I'm getting this below exception while running the script after redeployment.Earlier it was working fine but when I added some new functions and redeployed it as API executable., started getting this error.
[17-07-08 20:48:45:404 PDT] {
"error": {
"code": 401,
"message": "ScriptError",
"status": "UNAUTHENTICATED",
"details": [
{
"#type": "type.googleapis.com/google.apps.script.v1.ExecutionError",
"errorMessage": "Authorization is required to perform that action.",
"errorType": "ScriptError"
}
]
}
}
Your OAuth scopes have probably changed. Your client needs to add these new scopes and request a new token with them.
Related
I Try to create new converation and send proactive message with teams bot (botfreamwork).
I used this document to do that.
I POST to : SERVICE_URL/v3/conversations/
BODY:
{
"bot": {
"id": BOT_ID
},
"members": [
{
"id": USER_ID
}
],
"channelData": {
"tenant": {
"id": TENANT_ID
}
}
}
BOT_ID - I put the app id of the bot (with a prefix of "28:")
USERֹ_ID - I copied the USER_ID from a message I received from the user (not in a proactive message)
TENANT_ID - I took the tenant id from the link of the teams
I get this error:
{
"error": {
"code": "BadSyntax",
"message": "Invalid user identity in provided tenant"
}
}
I made several attempts to change the user ID: I changed to a user that appears in ADD, I changed with a prefix of 29: and without a prefix of 29: - nothing helped, this error continues to appear.
What am I missing?
i just started working with bigcommrce payment API and unable to solve the error 401 unauthorized.
here is the sample data i have tried
{
"payment": {
"instrument": {},
"payment_method_id": "cod",
"amount": 81,
"currency_code": "PKR"
}
}
and
{
"payment": {
"instrument": {
"type": "card",
"number": "4111111111111111",
"cardholder_name": "BP",
"expiry_month": 12,
"expiry_year": 2020,
"verification_value": "411"
},
"payment_method_id": "authorizenet.card",
"save_instrument": true
}
}
but still getting the response of 401
I have set the authorization token (Payment Access Token) already with the other two headers.
One likely cause of a 401 is the formatting of the payment access token header. It needs to be:
Authorization: PAT token.goes.here, with PAT in all caps and a space between the word PAT and the token. Hope that helps!
I'm working on request error handling in a node.js server application. I have defined a callback function handling these errors:
app.use(function errorHandler(err, req, res, next) {
res.send(err, {status: err, message: 'error'});
}
);
which is fine for me as a developer, as it prints a stack trace like this:
{
"status": {
"stack": "Error\\\n at MongooseError.ValidationError (/home/osboxes/skipodium_rest_server/node_modules/mongoose/lib/error/validation.js:22:16)\\\n at model.Document.invalidate (/home/osboxes/skipodium_rest_server/node_modules/mongoose/lib/document.js:1216:32)\\\n at /home/osboxes/skipodium_rest_server/node_modules/mongoose/lib/document.js:1090:18\\\n at validate (/home/osboxes/skipodium_rest_server/node_modules/mongoose/lib/schematype.js:653:7)\\\n at /home/osboxes/skipodium_rest_server/node_modules/mongoose/lib/schematype.js:681:9\\\n at Array.forEach (native)\\\n at SchemaString.SchemaType.doValidate (/home/osboxes/skipodium_rest_server/node_modules/mongoose/lib/schematype.js:658:19)\\\n at /home/osboxes/skipodium_rest_server/node_modules/mongoose/lib/document.js:1088:11\\\n at process._tickCallback (node.js:415:13)",
"message": "User validation failed",
"name": "ValidationError",
"errors": {
"email": {
"properties": {
"regexp": {},
"type": "regexp",
"message": "Path `{PATH}` is invalid ({VALUE}).",
"path": "email",
"value": "test#exa#mple.com"
},
"stack": "Error\\\n at MongooseError.ValidatorError (/home/osboxes/skipodium_rest_server/node_modules/mongoose/lib/error/validator.js:25:16)\\\n at validate (/home/osboxes/skipodium_rest_server/node_modules/mongoose/lib/schematype.js:652:13)\\\n at /home/osboxes/skipodium_rest_server/node_modules/mongoose/lib/schematype.js:681:9\\\n at Array.forEach (native)\\\n at SchemaString.SchemaType.doValidate (/home/osboxes/skipodium_rest_server/node_modules/mongoose/lib/schematype.js:658:19)\\\n at /home/osboxes/skipodium_rest_server/node_modules/mongoose/lib/document.js:1088:11\\\n at process._tickCallback (node.js:415:13)",
"message": "Path `email` is invalid (test#exa#mple.com).",
"name": "ValidatorError",
"kind": "regexp",
"path": "email",
"value": "test#exa#mple.com"
}
}
},
"message": "error"
}
However, I'd like to display it in a neat, user-friendly format for the production version, without leaking the entire stack trace. Now I could specify the error status and message in every request handling function, but there is still specific information, like above, that the entered email is invalid, and I don't feel like typing it by hand for every single field that is checked by validator. Is there any existing boilerplate that will do the job for me?
Mongoose validation errors are a pain to handle. My general approach is to only take the first error (let the user deal with one at a time) and send the path and message since the rest won't really contribute much additional meaning to a non-developer.
first = err.errors[Object.keys(err.errors)[0]]
res.send({
path: first.path,
message: first.message
});
I'd also recommend having a custom API-style error format that you stick with for all of your errors- it will make maintainability much easier.
I have a set of pre-defined error templates that I rely on- here's one.
// If the client missed a required parameter
exports.missingParam = function (res, domain, param) {
res.status(400).send({
status: "failed",
errors: [
{
status: "400",
domain: domain,
reason: "required",
message: "Required parameter: "+param,
locationType: "parameter",
location: param
}
]
});
}
I'm working on custom OAuth2 Authorization Server (old initial version # https://github.com/gvaduha/OAuth2CppLib) that compliant with RFC6749 and would like to use hello.js for one-page clients. What I've done to start with it:
created src/modules/myoauth.js
(function(hello){
hello.init({
myoauth : {
name : 'myoauth',
oauth : {
version : 2,
auth : 'https://localhost/oauth2/authorize',
grant : 'https://localhost/oauth2/token'
},
refresh : false,
scope : {
basic : 'profile'
},
scope_delim : ' ',
base : 'https://localhost/',
get : {
"me" : "profile"
},
}
});
})(hello);
added provider to demos/client_ids.js
var CLIENT_IDS = {
myoauth : 'OAuthTestClientId',
windows : WINDOWS_CLIENT_ID,
google : GOOGLE_CLIENT_ID,
facebook : FACEBOOK_CLIENT_ID
};
added following lines to demos/login-events.html
<button onclick="login('myoauth')">Login myoauth</button>
<script src="../src/modules/myoauth.js"></script>
But all this for nothing. When I click login page following my server authentication then authorization then page reply with 302 redirect to
http://localhost/xxx/redirect.html#token_type=Bearer&access_token=XkGxfTVZWgdFuXTuc64du8DK375JurgOT2CDqv0QGd&expires_in=3600&
and when I closing popup page says
callback:{
"error": {
"code": "cancelled",
"message": "Login has been cancelled"
},
"network": "myoauth"
}auth:{
"error": {
"code": "cancelled",
"message": "Login has been cancelled"
},
"network": "myoauth"
}auth.failed:{
"error": {
"code": "cancelled",
"message": "Login has been cancelled"
},
"network": "myoauth"
}
What have I done wrong? BTW: Google works correct when I've changed it's id to point to my registered application client.
The OAuth2 response does not appear to maintain the 'state' URI parameter in your example given.
I am trying to access some google APIs from my javascript client using Oauth2. I've succeeded in getting the user to authenticate requests, but there's some unexpected behaviour when running the code below that'd I'd like to understand. When I click the 'authorize' button the first time, the result is:
'[ { "error": { "code": 401, "message": "Login Required", "data": [ { "domain": "global", "reason": "required", "message": "Login Required", "locationType": "header", "location": "Authorization" } ] }, "id": "gapiRpc" } ] '
on the second click the result is
[ { "id": "gapiRpc", "result": { "id": "1115793426680xxxx", "email": "xxxxx#gmail.com", "verified_email": true } } ]
here is the code for the page I am testing
<div id='sign in'>
<button onclick="init();">Authorize</button>
</div>
<p id="output">hello</p>
<script type="text/javascript">
function init() {
document.getElementById('output').innerHTML='loading oauth2 api'
gapi.client.load('oauth2', 'v2', auth);
}
function auth() {
var config = {
client_id: '2264xxxxx-odt0g7jn8vspa3ot9ogjxxxxxxxxx.apps.googleusercontent.com',
scope: 'https://www.googleapis.com/auth/userinfo.email',
immediate:true
};
document.getElementById('output').innerHTML='authorizing'
gapi.auth.authorize(config, authed());
}
function authed() {
document.getElementById('output').innerHTML='authorized'
var request = gapi.client.oauth2.userinfo.get().execute(
function(resp, raw) {
document.getElementById('output').innerHTML=raw
}
);
}
</script>
<script src="https://apis.google.com/js/client.js"></script>
<!--<script src="https://apis.google.com/js/client.js?onload=init"></script>-->
Could you please explain why I would get a 'login required' on the first execution of the code and a successful authentication on the second execution?
Due to the parentheses immediately after "authed" in the call to gapi.auth.authorize, the authed() callback is run immediately, prior to the call to gapi.auth.authorize.
Also, in your authed() handler you need to check to see whether the authorization check with immediate: true succeeded; for more details, see the reference documentation here:
https://developers.google.com/api-client-library/javascript/reference/referencedocs#gapiauthauthorize
Also refer to the section on pop-up blocking here:
https://developers.google.com/api-client-library/javascript/features/authentication#popup
When the "immediate" authorization fails, the authed callback will be invoked with a null token object, or a token object containing an "error" field; in these cases you need to present a user interface element the user can click which will re-run the gapi.auth.authorize call but with "immediate" set to false (or omitted). This allows the authorization pop-up to be opened without running afoul of your browser's pop-up blocker.