My web app in importing Evernote notebooks of a user to visualize them as a network.
Everything works fine with a sandbox version, but once I try to do it on the production server, when I do
noteStore.listNotebooks
I get the following err:
{ errorCode: 8,
message: 'authenticationToken',
rateLimitDuration: null }
You can see the code on https://github.com/noduslabs/infranodus/blob/evernote/routes/imports.js#L428
My developer API is activated on the main server (at least I requested it a few months ago and received a confirmation of that). My developer API username is infranodus.
ALso, the oAuthAccessToken also seems to be obtained and transmitted inside my app.
Could you please tell me why this error pops up and how can I extract the notebook list – both private and public ones for the user?
Thank you for your help!
How did you get the token ? Is it a dev token or an oauth one ?
In both cases make sure that they were issued by the production server and not the sandbox one (i.e. you can't use a sandbox token in production environment).
If it's a prod token, I'd suggest to open a support ticket asking the Evernote team to check your credentials : https://dev.evernote.com/support/ (manage an api key)
Another suggestion : get a prod token (https://www.evernote.com/api/DeveloperToken.action) and use it instead of your oauth token. If it works then you have a problem with your API key (and you should open a support ticket as suggested above). If it does not work then there's an issue with your code.
Related
I'm implementing social login on my website.
I was able to implement the "One tap" flow, but I need to have an alternative to handle the "cooldown" which prevents the popup from appearing, if the user blocked it or closed it.
So I followed the "Authorization" flow on Google documentation.
Until yesterday morning everything was working fine and I succesfully exchanged the code with a token by calling
https://oauth2.googleapis.com/token
or
https://accounts.google.com/o/oauth2/token
sending secret and everything.
In a first instance I used Postman, then I made a sample code in a Spring project, before preparing the final code in another Spring project.
The first run in the final project I started getting a 400 error, with the redirect_uri_mismatch error key.
And then I was never able to do the exchange anymore, I get the same error from Postman as well.
The config is correct (It never changed from when it was working).
How can I solve this??
Here's some code
FRONTEND
this.client = google.accounts.oauth2.initCodeClient({
client_id: this.clientId,
scope: "openid profile email",
ux_mode: "popup",
redirect_uri: this.redirectUri,
callback: (response) => {
debugger;
this.submitFakeForm({
clientId: this.clientId,
code: response.code
});
}
});
this.client.requestCode();
POSTMAN PARAMS
this.redirectUri is identical to the one passed here and set up on Google credentials
FOR THE MOST SKEPTICAL, THE AUTHORIZED REDIRECTS :)
They're repeated in couples, because one is for local development, one is for the integration environment.
And of course the production config is on another credential.
Nowhere in the docs is this, but I came across this answer here on stackoverflow and it's basically suggesting not to pass the real redirect_uri, but to use a fixed string postmessage.
I want to point up again that I was using the real redirect_uri yesterday and it worked.
I will do some tests again in the future and update here if something changes.
For now just know that using postmessage fixed the issue for me
also I will be using https://oauth2.googleapis.com/token as endpoint, since it's the one mentioned in the (awful) docs, although https://accounts.google.com/o/oauth2/token works just as well.
After months of developing a Web App under Firebase suddenly these days we have a problem with the Authentication, it returns this console.alert only with Facebook and google login (email/pass login works fine):
[firebase-auth] Info: The current domain is not authorized for OAuth
operations. This will prevent signInWithPopup, signInWithRedirect,
linkWithPopup and linkWithRedirect from working. Add your domain
(front.qualify.mx) to the OAuth redirect domains list in the Firebase
console -> Auth section -> Sign in method tab.
The App uses 3 different sub-domains, and in all 3 we can access over email/pass but not Facebook nor google.
We tried updating the Firebase initialization script, nothing. We have checked the API keys (in the Google APIs Credentials) and there was a new "Server key (auto created by Google Service)" which no one told us it was generated (Jan. 18th), so we edited it to include the domains as the original API key in different ways (w/wo * and /*), nothing. We deleted this new Server Key, suddenly something different, now the console includes a 403 error before the alert stated above and returns auth/timeout code inside the object.
We also found the Identity Toolkit API has detected many errors, so we tried to add the URLs for login, logout and email, but nothing happens when trying to save.
What are we missing?
The solution was adding my-app.firebaseapp.com (being my-app the unique identifier of our Firebase App) to the HTTP referrers in the Browser-Key Credentials from the Google APIs console and wait some time to propagate.
After many months of development the app never had a problem, and we are sure we never removed such referrer (if it was ever there).
Anyway... it's done and learned.
The simple way I was able to solve this issue I had with my ionic project was by following the instructions in the log, if you don't see any message try console log the response from firebase.
So what I simply did was follow the url: https://console.developers.google.com/apis/api/identitytoolkit.googleapis.com/overview?project='projectId'
*projectId = the Id of your project
and enable the Identity API something it brought up. Finish, and it worked instantly.
I have some strange problem with onedrive explorer:
https://github.com/OneDrive/onedrive-explorer-js
I have configured my app credentials, have added the permissions:
Files.Read
Files.Read.All
offline_access
profile
Sites.Read.All
User.Read
and get this error:
https://graph.microsoft.com/v1.0/me/drive/root?expand=thumbnails,children(expand=thumbnails(select=large))
502
Bad Gateway
additional error text:
Unable to retrieve user's mysite URL.
I have tried with 3 different accounts.
Additionally, on graph explorer I have an error :
Must be authenticated to use '/drive' syntax (It gives my profile details and nothing else) from -
https://developer.microsoft.com/en-us/graph/graph-explorer
Can somebody let me know what could be the problem?
Thank you !
Problem is in the azure subscription, not in any of the accounts. I have created new subscription and all is fine. Seems that this use case or test cannot be done for free.
Thanks for the collaboration :)
I've used the v1 of the Dribbble's API to show all my shots on my portfolio page. It requires the Client Access Token and nothing more. A few days ago I updated Client Access Token and got the error which says that v1 API is deprecated and I must use the v2. I read the documentaion and didn't find any approaches to use the API without OAuth 2.
Is it possible to use updated Dribbble's API without OAuth 2? According to the docs I can't show shots in my portfolio as I did before.
You will need to use OAuth and if you notice v1 will be deprecated come March 2018. At first I was somewhat confused by v2 documentation in obtaining an access token but after spending a little time experimenting I was able to figure out how to get an access token.
First you will need to Register Application. Do note what you put in the Callback URL because it's important later.
For example, my callback url is http://grim.com
Referencing OAuth on my Mac in the terminal I ran a curl:
curl GET https://dribbble.com/oauth/authorize?client_id=CLIENT_ID_FROM_APPLICATION
After running the curl I copied the link returned from the response and ran open URL which in the browser I was prompted a sign in. After sign in I was asked if I wanted accept, then I was redirected to the Callback URL. In the browser copy the last part of the code from the redirect, the URL will look like this:
http://grim.com?code=sadhjsahdjksahdjsahdjsahdkjsa
After copying the code (?code=sadhjsahdjksahdjsahdjsahdkjsa) I opened Postman and changed it to Post from Get.
I passed:
https://dribbble.com/oauth/token?client_id=CLIENT_ID&client_secret=CLIENT_SECRET&code=sadhjsahdjksahdjsahdjsahdkjsa
I was returned:
{
"access_token":"1323213h23h2131j2h3jk12",
"token_type":"bearer",
"scope":"public",
"created_at":13211421
}
Using the token in the terminal we can do:
curl "https://api.dribbble.com/v2/user?access_token=1323213h23h2131j2h3jk12"
and a return of the user should be in the terminal. There might be a better solution out there but hope this helps.
I'm using the official Dropbox JS library in a Node.js server. It only ever needs to authenticate as a single user, and it can't go through the whole OAUTH browser setup every time the server starts. I am attempting to write an auth driver that pretends to be like the NodeServer driver, but runs the callback straight away with a code that always stays the same.
Here's what I've got (it's coffeescript, but you get the idea):
myAuthDriver = {
authType: -> return "code"
url: -> return "http://localhost:8912/oauth_callback" # What the url would be if I were using NodeServer
doAuthorize: (authUrl_s, stateParam, client, callback) ->
authUrl = url.parse(authUrl_s, true)
callback({
code: "[a code I just got using the NodeServer driver]"
state: authUrl.query.state
})
}
Running authenticate with this driver set causes this error:
Dropbox OAuth error invalid_grant :: given "code" is not valid
The docs say that this should only occur with a broken auth driver (but it doesn't give any ideas for fixing it).
Does anyone with more knowledge of OAUTH or Dropbox know what's wrong here?
Note: I've found in several places online that Dropbox OAUTH codes never expire
Once you have an OAuth 2 access token, you can just do var client = new Dropbox.Client({token: '<your token>'});. No need for an auth driver at all.
(If you want an easy way to get an access token, consider using https://dbxoauth2.site44.com.)