I have 2 problems.
1-I can't found the php Google_client (and other components) documentation (methods,vars,etc..)
2-After creation token i can find the refrehTOken on json object generate in authentication
I have tried to remove from the console permission to regenerate the token as if for the first time, but in the json "refreshToken" does not exist. But in web application is it possibile use refreshtoken???how to?
please insert example is possibile.
Related
First off, I apologize if I use any incorrect terminology. I'm familiar with calling internal apis, but this a side project and new territory for me.
I've been using chrome debugger and powershell to write some scripts against the api of a public site. I was able to retrieve the JWT token, however after a few minutes my calls will start to fail with a 403 error. To get around this I've been exporting all the request headers from chrome and storing those locally for my script to pass whenever my call to the api fails. I narrowed it down to 4 headers that must be present, the one that is most suspect seems to be "cookie".
I then removed all key value pairs in the cookie header until I found the one that makes it fail. It's named "__cf_bm". A quick google says it's some kind of cloudflare bot management data. I don't see any of the data present in the __cf_bm cookie being sent in a response during authentication, I only see it in request headers. Is it not possible to construct this value? Does this essentially prevent me from interacting with the site's api?
I'm trying to call a Web API from a Web App, passing a token for identifying the user.
I'm following the docs here:
https://learn.microsoft.com/en-us/azure/active-directory/develop/scenario-web-app-call-api-acquire-token?tabs=aspnetcore
However, when I call the GetAccessTokenForUserAsync method, I always get an error AADSTS65001, stating that The user or administrator has not consented to use the application with ID '....' named '...'.
I really don't understand this error. What kind of consent are we looking for here? The application ID mentioned in the error message is the client app, and I double checked that the scopes accessed from the client app in the API are already consented.
What am I missing? I thought it should be quite straightforward - take the token received by the web app, send it to the web API, and let it authenticate it.
Is there any simple way of doing that?
Thanks!
So for future reference, the problem was that the scopes specified in the GetAccessTokenForUserAsync method were not prefixed with the API URL prefix (usually in the form of api://346363-35262ffe-23cwf3-ve523632t), and therefore Azure AD assumed I was trying to access my own app, which did not have such scopes.
After I changed the code to include the prefix in the scope, ie. _tokenAcquisition.GetAccessTokenForUserAsync(new[] { $"api://346363-35262ffe-23cwf3-ve523632t/Employees.Read" }) it worked like a charm.
I just installed Directus, but I have to create the HTML interface, and I can't extract the data via the API. How can I use the static API? That is, with some kind of static token (the front will do it with PHP).
I have the Directus suite (APP + API https://github.com/directus/directus) installed and the HTML will be hosted on the same server.
Directus has built-in static tokens that can be assigned to any Directus User, and inherits that user's permissions. You can set this static token in directus_users.token (plaintext), and then use it to authenticate to the API. This is less secure than the other auth methods, but that depends on how you use it.
https://docs.directus.io/api/reference.html#tokens
The other option would be to set the data you need to "public". Obviously that only works if that data is public (READ)... but that is the case for many websites.
Thanks RANGER, I have the following installation:
URL:
https://cms.domain.com/public/ (APP + API Directus)
I have reviewed the column of the table you comment, and there is indeed a token already established:
BGJFwQ1KlHnH91V2oIwMbOsG
$contents = file_get_contents('https://cms.domain.com/public/_/collections/categories?access_token=BGJFwQ1KlHnH91V2oIwMbOsG');
var_dump($contents);
But it does not work, I have read the documentation more than 10 times and I have been with the subject for days, I wanted to solve it myself, but I cannot find the error using file_get_contents () or curl in PHP to call the API.
The Directus ADMIN is in:
https://cms.domain.com/public/admin/#/
I have taken the token from the ADMIN user, and therefore I understand that you have all the permissions to use the API. In the example, I wanted to list the "categories" (collection), which have 3 records.
Solved: curl https://cms.domain.com/public/name-of-project/collections?access_token=BGJFwQ1KlHnH91V2oIwMb34343G
Solved: I should use the **project name instead of "_" (default project).**
I am sorry that it is such a basic mistake, but I have come across several people with this problem.
my app was pulling feeds to my site for over a year, and recently stopped working late this month(23/03/2015).
I debugged the application, and still don't know why my access token is reported malformed. Here is a sample of a token which to me perplexes me as at the end there is a # tag in it, something I don't expect with QueryString access tokens:
AQD2pAp0kqILBZ9ysXGarDVdmcnnknRgnLvnLdml2TuiLXH8grq8mHkyBCE3jjoEahyMl17myD7ldp1DDWRYEIP9EEnwSHUU5-sZk3mZv6p5YTLpfTVQntYeuuYbIYEn13e3PkF2_cCQbRU2R769xr_Cj0j3Gf_HygWElOQq3BtivxTgN4Db1HfEzrIpnR7309sAZAwKJKbTGw07KukL51oVn1di0gcO2dn5ffv5V4MEb4RuVLLNrcjZWbVPB7Ktyiy62Gw-64ypMqyx2zj_0quZKFlgV0fBE_TY3K_iMr-XEGuodId1hk0n7k89DUjXa40#=
Looking at my application on Facebook(app), it is clear that I should expect access tokens on request from Query String.
Something is definitely wrong, as this access token reports a malformed access token. This is a recent bug that has just cropped up so I think.
Any body know about this problem? I can't access my feeds from my facebook profile using this access token to expose to my web based application.
Any help or suggestions are welcome.
Kind regards
Martin Okello.
Probably, you were using the read_stream permission which is no longer granted to apps. You should try to regenerated an Access Token with the new user_posts permission and use this Access Token instead.
See
https://developers.facebook.com/docs/apps/changelog#v2_3_new_features
https://developers.facebook.com/docs/facebook-login/permissions/v2.3#reference-read_stream
I've searched all over (including here on Stackoverflow) for how to use the Magento REST API. I need help on getting an Unauthorized Request Token (the first step)
On the Magento setup I'm using the REST API is working for GET Products for Guests so I know that is not [the problem][1]
I have setup an OAuth Consumer for the above URL and have both the consumer key and secret. I can't figure out what URL to use for the Callback URL.
First, I'm stuck and don't know what I should use as the Callback URL when setting up the consumer. It is an optional field in Magento
I'm testing with the Firefox REST Client as per http://www.magentocommerce.com/api/rest/testing_rest_resources.html
Next with the Firefox REST client I can't get started by getting an Unauthorized Request Token. According the above URL I should have the oauth_callback URI in the header.
The following request parameters should be present in the Authorization header:
oauth_callback - an URI to which the Service Provider will redirect the resource owner (user) after the authorization is complete.
oauth_consumer_key - the Consumer Key value, retrieved after the registration of the application.
oauth_nonce - a random value, uniquely generated by the application.
oauth_signature_method - name of the signature method used to sign the request. Can have one of the following values: HMAC-SHA1, RSA-SHA1, and PLAINTEXT.
oauth_signature - a generated value (signature).
oauth_timestamp - a positive integer, expressed in the number of seconds since January 1, 1970 00:00:00 GMT.
oauth_version - OAuth version.
What is the oauth_callback URI when using the above URL?
When I try a POST to Endpoint: /oauth/initiate
I get:
oauth_problem=parameter_absent&oauth_parameters_absent=oauth_callback
I'm lost and don't know what else to try. I'm a novice programmer and new to the Magento REST API...so keep that mind. It may be that I'm just missing the obvious.
Anyone who is interested in helping me figure this out here are the Consumer key and the secret.
key: d2f4a7cc63715f98d12db2c6db63cfba
secrect: 8347474102cbf2d40b06f9d76f281e73
The URL is: http://temp.pramier.com
This is from a test install so I'm not worried about giving out the key and secrect
Pass the oauth_callback like http://temp.pramier.com/admin.
You is in this step:
Getting an Unauthorized Request Token
The first step to authenticate the user is to retrieve a Request Token from Magento. This is a temporary token that will be exchanged for the Access Token.
Endpoint: /oauth/initiate
Description: The first step of authentication. Allows you to obtain the Request Token used for the rest of the authentication process.
Method: POST
Returns: Request Token
Sample Response: oauth_token=4cqw0r7vo0s5goyyqnjb72sqj3vxwr0h&oauth_token_secret=rig3x3j5a9z5j6d4ubjwyf9f1l21itrr&oauth_callback_confirmed=true
You should continue to get the token.
This is the best (and official) tutorial:
http://devdocs.magento.com/guides/m1x/api/rest/authentication/oauth_authentication.html#OAuthAuthentication-UsingOAuth
I am not sure what programming language you are using, but the API lists the code for authenticating and retrieving products in php on the bottom.
I just started working on this in ruby using the code here.
#consumer=OAuth::Consumer.new auth["consumer_key"],
auth["consumer_secret"],
{:site=>"your-site-here"}
#request_token = #consumer.get_request_token
Let me know if I misunderstood your question or wasn't clear in my explanation.
Please follow those instructions here:
http://inchoo.net/magento/configure-magento-rest-and-oauth-settings/
After that, follow these steps:
http://www.aschroder.com/2012/04/introduction-to-the-magento-rest-apis-with-oauth-in-version-1-7/
At the beginning of the article, the writer asks to use a Ruby program called oAuth. If you are using Linux, put these commands into the command line to install Ruby and oAuth:
sudo apt-get install ruby
and
sudo gem install oauth
Beware, if you put exactly this:
--authorize-url http://www.yourstore.com/magento/oauth/authorize \
You'll get a permissions error when you'll want to login. You should replace this by:
--authorize-url http://www.yourstore.com/magento/admin/oauth_authorize \
Everything should go smoothly.