Has anyone successfully renewed access token?
Lyft document suggest that we pass renew_token with renew_token request. but there is no API to receive the renew_token. Asking user to everytime grant an access is not a practical way to implement OAuth.
https://developer.lyft.com/docs/authentication
This is the link for to lyft documentation.
You probably got this working, but just to confirm the example from the docs just works
https://developer.lyft.com/docs/authentication
curl -X POST -H "Content-Type: application/json" \
--user "<client_id>:<client_secret>" \
-d '{"grant_type": "refresh_token", "refresh_token": <refresh_token>}' \
'https://api.lyft.com/oauth/token'
The response comes back with a new access_token
{"token_type": "Bearer", "access_token": "XXX", "expires_in": 3600, "scope": "profile offline rides.read public rides.request"}
Related
We have a chrome extension in Google web store under my Google user id and I want to give API access to my colleagues (in the same organization). I am following this guide but it is not allowing me to access API. Here is exactly what I did
Created a Google Cloud console project using the email id that is
used to access the chrome store
Enabled Google Chrome Web Store API
Generated Oauth credentials as described in the link
Added my colleagues email address as test users under Oauth Consent section
Generated the "code" as described in the link using Colleague's Google ID
Successfully got the token by sending the curl request as described in the instructions above
Sent a curl API GET request using the token as shown below
curl \
-H "Authorization: $TOKEN" \
-H "x-goog-api-version: 2" \
-H "Content-Length: 0" \
-H "Expect:" \
-X GET \
-v \
https://www.googleapis.com/chromewebstore/v1.1/items/ITEM_ID?projection=DRAFT
The response I get is this
{
"error": {
"code": 403,
"message": "Forbidden",
"errors": [
{
"message": "Forbidden",
"domain": "global",
"reason": "forbidden"
}
]
}
}
Any idea on what I am missing here?
https://www.googleapis.com/chromewebstore/v1.1/items/ITEM_ID?projection=DRAFT
The Authorization header is missing the token type: Bearer
-H "Authorization: Bearer $TOKEN"
Try to use https://pypi.org/project/chalice-cognito-auth/
I was able to get a json response like:
{"id_token":"eyJra...sda",
"refresh_token":"eyJjd...",
"access_token":"eyJraWQiO...",
"token_type":"Bearer"}
But when I try to use it like
curl -H "Authorization: id_token value ..." http://127.0.0.1:8000/whoami
It replied
{
"Message": "User is not authorized to access this resource"
}
Try this, curl -H "Authorization: Bearer id_token" http://127.0.0.1:8000/whoami
i.e., you missed the Bearer keyword.
I have used postman with this curl request
curl -X GET 'https://api.linkedin.com/v2/ugcPosts?q=authors&authors=List({urn:li:organization:77ilp7ense0pbf})&sortBy=LAST_MODIFIED' \
-H 'X-Restli-Protocol-Version: 2.0.0' \
-H 'Authorization: Bearer {AQXONiuOuqTCGgEeH3NJBA9b7A8NPbdS5nFjp7nAxUUBnmVmo53UzamJDksan3WSduiUE6u39J9PJNtRVvLhn}'
I have added {urn:li:organization:77ilp7ense0pbf}, "77ilp7ense0pbf" is my client ID.
I have added 'Authorization: Bearer {AQXONiuOuqTCGgEeH3NJBA9b7A8NPbdS5nFjp7nAxUUBnmVmo53UzamJDksan3WSduiUE6u39J9PJNtRVvLhn}' as my access token.
But still i am getting this error
{
"serviceErrorCode": 65600,
"message": "Invalid access token",
"status": 401
}
Is there anything i missed here ? Or any configuration is wrong. Please let me know to get the company posts by UGC posts. I have to get all my linkedIn posts from my company page. https://www.linkedin.com/company/blenheim-chalcot-it-services-india-private-limited/posts/
Thanks in advance.
To get all posts use https://api.linkedin.com/v2/posts like here and to retrieve some statics about share go here
I use the GCP Text-to-Speech API to create greetings and interactive menus that are played to phone customers who call into businesses. I have successfully used the Text-to-Speech API in the past using this Google quick-start: Google Cloud Text-to-Speech
I used the same quick-start guide again for a new organization and project but I keep getting an invalid key error which I have been unable to debug.
Here are the commands I have used to invoke the service and the results:
# curl -X POST \
-H "Authorization: Bearer $(gcloud auth application-default print-access-token)”\
-H "Content-Type: application/json; charset=utf-8" \
-d #request.json \
https://texttospeech.googleapis.com/v1/text:synthesize > synthesize-output-base64.txt
{
"error": {
"code": 403,
"message": "The request is missing a valid API key.",
"status": "PERMISSION_DENIED"
}
}
I tried again with a different authentication header:
# curl -X POST \
-H "X-Goog-Api-Key:***my_API_key***.json" \
-H "Content-Type: application/json; charset=utf-8" \
-d #request.json \
https://texttospeech.googleapis.com/v1/text:synthesize > synthesize-output-base64.txt
{
"error": {
"code": 400,
"message": "API key not valid. Please pass a valid API key.",
"status": "INVALID_ARGUMENT",
"details": [
{
"#type": "type.googleapis.com/google.rpc.ErrorInfo",
"reason": "API_KEY_INVALID",
"domain": "googleapis.com",
"metadata": {
"service": "texttospeech.googleapis.com"
}
}
]
}
}
I have re-verified the following configurations:
The Text-to-Speech API is enabled for my project.
The credential (service account) I am attempting to use is listed with the Text-to-Speech API as compatible. I verified that that service account key is the key that was used in the attempted authentications.
I compared my configuration on GCP with another working configuration I manage for a different company. There are no differences I can see.
I compared my key and the other company's working key and they are identical except for the specific user data.
The billing account for the project is active with valid payment card in place.
These two links were helpful but did not clear up the problem:
Google Cloud Text-to-Speech API - permission error
Google Cloud Text to Speech INVALID API KEY
Any help on this issue would be very appreciated!
The solution to this problem is to install the Google Cloud SDK.
The CLI was missing so the returned output from gcloud auth application-default print-access-token was an error.
I enabled the Cloud Text-to-Speech API
I created a service account with Editor role.
Note: Ensure you have set the GOOGLE_APPLICATION_CREDENTIALS environment variable to your service account private key file path.
Save the request body in a file called request.json,
Execute the following command:
curl -X POST \
-H "Authorization: Bearer "$(gcloud auth application-default print-access-token) \
-H "Content-Type: application/json; charset=utf-8" \
-d #request.json \
https://texttospeech.googleapis.com/v1/text:synthesize
Response body
{
"audioContent": "//NExAARcrn0ABhEudAgAjuem7vohckY3IAFgWvxrBkAD//ARvqc/QhCZ/6EJO6E9Dvo2cjHPQhLfWQ/rTU7yEznsoGBn8hJz5xbQiOgEfwDzD1DVARLPlzGNXylbM8s//NExA0SCnoAAUIQAd8vlrM9DPR//6t5fpUpS
sk3MbzGUvMhqOpdSsjmcpeY2Zz ...................
}
Everything worked as expected
I want to implement 2-factor sign up with auth0 (username / password and SMS code). I'm not using Lock widget, trying to implement sign-up based on auth0 API instead.
So, I have following steps now.
1 Sign up with
POST https://somedomain.eu.auth0.com/dbconnections/signup
{
"client_id":"MY_CLIENT_ID",
"client_secret":"MY_CLIENT_SECRET",
"connection": "Username-Password-Authentication",
"email": "sowhat#what.what",
"username": "sowhat",
"password": "sowhat#what.what",
"phone_number": "+38...56" // I have access to this number
}
Response is created user.
2 Attempt to login with username / password
POST https://somedomain.eu.auth0.com/oauth/token
{
"client_id":"MY_CLIENT_ID",
"client_secret":"MY_CLIENT_SECRET",
"audience":"http://localhost",
"email": "sowhat#what.what",
"username": "sowhat",
"password": "sowhat#what.what",
"grant_type":"password"
}
Response is mfa_required and mfa_token string.
3 Requesting mfa challenge
POST https://somedomain.eu.auth0.com/mfa/challenge
{
"client_id":"MY_CLIENT_ID",
"client_secret":"MY_CLIENT_SECRET",
"challenge_type": "oob otp",
"mfa_token": "MFA_TOKEN_FROM_PREVIOUS_STEP"
}
The response is
{
"error": "unsupported_challenge_type",
"error_description": "User is not enrolled with guardian"
}
So I don't really know how can I fix this one. I guess the reason is probably because phone_number is missing in user profile but I don't actually know how can I add it with Username-Password-Authentication connection.
It looks like you need to involve users in 'Guardian'.
Firstly you need enable Guardian Factory:
Just call this:
curl -H "Authorization: Bearer %your_token%" -X PUT -H "Content-Type: application/json" -d '{"enabled":true}' "https://%your_domain%/api/v2/guardian/factors/sms"
And now we can involve users in Guardian:
Create ticket:
curl -H "Authorization: Bearer %your_token%" -X POST -H "Content-Type: application/json" -d '{"user_id":"%user_id%"}' "https://%your_domain%/api/v2/guardian/enrollments/ticket"
Follow ticket_url in response
Put phone number into
opened form
Waiting for otp on you device
Put otp into early opened form.
After those steps user will be involved in Guardian. It should avoid the problem described above.