I am trying to deploy an application to a hololens with the Windows device Portal Rest API.
For some reasons I don't want to use the Microsoft Device portal wrapper.
In C#, with RestSharp, I can get the list of installed packages but when I try to deploy a new app, I get the error Forbidden because of CSRF token invalid.
Then I tried to add cookies from the previous request but I still get this error.
I tried to do the same with Postman but I have a different error: 413 Payload too large. The msix file is 154 MB but I have no problem to deploy it with the web device portal.
Thank you for your help.
[EDIT] I tried a smaller app on Postman and I get 403 CSRF token invalid
After analyzing the web device portal with wireshark I found that it is using a parameter with the name "X-CSRF-Token" while adding a cookie add the parameter "CSRF-Token".
Manually adding this parameter with the right value did the trick.
Related
Recently (within past week) our unity webgl (Unity v2019.4.16f1) application has been unable to read files using the google drive API. When I check the web console I see the following error:
UnityGoogleDrive: HTTP/1.1 403 Forbidden
Google Drive API Error Description: Code '403' Message: 'The request is missing a valid API key.'
Domain: 'global' Reason: 'forbidden' Message: 'The request is missing a valid API key.' LocationType: '' Location: ''
(Filename: ./Runtime/Export/Debug/Debug.bindings.h Line: 35)
The application has been in place for 4 months without issue until now.
We currently have an OAuth 2.0 client ID setup, but no API key as we haven't needed it before. The plugin we are using for google drive access in Unity (https://github.com/Elringus/UnityGoogleDrive) does not have any obvious settings for adding an API key in addition to the OAuth ID.
When running the application directly in Unity (which uses localhost) there are no errors and files can be accessed.
I have tried disabling and re-enabling the API in the cloud console. This has given mixed results. The initial request on the web application after re-enabling the Google Drive API succeeds without any errors. All subsequent requests fail with the same error.
Based on the missing values I thought the issue might be that we needed a valid billing plan assigned to the google project but that has not resolved the issue either.
I have tried generating an API key but I am not sure where I need to pass it in order to resolve the issue (if that is even the cause of the issue).
The error reported was a red herring. The real issue was that our request was not triggering authentication with Google. Our Unity dev environment had cached an authentication token which is why the dev environment functioned but the production app failed.
We resolved the issue by sending a request to the GoogleDriveAbout API before anything else, which seems to reliably trigger reauthentication. Once authenticated everything works as expected.
Recently,I needed to access HUAWEI AppGallery Connect API
and create a product through the PMS API (server API). However, when Postman
was used for basic service interconnection tests,
the error message "403 client token authorization fail" was displayed.
how can i fix it?
Based on the error code included in your screen captures, the error was caused by an authentication failure.
To solve the problem, you first need to confirm that the client ID used for applying for the token has sufficient permission.
HMS official document suggested that the project associated with the API client be selected as N/A. You need to create an API client and associate it with a project. E.g. An app ID in the project was 100xxx591. However, the app ID in the Postman service request was 101xxx531, which would cause the authentication failure.
Also, to fix the above, you need to create an API client and selected N/A (indicating that all projects are supported), and use the client to request a token. The process should work well after this.
In general, if Huawei's 403 authentication failure occurs, you can verify the permission first, and then check the associated projects.
For more details about the PMS API, please refer to this link.
From yesterday I am facing this error code 401 while accessing token from server using this API: https://oauth-login.cloud.huawei.com/oauth2/v3/token
Just for your information I am using Postman. Can anybody help me with this.
Error 401 usually means “unauthorized” or “request denied” because a request lacks valid credential. Although this error code is not listed in Account Kit server api, a developer can find it in other kit document - https://developer.huawei.com/consumer/en/doc/development/HMSCore-References-V5/webapi-error-code-0000001050163432-V5. Basically, a developer need to make sure that their API key and/or token is valid.
while using huawei auth service if error code 401 returned it means access token becomes invalid and we need to obtain a new token. Token Validity is 60 mins.
Response status code does not indicate success: 401 (Unauthorized) When calling Azure Blockchain
I am getting above error when calling Azure Blockchain RESTApi and I have checked all the permissions and getting Access Token correctly but When I call to get the applications we are getting Above mentioned Error
The issue was fixed, by following the below steps:
1) Go to Azure Portal-> App Service -> [Your App Service]-Api
2) Go to Authentication/Authorization Blade
Allow App Service Authentication and choose Allow anonymous requests(no action) and choose Azure Active Directory as Authentication Providers
Click on Advanced -> Fill in the options as in the following image:
Client ID is the same as App ID in the AzureAD Application Registration
Client Secret is the same as API Key you generated from the Keys Section in the AzureAD Application Registration
Issuer URL is https://sts.windows.net/{AZUREADTENANTID} ß You can get the azuread tenant ID from the AzureAD Properties
Allowed Token Audiences should have the following value:
i. [https://%7bYOURBLOCKCHAINAPIURL-API.azurewebsites.net/.auth/login/aad/callback]
https://{YOURBLOCKCHAINAPIURL-API.azurewebsites.net/.auth/login/aad/callback
3) Go to Azure Active Directory
Now, go to Azure AD and Navigate to App Registrations and Click BlockChain API ß or the name you chose for your Azure AD App Registration when you configured blockchain the first time:
Click Settings and Click Reply URLs
Add the following URLs there:
Blockchain Workbench URL (it should be already there)
Blockchain API Base URL (the one that has -API in it)
Blockchain API Base URL with Callback (as indicated below, but use your own URL and add /.auth/login/aad/callback)
The getpostman.com/oauth2/callback URL will be used later to test the API using the Postman App (An App used to test APIs), please add it as is below
4) Save your settings and then go to the Manifest(Next to settings in the Blockchain API AzureAD App Properties)
Set the manifest entry oauth2allowimplicitflow to True
Save Configuration.
That’s it, now we need to test the API, you can download Postman to test the API, the configuration of Postman is a little bit long, I would prefer that you sign up free on this service: https://www.wintellectnow.com/Videos/Watch?videoId=blockchain-on-azure
Use Code: FREETRIAL to sign up – It will require a credit card but it won’t be charged, use any prepaid or postpaid card, but watching this video is highly recommended, specially at minute 53 as it explains how to use the API with Postman (Remember to disable the trial to prevent the card from being charged after 7 days 😊)
Here is a sample Token generated using the built in Auth Sample code that comes with Azure Blockchain Samples on Gethub (You can download this from here: https://github.com/Azure-Samples/blockchain/tree/master/blockchain-workbench/auth-samples/bearer-token-retrieval/static ), if you are going to test using it, you must add http://localhost to the Reply URLs above and you have to place it on your localhost IIS)
And here is a sample from Postman which shows how the token is added to the request header:
Here is the response before the authorization token:
Once the authorization token is available, here is the response that is generated once I call the API indicated in the GET Section in the image above:
Also, here is the response headers after a successful authorization:
To sum it up, the #blockchain API requires #OAuth2 authentication token, this token isn’t passed using Swagger UI or the application you built, you need to modify your application to authenticate to AAD OAuth2 to obtain a Token from AzureAD, then you need to use this generated token in the request header to the API in order to call the API.
One additional tip, don’t select the default machine size while creating workbench, but choose better performance machines like: VM Size: Standard F2s_v2 (2 vcpus, 4 GB memory) ==> approx.. 50 USD per month .
Discussion on Microsoft tech community site
The original Post of the Author
We are currently experiencing an outage in South Central US
https://azure.microsoft.com/en-us/status/
Azure AD is also impacted.
You will want to monitor the Azure Status Page for further updates. Unfortunately we cannot do anything until the problem has been mitigated by engineering.
After the issue has been mitigated and if you are still seeing issues let us know.
I am facing the issue in calling the OneDrive for Business API to work. Below are the steps I have followed till now:
Created a Web App/API application in Microsoft Azure Portal (A very tricky process). Gave all the permissions.
Got Application ID (A_ID) from there.
Went to the URL to get the 'code' via browser:
https://login.microsoftonline.com/common/oauth2/authorize?response_type=code&client_id=<A_ID>&redirect_uri=<URI>
Got the code. Did a callout via POSTMAN (using the code, client ID, client secret and redirect URI) to the URL: https://login.microsoftonline.com/common/oauth2/token
Received an Access Token (AT) and other details.
NOW, when I want to use this AT to upload a file, I am getting the error. The URI is: https://<tenant>/_api/v2.0/me/drive/root:/Abc.txt:/content. For headers, I am passing: Authorization-> Bearer AT; Content-Type -> application/octet-stream
The error is:
{"error":{"code":"unauthenticated","message":"Token contains invalid signature.","innerError":{"code":"invalidSignature"}}}
I don't know where the issue is. Is it in the tenant name I am using (There is a chance that I might be using it wrong!) OR is it in the permissions OR I have not set up the app in the Azure Portal correctly OR is it something entirely different.