DB Cursor Failures on Google BigQuery - authentication

Need to understand why did the below query failed in GCP BigQuery. What are the possible reasons for failure?
The 3 DB cursors which failed for the script to ingest the data into Mongo:
All 3 were running on the same table, and they get authentication error:
{
"error": {
"code": 401,
"message": "Request is missing required authentication credential. Expected OAuth 2 access token, login cookie or other valid authentication credential. See https://developers.google.com/identity/sign-in/web/devconsole-project.",
"errors": [
{
"message": "Login Required.",
"domain": "global",
"reason": "required",
"location": "Authorization",
"locationType": "header"
}
],
"status": "UNAUTHENTICATED"
}
}

Related

Method: licenseAssignments.listForProduct get Error

y try to get the licenses in the organization but in the page get the next error,
{
"error": {
"code": 503,
"message": "Backend Error",
"errors": [
{
"message": "Backend Error",
"domain": "global",
"reason": "backendError"
}
]
}
}
I don't know if the service has a problem or if I put wrong parameters.
Method: licenseAssignments.listForProduct, i need the licenses per users

Hashicorp Vault LDAP authentication issues

We use LDAP as our access into Hashicorp Vault.
One of our users was deleted and recreated in AD... This use cannot log into the vault any longer, receiving a "Authentication failed: internal error" (rather than a "Authentication failed: ldap operation failed" that we see for a user that is not in AD or with an invalid password)
The only error we see is in the vault_audit.log (with passwords, and assessors munged, ip changed, and replaced with my name as example):
{
"time": "2022-09-12T19:03:55.457492415Z",
"type": "response",
"auth": {
"client_token": "hmac-sha256:xxxxxxx",
"accessor": "hmac-sha256:yyyyyyy",
"display_name": "ldap-ssiegler",
"token_policies": [
"default"
],
"metadata": {
"username": "ssiegler"
},
"entity_id": "aca5c682-b0c4-2f51-9681-b4244a23720b",
"token_type": "service"
},
"request": {
"id": "275b5b49-80ff-ee5f-a7f8-1e0c5a3dc645",
"operation": "update",
"namespace": {
"id": "root"
},
"path": "auth/ldap/login/ssiegler",
"data": {
"password": "hmac-sha256:zzzzzzz"
},
"remote_address": "192.168.205.23"
},
"response": {},
"error": "internal error"
}
"error": "internal error"
being the only information...
I have removed the entities that referenced this user, with no change, and created a new entity that was able to have this ad user as an alias, so AD sees him...
Ideas?

Microsoft Graph API - 401 Unauthorized While Creating Chat

I using the graph API v1.0 to create the one-to-One chat,but I found some account get 401 results.I check the Permission from the Api '/me/oauth2PermissionGrants',and I can find the 'Chat.Create' permission.
{
"#odata.context": "https://graph.microsoft.com/v1.0/$metadata#oauth2PermissionGrants",
"value": [
{
"clientId": "9fc4855b-4d7e-443b-a8f0-282690a55a73",
"consentType": "Principal",
"id": "W4XEn35NO0So8CgmkKVacwsSh1fUKDpBhq1AxEmfwg74z92MWfk9ToJPj-kyp8I8",
"principalId": "8cddcff8-f959-4e3d-824f-8fe932a7c23c",
"resourceId": "5787120b-28d4-413a-86ad-40c4499fc20e",
"scope": " offline_access openid profile email User.Read User.ReadWrite User.ReadBasic.All Chat.ReadWrite Chat.Create Presence.Read Presence.Read.All ChatMessage.Read ChatMessage.Send"
},
{
"clientId": "d39356e1-6d20-4d19-ad54-5278e19b94ec",
"consentType": "Principal",
"id": "4VaT0yBtGU2tVFJ44ZuU7AsSh1fUKDpBhq1AxEmfwg74z92MWfk9ToJPj-kyp8I8",
"principalId": "8cddcff8-f959-4e3d-824f-8fe932a7c23c",
"resourceId": "5787120b-28d4-413a-86ad-40c4499fc20e",
"scope": " offline_access openid profile email User.Read User.ReadWrite User.ReadBasic.All Chat.ReadWrite Chat.Create Presence.Read Presence.Read.All ChatMessage.Read ChatMessage.Send"
},
{
"clientId": "c81831d1-608e-43fa-abd4-3a09e523cb3c",
"consentType": "Principal",
"id": "0TEYyI5g-kOr1DoJ5SPLPAsSh1fUKDpBhq1AxEmfwg74z92MWfk9ToJPj-kyp8I8",
"principalId": "8cddcff8-f959-4e3d-824f-8fe932a7c23c",
"resourceId": "5787120b-28d4-413a-86ad-40c4499fc20e",
"scope": " offline_access openid profile email User.Read User.ReadWrite User.ReadBasic.All Chat.ReadWrite Chat.Create Presence.Read Presence.Read.All ChatMessage.Read ChatMessage.Send Files.Read Files.ReadWrite Files.Read.All Files.ReadWrite.All Sites.Read.All Sites.ReadWrite.All"
}
]
}
When I post "https://graph.microsoft.com/v1.0/chats",
set the body like this
{"members":[
{ "user#odata.bind":"https://graph.microsoft.com/v1.0/users('8cddcff8-f959-4e3d-824f-8fe932a7c23c')",
"#odata.type":"#microsoft.graph.aadUserConversationMember",
"roles":["owner"]},
{ "user#odata.bind":"https://graph.microsoft.com/v1.0/users('636f150e-f73c-44d6-be0c-4d543b2b4e5d')",
"#odata.type":"#microsoft.graph.aadUserConversationMember",
"roles":["owner"]
}
],
"chatType":"oneOnOne"
}
It response 401 Authentication failed
{
"error": {
"code": "Unauthorized",
"message": "Authentication failed.",
"innerError": {
"date": "2022-05-17T08:41:05",
"request-id": "de03512e-b97d-4229-b1ce-a73a61ed4f3d",
"client-request-id": "de03512e-b97d-4229-b1ce-a73a61ed4f3d"
}
}
}
When I replace another account's token & teamsUserId and try again ,It returns Ok!
Can you help me check the reason?
First of all check your app id secret and confirm
secondly check that the users you are trying to add have authorized your application.
thirdly check for access token you need scopes and permission according to the token you are sending to the graph
If you are using application token , use default scope and check whether you have added the chat.create application permission else if you are using token on behalf of user you need delegated permission for chat.create application

self-service APIs error response has multiple formats

When I test self-service APIs, I found that there are 2 different formats for the error response.
case 1: when there is something wrong with token
I got such response
{
"errors": [
{
"code": "38190",
"title": "Invalid access token",
"detail": "The access token provided in the Authorization header is invalid",
"status": "401"
}
]
}
case 2: for other scenario such as INVALID DATE, MANDATORY DATA MISSING etc.
I got the error with another format
{
"errors": [
{
"code": 4926,
"title": "INVALID DATA RECEIVED",
"detail": "travelerType value is not in the allowed enumeration",
"source": {
"pointer": "/travelers[0]/travelerType",
"example": "ADULT"
},
"status": 400
}
]
}
The value of "code" and "status" have type string in case 1, but have type int in case 2.
Is it normal that the access token error has a particular error response format? Thanks

plusDomains.activities.insert response always 403 access forbidden

I give all permission like read, write,login. But i get always response:
{
"error": {
"errors": [
{
"domain": "global",
"reason": "forbidden",
"message": "Forbidden"
}
],
"code": 403,
"message": "Forbidden"
}
}