I have this problem for so long but I figured out that in my country some of the servers has been banned by the country and I guess that expo’s servers are one of them.
I’m getting this error only when the user doesn’t use proxy and every time the users use proxy they can get push token with no problem.
Is there any solution for that?Why does getting push token by expo needs to connect to server?
Is there any other way to get user’s token of theirs devises?
Related
I want to use the gmail api to update myself about the status of a programm I'm running locally 24/7. Basicly once a day it should send me a status report per email from the emailaccount I created just for this case to the same account.
I've got a project set up, the api enabled, got my credentials and created a token.json file. I managed to have it send me emails yada yada yada.
I concentrated on the further development of the programm for some time and then wanted to jump back to this to test out another feature where I wanted to implement a ping me feature. I'd send myself an email asking for a ping back just to check if my program is still running.
While doing that I noticed that my token expired. I tried reading into what I can do about that. Ideally I'd like to have the program just run autonomously. I read for my case that a service account would be ideal but after setting that all up and 2 hours later after a lot of errors I read that interacting with the gmail api with a service account is only open to workspace users since I can't delegate domain-wide authority without one.
So after some further reading I read that next to the access token I created I can refresh that token with refresh tokens. for that I was trying the request function noted in the quickstart tutorial:
if os.path.exists('token.json'):
creds = Credentials.from_authorized_user_file('token.json', SCOPES)
if not creds or not creds.valid:
if creds and creds.expired and creds.refresh_token:
creds.refresh(Request())
now running creds.refresh(Request())
I get this error:
google.auth.exceptions.RefreshError: ('invalid_grant: Token has been expired or revoked.', {'error': 'invalid_grant', 'error_description': 'Token has been expired or revoked.'})
Upon further reading here I read that refesh tokens are only available to projects whose status is set to in progress and not in testing. Projects set to testing are required to have the user manually log in at least once a week which I don't want.
Now for me verifying my project doesn't make sense since I won't have any other users using my access to the gmail api and frankly I wouldn't want that either.
What are my options here to have the script running continuously without having to manually sign in once a week? Considering also that I will be at all times the only user.
Thank you,
Florens
Your still have a few options. For one, you could get a Google Workspace account. The lowest tier would set you back around $6 per user per month. This would allow you to publish the app as internal-only and you don't need to go through the verification process, but you can only use the app with the Workspace account. You can still send emails out to any addresses, though.
If you don't want to pay, you can still set your app to Published status and you do not necessarily have to go through the verification. There are some limitations, such as the app warning that shows up when signing in and a user cap of 100 users, but since you know that the app is safe and you don't need more users you can just ignore this, Google says so in their own documentation:
What app types are not applicable for verification?
Personal Use: The app is not shared with anyone else or will be used by fewer than 100 users. Hence, you can continue using the app by bypassing the unverified app warning during sign-in.
As you already know, the refresh token expires in 7 days only when the app status is set to "testing", so as long as you have it set as "In production" and ignore the unverified app warnings, you should be able to have a normal refresh token that you can use without needing to sign in every 7 days.
Just keep in mind that other users could have access to the app but if you're careful to keep your OAuth credentials to yourself that should not be an issue.
Sources:
Unverified apps
OAuth API verification FAQs
OAuth overview
I'm currently working on a push notification API that will work with several apps at once, handling notifications and reducing programming time for future apps. It's already partially working, as I'm able to register and receive notifications on Android devices.
Eventually, one of our apps is gonna send broadcast notifications to registered users. But some tokens might be expired, which will lead to a GCM failure. I already tested, and it seems that sending an array of tokens to GCM with a single http call is working really well, as devices with valid tokens got their notifications.
What I wasn't able to find searching GCM documentation was a way to get more details in case of failure. For example, when I send a notification to two users, one with a valid token and the other with an invalid one, I got this result :
{
"multicast_id":7625209716676388798,
"success":1,
"failure":1,
"canonical_ids":0,
"results":[
{"error":"InvalidRegistration"},
{"message_id":"0:1466511379030431%c4718df8f9fd7ecd"}
]
}
We can see that one of the messages failed to send, but what I'm looking for is a way to get more details, ideally the token that leads to a failure, so I can remove it from my database.
Any way to achieve that ? Using the message_id maybe ? Or is there any solution for me to find invalid tokens stored in my database so I can clear them ? I might have missed something in the documentation, even a link to it would be useful.
Based from this documentation, the GCM server will respond to your server with some information about the token you used to try to send the push notification.
According also to this link, if the app server fails to complete its part of the registration handshake, the client app should retry sending registration token to the server or delete the registration token. Wiping old tokens from the GCM servers can be done with ÌnstanceID.deleteToken().
Check these links:
How to remove gcm id from server which is not used
GCM get invalid tokens when sending to multiple devices at once
While using Google Cloud Message API I occasionally get 401 Unauthorized status. So, sometimes my push notifications are send and sometimes not, without changing anything in the API request.
I use curl request with server key.
I tried to specify IPs list and set it to "Any IP allowed".
I already tried to create new server keys and projects, as some people here tell it helps them in similar situation. Sadly, it not helps me.
I'm seeing a similar problem with other Google Cloud APIs and I suspect it's related to your authentication being expired. Make sure to refresh any tokens you are using.
With my Flattr client using the REST API, it seems that access tokens expire after 1 day. I checked my settings and the client is still authenticated. But when I issue a request to https://api.flattr.com/rest/v2/user I get the following response:
{
"error":"unauthorized",
"error_description":"You are unauthorized to access the resource",
"error_uri":"http:\/\/developers.flattr.net\/api"
}
I think I now know what the problem is. I am logging into Flattr with an iPhone and with the iPhone Simulator using the same account. It seems that using the API with more than one device will cause the user to need to login every time he changes devices.
I guess support for more than one access token at the same time is needed. Please confirm.
I am using salesforce rest api to access the salesforce account from my rails app.I created a remote access app and got the key N the id. I was able to authenticate the user and get the auth_token, instance url and all that. But, when I send request at "instance_url/services/data/v20.0" along with the access token , I get this error:
[{"message":"Session expired or invalid","errorCode":"INVALID_SESSION_ID"}]
I have a developer salesforce account and have API enabled true for every profile, except for the "Authenticated website" profile(which is not accessible).
Please, can anybody help me with this?
I'm authenticating the user with following request
HTTParty.post "login.salesforce.com/services/oauth2/token";, :body=>{"grant_type"=>"authorization_code","code"=>"abc}","client_secret"=>"abc", "client_id"=>"abc","format"=>"json","redirect_uri"=>"localhost:3000/salesforce/callback";}
which is returning signature, id, instance_url, issued_at, access_token and refresh_token
HTTParty.get "ap1.salesforce.com/services/data/v20.0";, :headers=>{"Authentication"=>"OAuth access_token", "Content-Type"=>"application/json"}
which responds with
[{"errorCode"=>"INVALID_SESSION_ID", "message"=>"Session expired or invalid"}]
How are you passing the sessionId to the /services/data/v20.0 request?, if your access_token is abc123 then you need a http header of Authorization: OAuth abc123 in the request.
API session in salesforce expires regardless if there are activities or not.
to set the duration of each session go to Setup > Administration Setup > Security Controls > Session Settings>
the max is 8hours.
cheers!
Additionally to the other possible problems identified by the other answers, the Lock sessions to the IP address from which they originated setting in Salesforce is a possible contributing factor to otherwise valid code. From the following Salesforce KB article:
Description
When "Lock sessions to the IP address from which they originated" is enabled, if an OAuth2 access token is used to perform a Salesforce REST API call, INVALID_SESSION_ID might be returned even if the token is obtained in the same Apex transaction.
Resolution
"Lock sessions to the IP address from which they originated" is strict, and internal IP addresses are not automatically whitelisted in this case. Since the login callout and subsequent REST API callouts might be performed via different internal IP addresses, INVALID_SESSION_ID might be returned when using the access token if the mentioned preference is enabled.
To solve this you may use the continuous IP enforcement feature (introduced in Summer '15):
Turn "Lock sessions to the IP address from which they originated" OFF,
Turn "Enforce login IP ranges on every request" ON,
Select the connected app's IP relaxation policy "Enforce IP restriction", and
Add Salesforce's internal IP range 10.0.0.0 to 10.255.255.255 to the list of profiles needing to use Salesforce's REST API.
or simply relax the IP restrictions:
Turn "Lock sessions to the IP address from which they originated" OFF, and
Select the connected app's IP relaxation policy "Relax IP restrictions"
If you are using Oauth you need to use Refresh Token flow, on this error to get a new renewed token. Here are more details : http://wiki.developerforce.com/index.php/Digging_Deeper_into_OAuth_2.0_on_Force.com
Please search for "refresh token" in the WIKI page link above.
Issues I ran into:
Make sure to include the scope "web" in the authorize request, e.g.
https://login.salesforce.com/services/oauth2/authorize?response_type=code&clientId=xxx&redirect_uri=http://www.example.com&scope=id+api+refresh_token+web
Use the instanceUrl that is returned in the authorize response. In my case this was https://eu2.salesforce.com and I always tried to use https://na1.salesforce.com which didn't work
Faced the same issue and in my case < > characters in the password were causing the problem.
I am adding this answer because any of other answers above helped me. My problem was actually that I was using access_token as I received it in the JSON response during login.salesforce.com/services/oauth2/token requests.
You have to remove ID from access_token, as it is described in SalesForce documentation: "Substitute the ID for the token value"