Getting error 401 Unauthorised: Missing bearer authentication in header - api

API Documentation
This is the documentation for the available API endpoints, which are built around the REST architecture. All the API endpoints will return a JSON response with the standard HTTP response codes and need a Bearer Authentication via an API Key.
Base url
https://app.popify.site/api
Retrieve a user
curl --request GET \
--url 'https://app.popify.site/api/user' \
--header 'Authorization: Bearer {api_key}' \
Getting error 401: Missing bearer authentication in header, though I'm using correct api key.

If it is a JWT token you are passing, I'd suggest you to go to JWT decode and paste your encoded token to see what all information it consists. Ideally. roles and user related information is available in payload, if some of it is not enrolled or available on the authorization server, it will result in 401 Unauthorized.

curl --request GET \
--url 'https://app.popify.site/api/user' \
--header 'Authorization: Bearer {api_key}' \
wrap your authorization with quotes and do the same with bearer like this:
--url 'https://app.popify.site/api/user' \
-- header "Authorization ": "Bearer {api key} "
using fetch API:
const result = async getBalance(){
await fetch("https://foma.line.pm/balance", {
method: "get",
headers: {
"Authorization": " Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIU "
}}).then(response => response.json()).then(data => console.log(data)
)
}

Related

How to get an oauth2 url on postman

I'm trying to get the access token on Postman. I'm in "Get acces token", "body" and I'm using the 'POST' method (not the 'GET' one). When I click on the "send" button, I read this message:
{
"timestamp": "2022-11-07T21:26:28.119+00:00",
"status": 401,
"error": "Unauthorized",
"message": "",
"path": "/oidc/accessToken"
}
I think the problem is my oauth2 url. I didn't understand how to get one. I read on the internet that the url should be like this:
https://id:secret#mywebsite.com
Is it correct? I doesn't work for me.
How could I write a correct oauth2 url?
Thank you in advance!
PS: the 'code snippet' is this one:
curl --location --request POST 'https://link/accessToken' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--header 'APIM-Debug: true' \
--data-urlencode 'client_id=' \
--data-urlencode 'client_secret=' \
--data-urlencode 'username=myusername' \
--data-urlencode 'password=mypassword' \
--data-urlencode 'grant_type=client_credentials'

fastapi swagger not sending the token with the url

The fastapi swagger not sending token with the header. Even though i login through the authorization button of swagger.
this is the url it is showing: curl -X GET "http://localhost:8000/locations/?limit=100" -H "accept: application/json" -H "Authorization: Bearer undefined"
oauth2_scheme = OAuth2PasswordBearer(tokenUrl="/users/createtoken")
If you want FastAPI's SwaggerUI to include your token in the API calls, make sure that your /users/createtoken endpoint is including the 2 required keywords in the response.
access_token: this should be your token value
token_type: the value of this should be Bearer
So your response should be something like,
{
access_token: 'abcdefg12345token',
token_type: 'Bearer'
}
If your endpoint is returning,
{
token: 'abcdefg12345token'
}
any SwaggerUI API calls will just show undefined for the token bearer value.

Curl 415 Unsupported Media Type

I am trying to test my endpoint with curl and getting a 415:
curl -X POST "http://localhost:5001/api/countries/import" \
--header "Content-Type: application/json" \
--header "Authorization: Bearer "$API_TOKEN \
--data #/D:/_countries.json
Response:
{"type":"https://tools.ietf.org/html/rfc7231#section-6.5.13","title":"Unsupported Media Type","status":415,"traceId":"0HLTFOME7T990:00000001"}
And here's my .net core endpoint:
// POST api/countries/import
[HttpPost]
[Route("[action]")]
public async Task<IActionResult> Import(IFormFile file)
{
...
}
Btw, I have no problem with this endpoint in postman although it's generated code doesn't work for me (the response is the same):
curl --location --request POST 'http://localhost:5001/api/countries/import' \
--header 'Content-Type: application/json' \
--header 'Authorization: Bearer {token here}' \
--form 'file=#/D:/_countries.json'
P.S. I am using Windows 10 and git bash to run the script.
Unsupported Media Type
Your action public async Task<IActionResult> Import(IFormFile file) expect IFormFile parameter, but you sepecified request header with Content-Type: application/json, which cuase this issue.
Please try to specify the header to --header 'Content-Type: multipart/form-data', like below.
This also can indicate a router problem.
Consider the following signature
[HttpGet("GetNearByPlaces")]
public async Task<IActionResult> GetNearByPlaces(double lattitude, double longitude, IEnumerable<SearchPlaceType> types = null)
The framework is trying to decide that a path could exist based on lattitude longitude and types in THIS example.
However, IEnumerable is not supported (the path could have an undetermined number of arguments like /23.4/34.5/4/4/6/4) and thus a 415 is returned.
Modify the signature as follows will fix it.
[HttpGet("GetNearByPlaces")]
public async Task<IActionResult> GetNearByPlaces([FromQuery] double lattitude, [FromQuery] double longitude, [FromQuery] IEnumerable<SearchPlaceType> types = null)
Also a '[FromBody]' attribute could fix the problem.

paypal authentication failure in sandbox

I encounter an issue when I try to use the Paypal sandbox API.
I've created my 2 sandbox accounts (the facilitator and the buyer), and I've created my app to get the credentials.
Then, I use the curl example provided by Paypal to get a token :
curl -v https://api.sandbox.paypal.com/v1/oauth2/token \
-H "Accept: application/json" \
-H "Accept-Language: en_US" \
-u "my-client-id:my-secret" \
-d "grant_type=client_credentials"
I get a 200 response, with an "access_token".
Then, I use this access token to get another resource, for example :
curl -v -X GET https://api.sandbox.paypal.com/v1/invoicing/invoices?page=3&page_size=4&total_count_required=true \
-H "Content-Type: application/json" \
-H "Authorization: Bearer the-token-received-above"
Then, I get a 401 error :
{
"name":"AUTHENTICATION_FAILURE",
"message":"Authentication failed due to invalid authentication credentials or a missing Authorization header.",
"links":[{
"href":"https://developer.paypal.com/docs/api/overview/#error",
"rel":"information_link"
}]
}
I don't understand what I'm doing wrong, since I've followed every step decribed in the Paypal doc (at least, I think I have... probably not)
Thanks for your help
curl -v -X GET "https://api.sandbox.paypal.com/v1/invoicing/invoices?page=3&page_size=4&total_count_required=true" \
-H "Content-Type: application/json" \
-H "Authorization: Bearer the-token-received-above"
Actually had this exact same issue but didn't know what was wrong with my curl. For me, the issue was I forgot to put "Bearer" in the Authorization section.
For this, you are required to wrap the URL with quotation marks.
After get access_token. Please try this
try {
$params = array('access_token' => $jsonResponse->access_token);
$userInfo = OpenIdUserinfo::getUserinfo($params, $this->_api_context);
} catch (Exception $ex) {
ResultPrinter::printError("User Information", "User Info", null, $params, $ex);
exit(1);
}
ResultPrinter::printResult("User Information", "User Info", $userInfo->getUserId(), $params, $userInfo);
Don't forget to add
use PayPal\Api\OpenIdTokeninfo;
use PayPal\Api\OpenIdUserinfo;
That's worked for me.

Using Taxee.io API

I'm trying to access the Taxee.io API using the request npm module. The documentation is slightly poor and the difference between the Mashape info and the website's info is confusing.
https://taxee.io/
The docs have one example of a request here.
curl 'https://taxee.io/api/v2/calculate/2017' -H 'Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJBUElfS0VZX01BTkFHRVIiLCJodHRwOi8vdGF4ZWUuaW8vdXNlcl9pZCI6IjU4NDQ4MTA4Mzg2NjhhMTU4ZDU0ZmIzNSIsImh0dHA6Ly90YXhlZS5pby9zY29wZXMiOlsiYXBpIl0sImlhdCI6MTQ5OTA1MzU0NX0.pOwC5JEC7trLaaZVgHHGu_rvN0-EGa3RMm8BgJ-M9gk' -H 'Content-Type: application/x-www-form-urlencoded' --data 'state=NC&filing_status=married&pay_periods=26&pay_rate=116500&exemptions=2'
I however want to use the request npm module and am struggling to bridge the gap in how it will work in my express app.
const request = require('request');
request.post('https://taxee.io/api/v2/calculate/2017', {
'auth': {
'Bearer': 'mykey'
}
});
This is what I have thus far. Any help is appreciated.
Keep in mind that properties are case sensitive in JavaScript. You must pass the bearer token under the key bearer and not Bearer.
To replicate the Content-type and pass data, use the form support of the library.
E.g. like this:
{
auth: {
bearer: '<token>',
},
form: {
state: 'NC',
// ...
},
}