When I use the following URI for the Google OAuth request I get error below:
"Realm didn't match redirect_uri/origin. Error code: 2".
Can anyone tell me what I am doing wrong?
https://accounts.google.com/o/oauth2/auth?client_id=client_id_copied_from_the_developer_console&response_type=code&scope=openid%20email&redirect_uri=https://mysite.your-now.com/oauth2callback&state=security_token%3D138r5719ru3e1%26url%3Dhttps://mysite.your-now.com/navpage.do&login_hint=mycompany#gmail.com&openid.realm=your-now.com&hd=your-now.com
The realm value you are providing as openid.realm is malformed.
More specifically, the openid4java match method is failing with a MALFORMED_REALM result. Make sure you are providing a valid url as realm!
Hope that helps.
Related
Everytime I add a tip with url parameter (https://developer.foursquare.com/docs/tips/add), I always get this error.
{"meta":{"code":400,"errorType":"param_error","errorDetail":"bad tips/add request","requestId":"5703acdf498e8435008ddeea"},"notifications":[{"type":"notificationTray","item":{"unreadCount":0}}],"response":{}}
Sample of the post request:
https://api.foursquare.com/v2/tips/add?text=Very+useful+tips!&url=http%3A%2F%2Fwww.stackoverflow.com&venueId=[VENUEID]&oauth_token=[TOKEN]&v=20131016
I'm trying to get access token from hail after get an authorization code from url https://hail.to/oauth/authorise?client_id={$client_id}&redirect_uri={$redirect_url}&response_type=code&scope=user.basic+user.manage+org.basic+content.read+content.read+content.connections
After getting the code from the above url, the documentation they provide does not state what should be the correct parameter to get an access_token. The documentation says it should be a POST method to get access token by using url https://hail.to/api/v1/oauth/access_token?client_id={$client_id}&client_secret={$client_secret}&grant_type=authorization_code&code={$client_access_token_code}&redirect_uri={$redirect_url}.
When I try this, I get the following error response:
{
"error" : {
"message" : "The request is missing a required parameter, includes an invalid parameter value, includes a parameter more than once, or is otherwise malformed. Check the \"grant_type\" parameter.",
"error_code" : null
}
}
If anyone has faced this problem, please help me out on this.
I don't know what should be the correct parameter for grant type.
instagram Authentication gives 'No matching code found' only when I use additional query parameters:
https://api.instagram.com/oauth/authorize/?client_id=client_id&redirect_uri=http://dev.dev-site.ru/?reg=1&response_type=code
If I use it without additional parameter all is ok:
https://api.instagram.com/oauth/authorize/?client_id=client_id&redirect_uri=http://dev.dev-site.ru/&response_type=code
I tried to change registered REDIRECT URI to "http://dev.dev-site.ru/", "http://dev.dev-site.ru/?reg" but unsuccessfully. What is is my mistake?
The ? in redirect_uri is causing issues, URL escape the redirect_uri value and it will work fine.
I am newbie to jmeter. I am trying to test to login to my site say (example.com/session/new).
I have added the http cookie manager and 2 http request defaults.
In the first, am visiting example.com/session/new and extracting the authenticity token in the response data using regex meta content="(.+?)"name="csrf-token" . Now, in the second http request, I have a post request with the parameters as
name:utf value:(tickmark)
name :authenticity_token value: ${token}
name:email value:test#test.com
name:password value:test.
name:commit value:Sign In
And then am asserting for a text post login.
When I run the test, the assertion fails. as it results in 404.
In the request, I can see utf8=%E2%9C%93+&authenticity_token=%24%7Btoken%7D&email=test%40test.com&password=test&commit=Sign+In. Please help me fix this.
I know this is an old post, but I've been struggling with this exact same query, so I've decided to post my answer in case it helps anyone - it worked first time for me. So after requesting the login page for my site, the following csrf token is embedded in the html response;
<input type="hidden" name="csrfToken" value="fe5a48ebda7b98cbbf885b4a220ebe0c23b11125-1459096615520-1ac64aa945986cb1bd318d9c"/>
So when making the initial request for the login page, instead of using a Regular Expression Extractor, if the token is in the body of the HTML response, use an XPath Extractor instead.
If your response is not XML/XHTML compliant then tick the 'use tidy' checkbox.
For reference name add the reference you wish to refer to the token as e.g. token. When you add your parameters to the login request, you can then refer to your csrfToken as ${token}
Then for X-Path query use;
//input[#name="csrfToken"]/#value
The following tutorial shows you how to use a Regular Expression Extractor, but it should also help you to understand how to set up the query a bit more;
https://www.youtube.com/watch?v=SVxB3Tk4O4A&feature=iv&src_vid=hGkrSFKcj10&annotation_id=annotation_85358
Looks like you did every thing good , except correlation . After decoding your error url , I found that you correlation is not working . Below is the decoding URL "utf8=✓ &authenticity_token=${token}&email=test#test.com&password=test&commit=Sign In."
In your "Regular expression extractor" add below details
1. Reference Name:token
2. Regular Expression : name="csrfToken" value="(.+?)"
3. Template : $1$
4. Match No: 1
Note: Check the occurrences of "csrfToken", if you required first occurrence then enter 1 , if you required 2nd occurrence enter 2 ....etc.
I am trying Token based authentication with NancyFX. Token is getting generated perfectly but when I am passing header in Get Request, I can't get pass this.RequiresAuthentication() and getting unauthorized error.
Here is my token format
Token:{ token: "ZGVtb1VzZXINCmFkbWlufG5vbmFkbWluDQo2MzU1MDU5NjU4NzExNTE5MzkNCk1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDYuMzsgV09XNjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8zOC4wLjIxMjUuMTExIFNhZmFyaS81MzcuMzY=:QerS8B701zoC1xqlvSxuz0EbrBDtfgEzkDWzlEj9ChA=" }
Am I passing wrong way?
I have also tried
Token:{ ZGVtb1VzZXINCmFkbWlufG5vbmFkbWluDQo2MzU1MDU5NjU4NzExNTE5MzkNCk1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDYuMzsgV09XNjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8zOC4wLjIxMjUuMTExIFNhZmFyaS81MzcuMzY=:QerS8B701zoC1xqlvSxuz0EbrBDtfgEzkDWzlEj9ChA=}
and also
"Token:{ ZGVtb1VzZXINCmFkbWlufG5vbmFkbWluDQo2MzU1MDU5NjU4NzExNTE5MzkNCk1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDYuMzsgV09XNjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8zOC4wLjIxMjUuMTExIFNhZmFyaS81MzcuMzY=:QerS8B701zoC1xqlvSxuz0EbrBDtfgEzkDWzlEj9ChA=}"
But nothing work.
Please let me know if any more details are required.
The value of the authorization header must simply read "Token ZGVtb1VzZXINCmFkbWlufG5vbmFkbWluDQo2MzU1MDU5NjU4NzExNTE5MzkNCk1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDYuMzsgV09XNjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8zOC4wLjIxMjUuMTExIFNhZmFyaS81MzcuMzY" (no quotes).
The brackets in the documentation threw me off as well.