Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
wordpress and woocommerce rest api
#1
Is there anyone that have worked with wordpress and woocommerce rest api?
Reply
#2
(07-19-2022, 03:21 PM)GeorgeBairaktaris Wrote: Is there anyone that have worked with wordpress and woocommerce rest api?

Why? Are you having a problem with them? What are you trying to do exactly that is not working for you? What does your code look like?

Reply
#3
(07-19-2022, 04:28 PM)rlebeau Wrote:
(07-19-2022, 03:21 PM)GeorgeBairaktaris Wrote: Is there anyone that have worked with wordpress and woocommerce rest api?

Why? Are you having a problem with them?  What are you trying to do exactly that is not working for you?  What does your code look like?

I have problem with authentication.
Everything I am trying I am getting 401 error.
"HTTP/1.1 401 Unauthorized"
Last attempt I tried was from the Postman call like this:

Code:
idHttp.Request.UserAgent :=  'Mozilla/5.0 (Windows NT x.y; rv:10.0) Gecko/20100101 Firefox/10.0';
try
  idhttp.Request.CustomHeaders.AddValue('Cookie', 'PHPSESSID=c4ec7f957fe429e2f8ca2cc6a641469f');

  idhttp.Get('http://charalampidis.globaltouchdev.eu/wp-json/wc/v2/orders?' +
              'oauth_consumer_key=ck_399bad935831bff0bc342e8edd3f47a14f1fa63b&' +
              'oauth_signature_method=HMAC-SHA1&' +
              'oauth_timestamp=1658245863&' +
              'oauth_nonce=Pi0PZa1qirl&' +
              'oauth_version=1.0&' +
              'oauth_signature=CW1up7Z6NQDGdQgXgcj9vLZm9HE%3D');

  Memo1.Lines.Add(IntToStr(IdHTTP.ResponseCode));
  Memo1.Lines.Add(IdHTTP.ResponseText);

except

  Memo1.Text :=  idhttp.ResponseText;
end;

In Postman I use Consumer Key and Consumer Secret with 0auth1 and its working.

Any help is appreciated.
Thank you.
Reply
#4
(07-19-2022, 05:46 PM)GeorgeBairaktaris Wrote: I have problem with authentication.
Everything I am trying I am getting 401 error.
"HTTP/1.1 401 Unauthorized"

Why are you hard-coding a cookie? Cookies are dynamic. Also, why are you using the Request.CustomHeaders property instead of the TIdHTTP.CookieManager property?

Why are you hard-coding the OAuth credentials? Where are you getting those values from? Things like timestamps and nonces are dynamic, they can't be hard-coded since they change value between requests.

(07-19-2022, 05:46 PM)GeorgeBairaktaris Wrote: Last attempt I tried was from the Postman call like this:

That is your Indy request, not your Postman request. What does the Postman request look like?

(07-19-2022, 05:46 PM)GeorgeBairaktaris Wrote: In Postman I use Consumer Key and Consumer Secret with 0auth1 and its working.

Can't help you without seeing the Postman example. Are you submitting the same OAuth credentials on each Postman request, and they don't fail due to expired parameters?

Reply
#5
Ok.
Postman.
Get method:http://charalampidis.globaltouchdev.eu/wp-json/wc/v2/orders
Authorization : 0Auth1
Consumer Key :ck_399bad935831bff0bc342e8edd3f47a14f1fa63b
Consumer Secret :cs_d193e669d87da71f46a6ea827d26a0a97adae9f6


and the response is :


[
    {
        "id"8777,
        "parent_id"0,
        "status""pending",
        "currency""EUR",
        "version""6.4.1",
        "prices_include_tax"false,
        "date_created""2022-07-19T13:40:38",
        "date_modified""2022-07-19T13:40:39",
        "discount_total""0.00",
        "discount_tax""0.00",
        "shipping_total""0.00",
        "shipping_tax""0.00",
        "cart_tax""0.00",
        "total""0.00",
        "total_tax""0.00",
        "customer_id"0,
        "order_key""wc_order_MBq29JDMl1kQ9",
        "billing": {
            "first_name""",
            "last_name""",
            "company""",
            "address_1""",
            "address_2""",
            "city""",
            "state""",
            "postcode""",
            "country""",
            "email""",
            "phone"""
        },
        "shipping": {
            "first_name""",
            "last_name""",
            "company""",
            "address_1""",
            "address_2""",
            "city""",
            "state""",
            "postcode""",
            "country""",
            "phone"""
        },
        "payment_method""",
        "payment_method_title""",
        "transaction_id""",
        "customer_ip_address""",
        "customer_user_agent""",
        "created_via""rest-api",
        "customer_note""",
        "date_completed"null,
        "date_paid"null,
        "cart_hash""",
        "number""8777",
        "meta_data": [],
        "line_items": [],
        "tax_lines": [],
        "shipping_lines": [],
        "fee_lines": [],
        "coupon_lines": [],
        "refunds": [],
        "payment_url""https://charalampidis.globaltouchdev.eu/checkout/order-pay/8777/?pay_for_order=true&key=wc_order_MBq29JDMl1kQ9",
        "date_created_gmt""2022-07-19T13:40:38",
        "date_modified_gmt""2022-07-19T13:40:39",
        "date_completed_gmt"null,
        "date_paid_gmt"null,
        "currency_symbol""€",
        "_links": {
            "self": [
                {
                    "href""https://charalampidis.globaltouchdev.eu/wp-json/wc/v2/orders/8777"
                }
            ],
            "collection": [
                {
                    "href""https://charalampidis.globaltouchdev.eu/wp-json/wc/v2/orders"
                }
            ]
        }
    },
    {
        "id"8775,
        "parent_id"0,
        "status""pending",
        "currency""EUR",
        "version""6.4.1",
        "prices_include_tax"false,
        "date_created""2022-06-29T11:59:39",
        "date_modified""2022-06-29T12:02:16",
        "discount_total""0.00",
        "discount_tax""0.00",
        "shipping_total""0.00",
        "shipping_tax""0.00",
        "cart_tax""0.00",
        "total""140.00",
        "total_tax""0.00",
        "customer_id"0,
        "order_key""wc_order_r6kGTbbIqsWVA",
        "billing": {
            "first_name""",
            "last_name""",
            "company""",
            "address_1""",
            "address_2""",
            "city""",
            "state""",
            "postcode""",
            "country""",
            "email""",
            "phone"""
        },
        "shipping": {
            "first_name""",
            "last_name""",
            "company""",
            "address_1""",
            "address_2""",
            "city""",
            "state""",
            "postcode""",
            "country""",
            "phone"""
        },
        "payment_method""",
        "payment_method_title""",
        "transaction_id""",
        "customer_ip_address""",
        "customer_user_agent""",
        "created_via""admin",
        "customer_note""",
        "date_completed"null,
        "date_paid"null,
        "cart_hash""",
        "number""8775",
        "meta_data": [],
        "line_items": [
            {
                "id"3,
                "name""Xειροποίητο σκουλαρίκι επιχρυσωμένο με φύλλο ελιάς",
                "product_id"8554,
                "variation_id"0,
                "quantity"5,
                "tax_class""",
                "subtotal""140.00",
                "subtotal_tax""0.00",
                "total""140.00",
                "total_tax""0.00",
                "taxes": [],
                "meta_data": [],
                "sku""GPE200-4001",
                "price"28,
                "parent_name"null
            }
        ],
        "tax_lines": [],
        "shipping_lines": [],
        "fee_lines": [],
        "coupon_lines": [],
        "refunds": [],
        "payment_url""https://charalampidis.globaltouchdev.eu/checkout/order-pay/8775/?pay_for_order=true&key=wc_order_r6kGTbbIqsWVA",
        "date_created_gmt""2022-06-29T11:59:39",
        "date_modified_gmt""2022-06-29T12:02:16",
        "date_completed_gmt"null,
        "date_paid_gmt"null,
        "currency_symbol""€",
        "_links": {
            "self": [
                {
                    "href""https://charalampidis.globaltouchdev.eu/wp-json/wc/v2/orders/8775"
                }
            ],
            "collection": [
                {
                    "href""https://charalampidis.globaltouchdev.eu/wp-json/wc/v2/orders"
                }
            ]
        }
    },
    {
        "id"8771,
        "parent_id"0,
        "status""on-hold",
        "currency""EUR",
        "version""6.4.1",
        "prices_include_tax"false,
        "date_created""2022-05-25T17:18:14",
        "date_modified""2022-05-25T17:18:14",
        "discount_total""0.00",
        "discount_tax""0.00",
        "shipping_total""1.00",
        "shipping_tax""0.00",
        "cart_tax""0.00",
        "total""26.00",
        "total_tax""0.00",
        "customer_id"0,
        "order_key""wc_order_vWfmn6r7pdC4G",
        "billing": {
            "first_name""chris",
            "last_name""test",
            "company""",
            "address_1""σδαδσδ",
            "address_2""",
            "city""Βραχάτι",
            "state""",
            "postcode""17122",
            "country""GR",
            "email""tsohinho@gmail.com",
            "phone""6984373463"
        },
        "shipping": {
            "first_name""chris",
            "last_name""test",
            "company""",
            "address_1""σδαδσδ",
            "address_2""",
            "city""Βραχάτι",
            "state""",
            "postcode""17122",
            "country""GR",
            "phone"""
        },
        "payment_method""bacs",
        "payment_method_title""Άμεση Τραπεζική Μεταφορά",
        "transaction_id""",
        "customer_ip_address""79.167.196.178",
        "customer_user_agent""Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.67 Safari/537.36",
        "created_via""checkout",
        "customer_note""",
        "date_completed"null,
        "date_paid"null,
        "cart_hash""5b111df2cc180a31342e6d011b820216",
        "number""8771",
        "meta_data": [
            {
                "id"5961,
                "key""is_vat_exempt",
                "value""no"
            },
            {
                "id"5965,
                "key""_new_order_email_sent",
                "value""true"
            }
        ],
        "line_items": [
            {
                "id"1,
                "name""Aσημένια αλυσίδα ποδιού με ματάκι",
                "product_id"8547,
                "variation_id"0,
                "quantity"1,
                "tax_class""",
                "subtotal""25.00",
                "subtotal_tax""0.00",
                "total""25.00",
                "total_tax""0.00",
                "taxes": [],
                "meta_data": [],
                "sku""SA124-3001",
                "price"25,
                "parent_name"null
            }
        ],
        "tax_lines": [],
        "shipping_lines": [
            {
                "id"2,
                "method_title""Μεταφορικά",
                "method_id""wczfee",
                "instance_id""0",
                "total""1.00",
                "total_tax""0.00",
                "taxes": [],
                "meta_data": []
            }
        ],
        "fee_lines": [],
        "coupon_lines": [],
        "refunds": [],
        "payment_url""https://charalampidis.globaltouchdev.eu/checkout/order-pay/8771/?pay_for_order=true&key=wc_order_vWfmn6r7pdC4G",
        "date_created_gmt""2022-05-25T17:18:14",
        "date_modified_gmt""2022-05-25T17:18:14",
        "date_completed_gmt"null,
        "date_paid_gmt"null,
        "currency_symbol""€",
        "_links": {
            "self": [
                {
                    "href""https://charalampidis.globaltouchdev.eu/wp-json/wc/v2/orders/8771"
                }
            ],
            "collection": [
                {
                    "href""https://charalampidis.globaltouchdev.eu/wp-json/wc/v2/orders"
                }
            ]
        }
    }
]
Reply
#6
(07-20-2022, 06:15 AM)GeorgeBairaktaris Wrote: Ok.
Postman.
Get method:http://charalampidis.globaltouchdev.eu/wp-json/wc/v2/orders
Authorization : 0Auth1
Consumer Key :ck_399bad935831bff0bc342e8edd3f47a14f1fa63b[color=#212121]
Consumer Secret :cs_d193e669d87da71f46a6ea827d26a0a97adae9f6[color=#212121]

I meant, the RAW request that Postman actually transmits.

In any case, have you tried sending the OAuth credentials in the HTTP "Authorization" request header instead of as URL query parameters?

Note that OAuth 1 uses a 3-step authentication process, so it takes multiple requests to be able to access the resource you want. It would look something like this:

Code:
idHttp.Request.UserAgent :=  'Mozilla/5.0 (Windows NT x.y; rv:10.0) Gecko/20100101 Firefox/10.0';
idhttp.Request.CustomHeaders.AddValue('Cookie', 'PHPSESSID=c4ec7f957fe429e2f8ca2cc6a641469f');

idhttp.Request.CustomHeaders.Values['Authorization'] :=
  'OAuth realm="...", ' +
  'oauth_consumer_key="...", ' +
  'oauth_signature_method="HMAC-SHA1", ' +
  'oauth_timestamp="...", ' +
  'oauth_nonce="...", ' +
  'oauth_callback="...", ' +
  'oauth_signature="..."';

idhttp.Post('https://charalampidis.globaltouchdev.eu/oauth1/request');

// extract oauth_token and oauth_token_secret from response...

idhttp.Get(''https://charalampidis.globaltouchdev.eu/oauth1/authorize?oauth_token=...&oauth_callback=...');

// extract oauth_token and oauth_verifier from response...

idhttp.Request.CustomHeaders.Values['Authorization'] :=
  'OAuth realm="...", ' +
  'oauth_consumer_key="...", ' +
  'oauth_token="...", ' +
  'oauth_signature_method="HMAC-SHA1", ' +
  'oauth_timestamp="...", ' +
  'oauth_nonce="...", ' +
  'oauth_verifier="...", ' +
  'oauth_signature="..."';

idhttp.Post('http://charalampidis.globaltouchdev.eu/oauth1/access');

// extract oauth_token and oauth_token_secret from response...

// NOW, you can send further REST requests as needed,
// using the latest oauth_token and oauth_token_secret to sign the
// Authorization header...

idhttp.Request.CustomHeaders.Values['Authorization'] :=
  'OAuth realm="...", ' +
  'oauth_consumer_key="...", ' +
  'oauth_token="...", ' +
  'oauth_signature_method="HMAC-SHA1", '+
  'oauth_timestamp="...", '+
  'oauth_nonce="...", ' +
  'oauth_signature="..."';

idhttp.Get('http://charalampidis.globaltouchdev.eu/wp-json/wc/v2/orders');

...

You should read https://oauth1.wp-api.org/docs/basics/Auth-Flow.html and https://blog.erikthe.red/2017/11/24/enab...wordpress/ for more details about how to use OAuth 1 with WordPress.

Reply
#7
Is this what you want?

GET /wp-json/wc/v2/orders?oauth_consumer_key=ck_399bad935831bff0bc342e8edd3f47a14f1fa63b&oauth_signature_method=HMAC-SHA1&oauth_timestamp=1658340130&oauth_nonce=hGi7dXyoL57&oauth_version=1.0&oauth_signature=0vF8us3%2Bja995lLT4HzosUI7VWU%3D HTTP/1.1
User-Agent: PostmanRuntime/7.29.2
Accept: */*
Postman-Token: a6a0475b-00a3-47b0-971e-6726aec6c0d2
Host: charalampidis.globaltouchdev.eu
Accept-Encoding: gzip, deflate, br
Connection: keep-alive

or this one?

Network
addresses: {…}
local: {…}
address: "192.168.2.17"
family: "IPv4"
port: 56960
remote: {…}
address: "185.138.42.135"
family: "IPv4"
port: 80
Request Headers
User-Agent: PostmanRuntime/7.29.2
Accept: */*
Postman-Token: a6a0475b-00a3-47b0-971e-6726aec6c0d2
Host: charalampidis.globaltouchdev.eu
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Request Body
Response Headers
Server: nginx
Date: Wed, 20 Jul 2022 18:02:13 GMT
Content-Type: application/json; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Pragma: no-cache
X-Robots-Tag: noindex
Link: <https://charalampidis.globaltouchdev.eu/wp-json/>; rel="https://api.w.org/"
X-Content-Type-Options: nosniff
Access-Control-Expose-Headers: X-WP-Total, X-WP-TotalPages, Link
Access-Control-Allow-Headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-WP-Total: 3
X-WP-TotalPages: 1
Allow: GET, POST
Set-Cookie: PHPSESSID=18ba05e72e70cd9c70656254cfab15b8; path=/
Content-Encoding: br
Reply
#8
(07-20-2022, 06:07 PM)GeorgeBairaktaris Wrote: Is this what you want?

That is what Postman's REST request looks like AFTER it has performed the 3-step OAuth authorization and gotten validated tokens to use for signing subsequent REST requests. Are you doing that 3-step authorization in your Indy code, as I described above? You can't access '/wp-json/wc/v2/orders' without getting validated tokens first.

Reply
#9
Can you guide me how to do this?
Or do you have any link / documentation to read?
Reply
#10
(07-20-2022, 06:32 PM)GeorgeBairaktaris Wrote: Can you guide me how to do this?
Or do you have any link / documentation to read?

Did you see the links I provided in an earlier reply?

Reply


Forum Jump:


Users browsing this thread: 2 Guest(s)