I am following these instructions: https://developer.intuit.com/docs/0020_customeraccountdata/007_firstrequest
Everything seems to work, but I am getting a "Missing certificate" trying to connect to the API Explorer. My private key uploads just fine.
I am leaving the "End User ID" blank because I am not sure what to put there, and the instructions do not specify what to put there.
The answer is: (in the comment above)
Could you try clearing your cache and uploading your cert again. – Jarred Keneally
Related
As requested by Preston PHX, I uploaded a full copy of my
code to Dropbox:
My test ASP.NET Web App
I hope this helps someone to identify what I may have done wrong
#####################################
I am trying to use the sample code at https://github.com/paypal/Checkout-NET-SDK/tree/develop/Samples to make contact with the Sandbox but it doesn't work for me. In order to find out why, I ran my code in Visual Studio under Localhost in debugging mode, using several breakpoints.
This line of code in my test page ...
var createOrderResponse = CreateOrderSample.CreateOrder(true).Result;
... displayed the following error:
Inner Exception 2:
HttpException: {"error":"invalid_client","error_description":"Client Authentication failed"}
However, it was the environment function in PayPalClient.cs (modified to use my PAYPAL_CLIENT_ID and PAYPAL_CLIENT_SECRET) that appears to have generated the error:
public static PayPalEnvironment environment()
{
return new SandboxEnvironment(
System.Environment.GetEnvironmentVariable("PAYPAL_CLIENT_ID") != null ?
System.Environment.GetEnvironmentVariable("PAYPAL_CLIENT_ID"):"<<PAYPAL-CLIENT-ID>>",
System.Environment.GetEnvironmentVariable("PAYPAL_CLIENT_SECRET") != null ?
System.Environment.GetEnvironmentVariable("PAYPAL_CLIENT_SECRET"):"<<PAYPAL-CLIENT-SECRET>>");
}
I very carefully copied my PAYPAL_CLIENT_ID and PAYPAL_CLIENT_SECRET from the REST API app I created via the PayPal Developer Dashboard. Apart from that, the GitHub sample code has not been modified. I could see no requirement in the GitHub code to specify a Sandbox URL and assume that this is provided by the PayPalCheckoutSdk via the use of "return new SandboxEnvironment()".
It's not obvious to me why my attempt to connect to this Sandbox account is failing the authentication process. What might I be doing wrong? Is it anything to do with my use of Localhost?
EDIT on 1 Nov 2021 in response to Preston PHX
Creating a new Sandbox Client ID and Secret made no difference. Prompted by another forum post I read some time ago, I also tried using ngrok (for the first time) to open http port 80 to facilitate PayPal testing via Localhost, but the connection to the Sandbox still failed authentication.
Sandbox Client ID: AZcb8XrqhJEUO7lS_JtKSe3sdNDLESmo3ekhupDKTL1J9vQCKVOzacCjO3PBQwSfngYkLGa-qS7EUrGV
Secret:
EBEcuPewHdzCB8p0qE1Yszjk2eMyFCstzkL0Diz2WC5IQREsu6cDHr7yFG9a-GDIyljb-KRb2DA6Hoey
I installed curl (plus Bash and Git) on my Windows 10 PC and ran the curl command specified on the get-an-access-token page. I couldn't find a way to post the result here in an easily readable form so I put it in a Word doc and uploaded that to Dropbox.
https://www.dropbox.com/s/knia3y2ighfzxpa/Result%20of%20PayPal%20curl%20command.docx?dl=0
Edit on 2 Nov 2021
As requested by Preston PHX, I have uploaded a copy of the ASP.NET Web App I have been using for my tests to Dropbox.
https://www.dropbox.com/sh/4uclfs2lexv4v42/AAAjoZIN5cEMV1mu0cYi24zKa?dl=0
I've only uploaded the project folder, as I'm guessing that it is unnecessary to upload my Solution files.
Create a new sandbox client ID and secret in the developer dashboard. Test with the new client ID and secret.
If issues persist,
Update your question with both the new sandbox client ID, and the new sandbox secret.
Update your question with a sample curl command to get an access token, showing the entire command and the entire response in your question.
I have deployed keycloak on my EKS cluster and able to access dashboard successfully and created a new realm already.
So I thought of testing my keycloak, and went to https://www.keycloak.org/app/ for testing.
I have created a client with the root URL "https://www.keycloak.org/app/" and created one User also.
I have tested successfully my user using account login of my realm.
then I went to https://www.keycloak.org/app/ entered my keycloak URL as https://keycloak.test.nip.io , the realm as Test(same name of my realm), and then client name as a portal(same name client created on keycloak).
When I hit Sign in, it redirects to my keycloak URL but shown We are Sorry... Page not found
Anyone knows why I am receiving this error and how can I avoid that.
Issue fixed. So there is a catch My realm name was Test. So I was entering the same and it was not working and then I tried writing in lowercase as a test. Boom It worked.
TIP: No matter what case your realm name is there, if facing this issue try in Lowercase it solved for me and hope for others also it should work.
Thanks, guys...
I too had this error. I followed instructions somewhere for configuring the keycloak client application's url, realm, and clientId properties. In the instructions it said to configure the url to http://localhost:8080/auth. I think this must have changed somewhere along the way.
Changing the url property to http://localhost:8080 fixed the error :)
I am facing the issue in calling the OneDrive for Business API to work. Below are the steps I have followed till now:
Created a Web App/API application in Microsoft Azure Portal (A very tricky process). Gave all the permissions.
Got Application ID (A_ID) from there.
Went to the URL to get the 'code' via browser:
https://login.microsoftonline.com/common/oauth2/authorize?response_type=code&client_id=<A_ID>&redirect_uri=<URI>
Got the code. Did a callout via POSTMAN (using the code, client ID, client secret and redirect URI) to the URL: https://login.microsoftonline.com/common/oauth2/token
Received an Access Token (AT) and other details.
NOW, when I want to use this AT to upload a file, I am getting the error. The URI is: https://<tenant>/_api/v2.0/me/drive/root:/Abc.txt:/content. For headers, I am passing: Authorization-> Bearer AT; Content-Type -> application/octet-stream
The error is:
{"error":{"code":"unauthenticated","message":"Token contains invalid signature.","innerError":{"code":"invalidSignature"}}}
I don't know where the issue is. Is it in the tenant name I am using (There is a chance that I might be using it wrong!) OR is it in the permissions OR I have not set up the app in the Azure Portal correctly OR is it something entirely different.
FOR DEVELOPMENT: I configured my site to run without SSL for my development box and it all works great.
Now I am moving this to our dev testing server so I can test it there.
I first ran it as a non ssl intranet site to confirm configuration and etc....
It works perfectly.
Now I am in the process of creating a cert for the site and plan to use self signed certs for developer testing.
I have read many post ( google search ) on the topic related to the error I am getting.
Basically, I am 110% sure I am not creating this cert correctly for the site to which I need to bind it to.
The error:
The remote certificate is invalid according to the validation procedure.
So I am trying to understand what they mean by answers like this:
When working with self-signed certificates: add them to the trusted root authorities & use the hostname instead of localhost. ]
So if your computer name is "mypc", the uri should be "https://mypc/..." instead of "https://localhost/...".
This is what is confusing to me...
For example , if computer name is: svr-d-web-003
So the uri: https: //svr-d-web-003/?????
Looking at the advanced settings Bindings could I extrapolate the uri as: https: //svr-d-web-003/webhost.oauth.xyz.org ?? This seems wrong to me...
Site settings and etc....
Used these steps to create the cert:
1. C:> certlm.msc
2. Right-click on Certificates, then click All Tasks/Request New Certificate
Click Next, Next
Click on link as shown under the template you need.
Select Common Name from drop down
Enter the machine name dns name (example: svr-v-wus-001), then click Add button
Click OK,
In the Requests Certificates window check the box for xyz, click Enroll
Look in the certificates store and it’ll be there – you may need to click Refresh button
Follow up In IIS – you’ll bind the certificate there to your site. Remember the name needs to match the url. (This might be my issue here...)
See attachment...
I finally got it to work.
When creating the cert I had to match the name of the cert (common name) to the site.
For example: the site is https://identService.oauth.xyz.org so the cert name needed to be identService.oauth.xyz.org.
Then it all worked. I was confusing the site name with the machine name. Doh...
I'm creating a new CSR (Certificate Signing Request) using the Keychain Access tool:
Certificate Assistant -> Request a certificate from a certificate authority...
In the certificate information I fill in my email address and name,
selecting the "Save to disk" option.
I save the CSR to the desktop
The wizard completes successfully, but no file is saved to disk!
I've done this before, but this time it just isn't working. I tried restarting the
Keychain tool, restarting the computer, no luck.
Any ideas?
You have an existing private key selected in the main window of Keychain Access. That is also why it says "Request a certificate from a certificate authority using {some id}" in the menu. Deselect the private key by selecting something else, and then it will work. Apple if you're reading this, you need an error message at the end of the sequence described above.
I had the same problem. I noticed (after reading the first answer above), that I had the Keys category selected. I then selected the Certificates category, ensured I did not have any of the available Certificates selected, and I started my request and this time it worked like a charm.
Had the same problem. Here's the solution (for me at least).
You can have only one developer certificate installed on one machine - delete your old certificate from the keychain and you will be able to create the new one normally.