I have developed an Python webapp on GCP App Engine.
I want to use OAuth 2.0 client ID as an authentication for my app.
In APIs & Services -> Credentials there is an OAuth 2.0 client ID with my app URL added as Authorized redirect URIs.
My Postman access token configuration looks like the following:
And authorization configuration:
Despite that I am getting following response: Status: 401 Unauthorized
Info from the header: WWW-Authenticate: Bearer, error="invalid_token"
Response body:
{
"code": 16,
"message": "JWT validation failed: Bad JWT format: Invalid JSON in header",
"details": [
{
"#type": "type.googleapis.com/google.rpc.DebugInfo",
"stackEntries": [],
"detail": "auth"
}
]
}
What I am doing wrong? How should I troubleshoot this?
EDIT: Adding request
POST /parse HTTP/1.1
Host: [my_app_name].appspot.com
Content-length: 0
Content-type: application/json
Authorization: Bearer [token_generated_by_postman]
Related
If I send a request into my API with an invalid access token, I get the following response:
Base Address: https://localhost:54701/
Token Expired: True
IsSuccessStatusCode: False
Status: Unauthorized
StatusCode: 401
WwwAuthenticate: Bearer error="invalid_token", error_description="The specified
token is invalid.", error_uri="https://documentation.openiddict.com/errors/ID2004"
ReasonPhrase: Unauthorized
ContentType:
ContentLength: 0
Content:
I would like to be able to customise this response so that I can also return some JSON content in the body like:
{
"Message": "Authorization has been denied for this request."
}
Does anyone know if there is an event I can hook into to customise the response to add this message, so it looks like this?
Base Address: https://localhost:54701/
Token Expired: True
IsSuccessStatusCode: False
Status: Unauthorized
StatusCode: 401
WwwAuthenticate: Bearer error="invalid_token", error_description="The specified
token is invalid.", error_uri="https://documentation.openiddict.com/errors/ID2004"
ReasonPhrase: Unauthorized
ContentType: application/json; charset=utf-8
ContentLength: 61
Content:
{
"Message": "Authorization has been denied for this request."
}
I thought I'd reply here too in case it helps someone who doesn't see the conversation in gitter.
You do it by intercepting the 401 response in the pipeline with a custom middleware like this: Intercept 401 error in ASP.net Core 2.0 pipeline
I would like to get "access_token" and "id_token" from Token endpoint through Authorization Code flow. But, I am getting "invalid_grant" error while calling the token endpoint with following parameters on postman.
POST /connect/token HTTP/1.1
Host: localhost:2000
Content-Type: application/x-www-form-urlencoded
Cache-Control: no-cache
Postman-Token: a8a29659-0ea3-e7dc-3bd6-6e6630a7370d
client_id=client
&client_secret=client
&grant_type=authorization_code
&username=admin
&password=admin
&scope=openid+profile
Client Configuration:
new Client
{
ClientId = "client",
ClientSecrets =
{
new Secret("client".Sha256())
},
AllowedGrantTypes = new List<string> { OidcConstants.GrantTypes.AuthorizationCode },
AllowedScopes = {
StandardScopes.OpenId.Name,
StandardScopes.Profile.Name,
}
}
What is wrong in my client configuration section? and, How do i make a successful post request to Token Endpoint?
The authorization code grant type requires a code parameter to be sent during the token request (see RFC6749 section 4.1.3).
This code is issued by the authorization server after the resource owner authorized the client (see RFC6749 section 4.1.2).
When i try to update user using REST API PUT request. I got an error "You are not owner of this object".
Request :
PUT /users/14055179.json HTTP/1.1
Host: api.quickblox.com
Content-Type: application/json
QuickBlox-REST-API-Version: 0.1.0
QB-Token: 10b89fb07e0b871230d5c8ce662aa70e4429f761
Cache-Control: no-cache
Postman-Token: 5d89f9ba-4da2-8ba2-5e82-0de2b57a2b3f
{"user": {"full_name": "hpmakwana"}}
Response :
{
"errors": {
"base": [
"You are not owner of this object"
]
}
}
Quickblox provide two tyes of session :
Application session token (only READ rights)
User session token (READ+WRITE rights)
For Write we have to create User session token.
For More Details click here
I have create a user role in Magento 2 and a new user
image capture
I used in Chrome the application Postman:
In the GET box: http://example.com/php.index/rest/V1/products/
In Type use Basic Auth with Username and Password
But I get this status '401 Unauthorized' and this requests:
{
"message": "Consumer is not authorized to access %resources",
"parameters": {
"resources": "Magento_Catalog::products"
}
}
I can login in Magento backend with the user and password
Any solution?
You need to pass basic Authorization with access key in header:
Step 1:
Call API: /V1/integration/admin/token with parameters:
username=your_admin_username
password=your_admin_password
This will give you an access key like at0o6w5rhno6sltcuhf3****k0603l
Step2:
Call API : /V1/products/ with parameters
searchCriteria=*
Put **Header**
Authorization : Bearer at0o6w5rhno6sltcuhf3****k0603l
Content-Type : application/json
This is a recent development. We run integration tests against this API on every commit.
POST https://apis.live.net/v5.0/me/skydrive
Authorization: Bearer ACCESS_TOKEN
Content-Type: application/json
{
"name": "My example folder"
}
Response:
{
"error": {
"code": "request_header_invalid",
"message": "The header 'Content-Type' is missing the required parameter: 'boundary'."
}
}
Requiring a boundary for an application/json content-type is just wrong. But lets try it:
POST https://apis.live.net/v5.0/me/skydrive
Authorization: Bearer ACCESS_TOKEN
Content-Type: application/json; boundary=idontactuallybelonghere
{
"name": "My example folder"
}
Response:
{
"error": {
"code": "request_header_invalid",
"message": "The header 'Content-Type' is missing the required parameter: 'boundary'."
}
}
Are you trying to create a folder? That error sounds like it thinks you're trying to upload a file using a multipart/form-data POST.
Are you using the exact URL as in your example? I tried that exact request against my account and it worked. I was able to reproduce your error, though, by using a URL that ends in '/files' like I would for a file upload.