We Keep Coding

CORS error: Request header field authorization is not allowed by Access-Control-Allow-Headers in preflight response

I'm trying to fetch an image resource that's part of a conversation message.
I've tried both FETCH as well as using AXIOS but I'm getting the same error message.
Here's an example of my FETCH request
const token = `${accountSid}:${authToken}`;
const encodedToken = Buffer.from(token).toString('base64');
let response = await fetch('https://mcs.us1.twilio.com/v1/Services/<SERVICE_SID>/Media/<MEDIA_SID>',
{
method:'GET',
headers: {
'Authorization': `Basic ${encodedToken}`,
}
});
let data = await response.json();
console.log(data);
And here's what Axios looked like
let config = {
method: 'get',
crossdomain: true,
url: 'https://mcs.us1.twilio.com/v1/Services/<SERVICE_SID>/Media/<MEDIA_SID>',
headers: {
'Authorization': `Basic ${encodedToken}`,
},
};
try {
const media = await axios(config);
console.dir(media);
} catch(err) {
console.error(err);
}
Both ways are NOT working.
After looking into it more, I found out that Chrome makes a pre-flight request and as part of that requests the allowed headers from the server.
The response that came back was this
as you can see, in the "Response Headers" I don't see the Access-Control-Allow-Headers which should have been set to Authorization
What am I missing here?
I have made sure that my id/password as well as the URL i'm using are fine. In fact, I've ran this request through POSTMAN on my local machine and that returned the results just fine. The issue is ONLY happening when I do it in my code and run it in the browser.

I figured it out.
I don't have to make an http call to get the URL. It can be retrieved by simply
media.getContentTemporaryUrl();

get token from spotify API using axios, error 404

I`m trying to get the token from the spotify API, I use axios. I use the example given by the API as a guide, but give me the error 404
export const getToken = code => async dispatch => {
const responseToken = await axios.post({
url: "https://accounts.spotify.com/api/token",
form: {
grant_type: "authorization_code",
code,
redirect_uri
},
headers: {
'Authorization': 'Basic ' + (new Buffer(client_id + ':' + client_secret).toString('base64'))
},
json: true
})
console.log(responseToken);
The first line is because I`m using redux,I just wanted you to see that it was a asinc method.
I have being all day trying to fix this, I don`t have more ideas of how to solve this

Try changing
form: {
grant_type: "authorization_code",
code,
redirect_uri
}
to
data: JSON.stringify({
grant_type: "authorization_code",
code,
redirect_uri
})
You want to send it in the request body, hence "data", that's how you define it in axios.
Also, I don't think you need json: true
EDIT:
Pretty sure you have to add 'content-type': 'application/x-www-form-urlencoded;charset=utf-8' to the headers as well.

Trying to run code in IBM Cloud Functions

I have following code I am trying to run in IBM function to get billing data out:
iam_token = 'Bearer eyJraWQiOiIyMDE3MTAzMC0wM****'
def processResourceInstanceUsage(account_id, billMonth):
METERING_HOST = "https://metering-reporting.ng.bluemix.net"
USAGE_URL = "/v4/accounts/"+account_id + \
"/resource_instances/usage/"+billMonth+"?_limit=100&_names=true"
url = METERING_HOST+USAGE_URL
headers = {
"Authorization": "{}".format(iam_token),
"Accept": "application/json",
"Content-Type": "application/json"
}
response = requests.get(url, headers=headers)
print("\n\nResource instance usage for first 100 items")
return response.json()
processResourceInstanceUsage('*****', '11')
For some reason, I keep on getting 201 unauthorized error. I tried creating iam_token many times. It still gives the same error.

There are few things that should be taken care in the code you provided.
The month you are passing is wrong. It should be in YYYY-MM format.
account_id should be the id next to your Account name when you run ibmcloud target
For IAM token, run this command ibmcloud iam oauth_tokens. If you want to generate access token using your Platform API Key, refer to this link. The word Bearer is not required as this is not an authorization token.
Once you have all this in place, create an IBM Cloud function (Python 3), add the below code, pass the account_id and token and invoke the action to see the result . IBM Cloud function expects a dictionary as an input/parameter and JSON as response
import sys
import requests
def main(dict):
METERING_HOST="https://metering-reporting.ng.bluemix.net"
account_id="3d40d89730XXXXXXX"
billMonth="2018-10"
iam_token="<IAM_TOKEN> or <ACCESS_TOKEN>"
USAGE_URL="/v4/accounts/"+account_id+"/resource_instances/usage/"+billMonth+"?_limit=100&_names=true"
url=METERING_HOST+USAGE_URL
headers = {
"Authorization": "{}".format(iam_token),
"Accept": "application/json",
"Content-Type": "application/json"
}
response=requests.get(url, headers=headers)
print ("\n\nResource instance usage for first 100 items")
return { 'message': response.json() }
This worked for me and returned a JSON with region-wise billing data.
Reference: https://stackoverflow.com/a/52333233/1432067

Error while generating access_token using Ebay 's REST API - Python requests

I'm trying to use the ebay REST-API for the first. I am simply trying to generate an access_token using the client credentials grant-request. I followed the instructions here https://developer.ebay.com/api-docs/static/oauth-client-credentials-grant.html
HTTP method: POST
URL (Sandbox): https://api.sandbox.ebay.com/identity/v1/oauth2/token
HTTP headers:
Content-Type = application/x-www-form-urlencoded
Authorization = Basic <B64-encoded_oauth_credentials>
Request body (wrapped for readability):
grant_type=client_credentials&
redirect_uri=<RuName-value>&
scope=https://api.ebay.com/oauth/api_scope
I'm getting this error: {'error': 'invalid_client', 'error_description': 'client authentication failed'} and my code looks like this:
path = 'https://api.sandbox.ebay.com/'
app_json = 'application/json'
headers = {
'Content-Type': 'application/x-www-form-urlencoded',
'Authorization': base64.b64encode(b'Basic CLIENT_ID:CLIENT_SECRET')
}
payload = 'grant_type=client_credentials&redirect_uri=Searchez&scope=https://api.ebay.com/oauth/api_scope'
def get_oath_token():
url = 'https://api.sandbox.ebay.com/identity/v1/oauth2/token'
r = requests.post(url, headers=headers, data=payload)
print(r.json())
get_oath_token()
What do I have configured incorrectly? Thanks.

You're base64encoding "Basic " and shouldn't be.
The doc says just encode your Client ID + ":" + Client Secret, and leave the word "Basic" and the space that follows it alone.

In your code, i can see sandbox endpoint URI but in the request body scope, you have used production URL, instead of sandbox

Can't delete files using a Dropbox Business team token

the following code should work, shouldn't it?
import requests
import json
url = "https://api.dropboxapi.com/2/files/delete_v2"
headers = {
"Authorization": "Bearer <access-token>",
"Content-Type": "application/json",
"Dropbox-Api-Select-Admin":
"dbmid:AADnRVGZHenLtFbLVdHDkqEJg3Dou4hWF4g"
}
data = {"path": "id:Kd_cXYig9pAAAAAAAAAARQ"}
print(requests.post(url, headers=headers, data=json.dumps(data)).content)
returns:
{"error_summary": "path_lookup/not_found/", "error": {".tag": "path_lookup", "path_lookup": {".tag": "not_found"}}}
Tried using Dropbox-Api-Select-User, and delete(v1) and permanently_delete and all failed with the same error.
FYI download worked.
(only with Select-Admin, but worked).

Thanks Greg.
Added "Dropbox-Api-Path-Root" header with the parent_shared_folder_id and the api call worked!
headers = {
"Authorization": "Bearer f7I8uYSFpxAAAAAAAAAFSs-VIz17DnoqmEYXp0MeitxIzXBCYCT4v0Bb4N4_cbxK",
"Content-Type": "application/json",
"Dropbox-Api-Path-Root": "{\".tag\": \"namespace_id\", \"namespace_id\": \"2857852064\"}",
"Dropbox-Api-Select-Admin": "dbmid:AADnRVGZHenLtFbLVdHDkqEJg3Dou4hWF4g"
}