I'm now trying to use google oauth api to allow google user to login to my app. And I've followed all along with google's OAuth2Login documentation.
I used this to get a code and it worked just fine.
var u = 'https://accounts.google.com/o/oauth2/auth?'
+ '&response_type=code'
+ '&client_id=' + opts.googleClient
+ '&redirect_uri=' + redirectURI
+ '&scope=' + opts.scope
+ '&approval_prompt=force&access_type=offline';
But while I try to get the access_token with the /o/oauth2/token api like below:
var u = 'https://accounts.google.com/o/oauth2/token?'
+ 'code=' + code
+ '&client_id=' + opts.googleClient
+ '&client_secret=' + opts.googleSecret
+ '&scope='
+ '&redirect_uri=' + redirectURI
+ '&grant_type=' + 'authorization_code';
request.post({url: u, json: true}, fn);
It returned me
{
error: "invalid_request"
}
I've checked that with Chrome developer tools in the Network bar which indicate that the request URL is https://accounts.google.com/o/oauth2/approval?as=-5013c18c497345fc&hl=en&pageId=none&xsrfsign=APsBz4gAAAAAUcwS1TxlojrAPVNCj7ntTlz1H4xQgysC instead of what I'm posting to.
I can make sure my post url and data looks exactly like that in Google oauthplayground. But the result is totally different.
Did I doing anything wrong? Please help.
The data you are sending looks correct, but it looks like there are two errors in how the request is formed.
First, when you construct the form data part of the message make sure that you URL encode all of the values, e.g. if the redirect_uri value contains an &, that will cause you problems unless it is URL encoded.
Second, while you are correctly doing a POST instead of a GET, you are still sending the parameters in the query string instead of in the body of the request. Move them to the body, set the content-type to 'application/x-www-form-urlencoded' and you should be set.
(it looks like JavaScript, but I'm not sure which libraries you are using so I didn't provide sample code)
Related
I have to add an authorization to a REST request in Delphi.
Can someone give me an example how should it call the AddAuthParameter procedure?
I am doing this code in an onclick event of a button :
authjo, auth1, auth2, auth3, auth4, auth5, auth6, auth7, auth8, auth9, auth10 : string;
authjo := auth1 + auth2 + auth3 + auth4 + auth5 + auth6 + auth7 + auth8 + auth9 + auth10 ;
Restrequest4.AddAuthParameter('Authorization',authjo,TRESTRequestParameterKind.pkHTTPHEADER);
Restrequest4.Execute;
But this does not use thes the Authorization token 'authjo' and i don't know why.
I must have Authorization like this "Authorization Bearer :token" am i not constructing well in the code ?
If the authentication expects a Bearer token, you must add that to your call:
Restrequest4.AddAuthParameter('Authorization','Bearer ' + authjo,TRESTRequestParameterKind.pkHTTPHEADER);
Having messed around with Delphi to access an API (In my case Trakt), I managed to authenticate with OAuth2. But I ran into the very same problem as you did.
I have just asked my question here:
Accessing TRAKT API from Delphi - issues with Bearer authentication [SOLVED]
As I understand it, the root cause it that adding headers like we do, will create a parameter entry that is "Authorize=Bearer [token]" whereas it should be "Authorize:Bearer [token]".
See here:
How to add a "Authorization=Bearer" header with Indy in Delphi?
I have managed to mitigate the issue and would like to reference to that thread.
Also, the tool Fiddler was most helpful to see what my app actually sent and what it got back.
I get an error like so:
{
"error_message" : "This API project is not authorized to use this API.",
"results" : [],
"status" : "REQUEST_DENIED"
}
whenver I run this: https://maps.googleapis.com/maps/api/geocode/json?address=Winnetka&key=AIzaSyCKyVbBzwtgkyuut7P5mxK9vcOWMygCfp0
In the sample video that I am following, he gets a result like so:
in my case i had # in address link input=City Clinical # 89so i had to remove it
You need an API key. Otherwise it won't work.
To get an API Key you have to go to this webpage https://cloud.google.com/maps-platform/#get-started and pick the products you need. Also select or create a project and finally you have to set up a billing account. Unfortunately it isn't for free as far as I know.
Post Values like below:
String str_origin = "origin=" + origin.latitude + "," + origin.longitude;
// Destination of route
String str_dest = "destination=" + dest.latitude + "," + dest.longitude;
// Sensor enabled
String sensor = "sensor=true";
String mode = "mode=driving";
String key = "key="+getResources().getString(R.string.google_maps_key);
// Building the parameters to the web service
String parameters = str_origin + "&" + str_dest + "&" + sensor + "&" + mode + "&" + key;
// Output format
String output = "json";
// Building the url to the web service
String url = "https://maps.googleapis.com/maps/api/directions/" + output + "?" + parameters;
Read Google's developer page instructions on the Required parameters, might help.
Google states
"As of June 11, 2018, you must enable billing with a credit card and have a valid API key for all of your projects."
https://cloud.google.com/maps-platform/user-guide/?hl=en
and
"You must have a valid API key and a billing account to access our APIs. When you enable billing, you will get $200 free usage every month for Maps, Routes, or Places."
https://cloud.google.com/maps-platform/user-guide/account-changes/?hl=en
I am making API call in xml format. Using url as http://www.docusign.net/restapi/v2/login_information and production credentials details, I am retrieving accountID and Baseurl then i am trying to Request Envelope Result in xml format which is as below
string requestBody = "http://www.docusign.com/restapi\">" +
"<accountId>" + accountId + "</accountId>" +
"<status>sent</status>" +
"<emailSubject>API Call for Embedded Sending</emailSubject>" +
"<emailBlurb>This comes from C#</emailBlurb>" +
"<templateId>" + templateId + "</templateId>" +
"<templateRoles>" +
"<templateRole>" +
"<email>" + username + "</email>" + // NOTE: Use different email address if username provided in non-email format!
"<name>Name</name>" + // username can be in email format or an actual ID string
"<roleName>" + roleName + "</roleName>" +
"</templateRole>" +
"</templateRoles>" +
"</envelopeDefinition>";
then I am making post call
request = (HttpWebRequest)WebRequest.Create(baseURL + "/envelopes");
request.Headers.Add("X-DocuSign-Authentication", authenticateStr);
request.ContentType = "application/xml";
request.Accept = "application/xml";
request.ContentLength = requestBody.Length;
request.Method = "POST";
// write the body of the request
byte[] body = System.Text.Encoding.UTF8.GetBytes(requestBody);
Stream dataStream = request.GetRequestStream();
dataStream.Write(body, 0, requestBody.Length);
dataStream.Close();
// read the response
webResponse = (HttpWebResponse)request.GetResponse();
in the last line, it gives error of 400 bad request.
This works fine with demo account but in production account gives 400 error. Thank you all who try to help me.
If your code is working in the Demo environment but fails in Production this might be either authentication related or something related to your account settings (in either demo or prod). I suspect it is auth related though.
I see that you are using the older legacy authentication using the /login_information endpoint. When you make the login request in demo the baseUrl is always demo.docusign.net since that's the only sub-domain in that environment.
However for production your account might exist in one of several sub-domains based on where you were when you created the account and a few other factors. I see you using www.docusign.net for your production endpoint which is correct for the Login API but what your integration needs to do is parse the baseUrl that is returned in the response and use THAT as the base for your core API requests.
For example, your production account might reside in one of the following domains:
na2.docusign.net
na3.docusign.net
eu.docusign.net
...
Again to verify which sub-domain your integration should be using for production parse the baseUrl that is returned from the Login API and use that for sub-sequent requests.
Maybe I'm doing this wrong but how would I access query parameters of Cloud functions?
When I do a POST here (as cloud functions work) and add my query parameter of "q" it says it is undefined.
Here's the URL I am POST'ing to
http://localhost:1337/api/v1/functions/get_untappd?q=45566
From the url I build up you can see at the end I'm using the typical Express.js / Node accessing of parameters.
var untappdURL = "https://api.untappd.com/v" +
untappdApiVersion +
"/search/beer?client_id=" +
untappdClientId +
"&client_secret=" +
untappdClientSecret +
"&q=" + request.params.q;
Anything I'm doing wrong?
Sorry I should of closed this out. It was a bug and they eventually fixed it =]
I have finished my app and then tried it on 3 FB accounts and it was ok,
but the 4th have a permanent error (it cannot get an access token):
com.restfb.exception.FacebookOAuthException: Received Facebook error response of type OAuthException: Expected 1 '.' In the input between the postcard and the payload.
I tried to remove the app and install it again on this account a few times and nothing changed.
I use Java and restFB client.
This is the code where i get the access token:
if (request.getParameter("code") != null) {
String code = request.getParameter("code");
String url = "https://graph.facebook.com/oauth/access_token?"
+ "client_id=" + clientId + "&" + "client_secret="
+ clientSecret + "&" + "code=" + code + "&" + "redirect_uri="
+ redirectURL +"&type=web_server";
String accessToken=readUrl(url).split("&")[0].replaceFirst("access_token=", "");
//....
}
I saw here someone with the same error, he said that the solution was:
replacing "|" with "%257C" which made my access token invalid"
I couldn't really understand what he means.
Embarrassing as it is -- I'll be honest in case it helps someone else:
When I got this error message, I had accidentally copy/pasted a Google access_token (e.g. ya29.A0A...) into a Facebook graph API route. :)
It's probably worth logging the response to the /oauth/access_token request and the value you extract for use as the access token.
For the account that doesn't work, check whether the /oauth/access_token response includes other parameters before access_token. IIRC I've seen responses like
expiry=86400&access_token=AAAxxxx
Check to ensure you are verifying the "code" parameter returned by Facebook before signing the request, not the "access token". That was the mistake I made.
I experience the same issue, and after debugging my only conclusion was that when this message is thrown it might just be the token is expired or invalid. Checking with a freshly generated token should not throw this error.