I have 2 calls to the graph api
https://graph.facebook.com/oauth/access_token
https://graph.facebook.com/me
the first one returns with success but the second one always returns an error (400 bad request).
Funny thing is that when i copy the created url in the browser it returns the data as expected, only if ran through the java code as an http client call it throws an error. The url is fine and the access_token is also correct have verified on facebook debug.
Can any one please tell me what am i doing wrong.
Here is the sample url
https://graph.facebook.com/v2.4/me?access_token=sample_token&token_type=bearer&fields=id,name,email
You don't have the specify the token_type if you request Graph API objects. Try the following:
https://graph.facebook.com/v2.4/me?access_token=sample_token&fields=id,name,email
The problem was that with v2.4 there is an additional field required called appsecret_proof. Supplying that with the sha256 of the client secret and the access token solved the problem. And that too only for a server call.. works just fine without it from a client call. Thats why the browser call was working fine but not the web server call.
Related
I'm trying to generate an access token following the docusign documentation, but when it arrives at the part of the sequence incorporated in the url, I can't generate the signature compatible with what is requested RSA-256.
This is the token that returns in the url, how should i proceed to generate the correct token to get the access token to the methods.
eyJ0eXAiOiJNVCIsImFsZyI6IlJTMjU2Iiwia2lkIjoiNjgxODVmZjEtNGU1MS00Y2U5LWFmMWMtNjg5ODEyMjAzMzE3In0.AQsAAAABAAYABwCAWdDpkO_YSAgAgOVWMZHv2EgCAC8x_aWgjDdEpqZZDhWJAksVAAEAAAAYAAIAAAAFAAAAHQAAAA0AJAAAADY4ZDFlYTk3LTk5ZDMtNDM4MS05MmY5LTg3ZTdlMWFiMWIzOCIAJAAAADY4ZDFlYTk3LTk5ZDMtNDM4MS05MmY5LTg3ZTdlMWFiMWIzODAAgFnQ6ZDv2EgSAAEAAAALAAAAaW50ZXJhY3RpdmU3AF2EwqcBnYBHm1UeBpeUZIA.5AiJJl_ugWRECf7jTD7DchgUZV_Mk30cXJwmPAMkThH9dwtu2A9ehMwkARi0QvmSIoo1Pk-gUj2U_GMAk9flG5IAHVYIPcy9hbWMcRyr7RMYldKqvh2V8UH4-Uv5BBQNHkwQ36spfuYFaafDLHVq86Mt91m4MK-ZByRzZkboQKNHCaNjani-hPNTlhHkkWuKOPTu8R9GY24TvNhRu9ILYRgRUFsXG3E-ptNFTyhdKM8_RuNQrqed9ZA2oPo4WjNm-b1VIFdVElU3duniBS-inWJD2ifzp8N1zKFm_Nv8UMjpZOtitdW0M4QQ7rXG6Q-6xoNE_ODWQZUWsD2mQaz4_A
Is there any configuration in the sandbox that may be generating this token wrongly? Whatever it is i need help to generate this token in postman, because i need to integrate with my API and test the methods before coding.
Here is how you generate a token with Postman using Authorization Code Grant:
Open a browser and go to this URL (after you updated it with your info) https://account-d.docusign.com/oauth/auth?response_type=code&scope=signature&client_id={iKey}&redirect_uri={callback}
If it's configured correctly, you should now be redirected back to your redirectUri with an additional URL parameter called code.
Copy/paste this code into your Postman application. You would have to copy/paste the code that you obtained from the URL parameter into the Body key/value pair (replacing the {{codeFromUrl}} value). Note that the code is valid for two minutes only. If you don’t send this information to DocuSign quickly enough, you will have to obtain a new code again. Hit the Send button at the top of Postman to make the call to DocuSign.
Now, you indicated you are using Java, so another approach for you may be to use our Quickstart and select Java. That will take care of all the Auth configuration for you.
I'm trying to authenticate my app with an API using OAuth2.0.
I'm new to OAuth and only have a basic understanding of it. I have implemented a way to get the access token and make the requests I want, however my method seems a bit inefficient. It could also be my slight lack of knowledge with http requests in Java. Just as a note, i am using the apache http client.
Currently what im doing to get authorized is I open the user authorization page directly in the browser with:
Desktop.getDesktop().browse(new URL(url.toURI());
This then redirects to the redirect url in the browser, with the "code" parameter in the url.
I dont know how to get that url and then retrieve the "code" parameter, so Im just copying it from the url itself and then pasting it into an input field, which then sends a request to retrieve the access token.
So my question is, how do I get rid of that step where the user has to copy and paste the code parameter from the redirect url into my program?
How do I send them to the authorization page and then receive the redirected url to take the code parameter from my program to request the access token?
If someone could point me in the right direction or maybe even show a bit of code, I would appreciate it very much.
To obtain the auth code paramter from the redirect uri, you just need to access it this way: redirectUri['code']
We are using a secured Rest Service which generates a token based on a user name, password and referrer. It works fine when we run it from a Web project because it is clear the referrer is just the url of the web project. We need to run the code in a batch job and we are getting an invalid token error and we suspect the issue is with the referrer value. Since there is no url involved in running the batch job what should we use for the referrer value?
The code which calls the Rest Service is generated by the Rest Service WSDL and is located in an EJB module. The code is triggered by a Quartz timer.
EDIT:
I don't have control over how the request is sent. All I can do is use the method provided by the java client created from the service wsdl. I also have no control over how the token is created. The code which generates the token requires I pass it the referrer and it is used to generate the token. When the code is run in an app, then using the url of the app as the referrer works, the token is accepted. When the batch job runs there is no url, there is no browser involve, it is just code running on a server which executes the java method.
Doing some more research I found the code which generates the token will also accept the IP address which is what I think I have to do to use it in a batch job.
Following this post: http://android-developers.blogspot.com/2016/01/play-games-permissions-are-changing-in.html I have obtained a single use authorization code for use on my backend server as follows:
import com.google.android.gms.games.Games;
//later
Games.GetServerAuthCodeResult result = Games.getGamesServerAuthCode(gameHelper.getApiClient(), server_client_id).await();
if (result.getStatus().isSuccess()) {
String authCode = result.getCode();
// Send code to server...
This seems to works fine, but it presents a question:
1) getGamesServerAuthCode and GetServerAuthCodeResult are marked as deprecated. Why? Should I be using something else instead?
2) How would I do something equivalent in an non-Android installed Java application? I am able to obtain a token on the client application, but I also need to obtain a single use code to pass to my backend server like above. I can't find an equivalent function to get a Server Auth Code. (using com.google.api.client.extensions.java6.auth.oauth2)
I am basically trying to follow this flow: https://developers.google.com/games/services/web/serverlogin but in Java, NOT Javascript. I am attempting to do this in an Android app and a desktop Java app.
1) Yes, in Android use GetServerAuthCodeResult although it is still marked as deprecated. It is the recommended way from Google and it seems they have only forgot to remove the deprecation annotation when releasing to general public.
2) For desktop applications you can follow the instructions here: https://developers.google.com/identity/protocols/OAuth2InstalledApp
Basically from your app you open the system browser (embedded webviews are discouraged) and make a https request to the https://accounts.google.com/o/oauth2/v2/auth endpoint. In the request you supply a local redirect URI parameter i.e. http://127.0.0.1:9004 (you should query your platform for the relevant loopback IP, and start a HTTP listener on a random available port). The authorization code will be sent to your local HTTP listener when the user has given consent or an error such as error=access_denied if the user declined the request. Your application must be listening on this local web server to retrieve the response with the authcode. You also have the option to redirect to a server URI directly claimed by your app, see docs on link above. When your app receives the authorization response, for best usability, it should respond with an HTML page, instructing the user to close the browser tab and return to your app. Also, if you want the Games-scope make sure you are using the https://www.googleapis.com/auth/games as scope in the request, example below, with line breaks and spaces for readability.
https://accounts.google.com/o/oauth2/v2/auth?
scope=https://www.googleapis.com/auth/games&
redirect_uri=http://127.0.0.1:9004&
response_type=code&
client_id=812741506391-h38jh0j4fv0ce1krdkiq0hfvt6n5amrf.apps.googleusercontent.com
Please note that I think you'll have to create and link an app of type other, in the Google Play Developer Console linked-app, for the localhost redirection to work. Use type Web if you plan to redirect to server URI directly, add your server URI to Authorized redirect URIs in the API Manager under section Credentials.
Browser screenshot:
There is finally a proper answer to part 1) of this question!
In the release notes of gms 10.2.0
https://developers.google.com/android/guides/releases#february_2017_-_v102
the new method of obtaining a server code is described. A good example of how to do this is provided here:
https://github.com/playgameservices/clientserverskeleton
I ended up updating Google's baseGameUtils to follow the example above.
Still not sure the proper way to do this for part 2) of the question, at the moment I am sending the token to the server which works but is probably unsafe.
I get the following error from following piece of code. I am trying to login to Google sites service through GAE apps.
"The page you requested is invalid. "
String authenticationUrl = userService.isUserLoggedIn()
? userService.createLogoutURL(MainServlet.MAIN_URL)
: userService.createLoginURL(MainServlet.MAIN_URL+"?close=1");
googleData.setAuthenticationUrl(authenticationUrl);
The complete url for login
https://www.google.com/a/example.com/ServiceLogin?service=ah&passive=true&continue=http://myapp.appspot.com/_ah/login?continue=http://myapp.appspot.com/main%3Fclose%3D1<mpl=ga&ahname=Myapp+Google+Sites&sig=7cbc9f7c9e6ca443ed49f7ce9465e775
I think that you may have misunderstood the use and purpose of createLoginURL. This method is intended to provide a URL that allows someone to log in to your application and your application alone. It does not provide a means to log in to other Google services such as Sites.
It is possible to have your application log on to and access Sites or any other secured web application, but Google AppEngine does not provide a canned means of doing so. You will need to write the code to do it yourself.
Generally, what will happen is that you will request a URL and the response will have an HTTP status code of 302 with the URL of the login page located in the Location header field. You would then send a request to that page which should come back with a 200 response and somewhere inside the body of the response would be a username and password field that you would need to provide and POST back. If the credentials were valid, the server might then return an authentication cookie which you would pass on each subsequent request.
If you are versed at all in Python, you can see an example of how this works in some code from my AppEngine MVC framework project. Look at this file:
http://code.google.com/p/gae-mvc-engine/source/browse/trunk/MVCTests.py and check out the ActiontestCase.run_action method. It handles making a request to an AppEngine application that requires authentication. It is not yet terribly-well commented -- and for that I aplogize -- but I hope that it will provide a useful example. If, indeed, I have understood the nature of your problem correctly.