how to end user session (log out) in twitter using objective C - iphone

I have integrated twitter in my app. but I am not able to log out the session of the user.
For logging I am using http://%##twitter.com/statuses/update.xml
and passing the username and pswd in the url. Inside body i pass the string that needs to be updated and its working fine.
Now For log out they have an request called
http://twitter.com/account/end_session
and it is been said we need to use post request. But I am not able to get what we have to pass in body and header so that twitter should know which user has requested for log out.
Below is the link of documnetation but I didnt suceed in this.
http://apiwiki.twitter.com/Twitter-REST-API-Method%3A-account%C2%A0end_session
Waiting for reply
Thanks in advance

When you are posting to statuses/update.xml using the method you described, you are not logging in, you are simply updating the user’s status and passing the user name and password with the request. As you are not logging in, there is no session and no need to log out. This is good, because it’s easy, and it’s bad, because it’s insecure – you’re passing the password openly. Read the documentation about authentication. The authentication method you’re using right now is called “Basic Auth” there.
You can look at how you post looks in the HTTP request:
$ nc -l 1234
$ curl -d "Status update" http://user:passwd#localhost:1234
The output from netcat looks like this:
POST / HTTP/1.1
Authorization: Basic dXNlcjpwYXNzd2Q=
Host: localhost:1234
Accept: */*
Content-Length: 13
Content-Type: application/x-www-form-urlencoded
Status update
The Authorization line is the “Basic Auth” as described by the Twitter API docs and Wikipedia.

Related

Getting "403" error while registering an Outgoing Webhook via PostMan

URL :
https://circuitsandbox.net/rest/v2/webhooks
My Headers :
Content-Type : application/x-www-form-urlencoded
Authorization : Bearer ot-xxxxxxxxxxxx
Body :
url - Some URl
filter - CONVERSATION.CREATE
Error I am getting :
"The permission to access this resource is not granted. Scopes ::= [ALL, READ_CONVERSATIONS, READ_USER]"
Plus If i want to send extra filters thn will it be comma separated values?
If you are getting a 403, I would suspect a scope error (as mentioned by Roger) or an authentication problem.
For the first, please show us which scopes are currently selected for the application ; for authentication, can you check if you can make other API calls successfully ?
Here is what it looks like in Postman
Make sure your app registration contains the scopes that your app is asking for. For a simple outgoing webhook registration you would only need the scope READ_CONVERSATIONS.
See https://github.com/circuit/circuit-REST-bot/blob/master/app.js for an example on how to register for a webhook. This example registers for CONVERSATION.ADD, but CONVERSATION.CREATE is very similar.
If you still have problems please post a code example, or even a link to an app on repl.it.
Here is an example HTTP request to register the webhook. Note that the body is sent as text/plain (which is the default and its header can be omitted). Also note that the callback url is http. https is not yet supported.
POST https://circuitsandbox.net/rest/v2/webhooks HTTP/1.1
Host: circuitsandbox.net
Content-Type: text/plain
Authorization: Bearer <token>
url=http://90587c6d.ngrok.io/webhook&filter=CONVERSATION.CREATE
and here is a curl command
curl -X POST https://circuitsandbox.net/rest/v2/webhooks -H "Authorization: Bearer <token>" -d "url=http://90587c6d.ngrok.io/webhook&filter=CONVERSATION.CREATE"

How to post credentials using POSTMAN client to create a cookie based session

I am using postman client to make REST calls to JIRA API. It says "POST your credentials to http://jira.example.com:8090/jira/rest/auth/1/session" to get SESSION. I tried posting with Form-data, application/x-www-form-urlencoded, raw etc. Nothing worked. which is the right way to do that.
Here is the tutorial i am following: https://developer.atlassian.com/jiradev/jira-apis/jira-rest-apis/jira-rest-api-tutorials/jira-rest-api-example-cookie-based-authentication
Since you're using postman, I'm assuming you're in a dev environment. In this case, it might be simpler to get going with the auth header, which is a base-64 encoded username/password. From the documentation here:
Supplying Basic Auth headers
If you need to you may construct and send basic auth headers yourself. To do this you need to perform the following steps:
Build a string of the form username:password
Base64 encode the string
Supply an "Authorization" header with content "Basic " followed by the encoded string. For example, the string "fred:fred" encodes to "ZnJlZDpmcmVk" in base64, so you would make the request as follows.
curl -D- -X GET -H "Authorization: Basic ZnJlZDpmcmVk" -H "Content-Type: application/json" "http://kelpie9:8081/rest/api/2/issue/QA-31"
In the Headers section of Postman, add Authorization with Basic <base64-encoded-username:password>
Don't forget to also add the header Content-Type as application/json
(You can use base64encode.org to quickly encode your username/password).
Don't forget to put the string in as username-colon-password (username:password)
If you are on the same UI as I for postman, click Authorization, select an auth type (I used basic auth succesfully), and then enter your credentials. Next click over to the body tab, select raw, and on the drop down menu on the right choose JSON(applications/json), and supply the body as normal.
That is the first hurdle. The next hurdle which may be hit (and the one I am stuck on) is that once your basic-auth gets accepted, JIRA will deny access as part of Cross Site Request Forgery checks (XSRF) with a code 403. I have a ticket open right now seeing if there is a possible workaround to post and put from postman, because using postman and newman would be much much simpler than building an entire plugin which I have to jump through a bunch of hoops to access.
With Postman can simply add withCredentials:true to your request header section.

Facebook Graph API Messenger integration - The parameter recipient is required

I'm trying to create a bot which interacts with Facebook Messenger. I've set up my webhook and can receive messages coming from Facebook. However, when I try to send a message, I get the following error back from Facebook:
{"error":{"message":"(#100) The parameter recipient is required","type":"OAuthException","code":100,"fbtrace_id":"F3iVNecj10i"}}
However, I've definitely got the recipient ID in my request. I've sent the request with my bot, cURL and the Chrome Poster extension and get the same result each time. The JSON I send is:
{"recipient":{"id":"XXXXXXXXXXXXXX"},"message":{"text":"hello, world!"}}
When using cURL, I took the example directly from the Facebook documentation and send this:
curl -k -X POST -H "Content-Type: application/json" -d '{"recipient":{"id":"XXXXXXXXXXXXXXXX"},"message":{"text":"hello, world!"}}' "https://graph.facebook.com/v2.6/me/messages?access_token=ACCESS_TOKEN"
The only difference between this and the example on Facebook is the -k which stops cURL from checking the SSL certificate. I'm tunneling through to my app using ngrok for the incoming messages but sending my requests direct to the Facebook Graph API. The fact that it's happening in my app, cURL and Chrome Poster makes me think that it's something to do with the request (but I can't see what) or my Facebook app setup. Any help is greatly appreciated.
Turns out there were a few issues. The cURL request didn't include the quotes in the JSON so the quotes had to be escaped with \ characters. The Chrome Poster request didn't work because "content-type: application/json" wasn't set in the header. And my webapp didn't work because the JSON had a ";" at the end of it.
So, the Facebook message was an indication of poorly formatted JSON, just not a very direct one!
Check that the JSON payload is well formed.
I used the Postman.app to help me out with this — it's also available on Windows.
Steps
Copy the URL into the "Enter request URL field". This would include the access_token
Change the HTTP verb to GET
Under the "Headers" header, set Content-Type to application/json
Under the "Body" header, select "raw" and paste your JSON payload there. Make sure that this JSON payload is well formed by watching the error indicator displayed beside the line numbers.
Once I got this fixed, I was able to move on to the next step.
I got similar error some time back. Try using Postman. I tried the same request and replaced the user id and the page access token. It works fine.
Click on the Import button on the top and paste your curl request under raw. Then try running the call. If you get the same error, go to the body and modify it. Make sure you put this in the body part of the Postman request. Replace the recipient id with yours.
{
"recipient":
{
"id":"123456789"
},
"message":
{
"text":"hello, world!"
}
}
This is the full cURL call : Change Recipient ID and Page Access Token
curl -X POST -H "Content-Type: application/json" -d '{ "recipient":{"id":"1234567" }, "message":{ "text":"hello from bot" }}' "https://graph.facebook.com/v2.6/me/messages?access_token=PASTETHETOKENHERE"

How to do Http Basic access authentication from advance rest client

I am trying to do basic authentication to call a rest service.
On service doc the procedure mentioned for CURL is like this
curl -X POST https://secure.clientservice.com/api/transactions.json -u [TOKEN]:[KEY] -H 'Content-type: application/json' \
-d "{\"transaction_type\":\"request\",\"amount_in_cents\":\"3000\",\"email\":\"user#example.com\"}"
I got stuck how to send the [TOKEN]:[KEY] for authentication from chrome rest client.I am having both user token and key and doc is saying i have to do Http Basic access authentication
On rest explorer i am trying like below
But this is giving un authorized access as seems to be the Authorization header is wrong where i am encoding [axkKtfBAaPABCh59SA]:[S7RwBG2eZ3y8mDs8VS] this value to base 64. Am i doing in right way or am i missing something.
Add the Authorization header: Header Forms --> ADD HEADER --> Begin typing in Authorization.
and add the basic auth info by clicking on the Edit (pencil) button on the right. A form to fill credentials will pop up:
Advanced REST Client will take care of encoding
I think should encode without the "[" “]“, it could be your problem. Also verify that your token is still valid (it could be expired)
if this doesn't solve your problem can you provide me the error message you get (in your picture the result seems to be ok).
This is an Old question, and has been answered as to how this should be done in Advanced REST Client. But i would still like to point out that you need to enter the basic Authentication Header like this:
Header Name: Authorization
Header Value: Basic
so if your username was user1 and password was abc then you would need to find the base64 encoded value of "user1:abc" which is "dXNlcjE6YWJj" (you can do this in one of many online tools available, just serach for "base 64 encode online").
In this case your header will become like:
Authorization -> Basic dXNlcjE6YWJj

How to parse a RESTful URL

I'm trying to much around the Philips Hue API. I got the debug CLIP working just fine. Now I'd like to use this more dynamically, get it purring with Processing.
The problem: I have no idea where to even start formatting that request. According to the API docs, you turn a bulb on or off like this:
Address: http://<bridge ip address>/api/newdeveloper/lights/1/state
Body: {"on":false}
Method: PUT
Okay, so I get the address part. But how do I format the Body into the URL? And how I establish that this is a PUT request?
You don’t format the body into the URL; the body and the URL are quite separate.
Here’s what an HTTP request looks like:
METHOD /path HTTP/1.x
Some: Headers
Foo: Bar
The body
One for this page might look something like
GET /questions/18819266/how-to-parse-a-restful-url HTTP/1.1
Accept: */*
Host: stackoverflow.com
User-Agent: Firefox 23 and somesuch
So to send your example request with curl, it would be something like:
$ curl -v 'http:///api/newdeveloper/lights/1/state' -X PUT --data-binary '{"on":false}'
To expand on minitech's answer, data can be sent by HTTP methods such as PUT, DELETE, POST, and GET. If you're trying to "format a url" with data that is meant to be sent, i.e. generating a URL based on parameters you would like to send to Hue, you are actually using GET and not PUT or POST.
Unfortunately, DELETE and PUT are not able to be sent through normal HTML forms via "method", only POST and GET. Depending on what language you're using, you'll need to use LWP or curl or find some other way to send PUT data. Hue's clip.html uses javascript and XMLHttpRequest() if javascript is your preferred programming language.