I'm, trying to get content of this URL
https://www.google.com/m8/feeds/contacts/default/full?oauth_token=XXXX.XXXXXXXXXXXXXXXXXXXXXXXX&v=3.0&max_result=500
but received error code 401 with description : There was an error in your request. That's all we know.
Two things to point.
A successful Oauth authentication needs to be implemented first before you are able to make a HTTP request. Be sure to use the correct scope that you need; In your case, you're using the read/write scope.
Refer to this LINK as an example on implementing OAuth on PHP.
Second, v and oauth_token are not valid URL parameters for HTTP requests. Check this Google Contacts API documentation for more information.
Hope this helps.
Related
I'm building a SaaS project that requires authentication (duh!) and for that I am using Auth0.
I've managed to the steps detailed here successfully.
Code from above link:
https://YOUR_DOMAIN/authorize?
response_type=code&
client_id=YOUR_CLIENT_ID&
redirect_uri=https://YOUR_APP/callback&
scope=SCOPE&
audience=API_AUDIENCE&
state=STATE
But I'm not sure what to do when I redirect to the redirect_url (here my dashboard url, e.g: dashboard.example.com). I mean I don't know how to use this code.
I get the code appended to url after redirect, so I think everything's working, but am not sure how to use it further to populate the dashboard with user details and retrieve content.
Do I use my API endpoint here instead of the dashboard url?
Hope my question is clear.
Any help would be wonderful!
Thanks in advance!
Edit:
I am using Universal Login, not using any SDK as of now.
After you receive the code you will exchange it for tokens via the POST /oauth/token endpoint.
Here is an example code exchange request from the Authentication API docs
POST https://YOUR_DOMAIN/oauth/token
Content-Type: application/x-www-form-urlencoded
grant_type=authorization_code&
client_id=YOUR_CLIENT_ID&
code_verifier=CODE_VERIFIER&
code=AUTHORIZATION_CODE&
redirect_uri=https://YOUR_APP/callback
Then, you can use the ID token to populate your user's info, and the access token to retrieve other data from your backend API.
all,
I need a little bit of guidance here. I have a Polymer frontend that handles Google oAuth to allow the user in the app. The front end captures the user's email address from oAuth and uses that for GET requests to a Flask API that I built on the backend. I did not build authentication into my Flask API because I didn't think I needed to since I have Polymer as the gatekeeper. I realized though that folks can see the source code and retried the API URL to use if they wanted to capture other user's data.
I am looking for guidance on how I can lock down the API backend given I am only using Google oAuth on the front end.
Thank you,
Marcos
I am not sure if this is the correct answer, but I will post my result anyway. If wrong, send feedback. I am going to have my frontend send the user's access token from the auth process in the header with every API call. My backend API will take that access token and use it to query the Google API to find what email address the token was created by. If the email matches the email the API call is requesting data for, data will be returned. If not, it will return an error.
I'm using the Instagram API.
I'm trying a simple post for a subscription request, and I keep getting
"Invalid format for 'callback_url'. URL must start with http:// or
https://".
It clearly starts with that.
I can't find anyone online that's running into this same problem.
Tried the post with a clear callback url:
http://api.instagram.com/v1/subscriptions/?client_id={client_id}&client_secret={secret}&object=tag&aspect=media&object_id=skateboarding&callback_url=http://skateparkoftampa.com/spot/instagram_callback.aspx
And with an HTML encoded callback URL:
http://api.instagram.com/v1/subscriptions/?client_id={client_id}&client_secret={secret}&object=tag&aspect=media&object_id=skateboarding&callback_url=http%3A%2F%2Fskateparkoftampa.com%2Fspot%2Finstagram_callback.aspx
Also tried it with both GET and POST, also by letting the API console create the request by simply filling in the parameters fields, etc. I feel like I'm missing something really obvious or something, but I'm stuck. Any ideas?
As sais on Endpoints page:
All endpoints are only accessible via https
You should use your own CLIENT-ID and SECRET-ID and callback url (so don't use API console).
Your callback url may be without https.
Just use link with https:
https://api.instagram.com/v1/subscriptions/
Try examples from this page
You should use POST request to subscribe and unsubscribe, and GET to get list of subscriptions. Please, read documentation accurately.
I'm trying to use the API dropbox.
Once the authentication window is opened, a message is displayed:
This session has expired. Please return to the app to try again.
See full image
I'm using a library to work with OAuth called jsOAuth
Console Error
See full image
I published this application: Here the full code
Notes
I know that is not very safe to use OAuth with Javascript, but this is only for studying the OAuth standard.
See here the complete JS
Any example of using javascript with OAuth will help me a lot
Thank you all for your help!
That error message means the request token used for that authentication session is no longer valid, likely because a timeout has passed. (The request token is only good for a certain amount of time.) You need to start over with a new request token.
So I'm trying to authenticate my app to Digg using OAuth (and I'm totally not an OAuth expert).
I use the Scribe Java library.
I keep on getting the HTTP 401 Authorization Required. Inside the body of the response, it is a 5001 Invalid Signature Error.
I have read this Digg Google Groups Thread
and I didn't really understand. They say I should remove the method from the URL, but when I do this, I get the no Method provided error (or something like that).
Here is the dump of the communication : on Pastebin
Could you please help me finding the solution on how to get the request token?
Thank you for your help.
You might want to stop sending the method in the URL as a querystring parameter and do this instead:
request.addBodyParameter("method","oauth.getRequestToken");
Hope that works for you