProvider([
    'clientId'                => 'my_client_id',    // The client ID assigned to you by the provider
    'clientSecret'            => 'my_client_secret',   // The client password assigned to you by the provider
    'redirectUri'             => 'https://www.oauth2_client_domain_name.com/register.php',
    'urlAuthorize'            => 'https://online.my_domain_name.com/oauth2/authorize',
    'urlAccessToken'          => 'https://online.my_domain_name.com/oauth2/access_token',
    'urlResourceOwnerDetails' => 'https://online.my_domain_name.com/oauth2/user_info',
    'scopes'                   => 'profile openid email permissions',
    'token_type' => 'jwt'
]);

// If we don't have an authorization code then get one
if (!isset($_GET['code'])) {

    // Fetch the authorization URL from the provider; this returns the
    // urlAuthorize option and generates and applies any necessary parameters
    // (e.g. state).
    $authorizationUrl = $provider->getAuthorizationUrl();

    // Get the state generated for you and store it to the session.
    $_SESSION['oauth2state'] = $provider->getState();

    // Redirect the user to the authorization URL.
    header('Location: ' . $authorizationUrl);
    exit;

// Check given state against previously stored one to mitigate CSRF attack
} elseif (empty($_GET['state']) || ($_GET['state'] !== $_SESSION['oauth2state'])) {

    unset($_SESSION['oauth2state']);
    exit('Invalid state');

} else {

    try {

        // Try to get an access token using the authorization code grant.
        $accessToken = $provider->getAccessToken('authorization_code', [
            'code' => $_GET['code']
        ]);

        // We have an access token, which we may use in authenticated
        // requests against the service provider's API.
        echo $accessToken->getToken() . "\n";
        echo $accessToken->getRefreshToken() . "\n";
        echo $accessToken->getExpires() . "\n";
        echo ($accessToken->hasExpired() ? 'expired' : 'not expired') . "\n";

        // Using the access token, we may look up details about the
        // resource owner.
        $resourceOwner = $provider->getResourceOwner($accessToken);

        var_export($resourceOwner->toArray());

        // The provider provides a way to get an authenticated API request for
        // the service, using the access token; it returns an object conforming
        // to Psr\Http\Message\RequestInterface.
        
        $postData = [
            'terms_of_service' => 'true',
            'honor_code' => 'true',
            'username' => 'student_username',
            'name' => 'Student Name',
            'email' => 'student@his_email.com',
            'country' => 'LB',
            'password' => 'student_password'
        ];
        $options = [
            'body' => http_build_query($postData),
            'headers' => [
                'Content-Type' => 'application/x-www-form-urlencoded',
            ],
        ];

        $request = $provider->getAuthenticatedRequest("POST", 'https://online.my_domain_name.com/user_api/v1/account/registration/', $accessToken, $options);
        $response = $provider->getParsedResponse($request);
        
        print_r($response);

    } catch (\League\OAuth2\Client\Provider\Exception\IdentityProviderException $e) {

        // Failed to get the access token or user details.
        exit($e->getMessage());

    }

}

jramnai · May 28, 2020, 8:46am

I am glad that your are able to register your students using the API endpoint.

But for your another question it would be better if you create separate topic for it, so that in future people facing the same issue can look over there.

And regarding PHP I don’t have any idea. You may create new topic, may be someone familiar with it can help you.

Topic		Replies	Views
Auto-Enrollment API Development api	2	771	September 22, 2021
Authenticate with OAuth Token to Access API Endpoints (Instructor APIs) Development api , how-to , devstack	8	149	August 21, 2024
Auto Enrollment API Development	1	460	September 22, 2021
Enrollment via API in api-docs Development tutor	1	279	March 26, 2024
How to use the API that need authentication Development	5	362	April 5, 2021

Students Creation API

Related topics