Delicious API replies with "access denied" - access-denied

I'm trying to access all posts from delicious, according to delicious API. In Ubuntu Linux i give the command:
curl https://myusername:mypassword#api.del.icio.us/v1/posts/all
where myusername and mypassword are registered with an yahoo mail account. I get the answer:
<?xml version="1.0" standalone="yes"?>
<result code="access denied" />
<!-- fe07.feeds.del.ac4.yahoo.net uncompressed/chunked Mon Nov 9 13:06:28 PST 2009 -->
What's wrong?

If you're registered with a Yahoo! ID, you need to use OAuth rather than basic authentication.
Unfortunately, using command-line tools like this is considerably harder with OAuth. Last I checked there wasn't a simple way to do it.

What exactly is the status code you get? Code 999? If so, that's Yahoo's default status code for throttling your requests, i.e. you're trying to pull your posts too often. I've noticed that if you make the /posts/all call too often (more than once every few minutes), you'll get throttled.
If you don't need to get ALL of your posts, you should try using the /v1/posts/recent call with whatever options you may want. That seems to work for me. Yahoo/Delicious doesn't throttle that request.

Related

SIP calls POSTing StatusCallback when call ends even though no StatusCallback URL is configured

When SIP calls end, the last request that was POSTed to my app gets POSTed again, slightly modified, but with the params that the Twilio docs indicate will be included in a call StatusCallback POST. This is doubly weird because I don't have a StatusCallback URL configured!
So ...an example. The environment (all URLs are https):
Twilio SIP endpoint: test-myaccount.sip.twilio.com
Voice URL (POST): myapp.myserver.com/twilioapp
Fallback URL (GET): s3.amazonaws.com/somebucket/twilioerror.xml (can't imagine that's relevant, but I mention it in case it tips anyone off to weird side effects)
StatusCallback URL (POST): blank
The call flow:
1a. Call made to SIP endpoint - Twilio sends request to TwiML app server:
POST myapp.myserver.com/twilioapp
1b. TwiML app responds:
<?xml version="1.0" encoding="UTF-8"?>
<Response>
<Say language="en-US" voice="alice">May the fourth be with you!</Say>
<Redirect>myapp.myserver.com/twilioapp/secondstep?actualdate=20140503</Redirect>
</Response>
2a. Twilio plays the TTS speech, then POSTs back to the app server (per the Redirect verb):
POST myapp.myserver.com/twilioapp/secondstep?actualdate=20140503
2b. The app server responds:
<?xml version="1.0" encoding="UTF-8"?>
<Response>
<Say language="en-US" voice="alice">Whoops, wrong date. Goodbye!</Say>
<Hangup />
</Response>
3a. Here's the funkiness I'm seeing - Twilio is then POSTing another request:
POST myapp.myserver.com/twilioapp/secondstep/?actualdate=20140503
Note (a) that the POST is to the last URL that Twilio posted to and (b) a trailing slash has been added to the URL, before the querystring params.
Params that are sent with that final POST:
AccountSid: <MyAccountSid>
Caller: sip:55512345678#169.0.0.0
CallStatus: completed
Duration: 1
Called: sip:test-myaccount.sip.twilio.com
To: sip:test-myaccount.sip.twilio.com
CallDuration: 22
CallSid: <TheCallSid>
From: sip:55512345678#169.0.0.0
Direction: inbound
ApiVersion: 2010-04-01
More weird: both Duration and CallDuration are included in the POST params - Duration in (rounded up) minutes, CallDuration in seconds.
So - I have no idea what's up. I've got a support ticket in, but haven't heard back in several days; figured while I was waiting on the Twilio code spelunkers to work their magic I'd ping the community and see if anyone else has noticed this behavior too.
Twilo Evangelist here.
I just spoke with one of our customer support team members and it looks like we have an issue reported for this behavior. She should be reaching out to you shortly to give you a more detailed update.
If we identify a work-around, we'll make sure to update this SO post with those details.
Hope that helps.

FaceBook loads HTTPS hosted iframe apps via HTTP POST (S3 & CloudFront errors)

I have been trying to write a bucket policy that will allow (X-HTTP-Method-Override) because my research shows that Facebook loads HTTPS hosted iframe apps via HTTP POST instead of HTTP GET which causes S3 and CloudFront errors.
Can anyone please help me with this problem?
This is what's returned from S3 if I served my Facebook app directly from S3:
<?xml version="1.0" encoding="UTF-8" ?>
- <Error>
<Code>MethodNotAllowed</Code>
<Message>The specified method is not allowed against this resource.</Message>
<ResourceType>OBJECT</ResourceType>
<Method>POST</Method>
<RequestId>B21565687724CCFE</RequestId>
<HostId>HjDgfjr4ktVxqlIBeIlvXT3UzBNuPg8b+WbhtNHOvNg3cDNpfLH5GIlyUUpJKZzA</HostId>
</Error>
This is what's returned from CloudFront if I served my Facebook app from CloudFront with S3 as the origin:
ERROR
The request could not be satisfied.
Generated by cloudfront (CloudFront)
I think the solution should be to write a bucket policy that makes use of X-HTTP-Method-Override... Probably I am wrong though. A solution to this problem would be highly appreciated.
After trying many different ways to get this to work, it turns out that it simply is not possible to make the POST to static content work on S3 as things stand. Even if you allow POST through Cloudfront, enable CORS, change the bucket policy so that the Cloudfront origin identity can GET/PUT etc. it will still throw an error.
As an aside, S3 is not the only thing that balks at responding to such a POST request to static content. If you configure nginx as an origin for a Facebook iframe you will get the same 405 error, though you can work around that problem in a couple of ways (essentially rewriting it to a GET under the covers). You can also change the page (though still static) to be a dynamic extension (.aspx or .php) to work around the issue with nginx.
You can host all your other content on S3 of course, and just move the page that you POST to onto a different origin. With a decent cache time you should see minimal traffic, but it will mean keeping your content in two places. What I ended up doing was:
Creating EC2 instances in an autoscaling group (just in case) to serve the content
They used a cron job to sync the content from S3 every 5 minutes
No change in workflow was required (still just upload content to S3)
It's not ideal, nor is it particularly efficient, but hopefully it will save others a lot of fruitless testing trying to get this to work on S3 alone.
You can set your Cloudfront distribution to allow POST methods.
If you go into your dashboard and edit the Behavior for the distribution
- Then select Allowed HTTP Methods - GET, HEAD, PUT, POST, PATCH, DELETE, OPTIONS
This allows the POST from Facebook to go through to your origin.
I was fighting with S3 and CloudFront for last couple of days. and I confirm that with any bucket policy we cannot redirect POST calls from Facebook to S3 static (JS enriched) contents.
The only solution seems to be the one Adam Comerford mentioned in this thread:
Having a light application which receives Facebook calls then fetching the content from S3 or CloudFront.
If anyone has any other solution or idea it will be appreciated.
you can't change POST to GET - that's the way Facebook loads app page because it also sends data about the current user as POST body (see signed_request for more details). I would suggest you look into fixing your app to make sure it properly responds to POST request.

Unable to create(POST) objects (Account, customer...) on QB Windows using IDS and Sync Manager

Here I am provideing you the complete scenario where I am getting the error while posting request for creating a new account.
I am using Intuit OAuth Access and OAuth API console for testing (Using all security tokens).(https://appcenter.intuit.com/Playground/OAuth)
And the URL and request:
URL: https://services.intuit.com/sb/account/v2/570357960
Method : Post
Format: XML/JSON
Request:
<?xml version="1.0" encoding="UTF-16"?><Add xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" RequestId="4df87bw2-916a-
4r95-h5d6-06dce3667562"
xmlns="http://www.intuit.com/sb/cdm/v2"><ExternalRealmId>570357960</ExternalRealmId><Objectxsi:type="Account"><Name>CurrentAccount</Name><Active>true</Active><Type>Expense<
/Type><Subtype>Expense</Subtype><AcctNum>1111</AcctNum></Object></Add>
And getting the response (error in html):
<div class="content-container"><fieldset>
<h2>500 - Internal server error.</h2>
<h3>There is a problem with the resource you are looking for, and it cannot be displayed.</h3>
and I have also checked with RESTClient utility, but getting the same above error.
Please note that the same url
(https://services.intuit.com/sb/account/v2/570357960) with same
security tokens is working fine for GET data , I am getting data from
QB desktop into my online Application.
As Keith said, check the Content-Type. You will also need to use a RestClient for testing. The playground will not work for testing API calls. It only works for platform calls.
If I had to guess... I'd guess you're sending the wrong Content-Type header... but it's impossible to tell for sure until you post more code/the rest of your HTTP request.
A few things to try. Be sure the XML is in the same order as this sample and try it.
the other is a common mistake when you use Oauth in a GET you are including just the url in the signature, but in a POST you need to include the Body in the signature too or it will not pass Oauth validation.
Lastly, as Keith mentioned to check the content type. Although you would generally get a content type error.
156234822
CurrentAccount
true
Expense
Expense
1111

I have integrated yahoo into iphone app but i am getting error:400 bad request

I have to access social information for the logged-in user.i have used following link. http://developer.yahoo.com/social/sdk/objectivec
i have used send request method to get user information.
but i am getting following error message
<
?xml version='1.0' encoding='utf-8'?>
<error xmlns='http://yahooapis.com/v1/base.rng'
xml:lang='en'>
<description>400 Bad Request</description>
<detail>400 Error : syntax error, unexpected &apos;(&apos; at "*(*null)"
can any one help me?
thank you in advance.
The Yahoo Web server (running the Web site) thinks that the data stream sent by the client (e.g. your Web browser or our CheckUpDown robot) was 'malformed' i.e. did not respect the HTTP protocol completely. So the Web server was unable to understand the request and process it. so make sure you are sending the well structured request.
Based on your commented:
http://nullinfo.wordpress.com/oauth-yahoo/
http://developer.yahoo.com/oauth/guide/oauth-make-request.html
You should understand how to make request with oauth, first read that and later if you could not succeed, ask again.

curl query to Facebook FQL requires auth?

I used curl to query Facebook's FQL and this happened:
> curl 'https://api.facebook.com/method/fql.query' -d "query=SELECT+now()+FROM+user+WHERE+name='Barry Carter';"
<?xml version="1.0" encoding="UTF-8"?>
<error_response xmlns="http://api.facebook.com/1.0/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://api.facebook.com/1.0/ http://api.facebook.com/1.0/facebook.xsd">
<error_code>102</error_code>
<error_msg>Session key invalid or no longer valid</error_msg>
<request_args list="true">
<arg>
<key>method</key>
<value>fql.query</value>
</arg>
<arg>
<key>query</key>
<value>SELECT now() FROM user WHERE name='Barry Carter';</value>
</arg>
</request_args>
</error_response>
Do I need to authenticate even to find users? On the website, you can
do that sans authentication?
If I do need authentication, how do I get it? I've read
http://developers.facebook.com/docs/authentication but do I need all
that for a simple curl call? If so, what should I do to get an auth
token? Do I need to store cookies/etc (using curl's -b and -c flags?).
This question is similar to
Facebook API - fql_query, Invalid session
but I'm using straight curl, not PHP.
I realize the query should be GET, not POST, but I'm pretty sure that's not the problem.
Yes you'll need to have an auth token for pretty much any query you perform.
It's not that hard to manually acquire one if you're just experimenting. The easiest way to do it manually is to follow the "client-side flow" section of the authentication doc page you linked by navigating to the specified URL in your browser, and use http://www.facebook.com/connect/login_success.html as the target URL (it's just a dummy page on facebook.com, so it is guaranteed to let you through), and then grab the access token from the address bar.