API connect published api in developer portal can't work - api

https://new-console.ng.bluemix.net/docs/services/apiconnect/apic_tutorial.html#apic_tutorial_01
Follow previous link to do create loopback project named ibmsvt and do test locally, we can post and get.
then publish this api as running api app on bluemix and we will get api target url and tls file.
type url and tls in api designer invoke, and publish api product again.
check api connect service and we can find that published api product has been published, configure developer portal, and invite developers
login developer portal and register one app
subscribe app to api product and run post command.
We will see that we only get can't post error information...
Please see attachment info for error info and api file.

From the screen capture provided, it looks like you're displaying the logs for the loopback application deployed on bluemix. It also looks like the POST request from APIConnect hit the Bluemix application as well. However, I'm unable to see the exact message of the error. What error did you get when you execute the POST from APIConnect? I suspect the POST did not include the $(request.path), what did you change the invoke url to be ? Can provide the x-ibm-configuration section in your yaml file? It will be located in your /definitions.
Thanks and best regards,

I am just have the exact problem, and struggled for days on redoing the tutorial several times, but still met with the same problem until found the upper reply, and gave me a hint.
In the tutorial, it says like the following:
Update the following fields with the values you copied previously:
Invoke URL: Insert the API target URL. You must specify the secure protocol HTTPS. For example:
apiconnect-ca3283b0-525c-488d-993b-3ab72fca78d0.youremail-dev.apic.mybluemix.net
TLS Profile: Insert the API invoke tls-profile.
For example:
client:Loopback-client
The origininal URL is $(runtime-url)$(request.path)$(request.search).
And the correct URL after updating is like following:
https://apiconnect-ca3283b0-525c-488d-993b-3ab72fca78d0.youremail-dev.apic.mybluemix.net$(request.path)
no slash before $(request.path), and $(request.search) should be deleted.
I also checked a tutorial video, it also do like this, but the screen for this step is passed away very quickly, you will not pay attention to this detail normally.
https://www.youtube.com/watch?v=Qku71JLv8vA&list=PLFa8jnU0KqE2eW5E449ziaurv8obSbcou&index=3&cm_mc_uid=24774488665514672571374&cm_mc_sid_50200000=1468400063

Related

Trying to get Client ID and Client Secret for Yahoo API but no option to select "Installed Application"

I've been attempting to utilize the Yahoo API to connect to fantasy sports data. I don't have a web URL to connect to when I attempt to create an app, and everything I've read has mentioned that I should select "Installed Application" to avoid using a URL.
This option is not available to me.
Yahoo Developer Screenshot
On the official documentation this is what I see here
Yahoo Developer Documentation
Not sure if it makes a difference but I'm based out of Canada.
Thanks!
It's hard to find the documentation for it, but what you want is called oob (out of bounds, out of band). To get this to work, the steps are a little different (there is no such thing as installed application from what I'm aware of):
Add oob as one of the redirect uris
Make your normal request to the auth/login uri
This will give you a new page that provides you with a token. At this point, you need to manually use this token when you request the /auth/token uri
This last step just replaces the redirect to https://your-redirect.com/token and you will end up in the same position as before.
Now, you still shouldn't put your client_secret in your application if you plan on releasing it, but if you're using it internally or letting others provide their own secret then you should be good.
If you find the original documentation with the PHP source code, you can follow this flow.

Anyone know how to fix the new OAuth2 error when trying to authenticate a PyDrive application?

I don't think this issue is specific to PyDrive, but rather Google OAuth. However, some of the solutions I've seen on stackoverflow don't seem to be transferable over to my PyDrive application, which is just a python script to upload files programmatically to a shared drive. It worked fine 2 months ago but I tried to rerun it today and it's not working. Here is the error I'm getting:
Authorisation Error
Error 400: invalid_request
You can't sign in to this app because it doesn't comply with Google's OAuth 2.0 policy for keeping apps secure.
You can let the app developer know that this app doesn't comply with one or more Google validation rules.
Request Details
The content in this section has been provided by the app developer. This content has not been reviewed or verified by Google.
If you’re the app developer, make sure that these request details comply with Google policies.
redirect_uri: urn:ietf:wg:oauth:2.0:oob
I am using a web application OAuth 2.0 Client ID creds on GCP. All secrets are stored in a local client_secrets.json file.
I run my script, it sends a message to the console that says
Go to the following link in your browser:
https://accounts.google.com/o/oauth2/auth?client_id=blahblahblah.apps.googleusercontent.com&redirect_uri=urn%3Aietf%3Awg%3Aoauth%3A2.0%3Aoob&scope=https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fdrive&access_type=offline&response_type=code
Enter verification code:
How it used to work: After I click the link above, it returns a code I paste into the console and then its authenticated. FYI: I plan on running this 24/7 on a remote server.
Now: I click the link above and get the error I posted above. I've tried to change the redirect uri to 127.0.0.1 and it does allow me to auth, then I get a code in my URL, but once I copy that and paste it into the console, I get more errors.
Anyone know the solution for this?

Etsy Authentication changes

I am working on Etsy Authentication. I have created an app and tried to test the Authentication via Postman in the same above process but I was not able to Authenticate I was getting an error
Error
And I was unable to Edit the App and also there is no option of "Request Full Access"
No Edit option and also no Request full access and the app state is in pending approval
Help me with the issue as I was previously able to Edit the App and I have tested few APIs as well but now I am unable to do it.
Postman image
If I hit this API in the browser as a response I need code but I was getting the above error
Your request isn't working because you haven't registered the callback URL for postman with your App, and of course you mentioned that you couldn't edit your app to add the callback URL.
There is a silly URL bug on the Etsy dev portal which sending you to a broken like when you click on your app to edit it.
Once you click on the App to edit it and end up at the 404 page,
Remove this from the URL and it will then work.
I have emailed the Etsy Developers to point out this bug so hopefully it will be resolved quickly.
To piggyback off of Gareth's answer:
Step 1:
In https://www.etsy.com/developers/edit/{account_id}/callbacks, add the following callback:
http://localhost:3003/oauth/redirect
Step 2:
Follow these instructions https://developer.etsy.com/documentation/essentials/authentication/, make sure to set:
redirect_uri=http://localhost:3003/oauth/redirect
*You don't actually need anything running at localhost:3003

Try it out functionality of tmdb api not working

When I tried to see data through try it out functionality then it is showing the following error
Error: Network Error
Check the developer tools console, it might have more information on the error.
If you are using an Adblocker, it is possible your Adblocker is blocking the request.
I also tried after disabling adblocker but it also does not work
console showing like this
Why this is happening and what is the solution for this?
Thanks in advance
Try the url in your browser with the API key. You can see the response.
Example :
https://api.themoviedb.org/3/movie/popular?api_key=your_api_key
Found out this is due to extension 'stoplight' in their site. Site Manager has said
"I believe Stoplight has temporarily blocked the "Try it out" feature for our account because too many people were using it as the source
for their apps, and not using api.themoviedb.org for some reason. No
timeline on getting it restored, but that's the problem. - Travis Bell"
follow this thread, In case it gets sorted in future.
https://www.themoviedb.org/talk/600184fc6aa8e0004077e364?page=1#6001bbacbe4b36003d514ac3
Apparently it depends on the way you try to access the data.
In my React application I was using Axios.Which ended up with ReferenceError: response is not defined. (got no response)
Afterwards I tried using the javascript fetch API. It worked good for me
So if you are trying to use it in an app you might want to use the fetch API. If you just encounter network error while using Try it out function on site - then you can copy the link and paste it directly, it should work fine.
Currently, I am using it in my dashboard and I have JWT authentication for the API that I'm using. I have implemented the interceptor to update HTTP HEADERS so I saw I'm passing a header name 'token' and checked there if any unnecessary headers were given or not with not accepting the TMDB API server. So I have sent a clean HTTP request and it's working fine.
All you have to just remove the unnecessary HTTP HEADERS

How to connect backend service with philips hue bridge remotely?

I'm looking to write a philips hue service that needs to allow users to register their hue bridge with my service. This service would change the color of bulbs based on an event. I'm aware that I can use IFTTT but in this scenario, I'd like to not use IFTTT and I'd like to register my website with philips hue's apps.
Any idea how I can do this? Your help is very much appreciated. Thanks!
EDIT: Not sure why I was down voted but I definitely did do my research. I looked on philips hue's developer website and couldn't find anything that was explicit on their APIs. I also looked through the iOS SDK and didn't see any methods that would trigger the pairing routine for remote devices. So far, the only example I have of this working (outside of Philips' products is the IFTTT service, which allows for an entry to be added into the 'My Apps' section).
TLDR: I wrote an API: https://github.com/jarvisinc/PhilipsHueRemoteAPI
I answered this question on my technical blog (http://blog.paulshi.me/technical/2013/11/27/Philips-Hue-Remote-API-Explained.html), which I will post here:
The question actually comes as two part:
Authentication
Remote Control
Authentication
I haven't figure out a reliable way to do authentication automatically. The following procedures needs to be automated: The idea is to fake as official iOS APP which has the ability to control remotely when enabled. We will need to get BRIDGEID and ACCESSTOKEN to pass the authentication step for remote control.
Find your BRIDGEID from https://www.meethue.com/api/nupnp. (or in My bridge page on the meethue website and by clicking on "Show me more")
Get ACCESSTOKEN
www.meethue.com/en-US/api/gettoken?devicename=iPhone+5&appid=hueapp&deviceid=**BRIDGEID**
Right click on "BACK TO THE APP" and write down ACCESSTOKEN inside the link it redirect to
phhueapp://sdk/login/**ACCESSTOKEN**
Basically it is a hack to get your access token. You fake your app as the official iOS Hue App, and ask for access token that way. I am not sure there is an easier way out there, if you do know one, please do comment below.
You can potentially automate it by doing simulated log-in session and grab the the ACCESSTOKEN by scraping the page content. But I consider it highly unreliable because any change to the official page will likely break it.
I wrote this script that allows the automation of getting ACCESSTOKEN as of today, but I don't guarantee it will work tomorrow for the reason I explained above :P
Currently, this OAUTH process only works with official apps. There might be a slight chance that they will open it to other 3rd party apps.
Remote Control
Once authentication is done, this part can be done automatically. There are 2 known private endpoints for sending control command and getting all the status related to the hue bridge.
Sending Command Endpoint:
POST https://www.meethue.com/api/sendmessage
Getting Status Endpoint:
GET https://www.meethue.com/api/getbridge
Sending Command Endpoint
URL: https://www.meethue.com/api/sendmessage
Method: POST
URL Parameters:
token=**ACCESSTOKEN** (which you obtained earlier)
Request header
content-type=application/x-www-form-urlencoded
body
clipmessage={ bridgeId: "**BRIDGEID**", clipCommand: { url: "/api/0/**APIENDPOINT**", method: "**METHOD**", body: **JSONCOMMAND** } }
BRIDGEID is the same one you obtained earlier
APIENDPOINT the same as official API /api/<username>/*** by removing /api/<usename>/ part
METHOD PUT/GET/POST/DELETE the same 4 method as official API. Despite GET really doesn't work since all response from the Sending Command Endpoint is 200 explained in the following part, while DELETE is not tested
JSONCOMMAND The actual command body for example {"on":true}
Getting Status Endpoint
URL: https://www.meethue.com/api/getbridge
Method: GET
URL Parameters:
token=**ACCESSTOKEN**
bridgeid=**BRIDGEID**
Request header
content-type=application/x-www-form-urlencoded
Limitations
Current limitation is you cannot immediately know from the response whether your control command succeeded like the official API. All the response you get from calling the Sending Command Endpoint is pretty much always <200> if you are doing it correctly. But you can always pull all the status related to the Hue bridge from the Getting Status Endpoint.
Remote Control API
I wrote Philips HUE Remote API to specifically solve the remote control problem.
Enjoy :)
Paper
For full documentation please refer to this excellent paper:
Hacking Lightbulbs: Security Evaluation of the Philips Hue Personal Wireless Lighting System by Nitesh Dhanjani
I did some investigation by following the steps of #paul-jianer-shi however the access token are not shown in the generated HTML.
I think the Hue Portal has been updated and removed the way it potentially shows the access token.
I wrote a blog post about doing Remote Hue operations by reusing the access token of another application, like IFTTT. The main change is how to get your hands on that access token. The token in shown in the 'My Apps' section of the Hue Portal. Check the (De-activate) link. It contains the access token.
Next step will be to let Hue Portal trust my own app.
Philips plan to make the remote API available to 3rd parties(it's already used by IFTTT and meethue.com).
There is currently a form on the developer website to request an early access(must login):
http://www.developers.meethue.com/content/remote-api