I have a problem with api to reddit. I tried to use php sdk https://github.com/jcleblanc/reddit-php-sdk, but for each method from API, I receive message:
403 Request forbidden by administrative rules reddit. I think is i problem with access_token, but I used the one that the returned API. I tried with tutorial from https://www.reddit.com/r/redditdev/comments/197x36/using_oauth_to_send_valid_requests/c8lz57u, but in step 6 I get same error 403. I obtained the access_token in step 6.
Response in step 6 is:
{"access_token": "DhiI6vzq86UlCjTIl80u5pCEZ6A", "token_type": "bearer", "expires_in": 3600, "scope": "edit,flair,history,identity,modconfig,modflair,modlog,modposts,modwiki,mysubreddits,privatemessages,read,report,save,submit,subscribe,vote,wikiedit,wikiread"}
Authentication is ok, but I can not call any method from API.
Can someone help me with some advice?
Related
My auth URL:
https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id={{app_client_id}}&scope=User.Read Sites.Read.All files.read files.read.all files.readwrite files.readwrite.all offline_access&response_type=code&redirect_uri=https://yourdomain/sharepoint-response
Using that URL, I get this response code
POST : https://login.microsoftonline.com/common/oauth2/token
body : "client_id="{{app_client_id}}"&redirect_uri="https://yourdomain/sharepoint-response"&client_secret="{{app_client_secret}}"&code="{{code from above url}}"&grant_type=authorization_code";
getting token
Then I follow all steps from https://learn.microsoft.com/en-us/sharepoint/dev/apis/webhooks/lists/create-subscription
Now I get:
"error_description" => "Invalid issuer or signature."
If you are using Azure AD try replacing grant_type=authorization_code with grant_type=client_credentials in the URL when you call the SharePoint API.
I needed the client_credentials grant_type because I'm using an Azure AD Application with Sites.Manage.All API permission which always needs client_credentials because it's an application type permission and not a delegated type.
If you want to use user login you will need to set delegated permissions.
Firstly, this is my Instagram URL after the login:
https://www.instagram.com/oauth/authorize?client_id=$MYCLİENTİD&redirect_uri=https://localhost:4000/İnstagram/Insta.php/&response_type=code&scope=user_profile,user_media
And this is the error that page shows me:
{"error_type": "OAuthException", "code": 400, "error_message": "Invalid redirect_uri"}
When I try to get user token from Instagram, I get that error.
I've tried to change the redirect_uri=(Valid OAuth Redirect URIs), but the error is the same as before.
I could not find this documented anywhere, but through trial and error, I found that the redirect_uri had to:
Use https
Be publicly accessible (e.g. localhost and specifying a port number won't work)
Not include parameters (I found they were getting stripped out, which would cause a redirect_uri mismatch when I later requested an access token)
I had the same problem and I solved it as following:
I first went here:
(remember to change your instagram app id in the below URL)
https://developers.facebook.com/apps/your_instagram_app_id/instagram-basic-display/basic-display/
Then I set my Client OAuth Settings, Deauthorize and Data Deletion Requests as "https://localhost:3000/".
That worked for me.
Actually, for me, it was because my URI was not exactly the same as requested by the app. I forgot to add "/" at the end.
Go to https://developers.facebook.com/apps/APP_ID/instagram-basic-display/basic-display/ -> Client OAuth Settings and put there not just https://localhost:5000, but exact authentication endpoint used in your application (https://localhost:5000/auth or else)
Actually, it does work with localhost, but it is very tedious.
First, you need to have https enabled (which from what I can see from your request you seem to have).
[I don't know if this is mandatory] you need to create a test app* from your main app (https://developers.facebook.com/docs/development/build-and-test/test-apps/)
Set the redirect OAuth URI to something like https://localhost:4000/auth/ and update also all other URIs in .../instagram-basic-display/basic-display/ settings.
Finally, don't forget to use the client-id(or app-id) of the test app in your request, which is different than your parent app
I wish you good luck ;)
*IMPORTANT: app-id and app-secret are different in test app!
As per documentation
Construct the Authorization Window URL below, replacing {app-id} with
your Instagram app’s ID (from the App Dashboard > Products > Instagram
Basic Display > Instagram App ID field) and {redirect-uri} with your website URL that you provided in Step 2 ("Valid OAuth Redirect URIs").
The URL must be exactly the same.
Syntax & Example as below
https://api.instagram.com/oauth/authorize?client_id=<instagram_app_id>&redirect_uri=<my-website>&scope=user_profile,user_media&response_type=code
https://api.instagram.com/oauth/authorize?client_id=00000123&redirect_uri=https://aashutosh-kumar.herokuapp.com/&scope=user_profile,user_media&response_type=code
I'm trying to implement Authorization from the Spotify Web API.
I'm using Postman to review the requests. At the first step of the Authorization process, I don't get the desired response.
I'm using GET https://accounts.spotify.com/authorize endpoint with 3 parameters:
client_id, response_type and redirect_uri , but so far I get the following response:
{
"phoneFeatureEnabled": false,
"user": false,
"BON": [
"0",
"0",
220165699
]
}
MY callback redirect uri should have code appended to it and is contain the params - status and code, but all I'm getting is this:
Make sure you are passing the redirect_uri to the request as that is required. It looks like in your screenshot it is blank but you may have commented it out for security reasons. If you are passing it through and it is the same url setup in the Spotify developer portal, try the same url in your browser and it should redirect you to a Spotify Authorization page.
Under Authorization Code Flow it lists all required parameters here: https://developer.spotify.com/documentation/general/guides/authorization-guide/
I had an implementation of OAuth working with Fitbit to pull data from fitbit's service. However they recently updated their service and now the request is failing whenever I try to get an access token.
They have made the following statement about the new requirement:
The solution is to OAuth sign the requests to <https://api.fitbit.com/oauth/request_token> and <https://api.fitbit.com/oauth/access_token> in a similar manner that all other calls to the Fitbit API are signed.
Requests to <https://api.fitbit.com/oauth/request_token> need to be signed with your application's consumer key and secret.
Requests to <https://api.fitbit.com/oauth/access_token> need to be signed with your application's consumer key and secret and the oauth_token and oauth_verifier received from the authorization callback.
I am using the PHP PECL OAuth library for OAuth requests. However I can't find a way to add additional parameters to the signature. I am trying the following but I'm not sure that this is the correct way to update the OAuth Signature:
$params['consumer_key'] = $this->consumer_key;
$params['consumer_secret'] = $this->consumer_secret;
$params['oauth_token'] = $this->oauth_token;
$params['oauth_verifier'] = $_REQUEST['oauth_verifier'];
$this->signature = $this->oauth->generateSignature('GET', $this->access_url, $params);
$this->access_token = $this->oauth->getAccessToken($this->access_url, $this->signature, $_REQUEST['oauth_verifier']);
The OAuth error I get is:
401
Invalid auth/bad request (got a 401, expected HTTP/1.1 20X or a redirect)
oauthoauth_signatureInvalid signature: FfvYDv5MSOfwcOwLZBJa0TlKS4Q=false
The signature which is stored from the code above shows that the proper signature should be:
[signature] => wlfzqPs4aEkTkHfqyaO65D/RW6o=
This is the "Headers Sent" piece of the debug information:
[headers_sent] => Authorization: OAuth oauth_session_handle="Frdnxw8oHe3BgNVi0Fy4jBXrZko%3D",
oauth_verifier="ss6nmke8elf3so66jg3auued49",
oauth_consumer_key="(my key)",
oauth_signature_method="HMAC-SHA1",
oauth_nonce="30463910852ea5cc2d04e60.71895372",
oauth_timestamp="1391090882",
oauth_version="1.0",
oauth_token="2cabd6beab341e332bdf8e522b6019ef",
oauth_signature="hULwWcQOl%2F8aYjh0YjR843iVXtA%3D"
I can't find anything in the documentation which explains how I can set the signature for OAuth to use with it's request. Any Help would be greatly appreciated!!!
Please let me know if you need more information!
I have found the issue.
It turns out I was not saving the oauth_token_secret being handed back and I was instead using the consumer secret.
Once I updated this, the process ran as expected.
Hi i am using Google Gdata Api in php. I am getting an error
"Error: Expected response code 200,
got 403 Token invalid - AuthSub token
has wrong scope".
What should i do. What's the solution.
You're likely using a wrong base url for your queries.
The correct base url for the Picasa Web Albums is http://picasaweb.google.com/data/