I created an Azure AD application that has full access (R&W) to the OneDrive API using application permissions. (my application is a daemon app.)
These permissions are granted & approved.
HTTP GET
https://{MyTenant}.sharepoint.com/_api/v2.0/drives//root://Document.docx
-> Returns 200 and content contains JSON information about the file
GET
2016-12-24T14:15:31.458 Requested uri: https://{MyTenant}.sharepoint.com/_api/v2.0/drives//root://Document.docx:/content
2016-12-24T14:15:31.888 StatusCode: 401, ReasonPhrase: 'Unauthorized', Version: 1.1, Content: System.Net.Http.StreamContent, Headers:
{
X-SharePointHealthScore: 0
SPRequestGuid: c935c49d-a0fa-3000-a357-32b18090ecd4
request-id: c935c49d-a0fa-3000-a357-32b18090ecd4
Strict-Transport-Security: max-age=31536000
X-FRAME-OPTIONS: SAMEORIGIN
SPRequestDuration: 140
SPIisLatency: 1
MicrosoftSharePointTeamServices: 16.0.0.6008
X-Content-Type-Options: nosniff
X-MS-InvokeApp: 1; RequireReadOnly
Cache-Control: private
Date: Sat, 24 Dec 2016 14:15:31 GMT
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Server: Microsoft-IIS/8.5
WWW-Authenticate: NTLM
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Length: 16
Content-Type: text/plain; charset=utf-8
}
2016-12-24T14:15:31.888 401 UNAUTHORIZED
I added the Authorization header correctly. I created an Upload Function that sends the file to the same Document library and that works also correctly, same with the Delete functionality.
What is the reason of this 401, only when requesting the /content of the file?
How could I troubleshoot this? Can anyone help me out here?
I am running out of ideas here :o
Best regards,
Jens
Related
I'm using RestSharp to interface with the Auth0 and Sisense APIs. Everything's working fine except when deleting a user in Auth0. I send the delete request as a DELETE and Auth0 successfully deletes the user.
Here is the response I'm getting from Auth0:
HTTP/1.1 204 No Content
Date: Wed, 19 Feb 2020 16:35:28 GMT
Content-Type: application/json; charset=utf-8
Connection: keep-alive
Server: nginx
ot-tracer-spanid: 21cd87957d9bac76
ot-tracer-traceid: 25a636cb6e5fd4ca
ot-tracer-sampled: true
x-ratelimit-limit: 50
x-ratelimit-remaining: 49
x-ratelimit-reset: 1582130129
vary: origin,accept-encoding
cache-control: no-cache
Strict-Transport-Security: max-age=15724800
X-Robots-Tag: noindex, nofollow, nosnippet, noarchive
And here's what I'm getting in the RestSharp response:
System.Runtime.Serialization.SerializationException: Invalid JSON string
at RestSharp.RestClientExtensions.ThrowIfError(IRestResponse response)
at RestSharp.RestClientExtensions.DeleteAsync[T](IRestClient client, IRestRequest request)
I'm making a call to a Sisense web service and RestSharp is handling the 402 just fine. Here's the Sisense response:
HTTP/1.1 204 No Content
Date: Wed, 19 Feb 2020 16:32:14 GMT
Connection: keep-alive
Set-Cookie: sisense-cookieCORS=***************************; Path=/; SameSite=None; Secure
Set-Cookie: sisense-cookie=***************************; Path=/
X-UA-Compatible: IE=Edge
x-xss-protection: 1; mode=block
x-frame-options: ALLOW-FROM https://****************************************************
content-security-policy: frame-ancestors ****************************************************
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: -1
Pragma: no-cache
The main difference between the two is the Content-Type directive present in Auth0. Is that what's causing the problem? Is there a workaround?
This question already has answers here:
Resumable upload returns Unauthorized when uploading chunk
(2 answers)
Closed 5 years ago.
Following the answer to this question I removed my Authorization header when uploading the first chunk of my resumable upload.
So creating the session:
POST https://graph.microsoft.com/V1.0/groups/a0aab702-8e58-4f25-b2dd-066e5d110f0c/drive/root:/10cb244a-d181-44df-aabc-51c30d4cf0f5.txt:/createUploadSession HTTP/1.1
Authorization: Bearer XXX
Content-Type: application/json; charset=utf-8
Host: graph.microsoft.com
Content-Length: 75
Expect: 100-continue
{
"item": {
"#microsoft.graph.conflictBehaviour": "replace"
}
}
Response:
HTTP/1.1 200 OK
Cache-Control: private
Transfer-Encoding: chunked
Content-Type: application/json;odata.metadata=minimal;odata.streaming=true;IEEE754Compatible=false;charset=utf-8
Location: https://graph.microsoft.com
request-id: 9d93ade6-8072-438b-a9fb-c648376b77ba
client-request-id: 9d93ade6-8072-438b-a9fb-c648376b77ba
x-ms-ags-diagnostic: {"ServerInfo":{"DataCenter":"North Europe","Slice":"SliceB","ScaleUnit":"002","Host":"AGSFE_IN_5","ADSiteName":"DUB"}}
OData-Version: 4.0
Duration: 1750.2813
Date: Thu, 27 Apr 2017 16:06:35 GMT
93d
{"#odata.context":"https://graph.microsoft.com/V1.0/$metadata#microsoft.graph.uploadSession","expirationDateTime":"2017-04-27T16:21:35.2923217Z","nextExpectedRanges":["0-"],"uploadUrl":"https://peterreay2.sharepoint.com/sites/SharePointTests/_api/v2.0/drive/items/01RZBHEZF6Y2GOVW7725BZO354PWSELRRZ/uploadSession?guid='e13f861f-7aa0-4f9a-b05c-26587ecfab92'&path='~tmp0E_10cb244a-d181-44df-aabc-51c30d4cf0f5.txt'&overwrite=True&rename=False&access_token=XXX&prooftoken=XXX"}
0
So I then try and upload my first chunk, however I'm getting a 404 not found response:
PUT https://peterreay2.sharepoint.com/sites/SharePointTests/_api/v2.0/drive/items/01RZBHEZF6Y2GOVW7725BZO354PWSELRRZ/uploadSession?guid='e13f861f-7aa0-4f9a-b05c-26587ecfab92'&path='~tmp0E_10cb244a-d181-44df-aabc-51c30d4cf0f5.txt'&overwrite=True&rename=False&access_token=XXX&prooftoken=XXX HTTP/1.1
Content-Range: bytes 0-10485759/11534336
Host: peterreay2.sharepoint.com
Content-Length: 10485760
Expect: 100-continue
Connection: Keep-Alive
0123456 etc
Response:
HTTP/1.1 404 Not Found
Server: Microsoft-IIS/8.5
SPRequestGuid: 8825ec9d-b0ed-3000-1791-4c35404935e9
request-id: 8825ec9d-b0ed-3000-1791-4c35404935e9
Strict-Transport-Security: max-age=31536000
X-FRAME-OPTIONS: SAMEORIGIN
X-Powered-By: ASP.NET
MicrosoftSharePointTeamServices: 16.0.0.6420
X-Content-Type-Options: nosniff
X-MS-InvokeApp: 1; RequireReadOnly
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Date: Thu, 27 Apr 2017 16:08:25 GMT
Connection: close
Content-Length: 0
As in my other question, the code doing this used to work (even with a Bearer token). So I think the chunk sizes, byte ranges etc are correct.
Any thoughts on what is going wrong here?
See the answer to the linked question here. There was a bug confirmed and fixed by Microsoft. This fixed our issue with the request including a bearer token. I have not tested this scenario here (without a bearer token).
I'm attempting to create a bridge between another service (as a data source) and Microsoft Power BI. However, I can't get the REST API to work properly.
So far I've succeeded in creating a web application in Azure AD, getting the Client ID and secret, receiving an access token for the API, but after this all I get is 403 Forbidden with no error message. However, if I try to access the API with an expired token, I get an error message telling me that the token is expired.
I've read some posts on the subject, but they all suggest that the REST API cannot be accessed without having a user log in and access Power BI first, which isn't possible in a service-to-service application.
How do I properly access the service without any user interaction?
Here are the requests and responses, censored a little bit.
Request 1:
POST /[our domain].com/oauth2/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Cookie: flight-uxoptin=true; stsservicecookie=ests; x-ms-gateway-slice=productiona; stsservicecookie=ests
Host: login.microsoftonline.com
Connection: close
User-Agent: Paw/2.3 (Macintosh; OS X/10.11.3) GCDHTTPRequest
Content-Length: 203
grant_type=client_credentials&client_id=[client id]&client_secret=[client secret]&resource=https%3A%2F%2Fanalysis.windows.net%2Fpowerbi%2Fapi
Response 1:
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Type: application/json; charset=utf-8
Expires: -1
Server: Microsoft-IIS/8.5
x-ms-request-id: 52d6713c-d50b-4073-b030-aa10e33fdf27
client-request-id: 3aef4765-d602-46a6-a8ce-4b7792f678e5
x-ms-gateway-service-instanceid: ESTSFE_IN_209
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
Set-Cookie: x-ms-gateway-slice=productiona; path=/; secure; HttpOnly
Set-Cookie: stsservicecookie=ests; path=/
X-Powered-By: ASP.NET
Date: Wed, 24 Feb 2016 08:24:29 GMT
Connection: close
Content-Length: 1243
{"token_type":"Bearer","expires_in":"3599","expires_on":"1456305870","not_before":"1456301970","resource":"https://analysis.windows.net/powerbi/api","access_token":"[access token]"}
Request 2:
GET /v1.0/myorg/datasets HTTP/1.1
Authorization: Bearer [access token]
Content-Length: 0
Host: api.powerbi.com
Connection: close
User-Agent: Paw/2.3 (Macintosh; OS X/10.11.3) GCDHTTPRequest
Response 2:
HTTP/1.1 403 Forbidden
Content-Length: 0
Server: Microsoft-HTTPAPI/2.0
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Frame-Options: deny
X-Content-Type-Options: nosniff
RequestId: 803cc0cb-c65d-4212-9ab8-aed4ffa9862a
Date: Wed, 24 Feb 2016 08:25:13 GMT
Connection: close
The APIs you're using require a user's access token. They access content in a user's account. So if you don't have the access token, you'll keep getting forbidden. So what you need to do is get the access token with the user the first time. Then store the refresh token. Then use the refresh token to get new access tokens as needed. If the refresh token expires, you need to ask the user to sign in again.
i'm trying now to upload zip attachment through REST API but no success. It works, when I'm trying to attach picture, but when I use the same command for zip
curl -D- -u Bogdan:Password -X POST -H "X-Atlassian-Token: nocheck"
-F "file=#xla-snapshot.zip" http://localhost:5555/rest/api/2/issue/XA-1/attachments
I have such response:
HTTP/1.1 100 Continue HTTP/1.1 404 Not Found Server: Apache-Coyote/1.1
X-AREQUESTID: 1352x1015x1 X-ASEN: SEN-2117746 Set-Cookie:
JSESSIONID=97A763E5E09F7F8476CEDF07A2ACD7C6; Path=/; HttpOnly
X-Seraph-LoginReason: OK Set-Cookie:
atlassian.xsrf.token=B7X0-QLNV-RIK8-C6T9|aca131a97f4fdb61cebd0bfb6681c66824d62464|lin;
Path=/ X-ASESSIONID: nzll4r X-AUSERNAME: Bogdan Cache-Control:
no-cache, no-store, no-transform X-Content-Type-Options: nosniff
Content-Type: application/json;charset=UTF-8 Transfer-Encoding:
chunked Date: Thu, 20 Nov 2014 21:32:11 GMT
When I modified and explicitly said content type that it is zip
url -D- -u Bogdan:Password -X POST -H "Content-Type:
application/zip" -H "X-Atlassian-Token: nocheck" -F
"file=#xla-snapshot.zip"
http://localhost:5555/rest/api/2/issue/XA-1/attachments
I got an "Unsupported Media Type" response:
HTTP/1.1 100 Continue HTTP/1.1 415 Unsupported Media Type Server:
Apache-Coyote/1.1 X-AREQUESTID: 1353x1016x1 X-ASEN: SEN-2117746
Set-Cookie: JSESSIONID=6225FF25F6D71BADB6890C9F448608B6; Path=/;
HttpOnly X-Seraph-LoginReason: OK Set-Cookie:
atlassian.xsrf.token=B7X0-QLNV-RIK8-C6T9|e2c7fc222c74c37f5080150df1cd865eaa8daf7e|lin;
Path=/ X-ASESSIONID: 1lbjx70 X-AUSERNAME: Bogdan
X-Content-Type-Options: nosniff Content-Type: text/html;charset=utf-8
Content-Language: en Content-Length: 1092 Date: Thu, 20 Nov 2014
21:33:07 GMT
Is it possible actually to upload archives via REST Api?
Actually the problem was that the file was too big for download, the limit is 10 Mb, and I was trying to upload more than it.
Quite sad that looking at this documentation https://docs.atlassian.com/jira/REST/latest/#d2e4527 there is no information about 404, when it can happen. And no information how you can guess the real cause
By registering your application you can increase your rate limit for GitHub's API from 60 to 5000 requests[1]. You don't have to use OAuth and can simply pass you're client ID and secret in the URL to have GitHub recognize your application[2]. But when I curl the rate limit check:
curl -i https://api.github.com/ratelimit?client_id=xxx&client_secret=yyy
The following is returned:
HTTP/1.1 200 OK
Server: GitHub.com
Date: Sat, 13 Jul 2013 01:53:50 GMT
Content-Type: application/json; charset=utf-8
Status: 200 OK
X-RateLimit-Limit: 60
X-RateLimit-Remaining: 51
X-RateLimit-Reset: 1373683093
X-GitHub-Media-Type: github.beta
X-Content-Type-Options: nosniff
Content-Length: 55
Access-Control-Allow-Credentials: true
Access-Control-Expose-Headers: ETag, Link, X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Reset, X-OAuth-Scopes, X-Accepted-OAuth-Scopes
Access-Control-Allow-Origin: *
ETag: "[redacted]"
Cache-Control: max-age=0, private, must-revalidate
Vary: Accept-Encoding
{"rate":{"limit":60,"remaining":51,"reset":1373683093}}
Does anyone know what I'm doing wrong? Do I really have to use the full OAuth?
Putting the URL in quotes when running the command fixed the problem.
It's worth noting that you can also register "Personal Access Tokens" from the Applications menu option inside GitHub. This gives you a token with the increased 5,000 API calls/hour without having to do the OAuth dance.