I have used the below link to set the subscription for facebook application:
https://graph.facebook.com/v2.2/MY_APP_ID/subscriptions?callback_url=MY_CALLBACK_URL?object=user&fields=feed&verify_token=MY_VERIFICATION_CODE&access_token=My_App_ID|MY_APP_SECRET
For this I am getting empty json object:
{
"data": [``
]
}
Please any one help me to set the subscription for my facebook application and to get the realtime updates from facebook.
It looks like you are sending a HTTP GET request instead of a HTTP POST request.
The HTTP GET request will return the subscriptions that app has, which seems to be none.
You need to first create a subscription to your callback_url by using a POST request instead.
Related
I am new to firebase push notification.
https://accounts.google.com/o/oauth2/auth?client_id=CLIENT_ID&scope=https://gdata.youtube.com&response_type=code&access_type=offline&redirect_uri=urn:ietf:wg:oauth:2.0:oob
When I type above url in browser I get a code to to be used in following client side post call
{
grant_type=authorization_code,
redirect_uri=urn:ietf:wg:oauth2.0:oob,
code=code get from browser
client_id=your_client_id,
client_secret=your_client_secret,
}
But scope=https://gdata.youtube.com in above url should be replaced with firebase push notification url. Then only I can do above call. So I would like to know what should be the scope for firebase push notification? I mean what is replacement of https://gdata.youtube.com in above url. Please help me.
At last I found the answer from What Bearer token should I be using for Firebase Cloud Messaging testing? link. It is https://www.googleapis.com/auth/firebase.messaging
UIB Sandbox Access request.
The webhook URL will be receiving a webhook payload as an input.
Get the web hook URL from the application you want to send data
use that URL in webhook section of the application you want to receive data from
choose type of events you want to application to notify you about
I'm having an issues with the new API policy of Instagram
I already got my app approved and got basic permissions
IG API Permissions
When using the app on sandbox mode I can get API response only for my own user, however when I move to Live Mode and try using the API all I receive is error 400 code
For example
https://api.instagram.com/v1/users/search?access_token=MY-TOKEN&count=6&q=world
Response
{
meta: {
error_type: "OAuthPermissionsException",
code: 400,
error_message: "This client has not been approved to access this resource."
}
}
Even using the same API with my own username still getting the same error
I was trying to search on it but all I can find is the same error happens to unauthorized users
Any idea ?
I have fixed the This client has not been approved to access this resource Issue by Authorizing the Instagram public_content scope by visiting the following URL and clicking Authorize.
https://api.instagram.com/oauth/authorize/?client_id=[YOUR_CLIENT_ID]&redirect_uri=[YOUR_REDIRECT_URI]&scope=public_content&response_type=token
I found the reason, I can't use that endpoint because I have only permission for basic. for more information https://www.instagram.com/developer/endpoints/users/
I am trying to use Periscope API (https://github.com/gabrielg/periscope_api/blob/master/API.md) in my application. As in the API link I am trying to send POST request to https://api.periscope.tv/api/v2/loginTwitter?build=v1.0.2
with request body as following
{
"bundle_id": "com.bountylabs.periscope",
"phone_number": "",
"session_key": "<twitter_user_oauth_key>",
"session_secret": "<twitter_user_oauth_secret>",
"user_id": "<twitter_user_id>",
"user_name": "<twitter_user_name>",
"vendor_id": "81EA8A9B-2950-40CD-9365-40535404DDE4"
}
I already have an application in https://apps.twitter.com/ but I don't know what to use as twitter_user_oauth_key and twitter_user_oauth_secret. Can you help?
I must say https://github.com/gabrielg/periscope_api/ implementation is a bit complicated. Author using 2 sets of keys (IOS_* and PERISCOPE_*) when you actually need only one to access API. I didn't tried to broadcast but in my PHP library all other functions works without troubles with only what he call PERISCOPE_* set of keys.
You will get session_secret and session_key from Twitter after getting access to it as Periscope application.
So Periscope's login via Twitter process looks like
Request OAuth token via https://api.twitter.com/oauth/request_token
Redirect user to https://api.twitter.com/oauth/authorize?oauth_token=[oauth_token]
Wait for user login and get oauth_token and oauth_verifier from redirect url
Get oauth_token, oauth_token_secret, user_id and user_name via request to https://api.twitter.com/oauth/access_token?oauth_verifier=[oauth_verifier]
Send request to https://api.periscope.tv/api/v2/loginTwitter
{
"bundle_id": "com.bountylabs.periscope",
"phone_number": "",
"session_key": "oauth_token",
"session_secret": "oauth_token_secret",
"user_id": "user_id",
"user_name": "user_name",
"vendor_id": "81EA8A9B-2950-40CD-9365-40535404DDE4"
}
Save cookie value from last response and add it to all JSON API calls as some kind of authentication token.
Requests in 1 and 4 steps should be signed with proper Authorization header which requires Periscope application's consumer_key and consumer_secret. While consumer_key can be sniffed right in first step (if you are able to bypass certificate pinning) consumer_secret never leaves your device and you can't get it with simple traffic interception.
There is PHP example of login process https://gist.github.com/bearburger/b4d1a058c4f85b75fa83
Periscope's API is not public and the library you are referring to is sort of a hack.
To answer the original question, oauth_key & oauth_secret are keys sent by your actual device to periscope service. You can find them by sniffing network traffic sent by your device.
I am currently researching a way to use the Google Purchase Status API with just HTTP request calls, and I have hit a brick wall. I have an app setup with Google Play, and ownership of the Google Console account.
Basically, I just would like to check the status of a user's purchase on my server. The only information I should be using is the purchase token, product ID, and product package.
I have followed all the documentation on doing this at developer.android.com/google/play/billing/gp-purchase-status-api.html
The HTTPS request call I am attempting to make is this (product names and real strings substituted):
googleapis.com/androidpublisher/v1.1/applications/(com.product.myproduct)/inapp/(com.product.myproduct.product1)/purchases/(myproductpurchasestring)?access_token=(myaccesstokenstring)
and my response is always this:
{
"error": {
"errors": [
{
"domain": "androidpublisher",
"reason": "developerDoesNotOwnApplication",
"message": "This developer account does not own the application."
}
],
"code": 401,
"message": "This developer account does not own the application."
}
}
When polling my access token through this http request call:
googleapis.com/oauth2/v1/tokeninfo?access_token=(myaccesstokenstring)
this is my response:
{
"issued_to": "12345.apps.googleusercontent.com",
"audience": "12345.apps.googleusercontent.com",
"scope": "https://www.googleapis.com/auth/androidpublisher",
"expires_in": 3319,
"access_type": "offline"
}
So according to the documentation at https://developers.google.com/accounts/docs/OAuth2#webserver, I need to:
Authorise myself and retrieve a refreshable access token that is generated from 'Client ID for web applications' in the API access section of the Google API Console. I have done this.
Utilise this access token for google API calls in either of 2 ways: appending the string to the HTTP header 'Authorization', or as part of the HTTPS request itself with the property access_token=(mytokenstring). This part does not work for me, I always get an unauthorised message.
My question I guess would be: is it possible to use a simple HTTPS request call (without external library support) to retrieve the status of a purchased item without user interaction on backend servers?
I would really appreciate any help, most of the other threads are about how to go about getting a refresh token, but I have covered that already.
ok, I figured out my own problem with the help of a colleague. Basically, my access token was being generated under an account which wasn't linked to the project in any way. It would be safest to use the owner of the project's google account when generating the access token.
Phew!