I made a quick 'n dirty sample to illustrate how Drupal services can be called in Flex using keys and authentication: http://www.novio.be/downloads/drupal_services/ (right-click, view source).
As you can see in the example, we have two types of calls. One that's publicly available to anonymous users and one that requires user authentication. The latter requires some more explanation. In a first roundtrip, we perform a system.connect() and this returns the session id and information about the current user. If the user isn't logged in yet, we automatically perform a user.login() call in a second roundtrip. Please note that the user login normally requires manual input in a login form by the user. In our example, we login automatically. But anyway, from this point on, you can start making service calls that require user authentication.
Concerning Drupal and the Services module:
- I've installed Drupal 6 over here: http://www.novio.be/drupal/. If you need information about installing Drupal in a subfolder, read this article: http://drupial.com/content/install-drupal-subfolder.
- I downloaded, uploaded and enabled the services module, the views module and the AMFPHP module with the latest version of AMFPHP uploaded in Drupal's AMFPHP module folder.
Check-out this tutorial to get Drupal services working with Flex:
http://files.thisbythem.com/screencasts/services-2.mov
Then, I switched on the use of keys and the session id under Administer > Site building > Services > Settings and I created a key under Administer > Site building > Services > Keys. In the class CallWithLogin, we use these parameters to login our test user.
For security, consider filtering on http-referer and communicate with the server over https. Don't forget to adjust your services-config.xml when working with SSL: just replace AMFChannel and AMFEndpoint with SecureAMFChannel & SecureAMFEndpoint in the "class" attribute of the channel-definition node and the endpoint node respectively.
Please note that if you want to create custom content types (and you will), you also have to install the Content Construction Kit (CCK). I've uploaded all downloaded modules into [DRUPAL-installation]/sites/all/modules to make those modules available to all sites of my Drupal installation.
For more information, you could check out these resources that I've consulted:
- http://drupal.org/handbook/modules/services
- http://groups.drupal.org/services
- http://drupal.org/node/394224
- http://electricpineapple.net/?p=32
- http://groups.drupal.org/node/2768
! TIP : you can find an interesting e-book about Flash with Drupal at http://www.boykma.com/e-book/php/flash-with-drupal.html
11 Comments
thanks for sharing your code.
have you tried to pass anything else as sessid (random string for ex.) it seems the service won’t complain and just execute…
Also, I m still trying to figure out a good way for not having a hard coded api key in the flex source (as it can be easily decompiled). Any idea?
@sitron: thank you for bringing that to my attention. SessionID is a required parameter in the call, but apparently nothing is done with it… This is something worth investigating (to be continued)
I have almost completed a Flex based theme for Drupal 6 and it completely relies on the HTML output as a data source. Yes, the HTML should be valid and there are some issues to care of but at the end the whole setup is much simpler and you don’t care about the authorization.
I copied your drupalservicestest.zip into my flex 3 project, and then modified the following
1. endpoint uri pointed to my localhost location
2. change the testing user and password.
3. changed the domain to “/http://localhost/drupal”
4. changed the valid api key
also in flex compiler I added the argument “-services “services-config.xml”
Then I copied this the compiled swf file into a node in Drupal, executed the file, showed me the interface title “Execute a Drupal service call by clicking a button below”,
When I clicked “Simple service call”, there is no error, but nothing showed up except the message at the bottom bar “Transferring data from localhost….”. It seems that it has problem retrieving data from localhost?
Then I clicked “Service call with authentication”, it returned an error “Invalid argument supplied for foreach()
Could you help??
I have been working hard trying to connect flex with drupal, but was not successful yet. But actually my Amfphp and services module are working in Drupal, so I have no idea what was wrong.
Sorry please ignore my previous post. It was due to the dact that I forgot to check the user key and session in services modules
Now it works and can get the node details when I clicked the button “Service call with authentication”. However, it did not return anything when I clicked the button “Simple Service call”. Do you know why it works only with user login?
I am trying to get this to work in my local environment without any luck. I am using virtual directories as well as rewrites like yours with drupal 6 on xampp (windows). Do you have any experience with that, or does linux play nice immediately?
all I get is “missing required arguments”.
On further inspection it looks like the “login with authentication” is working but then it fails to do the node.get().
It seems my drupal installation requires
Hash
domain_name
Timestamp
nonce
sessid
nid
whereas your example provides sessionId and nid only.
Do you know why that would be ? Is that because of the way I have configured my services , or because I am using a different version of the module ?
OK for anyone who is struggling with this example here are some tips – I think perhaps there have been some changes to the services module since the example was created.
It seems for me that I always need to pass several arguments.- certainly with node.get – simple or authenticated.
And also very important is to update the sessionId after every call result – before making a new service call. The sessionId changes after each call.
It seems some methods don’t require any arguments – like system.connect – but it may be best to check in the service browser inside the admin console to see what arguments are required by each method. It seems that since Services module is currently in heavy development these are likely to change.
Forgot to mention – super work Hans – you did the fiddly bit of making the hashKey and randomString methods that will save a bit of work.
Thanks.
Like alex mentioned, the Services module is undergoing serious changes. This explains why the signature of the methods is incompatable.
My suggestion: team up with a good Drupal developer and make a custom services module. The security measures in the version of the Services module used in the example can be called “security through obscurity”, which is not true security
I am trying to get your Flex 3 with Drupal 6 Services code to work.
When I click on either button, “Simple service call” or “Service call with authentication”, I get the same message:
Error: “The class {system} could not be found under the class path {/Library/WebServer/Documents/amfphp/services/system.php}”
Do you have a file called “system.php” in you amfphp directory, perhaps at:
http://www.novio.be/drupal/services/amfphp/system.php
or something similar?
Or, is there somewhere else in your code, where the Class “system” is defined?
Do you have any other suggests about how I should correct this error?
Amfphp is working on my system, in the path/directory shown in the above error message. Also, Drupal services works with this amfphp installation for Drupal 5, but not Drupal 6. However, your site online does work with services for both the simple and authenticated calls. The question is, how does it work for you, but apparently not for others, based on the comments on your blog?
Thanks very much for this code and tutorial. I just wish I could get it to work.
One Trackback
[...] “What’s the use?”, you might ask. Well, it was a fun experiment. To know about how to do things properly using the services via AMFPHP: check out this “howto”. [...]