Trying to add bot to the channel permissions. The code works with ADMINSTRATOR Permissions but not without.
Iam getting always a Missing Access Error
Missing Access Error:
Current Permissions:
Code:
channel.permissionOverwrites.edit(interaction.user.id, { VIEW_CHANNEL: true, SEND_MESSAGES: true});
Simple, if the bot can't see the channel, it can't modify it. Same way as user can't modify existing channel if they can't see that channel.
That is also why it works with ADMINISTRATOR perms because that way bot can see every channel
Related
I don't think this issue is specific to PyDrive, but rather Google OAuth. However, some of the solutions I've seen on stackoverflow don't seem to be transferable over to my PyDrive application, which is just a python script to upload files programmatically to a shared drive. It worked fine 2 months ago but I tried to rerun it today and it's not working. Here is the error I'm getting:
Authorisation Error
Error 400: invalid_request
You can't sign in to this app because it doesn't comply with Google's OAuth 2.0 policy for keeping apps secure.
You can let the app developer know that this app doesn't comply with one or more Google validation rules.
Request Details
The content in this section has been provided by the app developer. This content has not been reviewed or verified by Google.
If you’re the app developer, make sure that these request details comply with Google policies.
redirect_uri: urn:ietf:wg:oauth:2.0:oob
I am using a web application OAuth 2.0 Client ID creds on GCP. All secrets are stored in a local client_secrets.json file.
I run my script, it sends a message to the console that says
Go to the following link in your browser:
https://accounts.google.com/o/oauth2/auth?client_id=blahblahblah.apps.googleusercontent.com&redirect_uri=urn%3Aietf%3Awg%3Aoauth%3A2.0%3Aoob&scope=https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fdrive&access_type=offline&response_type=code
Enter verification code:
How it used to work: After I click the link above, it returns a code I paste into the console and then its authenticated. FYI: I plan on running this 24/7 on a remote server.
Now: I click the link above and get the error I posted above. I've tried to change the redirect uri to 127.0.0.1 and it does allow me to auth, then I get a code in my URL, but once I copy that and paste it into the console, I get more errors.
Anyone know the solution for this?
I'm using the /beta endpoints for Microsoft Graph API, but I'm getting an Unauthorized error when trying to create chat messages on behalf of other users (or any user).
In v1.0 of the API, the Create chatMessage method is not Supported, but in Beta it is: https://learn.microsoft.com/en-us/graph/api/channel-post-message?view=graph-rest-beta&tabs=http, as "Teamwork.Migrate.All" permission, which my Application has in Azure.
It is strange, because the same App can create Teams, channels and add members, but not add channel messages.
Anyone know where to look next?
Edit: I got this back now: "You need to add user delegated permissions in your application to at least Group.ReadWrite.All in portal.azure.com and then consent as user or Grant admin consent in portal. And re-run On behalf of a User | Get User Access Token request to update access token."
However, it does not make sense in regards to what the Beta documentation says about the permission "Teamwork.Migrate.All", which my app has as an "Application Permission": "Allows the app to create chat and channel messages, without a signed in user. The app specifies which user appears as the sender, and can backdate the message to appear as if it was sent long ago. The messages can be sent to any chat or channel in the organization."
If I'm an app and I have that permission, what should I do with a User Access Token? I'm using the App Access Token.
For simply posting message to Teams Channel using Application Permission is not supported by Microsoft Graph
Alternatively you can setup Incoming Webhook which is connector in MsTeams's channel and after finish set up on Teams channel you will received URL which you could use Postman or any API consumer app to send request(your message) to Incoming Webhook which will be post in Teams Channel
Sample Result Image
NOTE: Incoming Webhook is not support for replying post
You need to add user delegated permissions in your application to at
least Group.ReadWrite.All in portal.azure.com and then consent as user
or Grant admin consent in portal. And re-run On behalf of a User | Get
User Access Token request to update access token.
It seems that you need to use a user token instead of an application token to create chat messages. The only difference between them is that the user token requires the user to log in. The application token allows the application to create chat messages on behalf of other users. Currently, you can only use user tokens.
As your prompt message says, you need to grant the Group.ReadWrite.All delegation permission to the application, and then grant the admin consent for the permission, and then you need to use the auth code flow to obtain the access token.
Update:
I think what you are doing is importing messages, not creating chat messages, it does require you to have the Teamwork.Migrate.All application permission.
Importing messages is special, it requires you to create team and create achannel in the migration state, you need to include the migration value in the teamCreationMode and channelCreationMode instance attributes in the POST request. See: here.
I'm building an application with AWS Cognito and AWS AppSync.
My Problem:
I want to an User, after signUp, for some reason (not important) he did not receive the Verification E-mail (which is a Link, not a Code).
The user goes back to the application and asks for another Verification E-mail.
Tried:
I tried the following solutions,
-> Using resendConfirmationCode function of AWS-SDK.
-> Using Auth Amplify API with the function resendSignUp[
-> Using the following npm package (https://www.npmjs.com/package/amazon-cognito-identity-js) Use Case #3
I Always end up on this message: "Cannot reset password for the user as there is no registered/verified email or phone_number"
I want that the function resends the verification Link to an User, so he does not have a E-mail verified yet.
What do I expect?
If the user does not receive an E-mail with the verification Link, he can use a function to call again for this e-mail.
As I'm working with Links, I would rather prefer a Link for this, but if is not possible, a Code will be fine, and I change it on Cognito Lambda-Triggers.
Hope you guys be able to help me :)
I have been happily using the xoauth client to negotiate PKCE grants flows up to earlier today.
Tokens were obtained and refreshed, all was looking fine until I needed to amend my scopes and needed to re-consent.
Now I receive an error on the callback - http://localhost:8080/callback?error=access_denied&state=8AJEDHk6tlNX2E98Y3JuFmXmDrcS2DNB#_=_
This error would usually indicated that consent was canceled by the user but I am definitely pressing Allow.
I have:
Deleted the app and made a new one, tried a new Code Flow app, tried a trial organisation instead of the Demo organisation, all without luck.
However, it will succeed if I specify the bare minimum of scopes: openid and offline_access
Any ideas?
My Client ID is: 17B89D9AF3984680BCA620A3986AE8EB
Update: It does however work in a private browser window so I suspect something local. Will poke some more and close if so.
So that last piece makes it sound like some kind of browser / cache issue.
We did have another user where an ad blocker was causing the problem during the granting access page. Maybe that was you..? API team is looking into this further.
If you are continued to be blocked you can open a ticket by emailing api#xero.com
I’ve followed this tutorial https://apiai-aws-heroku-nodejs-bots.blogspot.co.uk/2017/07/steps-for-apiai-and-google-account.html but when I go and grab by debugging URL which happens to be https://assistant.google.com/services/auth/handoffs/auth/start?provider=allergology-5fa9c_dev&scopes=https://www.googleapis.com/auth/userinfo.email+https://www.googleapis.com/auth/userinfo.profile+https://www.googleapis.com/auth/admin.directory.resource.calendar&return_url=https://www.google.com/ and paste it into a new window I get Error 500 but no explanation.
I also tried from an incognito window. It does ask for my email and password but then returns the same error.
I’ve used Implicit Grant Type and I don’t have Add quick account linking enabled please ket me know if that’s not right?
When I try the CURL URL I get the message {“status”:{“code”:401,“errorType”:“unauthorized”,“errorDetails”:“Authentication parameters missing”}}
UPDATE - now when I try the basic Talk to Allergology action on the simulator I don’t even get the debug info anymore, but the message “Sorry this action is not available in simulation” :frowning:
Could you please help?
thanks
Morena
I've managed to work out what I need to do by following this answer How to authenticate user with just a Google account on Actions on Google?
In my case - Configure your project (in the cloud console) so that the Calendar API is enabled and that the OAuth2 client is correctly configured.
I also switched from Implicit Grant Type to Authorisation Code.
My app is almost working, I am now having other issues, but at some point the Access Token was coming through with the request.