Thank you for this wonderful video, started programming a couple months back and i wanted to get into the world of api's and considering that destiny 2 is my favorite game i will delve deeper into the games api to make a good web app
This finally got me to jump into working with APIs, I've been looking at it for a while but I'm not good enough to figure it out on my own. Thank you so much for putting it together in an easy to follow manner. I'm now trying to figure out where they list some of the path parameters so I can read more interesting data from my favorite game.
I feel ya josh. My inspiration for these were based on what I wish someone would have showed me back when I was just starting out. Glad this helps. As far as the endpoints go, destiny's API docs I believe are supposed to be community driven. In the description and the early parts of the video you can find links to some pretty extensive docs listing all the endpoints. Good luck! Would love to see what you build.
Thanks for the video! Had a question regarding the sign in process with OAuth2, the redirect uri is really insecure, are there alternative methodologies to having the user paste in the redirect uri? I figured out how to have python automatically open the link generated for OAuth2 sign-in, I was wondering how I could have the page auto-close and obtain the HTTPS link through cookies or localstorage or whatever. Sorry if I'm completely off the mark here, I'm new to this. Thanks again!
Sorry for the late reply, been doing a little traveling lately. If I understand your concerns correctly I think you're heading in the right direction. Off the top of my head I would say instead of the app redirect returning a webpage for the copy/paste process, it would return to some route in the app that parses the code/state values. Just extend your auto "page opening" to extract the code and state so you can implement CSFR protections. Security is really its own entire topic but there are a bunch of strategies that can be employed to harden these internal app endpoints with entitlements, security groups, rules etc. I hope this helps.
Is it possible to automate the authorization via python? I imagine you would have to send the user to the auth page in their web browser but I'm trying to understand how you would extract the code from the redirect URL that needs to be sent for an Auth token.
I haven’t looked into a vanilla Python solution for this, but if you set up a web application with a framework like flask, you would create a route to the redirect url and extract the auth code directly from the url. There are libraries to assist in this as well. As soon as I get some more free time I will make a short video on this as well. In the meantime you could check out Corey Schafer’s series on flask here youtube.com/@coreyms, set up a basic app and programmatically access the code and token via a route.
Hey is there a way to contact you? I have a Bungie API request and was wondering if you do hourly/commission work? Couldn't find any contact info and not sure if your still checking comments.
Hi there, thanks for watching! I'm open to discussing any issues you're having or potential projects. I did create a slack channel a while back, its the free tier so nothing gets archived, but its there: tekksparrow-programs.slack.com/archives/C0673HG39K8. That would be the best place for us to connect. I try to answer small one off questions in the comments, but also set up this slack for longer conversations.
Hello I'm trying to contact you via slack link, but it won't let me sign-in. Do I need authorization? Not really familiar with Slack @@tekksparrowprograms
Hey sorry I can't seem to connect on slack. I'm trying to connect Bungie's API to Google Sheets. There's a google sheets extension called "API connector" which doesn't require script or code. Just wondering if you're open to hourly commission to help me set up the right settings and queries in "API Connector"?
Whoops you are correct. Slack does require permission to join these channels. I’m just realizing there isn’t a great way to DM via RUclips. I’ve created an IG in the mean time and later today I’ll replace the slack with a discord server. Hope this helps. instagram.com/tekksparrowprograms?igshid=MzMyNGUyNmU2YQ%3D%3D&
This is awesome by the way, but one question. The session also apparently gives you a "refresh token", which you can use for 90 days to get a new access token ( and a new refresh token ). How would I apply this particular token to the "fetch_token" session?
Super sorry for the late reply. I played around with the refresh token a little and couldn't find a great way to prove I got it working, but I think that would be a great video for the future. Thanks for watching.
Hey I love the video! Thanks to you I was able to make a request and get my bungie user info, but I'm struggling to take this beyond the terminal window. I'm trying to get vendor information and display it on a webapp using flask and heroku for hosting. So far I have a webapp that redirects users to the bungie page to authorize their account by clicking on a button. I haven't figured out how to handle things when bungie redirects users back to my webapp. Any tips on handling tokens, and resources, and how I should store them? Ideally for the purposes of my app, I would like for the user (Probably just going to be me) to have to request a new token each time so that I don't have to implement a database or deal with expired tokens. Anyways, awesome content!
I think i might be able to direct you to a great tutorial by another RUclips programmer that has a whole series on flask, including a section on how to use a session library that will make the post token acquisition workflow a lot less manual. I don't believe they specifically handle tokens, but it's enough to get started with loading session data based on which user is logged in, where I believe in docs/forums you'll find the patterns you're looking for...
As far as the redirect goes, I believe that creating a flask route that handles that redirect info and loads it into the session and whatever else you had in mind is the way to go... Hope this helps
Great video! I am very new to all of this. When I try to from requests_oauthlib it says there are problems with the requests_oauthlib. The only error it gives me is "import requests_oauthlib could not be resolved". I went back and checked that I correctly pip installed all the things. If you have any Idea how to help it would mean a ton! Again great video!
Again I'm pretty new but I think it just inst recognizing that I have any of the pip installed things installed. It is giving me errors for the dotenv stuff too.
But regardless of the IDE, your diagnosis feels to be right on the money., whatever tool you're using to code seems to be looking elsewhere for your installation directory.
To set it in vscode open the command pallet... Command Shift P i believe and search for "interpreter" and you should be able to select the env that's pointing to the local virtual environment. (Designated but the local path /venv)
I should add a demonstration of this function in my future simple api videos, but to answer you question, no it does not. You'll need to add that feature into your project. To get started, these two links should put you on the right path. One will explain the refresh process/contract with bungie's api: github.com/Bungie-net/api/wiki/OAuth-Documentation#refreshing-the-access-token Two (automatic/manual) example code on how to implement i.e. make the refresh api call, using the requests-oauthlib package: github.com/requests/requests-oauthlib/blob/46f886ccb74652fc9c850ece960edcf2bce765a5/docs/examples/real_world_example_with_refresh.rst#:~:text=def%20automatic_refresh()%3A You'll have to update the endpoints in the example to point to the bungie urls instead of the google ones. Hope this helps!
@@tekksparrowprograms yes please! I thought I had a way to do it but , bungies redirect URL doesn’t spit out right with python. It spits out a decoded link but not the actual URL so you’re unable to grab the code. Let me know if you find a work around! Been searching all day with no luck. I did end up on the resources you send with no luck
Thank you for this wonderful video, started programming a couple months back and i wanted to get into the world of api's and considering that destiny 2 is my favorite game i will delve deeper into the games api to make a good web app
This finally got me to jump into working with APIs, I've been looking at it for a while but I'm not good enough to figure it out on my own. Thank you so much for putting it together in an easy to follow manner.
I'm now trying to figure out where they list some of the path parameters so I can read more interesting data from my favorite game.
I feel ya josh. My inspiration for these were based on what I wish someone would have showed me back when I was just starting out. Glad this helps. As far as the endpoints go, destiny's API docs I believe are supposed to be community driven. In the description and the early parts of the video you can find links to some pretty extensive docs listing all the endpoints. Good luck! Would love to see what you build.
This guy is the man
Thanks, the docs can be confusing on how to truly do this.
I agree, the destiny docs are managed differently than your typical enterprise style apis like google or facebook.
Thanks for the video! Had a question regarding the sign in process with OAuth2, the redirect uri is really insecure, are there alternative methodologies to having the user paste in the redirect uri? I figured out how to have python automatically open the link generated for OAuth2 sign-in, I was wondering how I could have the page auto-close and obtain the HTTPS link through cookies or localstorage or whatever. Sorry if I'm completely off the mark here, I'm new to this. Thanks again!
Sorry for the late reply, been doing a little traveling lately. If I understand your concerns correctly I think you're heading in the right direction. Off the top of my head I would say instead of the app redirect returning a webpage for the copy/paste process, it would return to some route in the app that parses the code/state values. Just extend your auto "page opening" to extract the code and state so you can implement CSFR protections. Security is really its own entire topic but there are a bunch of strategies that can be employed to harden these internal app endpoints with entitlements, security groups, rules etc. I hope this helps.
How do you make your visual studios look like that when coding, because mine is very confusing and cluttered with stuff
Nothing special. Maybe try fresh install or clean up extensions?
Is it possible to automate the authorization via python? I imagine you would have to send the user to the auth page in their web browser but I'm trying to understand how you would extract the code from the redirect URL that needs to be sent for an Auth token.
I haven’t looked into a vanilla Python solution for this, but if you set up a web application with a framework like flask, you would create a route to the redirect url and extract the auth code directly from the url. There are libraries to assist in this as well. As soon as I get some more free time I will make a short video on this as well. In the meantime you could check out Corey Schafer’s series on flask here youtube.com/@coreyms, set up a basic app and programmatically access the code and token via a route.
Hey is there a way to contact you? I have a Bungie API request and was wondering if you do hourly/commission work? Couldn't find any contact info and not sure if your still checking comments.
Hi there, thanks for watching! I'm open to discussing any issues you're having or potential projects. I did create a slack channel a while back, its the free tier so nothing gets archived, but its there: tekksparrow-programs.slack.com/archives/C0673HG39K8. That would be the best place for us to connect. I try to answer small one off questions in the comments, but also set up this slack for longer conversations.
Great! Thanks for getting back. I'm still trying to figure out what I need and will reach out on slack when ready. Do you still play Destiny?
Hello I'm trying to contact you via slack link, but it won't let me sign-in. Do I need authorization? Not really familiar with Slack @@tekksparrowprograms
Hey sorry I can't seem to connect on slack. I'm trying to connect Bungie's API to Google Sheets. There's a google sheets extension called "API connector" which doesn't require script or code. Just wondering if you're open to hourly commission to help me set up the right settings and queries in "API Connector"?
Whoops you are correct. Slack does require permission to join these channels. I’m just realizing there isn’t a great way to DM via RUclips. I’ve created an IG in the mean time and later today I’ll replace the slack with a discord server. Hope this helps.
instagram.com/tekksparrowprograms?igshid=MzMyNGUyNmU2YQ%3D%3D&
This is awesome by the way, but one question. The session also apparently gives you a "refresh token", which you can use for 90 days to get a new access token ( and a new refresh token ). How would I apply this particular token to the "fetch_token" session?
Super sorry for the late reply. I played around with the refresh token a little and couldn't find a great way to prove I got it working, but I think that would be a great video for the future. Thanks for watching.
Hey I love the video! Thanks to you I was able to make a request and get my bungie user info, but I'm struggling to take this beyond the terminal window. I'm trying to get vendor information and display it on a webapp using flask and heroku for hosting. So far I have a webapp that redirects users to the bungie page to authorize their account by clicking on a button. I haven't figured out how to handle things when bungie redirects users back to my webapp. Any tips on handling tokens, and resources, and how I should store them? Ideally for the purposes of my app, I would like for the user (Probably just going to be me) to have to request a new token each time so that I don't have to implement a database or deal with expired tokens. Anyways, awesome content!
I think i might be able to direct you to a great tutorial by another RUclips programmer that has a whole series on flask, including a section on how to use a session library that will make the post token acquisition workflow a lot less manual. I don't believe they specifically handle tokens, but it's enough to get started with loading session data based on which user is logged in, where I believe in docs/forums you'll find the patterns you're looking for...
Jump to around the 19:30 mark for the login manager extension.
ruclips.net/video/CSHx6eCkmv0/видео.html
As far as the redirect goes, I believe that creating a flask route that handles that redirect info and loads it into the session and whatever else you had in mind is the way to go... Hope this helps
@@tekksparrowprograms Thanks again, this helps a lot!
Great video! I am very new to all of this. When I try to from requests_oauthlib it says there are problems with the requests_oauthlib. The only error it gives me is "import requests_oauthlib could not be resolved". I went back and checked that I correctly pip installed all the things. If you have any Idea how to help it would mean a ton! Again great video!
Again I'm pretty new but I think it just inst recognizing that I have any of the pip installed things installed. It is giving me errors for the dotenv stuff too.
Are you using vscode? If so you might need to manually set the target environment/interpreter and then reboot vscode.
But regardless of the IDE, your diagnosis feels to be right on the money., whatever tool you're using to code seems to be looking elsewhere for your installation directory.
To set it in vscode open the command pallet... Command Shift P i believe and search for "interpreter" and you should be able to select the env that's pointing to the local virtual environment. (Designated but the local path /venv)
@@tekksparrowprograms I am using vscode! I will try this right now thank you for the help!
Does this auto refresh the token ?
I should add a demonstration of this function in my future simple api videos, but to answer you question, no it does not. You'll need to add that feature into your project. To get started, these two links should put you on the right path.
One will explain the refresh process/contract with bungie's api:
github.com/Bungie-net/api/wiki/OAuth-Documentation#refreshing-the-access-token
Two (automatic/manual) example code on how to implement i.e. make the refresh api call, using the requests-oauthlib package:
github.com/requests/requests-oauthlib/blob/46f886ccb74652fc9c850ece960edcf2bce765a5/docs/examples/real_world_example_with_refresh.rst#:~:text=def%20automatic_refresh()%3A
You'll have to update the endpoints in the example to point to the bungie urls instead of the google ones. Hope this helps!
@@tekksparrowprograms yes please! I thought I had a way to do it but , bungies redirect URL doesn’t spit out right with python. It spits out a decoded link but not the actual URL so you’re unable to grab the code. Let me know if you find a work around! Been searching all day with no luck. I did end up on the resources you send with no luck