In my Rails 3 app, I am able to successfully authenticate using Oauth2 and able to get the metadata for a file. The downloadUrl is
https://doc-10-3o-docs.googleusercontent.com/docs/securesc/tj647mo7q16s2rquitcrcv800pkn7gcf/ap67p147th03cn8rjpu68i8qva3p7i8j/1345240800000/02289284805103305740/02289284805103305740/0BwsQ03A3DXbCTVBjUDlNNzNJNDQ?h=16653014193614665626&e=download&gd=true
The documentation states that I must do the following:
Gets a file's metadata by ID. To download a file's content, send an authorized HTTP GET request to the file's downloadUrl
I do not wish to use Google APIs Client Library for Ruby, but simply formulate a HTTP Request using HTTParty
Here is a snippet of the code I've been trying to get to work
response = HTTParty.get(https://doc-10-3o-docs.googleusercontent.com/docs/securesc/tj647mo7q16s2rquitcrcv800pkn7gcf/ap67p147th03cn8rjpu68i8qva3p7i8j/1345240800000/02289284805103305740/0?access_token={token})
open("/User/mymachine/test.pdf", 'wb'){|pdf| pdf << response.body}
I'm pretty sure I'm formulating the request wrong. Any help would be greatly appreciated. Thanks in advance.
You have to add the Authorization: Bearer header to your request, together with the access token you retrieved during the OAuth 2.0 flow.
Basically, your HTTP request must look like the one in the OAuth 2.0 documentation:
https://developers.google.com/accounts/docs/OAuth2WebServer#callinganapi
I'm not a Ruby expert, but the request using HTTParty should be:
response = HTTParty.get(downloadUrl, :headers => {"Authorization" => "OAuth {token}"})
Where downloadUrl is the one you got from the file's metadata and token is the access token you retrieved when performing authorization.
Related
I'm building a SaaS project that requires authentication (duh!) and for that I am using Auth0.
I've managed to the steps detailed here successfully.
Code from above link:
https://YOUR_DOMAIN/authorize?
response_type=code&
client_id=YOUR_CLIENT_ID&
redirect_uri=https://YOUR_APP/callback&
scope=SCOPE&
audience=API_AUDIENCE&
state=STATE
But I'm not sure what to do when I redirect to the redirect_url (here my dashboard url, e.g: dashboard.example.com). I mean I don't know how to use this code.
I get the code appended to url after redirect, so I think everything's working, but am not sure how to use it further to populate the dashboard with user details and retrieve content.
Do I use my API endpoint here instead of the dashboard url?
Hope my question is clear.
Any help would be wonderful!
Thanks in advance!
Edit:
I am using Universal Login, not using any SDK as of now.
After you receive the code you will exchange it for tokens via the POST /oauth/token endpoint.
Here is an example code exchange request from the Authentication API docs
POST https://YOUR_DOMAIN/oauth/token
Content-Type: application/x-www-form-urlencoded
grant_type=authorization_code&
client_id=YOUR_CLIENT_ID&
code_verifier=CODE_VERIFIER&
code=AUTHORIZATION_CODE&
redirect_uri=https://YOUR_APP/callback
Then, you can use the ID token to populate your user's info, and the access token to retrieve other data from your backend API.
I am building a program that will list albums/folders and images from my Amazon Cloud Drive. I am able to authenticate and get a token by following the instructions here at amazon public apis.
I am having trouble with the next call to get my endpoints described here under Account API.
Using get
GET : {{metadataUrl}}/account/endpoint Gets the customer end-point against
which REST queries will be executed.
So my request looks just like this in fiddler and on my site just like it is described on the Amazon site here under Get Endpoint. The only differences is the token for obvious reasons.
Sample Request:
GET /drive/v1/account/endpoint HTTP/1.1
Host: drive.amazonaws.com
Authorization: Bearer
Atza|IQEBLjAsAhQ5zx7pKp9PCgCy6T1JkQjHHOEzpwIUQM
My response is:
{
"message":"Authorization header requires 'Credential' parameter.
Authorization header requires 'Signature' parameter.
Authorization header requires 'SignedHeaders' parameter.
Authorization header requires existence of either a 'X-Amz-Date'
or a 'Date' header. Authorization=Bearer"
}
What I am expecting:
{
"customerExists": true,
"contentUrl": "https://content-na.drive.amazonaws.com/cdproxy/",
"metadataUrl": "https://cdws.us-east-1.amazonaws.com/drive/v1/"
}
I did find some information about building the objects in my response from amazon, however, it's not listed in the documentation on the amazon developer site. Is this something new that has not been updated in the docs or am I doing something wrong?
I had a new line between Authorization: Bearer and my token Atza|IQEBLjAsAhQ5zx7pKp9PCgCy6T1JkQjHHOEzpwIUQM. After removing the new line my issue was fixed..
I am trying to use the Cloudcontrol REST API.
Has anybody used that API? I did not find out how to authenticate.
As an example, I tried https://api.devcctrl.com/app/APPMNAME/deployment/default/error/
I found : https://api.devcctrl.com/doc/#Token but I don't understand how exactly to use it.
An example would be great.
What I really want to do: I want to deploy an app using REST API. I cannot use the CLI tools due to missing python installation.
Thanks
Mike
First, in order to get the token, you need to send a HTTP POST request to api.cloudcontrol.com/token/using Basic Authentication using the email and password of your cloudControl account. You will get a JSON response like this:
{"token": "<TOKEN_KEY>"}'
You need this token key to authenticate for all other requests to the API. To do so, add an Authorization Header to your request with this content:
Authorization -> "cc_auth_token="<TOKEN_KEY>""
Furthermore, you might also need to set up some other headers for PUT or POST requests, like:
Content-Type -> "application/x-www-form-urlencoded"
Content-Length -> <length of your parametrized url values, e.g. bar=baz&foo=qux>
Accept-Encoding -> "compress, gzip"
You can find examples of this usage in the pycclib (Python) or gocclib (Go) libraries.
I have to migrate from Google OAuth 1.0 to OAuth 2.0.
I just have wrote a small request in Chrome Rest Client:
POST: https://accounts.google.com/o/oauth2/token
Headers: Authorization: OAuth realm="", oauth_signature="PU3W5uRL0eAyEi", oauth_nonce="1396865138306881000", oauth_signature_method="HMAC-SHA1", oauth_consumer_key="XXXXX.apps.googleusercontent.com", oauth_token="YYYYY", oauth_timestamp="1396865138", Content-Type: application/x-www-form-urlencoded
Payload: grant_type=urn:ietf:params:oauth:grant-type:migration:oauth1&client_id=ZZZZZ.apps.googleusercontent.com&client_secret=SSSSS
For that I receive an error message:
Status: 400 Bad Request
"{
error: "invalid_request"
error_description: "Invalid authorization header."
}"
The problem could be that I try to migrate from one Project in Google Developers Console to another.
Could that really be a problem?
The reason that I moved to another project is because I cannot create OAuth 2.0 Client ID in the original Project. I receive the following error message:
"You can not create OAuth 2.0 client ID because this project already contains an Oauth 1.0 client ID."
Please suggest.
Thank you,
E
As pointed out in a similar post, when constructing the base string to sign your migration requests, please make sure that the string uses a POST method and that it contains all relevant migration parameters as per the migration documentation.
As per OAuth1 spec, a valid base string for a migration request should look like:
POST&https://accounts.google.com/o/oauth2/token&client_id=YOUR_CLIENT_ID&client_secret=YOUR_CLIENT_SECRET&grant_type=urn:ietf:params:oauth:grant-type:migration:oauth1&oauth_consumer_key=YOUR_CONSUMER_KEY&oauth_nonce=NONCE&oauth_signature_method=HMAC-SHA1&oauth_timestamp=1396414006&oauth_token=THE_TOKEN_TO_MIGRATE
Note that, for readability purpose, the above is the decoded version of the base string (check out the OAuth1 spec for more examples).
Hope that helps, Miguel.
When generating the base string you will need to ensure that each individual parameter is URL encoded before constructing the base string.
As per the oAuth documentation to sign OAuth 1.0 requests the base string is made up of 3 components
The HTTP request method
The base URL the request is being sent to
A normalized string of the parameters in the request
When constructing the base string you need to do the following
Ensure HTTP request method is POST
URL encode the base URL
Ensure the three POST body parameters [client_id, client_secret, grant_type] are included in the normalized request parameters
Ensure each parameter is individually URL encoded and then URL encode the complete normalized request parameters string. So in effect, some of the paramters are double URL encoded. This double URL encoding is mentioned in Using OAuth with the Google Data APIs#Signing Requests for the oauth_token
Only after doing all these steps did I get the migration request to work and I received a valid refresh_token
Below is a sample base string
POST&https%3A%2F%2Faccounts.google.com%2Fo%2Foauth2%2Ftoken&client_id%3Dxxxxxxxxxx-xxxxxxxxxxxxxxxxxxxxxxxxxx.apps.googleusercontent.com%26client_secret%3Dxxxxxxxxxxxx%26grant_type%3Durn%253Aietf%253Aparams%253Aoauth%253Agrant-type%253Amigration%253Aoauth1%26oauth_consumer_key%3Dxxxxxxxxx%26oauth_nonce%3D4106001%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1400779530%26oauth_token%3D1%252FkklP1YPy_AULt7j_tttttt_tterwerkj_dfj45dflk
Hey guys I ran into a weird issue with trying to use the Yammer API's Download URL.
Since this is an API call, you would think that you could just append your users
access token to the end of the API URI to initiate a direct download of the file,
but it seems that this will lead to a 401 Unauthorized when trying to actually use it?
My api urls are set up as so
https://www.yammer.com/domain.com/api/v1/uploaded_files/{file_number}/version/{version_number}/download/somepdf.pdf?access_token={access_token}
Does anyone know why this does not work?
?access_token={access_token} will not work the token should be in the http header and not the url after authentication.
If you are trying to access Yammer programmatically from an application be aware of the following:
Around December 2013 Yammer has slightly modified the authentication process.
By then the access_token could be part of the URL as described in the question.
Calling the API with the old code results in a HTTP 401 error. By now it is important to transport a Bearer Token in the HTTP Request like this:
GET /api/v1/messages/following.json HTTP/1.1
Host: www.yammer.com
Authorization: Bearer abcDefGhi
abcDefGhi is the token gathered after the oauth authorization.
Source:
http://developer.yammer.com/authentication/