facebook api hide comment - facebook

I'm trying to hide a comment in a post in my page, i've tried:
curl -X "POST" -k "https://graph.facebook.com/v2.4/[comment_id]/?access_token=[access_token]&is_hidden=true"
as stated in the documentation, i am getting this response:
{"error":{"message":"(#210) Updating is_hidden requires a Page access token","type":"OAuthException","code":210}}
also i tried sending the parameters using --data in curl but it didn't work too
Edit:
Note: the token is a page access token

The following should work:
curl -XPOST \
-k \
-F 'is_hidden=true' \
-F 'access_token=[access_token]' \
https://graph.facebook.com/v2.4/[comment_id]
Also, check your access token to comply to
Permissions
A user access token with publish_actions permission is required to edit a comment posted by that user.
A page access token with publish_pages permission is required to edit a comment posted by that Page.
See
https://developers.facebook.com/docs/graph-api/reference/v2.4/comment#updating

Related

How to use ghs_* token in github API?

I'm trying to build an integration between two repositories. For that I've decided to use Github Apps.
I was able to sign working JWT and use it to get an access token (from https://api.github.com/app/installations/{{INST_ID}}/access_tokens). It looks like this: ghs_tVGHE4l5i4kjhasslirerno666222.
Now I'm trying to use it to trigger an dispatches event for a project workflow with on: workflow_dispatch: trigger.
But I just can't find a way to put ghs* token to use.
Examples I saw say:
curl -X POST https://api.github.com/repos/{{user}}/{{repo}}/dispatches \
-H 'Accept: application/vnd.github.everest-preview+json' \
-u ${{ ACCESS_TOKEN }} \
--data '{...}'
But it does not work, -u option is for 'user', not for token.
How to use ghs* token with github api?
The easiest way to do this is to just use the Token TOKEN Authorization header:
-H 'Authorization: Token ghs_tVGHE4l5i4kjhasslirerno666222
You may also try using Basic authentication with the x-token username. While that worked in the past, GitHub has disabled Basic authentication for the API, so that syntax may or may not function anymore.

how to generate custom Auth token from api key

I am looking at the documentation at
[https://firebase.google.com/docs/reference/rest/auth/][1]
for how to exchange firebase id and refresh token with my API key.
In the documentation, I found the sample code and some explaination as below,
curl 'https://identitytoolkit.googleapis.com/v1/accounts:signInWithCustomToken?key=[API_KEY]' \
-H 'Content-Type: application/json' \
--data-binary '{"token":"[CUSTOM_TOKEN]","returnSecureToken":true}'
In the example above, you would replace [API_KEY] with the Web API Key of your Firebase project, [CUSTOM_TOKEN] with the generated custom Auth token.
Anyone know how can I get the "custom Auth Token" as mentioned in the above sample?
Thanks
Think it is explained here: https://firebase.google.com/docs/auth/admin/create-custom-tokens
And if you need to cook up something yourself then specifically: https://firebase.google.com/docs/auth/admin/create-custom-tokens#create_custom_tokens_using_a_third-party_jwt_library

Keycloak impersonation API not implemented

I've been trying to use the Keycloak Impersonation API (semi-recent addition) to get an access token for another user. I have created a semi-successful CURL request based on the docs and another StackOverflow question. The CURL request (below) returns a 501 Not Implemented and I am trying to figure this out. If it would be another error I would assume I am doing something incorrectly, but this appears to be at least partially correct.
curl --verbose -X POST "http://localhost:8081/auth/realms/master/protocol/openid-connect/token" \
-H "Content-Type: application/x-www-form-urlencoded" \
--data-urlencode "grant_type=urn:ietf:params:oauth:grant-type:token-exchange" \
-d "client_id=admin-cli" \
-d "requested_subject={TARGET_USER_ID}" \
-d "subject_token={USER_MANAGER_TOKEN}"
My workflow so far has been to get the Keycloak master realm "admin" user's access token (successful) and use that in the impersonation request, along with the target user's Keycloak ID. Am I doing something wrong or missing a step?
I haven't changed any Keycloak permissions, is this required?
From my understanding and the documentation, impersonation is currently supported and enabled by default in Keycloak v5 - Sever Installation. However, another article (Keycloak v5 - Token Exchange) seems to indicate that the feature is disabled by default; could this be why I am getting the 501 Not Implemented?
EDIT: #qdivision mentioned that the Token Exchange needs to be enabled for this to work. However, we are using the jboss/keycloak Docker image and I am wondering where I should add the profile.properties file to enable this feature?
Impersonation is enabled by default, Token Exchange is not.
To enable start the server with -Dkeycloak.profile=preview or -Dkeycloak.profile.feature.token_exchange=enabled as mentioned in the docs
https://www.keycloak.org/docs/latest/securing_apps/index.html#_token-exchange

Keycloak access token not working for dcos-cli

I am trying to login to dcos-cli (OAuth enables).
When i type dcos auth login -> this gives me a URL
If i open the URL in browser and enter credentials a code (token) is being generated, using which i am able to log-in into the cli.
This has to be automated so i am sending a curl request
curl -s --data \
"grant_type=password&client_id=dcos&username=dcosuser&password=<>" \
-H "Content-Type: application/x-www-form-urlencoded" \
https://ip:port/auth/realms/DCOS/protocol/openid-connect/token \
| jq -r '.access_token'
But using this access token i am not able to login.
Can anyone please help.
Solved this by a java program which gets the access code from the keycloak-server .and then runs the dcos auth login.
The java code does a GET to https://<ip>/login?redirect_uri=urn:ietf:wg:oauth:2.0:oob
And then from the page extract the "action" attribute from the returned page and then from a POST request to the URL obtained from the "action" with other parameters like password.
Ex: https://<ip>:<port>/auth/realms/DCOS/login-actions/authenticate?code=erpkJ0BaLcp9VV2eTkY_a9xdpeNNzc375Ic7vHxhcMg.1b1461c6-51cd-484e-8c0e-a615600b7156&execution=8ad82be0-2471-40b1-b7e0-3192e0c8a381
Post parameters : username=dcosuser&password=<pass>&login=Log+in

Facebook API call insufficient privileges

I'm testing Facebook Ad Manager API from commandline curl.
To get the access token, I did this API call:
curl \
-F "client_id=$APP_ID" \
-F "client_secret=$APP_SECRET" \
-F "grant_type=client_credentials" \
https://graph.facebook.com/$API_VERSION/oauth/access_token
It returned successfully.
But then, when making this call to create a new campaign:
curl "https://graph.facebook.com/$API_VERSION/act_$ACCOUNT_ID/campaigns?name=$CAMPAIGN_NAME&objective=VIDEO_VIEWS&status=PAUSED&access_token=$ACCESS_TOKEN"
I always get an error:
(#10) You do not have sufficient permissions to perform this action
I guess that it must be caused because I did not granted the right permissions to the App. It is just a test app and I cannot find how to grant these permissions.
Thankyou very much for your help.
You ask for permissions with the scope parameter. It is a comma separated list of permissions: https://developers.facebook.com/docs/facebook-login/permissions
Permissions for ads are ads_read and ads_management.
HereĀ“s more information about building a manual login flow: https://developers.facebook.com/docs/facebook-login/manually-build-a-login-flow