1

I've built a custom database that I would like to populate with some of my UP3 data. I've successfully authenticated and received the JSON response with my Bearer token. From here, I'm sort of lost.

From the documentations, I need to send a GET request to 

https://jawbone.com/nudge/api/v.1.1/users/@me

Each time I do, I get:

No 'Access-Control-Allow-Origin' header is present on the requested resource

I've added:

header('Access-Control-Allow-Origin: http://example.com');

(replacing example.com with my domain)

to the page that is sending the GET request. Any thoughts?

ekad
  • 14,436
  • 26
  • 44
  • 46
Bluecapra
  • 43
  • 3
  • Welcome to Stack Overflow. I've edited your question to remove a request for an offsite resource as doing so [is considered off-topic](http://stackoverflow.com/help/on-topic) and will likely result in downvotes and your question being closed. However, you can still improve your question (and thus attract more/better answers) if you [edit] in the code you're using. – HPierce Sep 15 '16 at 21:30
  • You're getting a CORS (http://stackoverflow.com/questions/10636611/how-does-access-control-allow-origin-header-work) failure. That header needs to be present on the Jawbone server, which it is, so you shouldn't get a failure like this. Could you include the code that issues the GET request? Are you setting the Authorization header? – RAY Sep 16 '16 at 15:23
  • 1
    Install the Access-Control-Allow-Origin extension in your browser and you ll be able to access the local server/ – Tirthraj Barot Sep 18 '16 at 07:03
  • @TirthrajBarot that will for for local development/testing but is not an option for a published application as you can't expect all your users to download that browser extension. – RAY Sep 19 '16 at 15:48
  • 1
    @RAY the problem won't persist after being hosted – Tirthraj Barot Sep 19 '16 at 19:52
  • @TirthrajBarot does Access-Control-Allow-Origin: * not cover localhost? – RAY Sep 19 '16 at 19:58
  • 1
    Unfortunately it doesn't. – Tirthraj Barot Sep 19 '16 at 19:59
  • @TirthrajBarot learn something new every day! Thanks! – RAY Sep 20 '16 at 15:42
  • Got it working? @RAY – Tirthraj Barot Sep 20 '16 at 15:44
  • Let's see if this solves @Bluecapra's issues. – RAY Sep 20 '16 at 15:47
  • Thanks for all of the comments. I've worked through the issue (not exactly what worked..) but right now, I'm modifying the http header to include the Bearer token and the host (my website) using stream_context_create and getting the data via file_get_contents. From there, use json_decode to get the data and away we go. Strangely enough, I'm not using Access-Control-Allow-Origin: at all. – Bluecapra Sep 20 '16 at 19:34

2 Answers2

0

The Jawbone endpoints all have the CORS header set to

Access-Control-Allow-Origin: *

However, this still will not allow cross-site requests from localhost (thanks @TirthrajBarot for the explanation in the comments), so you should disable this check in Chrome with something like the Access-Control-Allow-Origin extension.

RAY
  • 474
  • 4
  • 21
0

After authenticating the user and permissions, I redirect to another page to validate the authentication code and get the access token. From there, I go to another page to send the GET request for the data. Here is the code that is working:

    $url = "https://jawbone.com/nudge/api/v.1.1/users/@me/sleeps?" . $sleepDate;

    $options = array(
      'http'=>array(
        'method'=>"GET",
        'header'=>"Accept: application/json\r\n" .
                  "Authorization: Bearer " . $accessToken . "\r\n" . 
                  "Host: {my website}"
      )
    );

    $context = stream_context_create($options);
    $sleepData = @file_get_contents($url, false, $context);

The data is returned, decoded, and processed. The result is pushed into a text box in a form for the user to edit if desired. There is also a button to enter the data into the database (along with a bunch of hidden form fields that enter other relevant details)

Bluecapra
  • 43
  • 3