I have been trying to use different Java OAuth libraries to get request and access token from Twitter API. Finally, I have come to use Scribe as one of the most stable libraries for this matter. However, I have not been able to get this to work with Twitter on the first step which is getting the access token:
twitterOAuthService = new ServiceBuilder(twitterOauthConsumerKey)
.apiSecret(twitterOauthConsumerKey).debug().callback(callback).build(
TwitterApi.instance());
OAuth1RequestToken requestToken = twitterOAuthService.getRequestToken();
It throws the following exception:
Response{code=401, message='Authorization Required', body='null', headers={date=Tue, 05 Nov 2019 07:06:34 GMT, null=HTTP/1.1 401 Authorization Required, server=tsa_l, content-length=64, expires=Tue, 31 Mar 1981 05:00:00 GMT, x-response-time=166, x-frame-options=SAMEORIGIN, www-authenticate=OAuth realm="https://api.twitter.com", x-transaction=00e2c19300b2d1ab, strict-transport-security=max-age=631138519, pragma=no-cache, set-cookie=guest_id=v1%3A157293759473549885; Max-Age=63072000; Expires=Thu, 4 Nov 2021 07:06:34 GMT; Path=/; Domain=.twitter.com, last-modified=Tue, 05 Nov 2019 07:06:34 GMT, x-xss-protection=0, x-content-type-options=nosniff, content-disposition=attachment; filename=json.json, x-connection-hash=badf004485a6d713a29ed3f90de9e981, x-twitter-response-tags=BouncerCompliant, content-type=application/json; charset=utf-8, cache-control=no-cache, no-store, must-revalidate, pre-check=0, post-check=0, status=401 Unauthorized}}
I can see that the Authorization header is set properly:
Authorization -> OAuth oauth_callback="http%253A%252F%252F127.0.0.1%253A3000%252Fsettings", oauth_consumer_key="8hupaLbXA2s792EzU8DIE6K", oauth_nonce="2929183554", oauth_signature="s%2BRMAninTESJqJg92BuEA8h3E%3D", oauth_signature_method="HMAC-SHA1", oauth_timestamp="1572936780", oauth_version="1.0"
I have tested the below approaches as they were suggested in different places:
Ensure Authorization header is sorted alphabetically!
Ensure that the timestamp is set properly
Ensure that the consumer secret and consumer key are set properly
Ensure that the encoding of oauth_signature (percent encoding) and call_back is set properly
I have run out of any other scenarios and I am not even sure if I can use Scribe library for Twitter. I would appreciate it if someone could help me to address this issue.
Related
Two part question that may or may not be related to each other.
I am running Stackify Prefix v3.0.28 for a Java application on Win10 and it generally seems to work OK: I can see the traces of various actions in our application.
Part 1:
When navigating to any page of our application I get two failed requests to load JS files:
http://127.0.0.1:2/scripts/sfclient.xhr.min.js
http://127.0.0.1:2/scripts/sfclient.perf.prefix.min.js
Both of these requests fail with ERR_CONNECTION_REFUSED. Those script references are not in my JSP page so I assume they are injected by Prefix.
Here is the raw HTML that tries to load the 2 scripts:
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"><script src="http://127.0.0.1:2/scripts/sfclient.xhr.min.js"></script>
<script>var SPerfLib = window.SPerfLib || {}; SPerfLib.RequestId = '54fd58d1-7f7e-d3a4-0001-331676a83598'; if(!SPerfLib.isAttached) { document.addEventListener('DOMContentLoaded', function() { var l = document.createElement('script'); l.src = 'http://127.0.0.1:2/scripts/sfclient.perf.prefix.min.js'; document.body.appendChild(l);}); SPerfLib.isAttached = true;}</script>
I have tried looking for configuration options, but found none. I was not sure if the scripts should be server from port 2 or not. The Prefix trace output is from port 2012 and that seems correct.
I tried uninstalling and re-installing Prefix, but with the same results. There does not seem to be any later version of Prefix to try.
How do I get those scripts to load successfully?
Part 2:
On one particular page we have an XHR to retrieve some JSON data. The server is returning data correctly, but it is somehow deleted before it arrives at the browser. The response headers show status 200 but 0 bytes content-length, which then causes some of our JS on the page to fail. If I run the same thing w/o Prefix everything works as expected - status is still 200, but content-length is 37 and JSON payload is visible.
This is the response header for the XHR when Prefix is in play (note content-length: 0)
cache-control: no-cache, must-revalidate
content-language: en-US
content-length: 0
content-type: text/html
date: Mon, 31 Aug 2020 14:19:24 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
last-modified: Mon, 31 Aug 2020 14:19:24 GMT
pragma: no-cache
server: WildFly/10
status: 200
x-powered-by: Undertow/1
x-powered-by: JSP/2.3
x-stackifyid: V1|8bbdce1c-a507-bbdc-0001-3378bff33740|
If I remove the Stackify agent from the JVM options and disable the profiler, then the response header looks like this:
cache-control: no-cache, must-revalidate
content-language: en-US
content-length: 37
content-type: text/html;charset=UTF-8
date: Mon, 31 Aug 2020 14:25:12 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
last-modified: Mon, 31 Aug 2020 14:25:12 GMT
pragma: no-cache
server: WildFly/10
status: 200
x-powered-by: Undertow/1
I'm appreciative of any suggestions!
These issues you are having with Prefix are known issues with Prefix. We are working on a complete re-write of Prefix (a reason why there has been such a big delay since our last release) and these items are things we are getting fixed in the new Prefix version. We are getting very close to releasing a Beta for Prefix, if you would like to be on the list to give the Prefix beta a try email the Stackify Support Team support#stackify.com
For some reason the previously working code stopped working and server started to respond with 416.
Here are the logs of HTTP client during failing interaction:
-------------- REQUEST --------------
GET https://www.googleapis.com/drive/v3/files/0B02Nopv3SQOvOVNKaDIwTEZ3MHd?alt=media
Accept-Encoding: gzip
Authorization: <Not Logged>
Range: bytes=0-33554431
User-Agent: My app Google-API-Java-Client Google-HTTP-Java-Client/1.22.0 (gzip)
-------------- RESPONSE --------------
HTTP/1.1 416 Requested range not satisfiable
Alt-Svc: quic=":443"; ma=2592000; v="39,38,37,35"
Server: UploadServer
Cache-Control: private, max-age=0
Content-Range: bytes */0
X-GUploader-UploadID: AEnB2UqBx9B09Lnr8tG761gdoz3DkhHSNO_OzHh1LkU6B2908v17rnBGQZSNW4ZVTjbRdFtvPWWIqZGdtSrTo6ZWN7YW9nxf6d
Vary: X-Origin
Vary: Origin
Expires: Mon, 11 Sep 2017 15:23:20 GMT
Content-Length: 225
Date: Mon, 11 Sep 2017 15:23:20 GMT
Content-Type: application/json; charset=UTF-8
I was trying to download a file which is around 200000 bytes, so I thought meaning of "chuck size" changed somewhere, so it could not give 33554431 bytes of a 282177 byte file. Tried changing that to a smaller value, but no success.
Drive.Files.Get get = drive.files().get(file.getId())
MediaHttpDownloader downloader = get.getMediaHttpDownloader()
downloader.directDownloadEnabled = false
localFile.newOutputStream()
get.executeMediaAndDownloadTo(stream)
Direct download does not work either, it just downloads "0" bytes.
Does anyone know how to overcome this issue?
416 Range Not
Satisfiable
error means the server is not able to serve the requested ranges. The
most likely reason is that the document doesn't contain such ranges,
or that the Range header value, though syntactically correct, doesn't
make sense.
One of the resolutions that may provide from this forum is to:
Add "Accept-Ranges: none" to our response headers.
It appeared to be a web interface when using Firefox. It uploaded "empty" files in certain cases.
https://productforums.google.com/forum/#!topic/drive/S03wEknc75g;context-place=forum/drive
I am a new programmer i am trying to build an app with Json.
If i use this URL doesn't work . http://zsuzsafodraszat.hostzi.com/boltok.json
if i Use this, my app working. https://api.myjson.com/bins/3zm8i
Both Json files exactly the same.
Can you help me what i am doing wrong ? Maybe bad extension or web000 is not a good service for Json ? Can you give me some good free json hosting ? Thanks
Those 2 urls do not have the same content or the same headers. You can see this if run curl commands from the command line:
$ curl -i "http://zsuzsafodraszat.hostzi.com/boltok.json"
HTTP/1.1 200 OK
Date: Wed, 13 Apr 2016 22:52:50 GMT
Server: Apache
Last-Modified: Wed, 13 Apr 2016 16:48:23 GMT
Accept-Ranges: bytes
Content-Length: 1020
Connection: close
Content-Type: application/json
??{"Aldi":"http://catalog.aldi.com/emag/hu_HU/print/Online_katalogus_04_07/Online_katalogus_04_07.pdf",
"Lidl":"http://www.lidl.hu/statics/lidl-hu/ds_doc/HU_HHZ_kw14_2016.pdf",
"Spar":"http://ajanlatok.spar.hu/view/download/?d=1279",
"Penny":"https://view.publitas.com/16538/136265/pdfs/016f82fb5b00bc97b5a8c35f512d89b01cd3e3ce.pdf",
"Coop":"https://view.publitas.com/2556/133497/pdfs/16603d7e9bf30e8a8a4efec7f01d3fa2caf92fe0.pdf",
"Auchan":"http://www.lidl.hu/statics/lidl-hu/ds_doc/HU_HHZ_kw14_2016.pdf"}
$ curl -i "https://api.myjson.com/bins/3zm8i"
HTTP/1.1 200 OK
Server: nginx/1.5.8
Date: Wed, 13 Apr 2016 22:52:56 GMT
Content-Type: application/json
Content-Length: 500
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
{"Aldi":"http://catalog.aldi.com/emag/hu_HU/print/Online_katalogus_04_07/Online_katalogus_04_07.pdf","Lidl":"http://www.lidl.hu/statics/lidl-hu/ds_doc/HU_HHZ_kw14_2016.pdf","Spar":"http://ajanlatok.spar.hu/view/download/?id=1279","Penny":"https://view.publitas.com/16538/136265/pdfs/016f82fb5b00bc97b5a8c35f512d89b01cd3e3ce.pdf","Coop":"https://view.publitas.com/2556/133497/pdfs/16603d7e9bf30e8a8a4efec7f01d3fa2caf92fe0.pdf","Auchan":"http://www.lidl.hu/statics/lidl-hu/ds_doc/HU_HHZ_kw14_2016.pdf"}
As you can see, one of them has a couple of junk bytes at the beginning that my terminal is displaying as question marks. Also the http headers are different. The Content-Lengths are wildly different too. Did you use something other than a plain text editor to create the json payload in the failing example?
Try removing the junk characters and adding these http headers:
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
I'm asking myself whether IBM Connections 5.5 is not supported by IBM SBT.
The version I use is "1.1.11.20151208-1200".
My test procedure is the following:
public static void testCreateCommunity() throws ClientServicesException {
String g = Variables.aCommunityService.createCommunity( "TEST", "TESTDESCRIPTION", "public" );
if (g.isEmpty()) {
System.out.println( "x0[Failed] Creating Community has failed." );
}
else
{
System.out.println( "Creating Community successfully done." );
}
}
This code does perfectly work in Connections 5.0 CR 3 , but does not work
in IBM Connections 5.5.
I always get:
com.ibm.sbt.services.client.ClientServicesException: Request to url https://blabla.com/communities/service/atom/communities/my returned an error response 400:Bad Request HTTP/1.1 400 Bad Request [Date: Tue, 26 Jan 2016 10:20:02 GMT, X-Frame-Options: SAMEORIGIN, Strict-Transport-Security: max-age=max-age=31536000;includeSubDomains, X-XSS-Protection: 1;mode=block, X-Permitted-Cross-Domain-Policies: master-only, X-Powered-By: Servlet/3.0, Expires: Thu, 1 Jan 1970 00:00:00 GMT, Cache-Control: no-store, no-cache, must-revalidate, X-LConn-Auth: false, X-UA-Compatible: IE=edge, Last-Modified: Tue, 26 Jan 2016 10:20:02 GMT, Set-Cookie: LtpaToken2=kx9gO87/cDI8zHT1v8iwsFCP6WAbAH7FusrA8VU7jOC78KqkTEghj1XsNPRLMDT4tmIEI+diSer+++TZw1gSiC79jveQoTerr53Ggdf/zVwOVACyzA9kcpzPsaWn2+u83SkHC4s3ZCAoDGe1eq6Mb9sF2lnrn2GDrbsSzzvCPdo+pSzx4AG+0OEOa1rPX2gVF5mCfYXeqtNxUeFMc/Eibzt0zszHX5RDXZz5pcU+D1LW98B8rnar3YJjEgp8QdLT1IvhRYIo1zQQs920c9kU0tgw+CccC97fD/SRucqsHWqh2aHhs2hlTaEzMKo21o/5lD+Qwkn3QwWYFtKZntmQGLlAlJvPBQNgR2+38E4Y8uEyFy8jaBbZE0tE6MdK9zSY9Pz6zGPZaMHSV6msS+veXncynS5mcFg7jpLdsHqbQRw0Hb9w3Pe7XChaQ+yrbwTiF+mooWrCoSOYCYkA6fEVVKUbCDF0imKFWVZXOdCaszl/Ank9DFbiBSXfNGWoiXk1pJHSnoJs8C4+jBqjhbcYebpbLLTmjtS2DytMW15r97bpDekGMqFywms539c4c9QKMmjPli6L7fgYAGVsopqlMmp8AwhhuH9tXaqc6mOtbspMAKGZTn8GmvAFIVTxqfumyYLCUQvsCOgRIhdC0WlXxx/Zq+usQcvHUXwQarFhycU=; Path=/; Domain=.blabla.com, Set-Cookie: JSESSIONID=0000H65mMCw0ijcsS5e19kYaAyB:1a9lvgg03; Path=/; HttpOnly, Vary: Accept-Encoding,User-Agent, Connection: close, Transfer-Encoding: chunked, Content-Type: text/xml;charset=UTF-8, Content-Language: de-DE]
Does anybody know whether IBM SBT generally supports Connections 5.5?
We have similar issues in Communities (and Activities) use cases. Most of the functionality works fine, but you stumbled upon an issue that we also encountered.
For now we are using the REST API's to work around this.
I know we could contribute to the open source project, but that will take some time.
So I would say it generally supports 5.5, but in this specific case ...
After running into the same issue I have found a way to add the header before the createCommunity() service call. In your case it would look like this:
Variables.aCommunityService.addDefaultHeader("Content-Type","application/atom+xml")
//Then create community
https://github.com/OpenNTF/SocialSDK/issues/1772#issuecomment-239517941
HTH
I'm trying to access SP Rest API as mentioned here, but still get 403 - Forbidden error.
I'm not sure if it has something to do with the single sign-on we use:
To access the Rest Api via browser I have to login into https://login.microsoftonline.com and then I am able to call https://mycompany.sharepoint.com/_api/search/query?querytext=%27Search%20foo%20bar%27
So my Java App looks like this:
CredentialsProvider credsProvider = new BasicCredentialsProvider();
credsProvider.setCredentials(
new AuthScope(AuthScope.ANY),
new NTCredentials("username#mycompany.de", "password", "https://login.microsoftonline.com", "microsoftonline.com"));
CloseableHttpClient httpclient = HttpClients.custom()
.setDefaultCredentialsProvider(credsProvider)
.build();
try {
HttpGet httpget = new HttpGet("https://mycompany.sharepoint.com/_api/search/query?querytext=%27Search%20foo%20bar%27");
System.out.println("Executing request " + httpget.getRequestLine());
CloseableHttpResponse response = httpclient.execute(httpget);
try {
System.out.println("----------------------------------------");
System.out.println(response.getStatusLine());
EntityUtils.consume(response.getEntity());
} finally {
response.close();
}
} finally {
httpclient.close();
}
Which leads to HTTP/1.1 403 FORBIDDEN. Any ideas?
EDIT:
I added a print.out of all headers, so my full output is:
Executing request GET https://***.sharepoint.com/_api/search/query?querytext=%27Search%20foo%20OR%20bar%27 HTTP/1.1
log4j:WARN No appenders could be found for logger (org.apache.http.client.protocol.RequestAddCookies).
log4j:WARN Please initialize the log4j system properly.
log4j:WARN See http://logging.apache.org/log4j/1.2/faq.html#noconfig for more info.
----------------------------------------
HTTP/1.1 403 Forbidden
Cache-Control: private, max-age=0
Transfer-Encoding: chunked
Content-Type: application/xml;charset=utf-8
Expires: Mon, 15 Jun 2015 07:12:48 GMT
Last-Modified: Tue, 30 Jun 2015 07:12:48 GMT
Server: Microsoft-IIS/8.5
X-SharePointHealthScore: 0
X-Forms_Based_Auth_Required: https://***.sharepoint.com/_forms/default.aspx?ReturnUrl=/_layouts/15/error.aspx&Source=%2f_vti_bin%2fclient.svc%2fsearch%2fquery%3fquerytext%3d%2527Search%2520foo%2520OR%2520bar%2527
X-Forms_Based_Auth_Return_Url: https://***.sharepoint.com/_layouts/15/error.aspx
X-MSDAVEXT_Error: 917656; Zugriff+verweigert.+Zum+%c3%96ffnen+von+Dateien+an+diesem+Speicherort+m%c3%bcssen+Sie+zun%c3%a4chst+zur+Website+wechseln+und+die+Option+zur+automatischen+Anmeldung+aktivieren.
DATASERVICEVERSION: 3.0
X-AspNet-Version: 4.0.30319
X-IDCRL_AUTH_PARAMS_V1: IDCRL Type="BPOSIDCRL", EndPoint="/_vti_bin/idcrl.svc/", RootDomain="sharepoint.com", Policy="MBI"
SPRequestGuid: c757159d-a063-2000-20ed-499660c844ff
request-id: c757159d-a063-2000-20ed-499660c844ff
X-FRAME-OPTIONS: SAMEORIGIN
X-Powered-By: ASP.NET
MicrosoftSharePointTeamServices: 16.0.0.4121
X-Content-Type-Options: nosniff
X-MS-InvokeApp: 1; RequireReadOnly
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Date: Tue, 30 Jun 2015 07:12:47 GMT
I try to translate the X-MSDAVEXT_Error to english: Permission denied. To access data from this location you have to switch to the website and enable the option for automatic login.
It looks like you're using Office 365. I've seen this issue when attempting to use some accounts. I'd take a look at the ADAL libraries for performing authentication against Azure AD (Which you have as part of O365) https://github.com/AzureAD/azure-activedirectory-library-for-java