While testing I started walking through authorizing my test machine (192.168.15.6, a local IP) with YouTube, which seemed successful. That IP is listed under my authorized sites. However, any actual requests say I'm not authenticated. I'm guessing it isn't going to work because the requests seem to be coming from my Public IP, right?
The documentation is split up between the API reference, the gdata guide, and the python client guide. The examples seem limited. I didn't get, from the Python guide, that the session token is a new token, rather than an upgrade of the existing one-use token.
yt_service.SetAuthSubToken(token)
yt_service.UpgradeToSessionToken()
session_token = yt_service.current_token.get_token_string()
This gives you the new token after upgrading for a session.
Everything has worked for me developing locally except getting a secure token. Just leave that set as false.
Related
The Paypal API doesn't recognize my Client ID and Secret I got from https://developer.paypal.com/developer/applications/
I wanted to include a server side checkout according to this tutorial https://developer.paypal.com/docs/archive/checkout/how-to/server-integration/
When I do the request to https://api-m.paypal.com/v1/payments/payment I always get a 401 Error with the message "Authentication failed due to invalid authentication credentials or a missing Authorization header.".
I checked multiple times if my credentials were correctly included into the request. I also tested the endpoint in my server environment and as well via Postman.
I also tried the route https://api-m.sandbox.paypal.com/v1/oauth2/token to exchange my credentials with an access token and got the same problem.
I also tried to create multiple Sandbox and Live Accounts and always got the same error.
Has anyone an idea what the problem could be?
There are two separate issues here.
You first need to use /v1/oauth2/token to obtain an access token, and then use that access token to call any of the other actual APIs.
The credentials you obtain from PayPal Developer will be for either "Sandbox", or "Live". Make sure you choose the correct tab (sandbox, for development). Sandbox credentials will only work for api-m.sandbox.paypal.com , and Live credentials will only work for api-m.paypal.com . The two environments are completely separate.
If you still have issues, post the SANDBOX client ID and secret you are using, and the full request and response to the api-m.sandbox.paypal.com endpoint. There should be a PayPal-Debug-Id in any error response, in the headers if nowhere else.
Using the Stitch Facebook authentication provider with the Web/JS SDK the auth flow seems to work fine up until the redirect is done back to the Stitch servers.
loginFB() {
const credentialFB = new FacebookRedirectCredential();
this.$stitch.auth.loginWithRedirect(credentialFB);
}
It then returns this error from the Stitch service:
https://eu-west-1.aws.stitch.mongodb.com/api/client/v2.0/auth/callback?code=AQClGc41QMShUyLT0FOIyGM4ZEi8FPEj4qSHF022F6gGqdIYrgBmop7QVWVuKQYH-CNCtGNSpOWJSVu9_nZwrHauMVrKt6CeswVIgRs5iQpt84YPFkg35BXZHf_PGcpvTsTBt2HC4B_yyYCcYCc4Ccn_wlCkG9bu-LwfKOePDtTYOJahys-xflBC8IyveMZIAK9lc00orXqC7zooETDgrE8KdoDw6uE8Q8zT_XMD7fGmCB7_-kcnmE9wScgC2Vsb38_AG4dkazNG_IenKpbo0s7vfDDfRLPawXpeWpSue_PRYLGSoKUB1UyWSNiujuq3ClE&state=nBspwBNKIdbEUxcyFdrHDudGKbuJhfjVTcHpzyMjSi-uImn5LQG3XtsgqRUGsB_UIEVnAIi6dswt5FwV90kphQ%3D%3D#=
error: "error exchanging access code with OAuth2 provider"
error_code: "AuthError"
link: "https://stitch.mongodb.com/groups/5ded6422f2a30b6096c347b8/apps/5dfdd120fab085de276dacb2/logs?co_id=5e176295f9d51cd518d60dc6"
Following the link in the error message we arrive at the Stitch logs which says the same thing.
I have followed the official docs (Google Auth works wonders, no worries there) for setting it up and tested the following:
Modified Redirect URIs, tested on hosted (https / http) and localhost.
Configured a Test App in Facebook dev
Tested the various settings for the auth in Facebook console.
Enable forced Re-auth in Facebook, I must then provide password and once that completes same error.
Trying to find information on this error in the official docs or here on Stackoverflow has yielded no results unfortunately. Could someone help explain how to get around this error?
Docs:
https://docs.mongodb.com/stitch/authentication/facebook/
https://docs.mongodb.com/stitch/tutorials/guides/todo-guide-facebook/
The error shown was due to a faulty app secret in the Auth provider section in Stitch. Once that was mended to a correct secret from the Facebook App the login worked as intended. This error should be mentioned somewhere in stitch docs but does not to be documented there at the time of writing this.
Trying to make use of the Server to Server OAuth flow defined here:
https://developers.google.com/identity/protocols/OAuth2ServiceAccount
Since I'm running from a local dev environment, I've created a service account in GCP and downloaded the JSON file with the private key, but cannot find any Node.js code examples on how to:
1) load the json file
2) set delegated credentials (for G Suite domain-wide authorization)
Places I've looked (besides stackoverflow) are Google's git wiki for the node.js client library, which does talk about server to server auth, but seems to assume you're running from appengine or google cloud and don't need to load a key file:
https://github.com/googleapis/google-api-nodejs-client#service-to-service-authentication
The Admin SDK Activities Reports API has a Node example, but it's using the web-based flow assuming a user is present:
https://developers.google.com/admin-sdk/reports/v1/quickstart/nodejs
Buried deep in the Node.js samples is use of the Directory API, which does seem to take a keyfile as input, but when I try running locally it says getClient is not a constructor, and still this example doesn't show how to set the G Suite admin user for context (which is generally when a refresh token and access token are loaded into the app):
https://github.com/googleapis/google-api-nodejs-client/blob/master/samples/directory_v1/group-delete.js
So... does anybody have an example of this? I really don't want to switch to a Python runtime but Google seems to have left out important examples on this topic.
After going through walkthroughs I had a test mvc app, test web api, and identityserver3 all working perfectly on my machine. I deployed IdentityServer3 to our servers in AWS behind a load balancer. I followed all the instructions in the Deployment wiki. I am able to hit the .wellknown configuration fine after deployment from a browser on my machine.
I changed the authority url for the mvc and api test apps to point to the aws deployment. Clients, Scopes, users, etc are all configured identically as they are hitting the same database as it was when running on local machine.
I can get an access token using RequestResourceOwnerPasswordAsync just fine so I think ids is installed fine.
However, both the API and the MVC app just trying to use implicit flow are now failing. FOr instance, when I try to hit a mvc controller action marked with [Authorize] I get an error stating "An invalid request URI was provided. The request URI must either be an absolute URI or BaseAddress must be set".
If I try to hit the webapi from the mvc app (both running locally on my machine) after a successful RequestResourceOwnerPasswordAsync call, I get the error "Response status code does not indicate success: 401 (Unauthorized)." after what seems like a timeout.
Any help would be greatly appreciated.
Figured out the problem. When specifying PublicOrigin, it has to be a full URL and not just the domain. I had left off https:// prefix.
The web api issue was related to connectivity to the identity server. There was some incorrect proxy settings for the app.
I am trying to build an application on my local machine using Twitter's OAuth 1.1 API and Facebooks SDK v4 both for PHP.
Both of these mechanisms redirect the user to prompt for permission and redirect back to website. I can get both working but they will not work under the same local url.
I set everything up for Facebook on localhost without any issues but twitter (staggeringly) does not allow using localhost (see here How to test the twitter API locally?). So instead I set up a virtual host using my Mac based MAMP installation and added that url to both Twitter and Facebook applications. Now Facebook does not allow me to use my virtual host. When the prompt for permissions happens and Facebook redirects back to my site, when I try and retrieve the session using getSessionFromRedirect() it returns NULL. This does not happen if I run the same code using localhost.
I have tried using 127.0.0.1 but Facebook does not allow this either (error is invalid because it is a Facebook url!), but Twitter does!?!
Has anyone else had any problems with this or does anyone have any pointers that would help me to test both of these on the same deployment.
Many thanks in advance.