curl query to Facebook FQL requires auth? - facebook

I used curl to query Facebook's FQL and this happened:
> curl 'https://api.facebook.com/method/fql.query' -d "query=SELECT+now()+FROM+user+WHERE+name='Barry Carter';"
<?xml version="1.0" encoding="UTF-8"?>
<error_response xmlns="http://api.facebook.com/1.0/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://api.facebook.com/1.0/ http://api.facebook.com/1.0/facebook.xsd">
<error_code>102</error_code>
<error_msg>Session key invalid or no longer valid</error_msg>
<request_args list="true">
<arg>
<key>method</key>
<value>fql.query</value>
</arg>
<arg>
<key>query</key>
<value>SELECT now() FROM user WHERE name='Barry Carter';</value>
</arg>
</request_args>
</error_response>
Do I need to authenticate even to find users? On the website, you can
do that sans authentication?
If I do need authentication, how do I get it? I've read
http://developers.facebook.com/docs/authentication but do I need all
that for a simple curl call? If so, what should I do to get an auth
token? Do I need to store cookies/etc (using curl's -b and -c flags?).
This question is similar to
Facebook API - fql_query, Invalid session
but I'm using straight curl, not PHP.
I realize the query should be GET, not POST, but I'm pretty sure that's not the problem.

Yes you'll need to have an auth token for pretty much any query you perform.
It's not that hard to manually acquire one if you're just experimenting. The easiest way to do it manually is to follow the "client-side flow" section of the authentication doc page you linked by navigating to the specified URL in your browser, and use http://www.facebook.com/connect/login_success.html as the target URL (it's just a dummy page on facebook.com, so it is guaranteed to let you through), and then grab the access token from the address bar.

Related

How do I use this REST authentication style (token immediately following https://)?

I'm trying to use this API: https://bibles.org/pages/api/documentation
The docs say to simply do: https://#{your API token}:bibles.org/v2/versions/eng-GNTD.xml as their example. However, this doesn't work for me; Chrome and Firefox just forward as if I'm trying to do a google search.
If I do their curl example: curl -u #{your API token}:X -k https://bibles.org/v2/versions/eng-GNTD.xml, everything works fine.
I've never seen an authentication style where I passed my token before the url. Is there a special way to do this that I just don't know about?
Looking at your curl command,it looks like you are sending basic authentication with get request.
Check here
Try
https://#{your API token}:X#bibles.org/v2/versions/eng-GNTD.xml

How to do Http Basic access authentication from advance rest client

I am trying to do basic authentication to call a rest service.
On service doc the procedure mentioned for CURL is like this
curl -X POST https://secure.clientservice.com/api/transactions.json -u [TOKEN]:[KEY] -H 'Content-type: application/json' \
-d "{\"transaction_type\":\"request\",\"amount_in_cents\":\"3000\",\"email\":\"user#example.com\"}"
I got stuck how to send the [TOKEN]:[KEY] for authentication from chrome rest client.I am having both user token and key and doc is saying i have to do Http Basic access authentication
On rest explorer i am trying like below
But this is giving un authorized access as seems to be the Authorization header is wrong where i am encoding [axkKtfBAaPABCh59SA]:[S7RwBG2eZ3y8mDs8VS] this value to base 64. Am i doing in right way or am i missing something.
Add the Authorization header: Header Forms --> ADD HEADER --> Begin typing in Authorization.
and add the basic auth info by clicking on the Edit (pencil) button on the right. A form to fill credentials will pop up:
Advanced REST Client will take care of encoding
I think should encode without the "[" “]“, it could be your problem. Also verify that your token is still valid (it could be expired)
if this doesn't solve your problem can you provide me the error message you get (in your picture the result seems to be ok).
This is an Old question, and has been answered as to how this should be done in Advanced REST Client. But i would still like to point out that you need to enter the basic Authentication Header like this:
Header Name: Authorization
Header Value: Basic
so if your username was user1 and password was abc then you would need to find the base64 encoded value of "user1:abc" which is "dXNlcjE6YWJj" (you can do this in one of many online tools available, just serach for "base 64 encode online").
In this case your header will become like:
Authorization -> Basic dXNlcjE6YWJj

Workday SOAP API : How to authenticate

I'm a newbie to workday soap api and I'm trying to figure out how to send a soap request to authenticate using SOAPUI.
Any suggestions, would be greatly appreciated.
Workday APIs use WS-Security for authentication.
Remember that the workday host is multi-tenant. So, you'll use the WSDL endpoint to connect to the correct server, and the user name field will contain both your user name and the tenant on that server.
User name format for SOAP Auth to Workday:
[user-name]#[tenant-name]
Example: youUserName#tenant6
Your workday account will need to be in the Integration Developer's group, as well.
You may need to adjust security and permissions beyond that to permit access to certain functional groups and domains which relate to the web service.
If you're using SoapUI, do the following:
Import the WSDL into a project.
In "Integration binding", go to settings.
On the "Service endpoints" tab, set the username as I've described above.
Set the password to your password in the tenant.
The WSS-Type should be set to PasswordText.
Now, you can make a request.
Not sure what exactly you are referring to. You authenticate implicitly - there is no separate request. The Workday API documentation is published here. You should read it. When you import the WSDL, for example in a .Net solution, it will give you access to various API classes.
For example, to connect to the Compensation API from an SSIS script task I use the following:
// Instantiate and configure compensation client
CompensationPortClient compClient = // I use custom binding - gives me more control
new CompensationPortClient(CompensationObjectFactory.getWorkdayBinding(),
new EndpointAddress(endpointURL));
compClient.ClientCredentials.UserName.UserName = userName;
compClient.ClientCredentials.UserName.Password = password;
(I created the CompensationObjectFactory to instantiate all the client-side API objects because the process is somewhat formulaic.)
Then you can make API calls with the client object, for example, query a one-time award:
Request_OneTime_Payment_RequestType request =
CompensationObjectFactory.getOneTimePaymentRequest(
CompensationObjectFactory.getBusinessProcessParameters(),
CompensationObjectFactory.getOneTimePaymentData(
planId, currency, amount, effDt, emplID, positionID));
Request_OneTime_Payment_ResponseType response =
compClient.Request_OneTime_Payment(request);
I finally figured this out after debugging a working SOAP UI example by installing wireshark and forcing my request over HTTP!
The previously posted header example did not work for me because it was missing some info. I noticed further that my captured header worked several hours later and I developed a theory that Workday was ignoring everything but username and password. So I tested the following and it worked:
<soapenv:Header>
<wsse:Security soapenv:mustUnderstand="1" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<wsse:UsernameToken wsu:Id="bogus">
<wsse:Username>user#tenant</wsse:Username>
<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">[PASSWORD HERE]</wsse:Password>
<wsse:Nonce EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">bogus</wsse:Nonce>
<wsu:Created>2000-10-02T21:12:28.365Z</wsu:Created>
</wsse:UsernameToken>
</wsse:Security>
</soapenv:Header>
Best of luck if you are reading this. SOAP is a complete nightmare!
To add to the responses already here, you may need to also add in your credentials in the SOAP header, like so:
<soapenv:Header>
<wsse:Security soapenv:mustUnderstand="1" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<wsse:UsernameToken wsu:Id="bogus">
<wsse:Username>[user]#[tenant]</wsse:Username>
<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">[PASSWORD HERE]</wsse:Password>
<wsse:Nonce EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">bogus</wsse:Nonce>
<wsu:Created>2000-10-02T21:12:28.365Z</wsu:Created>
</wsse:UsernameToken>
</wsse:Security>
</soapenv:Header>
Modifying "Request Properties" worked for me. The username is [user-name]#[tenant-name] as mentioned in #dbh's answer
Screenshot:

Unable to create(POST) objects (Account, customer...) on QB Windows using IDS and Sync Manager

Here I am provideing you the complete scenario where I am getting the error while posting request for creating a new account.
I am using Intuit OAuth Access and OAuth API console for testing (Using all security tokens).(https://appcenter.intuit.com/Playground/OAuth)
And the URL and request:
URL: https://services.intuit.com/sb/account/v2/570357960
Method : Post
Format: XML/JSON
Request:
<?xml version="1.0" encoding="UTF-16"?><Add xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" RequestId="4df87bw2-916a-
4r95-h5d6-06dce3667562"
xmlns="http://www.intuit.com/sb/cdm/v2"><ExternalRealmId>570357960</ExternalRealmId><Objectxsi:type="Account"><Name>CurrentAccount</Name><Active>true</Active><Type>Expense<
/Type><Subtype>Expense</Subtype><AcctNum>1111</AcctNum></Object></Add>
And getting the response (error in html):
<div class="content-container"><fieldset>
<h2>500 - Internal server error.</h2>
<h3>There is a problem with the resource you are looking for, and it cannot be displayed.</h3>
and I have also checked with RESTClient utility, but getting the same above error.
Please note that the same url
(https://services.intuit.com/sb/account/v2/570357960) with same
security tokens is working fine for GET data , I am getting data from
QB desktop into my online Application.
As Keith said, check the Content-Type. You will also need to use a RestClient for testing. The playground will not work for testing API calls. It only works for platform calls.
If I had to guess... I'd guess you're sending the wrong Content-Type header... but it's impossible to tell for sure until you post more code/the rest of your HTTP request.
A few things to try. Be sure the XML is in the same order as this sample and try it.
the other is a common mistake when you use Oauth in a GET you are including just the url in the signature, but in a POST you need to include the Body in the signature too or it will not pass Oauth validation.
Lastly, as Keith mentioned to check the content type. Although you would generally get a content type error.
156234822
CurrentAccount
true
Expense
Expense
1111

Delicious API replies with "access denied"

I'm trying to access all posts from delicious, according to delicious API. In Ubuntu Linux i give the command:
curl https://myusername:mypassword#api.del.icio.us/v1/posts/all
where myusername and mypassword are registered with an yahoo mail account. I get the answer:
<?xml version="1.0" standalone="yes"?>
<result code="access denied" />
<!-- fe07.feeds.del.ac4.yahoo.net uncompressed/chunked Mon Nov 9 13:06:28 PST 2009 -->
What's wrong?
If you're registered with a Yahoo! ID, you need to use OAuth rather than basic authentication.
Unfortunately, using command-line tools like this is considerably harder with OAuth. Last I checked there wasn't a simple way to do it.
What exactly is the status code you get? Code 999? If so, that's Yahoo's default status code for throttling your requests, i.e. you're trying to pull your posts too often. I've noticed that if you make the /posts/all call too often (more than once every few minutes), you'll get throttled.
If you don't need to get ALL of your posts, you should try using the /v1/posts/recent call with whatever options you may want. That seems to work for me. Yahoo/Delicious doesn't throttle that request.