Today, after we migrated to the new members permissions api, everything goes wrong.
Im using the cosumer key and secret that i've got from the linkedin api dashboard itself with the oauth token and secret as well.
There is 3 kind of problems that keeps on coming:
first one:
{"errorCode": 0,"message": "Could not find person based on: ~","requestId": "7GPT96SW3C","status": 404,"timestamp": 1369827647671}
second:
<error><status>401</status><timestamp>1369826490661</timestamp><request-id>ZYWPUD43G3</request-id><error-code>0</error-code><message>[unauthorized]. The token used in the OAuth request is not valid. ******</message></error>
third:
com.linkedin.anet.auth.pub.ANetAuthException: other: anetID=*****
has anyone got some of these too? if yes, so how did you solved them?
thanks!
Once you have authenticated the user, you no longer need to make the access token calls - simply store the access token and reuse that for the subsequent requests.
Check are you sending a request once or twice for authentication, there may be the case your token getting replaced by another request.
I've gotten the "401<" and fixed it by correcting the URL which I was formatting incorrectly and consequently requesting a resource that did not exists (reported as unauthorized). You probably have the same issue with your 404 error. Can you please post the specific URLs you are using. That would give a little more insight. Also, make sure that you are not passing params via GET when you should be passing them via POST and that all your POST requests are via HTTPS
Related
I have a problem setting up simple single sign on with Azure AD for our pHp website. The app is registered in azure and I have all the necessary details like Client ID, secret, tenant.
My requirement is to get authorized and also pull back the user's employee id, name and email id. I am working on single sign on for the first time, and need some help on this.
While creating the authorization URL, I am requesting for code, which is right according to the Azure documentation. I am successfully able to retrieve the code after authorization. However, I am not able to request id_token along with code as response_type=code+id_token, which should be possible. I could trace the URL flow and extract the id_token field manually. If I do this, I am prompted with the logon and MFA. But the response goes into infinite loop by just prompting with infinite number of MFA pings on my phone. This is weird, my program has a check to redirect on code response, which doesn't seem to work. I have tried using session_id cookie too, which has the same behavior.
If I just choose code as response type and request for id_token using token granting URL, I don't get any response back. Its blank or null but no errors.
Can you please help suggest if I am making a mistake. Is my method right or wrong to request code first and token next. How can I successfully retrieve id_token.
Just summary the comment into reply to help others who have the same problem.
response_mode: Specifies the method that should be used to send the resulting authorization code back to your app. Can be form_post or fragment. For web applications, we recommend using response_mode=form_post, to ensure the most secure transfer of tokens to your application.
If you want to use code + id_token in the response_type,you should be using OIDC Hybrid Flow.
However, if you just use code in the response_type, you should be using Authorization Code flow.
For more details, you could refer to this SO thread.
I made a oauth2 server, and now I want to make c client using symfony2 to connect to it (when I click login, I'm redirected on the site with oauth2 server, I login, then I'm redirected to my client with the token).
I followed this: http://symfony.com/doc/current/cookbook/security/api_key_authentication.html
The problem is whem they retrieve the apikey. If I decide to use implicit grant with oauth2, the token is sent like that: example.com/#token
So I can't retrieve it with query->get.
If I send the code it's fine, but when I tried to curl my server somehow it broke (yeah, not specific error, still looking into it)
So I was wondering, is this the proper way of doing it?
Also, when they write about he specific url, why would I need one, if I can check everywhere?
Thanks :)
you can get your token like this in php :
For known url if you have your url with the hash, this part after # is called fragment.
$url=parse_url($yoururl);
echo $url["fragment"];
if you don't have this url in your backend, you need some javascript magic :
var token = window.location.hash;
then send it to your backend.
Maybe there is some other more symfonyc way to do this properly, but i never used oauth2 yet.. :D
I have created an app, and now i want to post a message on one of my pages wall with use of the new Graph API. Is this do-able?
below is the steps which i do
Using this to Get access code
https://www.facebook.com/dialog/oauth?client_id=1498653617947&redirect_uri=https://apps.facebook.com/post_on__my_page/index2.html&scope=email,read_stream,publish_stream,manage_pages,offline_access
Than use this to get access token
https://graph.facebook.com/oauth/access_token?client_id=1498653617947&redirect_uri=https://apps.facebook.com/post_on__my_page/index2.html&client_secret=seceret&code=AQDCqJNJnCvnFKVdbCyTp2vfzbT0ADbNgYsQ_2YtDdC_O2aIOwvkjx52HNcp3uiuBANJqOhb_M2sptB-lRrIECZxi5kZpzljez1J1oOtTp25gTnNDmV-RCVvR97DMiRAprNtwUBcstAotjsyYo5cNwJCWnkcgNigwhbQtE5Jp22sluVcZKhnO43cWQE#_=_
Now get page id and page access token from below
https://graph.facebook.com/me/accounts/?access_token=the_access_token_above
*use this to post on my page *
https://graph.facebook.com/1916117518646/feed?message:testmessage&access_token=aceess_token
any one please explain which point is wrong because instead of posting is just show posts details
i found that some thing wrong in this below code any one please suggest what and how to do
https://graph.facebook.com/1916117518646/feed?message:testmessage&access_token=aceess_token
I always highly suggest to people experimenting around for the first time to use the Graph API Explorer tool. It helps solidify the structure of the Graph and how to access it. See https://developers.facebook.com/tools/explorer
Another thing I always recommend is to lint the access_token you are trying to use. See https://developers.facebook.com/tools/lint. This is to ensure you have the right token with the correct permissions.
Also the access_token you use to post to a page must be a page token and not a user token. In your above example, it's unclear as to which one you're using since you've named both the same. I know you said you're using it, but with that variable name being the same, I always wonder.
Also the you need to do an HTTP Post and not an HTTP get to post a message. Again, play around in the graph API explorer until you can do it there. Once you've done it there, it's fairly trivial to do it with one of the SDKs.
You need to perform POST request, not GET, and pass parameters in POST body, not in the url
http://developers.facebook.com/docs/reference/api/user/#posts
http://facebook.stackoverflow.com/questions/691425/how-do-you-post-to-the-wall-on-a-facebook-page-not-profile
I'm using Facebook's PHP SDK, and it's been great so far. However, I have a weird issue on one page. On this page, I make a call to the graph API, then later a call using FQL. On the second call, however, I get an "Invalid OAuth 2.0 Access Token" exception. Why would the token become invalid while the first call worked? I also use FQL (same exact query/code) elsewhere in my site, and it works just fine. Does anyone know what would cause this?
Update: First call is a graph call (/me?fields=email).. second is querying for current user's affiliation, if that helps.
Could be one of several things, but if I had to hazard a guess, I'd say that you're trying to access something out-of-session, and your oauth token doesn't include the offline_access permission for the resource being accessed.
Perhaps some more detail about the nature of your API calls/FQL queries would help us narrow it down.
Hope this doesn't get too complicated. :) thing is..
I'm trying to make my PHP code post notes to Google Buzz using OAuth as authentication mechanism. I'm doing the typical "OAuth dance" (get request token, authorise it, exchange for access token), but i've ran into some problems that seem to be on Google's side. Hope i'm wrong - it would be much easier to fix. :)
To get to the point - oauth_callback parameter doesn't seem to get passed to the authorization form. Authorization URI i'm redirecting to is like:
https://www.google.com/buzz/api/auth/OAuthAuthorizeToken
?domain=<my.domain>
&scope=<urlencode(https://www.googleapis.com/auth/buzz)>
&oauth_token=<request_token>
&oauth_callback=<my.domain/callback>
When redirected, client is asked to authorize site to read/write from/to Buzz. If accepted, Google asks again (but in different form) to allow access to .. after allowing for second time, success message is shown, but it doesn't return any tokens to my site, not redirecting to oauth_callback uri.
Workaround i found is to manually add form field 'oauth_callback=' trough firebug/chrome inspector, and then, after these two confirmations it redirects to my site and i can extract authorized token from response, and exchange it for access token. If i use 'standard' Google's authorization endpoint, i get redirected correctly (one confirmation only), but then the access token i get after that is invalid for Buzz.
So, am i wrong or google?! :D I've implemented OAuth for cooperation with some other services (Facebook, MySpace..) but i've never had this much trouble.
ok, when i got on the problem next morning, with (partially) fresh eyes, solution was pretty easy (but still undocumented).. :) in case anybody else needs answer - oauth_callback parameter should be specified when requesting request token.