I am trying to send app-generated request using either JS SDK or graph API but I am not successful and desperate. Issue is that when I am sending request to currently logged user, everything is ok, but when I try to send to different user (even this user already authorized my app) I receive OAuth exception "#2 User can't send this request: Unknown error", sometimes "Failed to send any app requests".
My app has Request 2.0 enabled and is authorized with publish_stream, read_stream and user_about_me permissions. Same error messages I described are shown even in Graph API explorer.
Exactly same issue is described here using JS SDK:
Sending an App Generated Request with the JavaScript SDK
... and here using Graph API:
Posting app generated apprequest to other facebook users in Java
Please help.
If you want send a request to a user, you should POST to the Graph API '/user_id/apprequests' using an App Access Token (https://developers.facebook.com/docs/authentication/#applogin). This call is to design to be executed server-side as you don't want to share your App Access Token:
curl -F 'access_token=APP_ACCESS_TOKEN' \
-F 'message=From the app to the user.' \
https://graph.facebook.com/USER_ID/apprequests
The same can be achieve using the User Access Token from the recipient (USER_ID) only:
curl -F 'access_token=USER_ACCESS_TOKEN' \
-F 'message=From the app to the user.' \
https://graph.facebook.com/USER_ID/apprequests
In the JS SDK, if no Access Token field is added, the default Access Token will be of the logged in user. Knowing that, the above call which send the a request to the logged in user, will be:
FB.api('/me/apprequests', 'POST', {message: 'From the app to the user.'});
The first call can also be done with the JS SDK, by adding the App Access Token in the parameters. However, this is a DO NOT USE case as you don't want to share your App Access token client-side.
Related
My project is an AngularJS UI application, we have an CAS authentication system for login and we call /jasperserver-pro/flow.html?_flowId=homeFlow API. This API will redirects to jaspersoft login page and it has jspring_method in API response header.
We have changed CAS to keycloak. I am calling protocol/openid-connect/token post API to get the token. I am getting the access_token .
Which is the right API to send keycloak access_token to jaspersoft server in order to initiate jasper communication.
I read a document it says we have j_spirng_method url but this method is getting from response header of flow.html
Did you try with http://host:port/jasperserver-pro/j_spring_security__check?ticket=access_token
In the installed jasper server if the param name is provided as 'ticket' . Change it accordingly and restart the jasper server.
note : i have only 1 account gmail / channel
im creating page index.html for upload video to youtube with this ref : https://developers.google.com/youtube/v3/code_samples/javascript .
and running well ..
and the problem is : before uploading video , i must login google for auth .. which is the account is based from my browser ..
question : i need auto login / set email + password. (no prompt from google , because i wanna setting this for upload into 1 same channel / 1 account gmail) for index.html.
so, if PC-A , PC-B or PC-C , access http://example.com/index.html .. they can upload video without login with their accounts.
Thanks.
For offline access, you can setup a backend server accessible from PC-A, PC-B & PC-C which will store a refresh_token with the scope https://www.googleapis.com/auth/youtube, check this documentation about OAuth2.0 for Web server. You can test with Oauth 2.0 Playground.
This refresh token will be used to request a new access token. With this access token, you can request Google API such as upload video depending on the scope you specified (in this case https://www.googleapis.com/auth/youtube)
Then, you will have 2 options :
the client request an access token, the server generates one, and send the access token back to the client browser so that it performs request in client side
the client upload video to your server, the server generates an access token (or reuse one) and make the Google API request from server side
Note that the access token periodically expires, when an access token becomes invalid (eg call return status code 401), you have to refresh it, see this
I am trying to get offline access to the outlook calendar from a webview.
(using the authorization_code oauth flow)
currently im doing the following
the javascript website calls the
https://login.microsoftonline.com/common/oauth2/v2.0/authorize
endpoint. Then I set the redirect URI to my spring endpoint.
The spring service is getting a valid code/state, so I assume I did everything correct until now.
Then I am calling the /token endpoint with the following parameters
{
grant_type: authorization_code,
client_id: <client_id>,
client_secret: client_secret,
redirect_uri: <THE SAME AS USED BY AUTHENTICATE>,
scope: https://graph.microsoft.com/mail.read
}
I am getting the following error back:
{
"error" : "invalid_client",
"error_description" : "The OAuth client was not found."
}
I made sure twice that the client secret/id is set correct. I used the microsoft registration portal to create my application, and Web as platform. Live SDK support is also enabled.
https://apps.dev.microsoft.com
Does anyone have suggestions why this doesnt work?
You need to pass back the authorization code you received from the first call in the body of your second call. The following are the parameters you need to pass back:
grant_type - Should be authorization_code
code - The auth code you received
client_id - This is your Application/Client ID
client_secret - This is the Password/Client Secret
scope - This should match the same set of scopes you initial requested
redirect_uri - This is the redirect URI defined in your application registration
Also keep in mind that the POST should encoded as application/x-www-form-urlencoded rather than application/json.
I wrote an primer on the v2 Endpoint that you might find useful here as well.
I want to make a small app that gets some account information from Paypal and shows that in a HTML page. I solely use HTML/CSS and Javascript, I dislike to run the authorization flow on the server for security implications. I don't want to have the token on the server.
I have a working setup now using the OAuth code grant flow provided by Paypal (more here), but as described above, I want to cut the server out of the picture.
There are some methods described in the page I just referenced, but none seem to implicate there is an implicit grant possible.
Is it possible to use Paypal with OAuth implicit grant or something similar?
(The current answers are taking the code grant flow, which was specifically not what I asked for. I know that one exists, but it is bad to use it in this case, so please only answer if you know a method without the need to provide the OAuth secret token to the client.)
If anyone does not understand what is/how works Implicit grant
Of course this is posible with plain Javascript but is not recommendable. Paypal has an endpoint to provide auth tokens:
https://developer.paypal.com/docs/integration/direct/make-your-first-call/#get-an-access-token
Also you will need to obtain user's consent.. When performing the request you should provide redirect_uri param with your webapp url. Usually developers tend to store returned values on the server script that receives that response from paypal. But it is not necessary coz you are able to read javascript global var location which contains all params.
How PayPal uses OAuth 2.0
EDIT:
In order to achieve this you have to do the following steps:
VARIABLES:
APP_CLIENT_ID -> your app's client_id
APP_SECRET -> your app's secret code
APP_RETURN_URL -> default endpoint of your app MUST BE equals to redirect_uri
OPEN_ID -> returned code that allows to create a token for specific customer, also to retrieve info from the user
Asuming that you've created an APP in developer.paypal site to obtain "client_id" and "secret" in order to build an url to redirect the user to paypal login form.
Redirect your customer to:
https://www.[sandbox.]paypal.com/signin/authorize?client_id=APP_CLIENT_ID&response_type=token&scope=openid&redirect_uri=APP_RETURN_URL
Customer will log in its account and produce a openid that it will be sent back to your app through http: 302 redirect to redirect_uri which should be your app.
APP_RETURN_URL?code=OPEN_ID&scope=openid
back in your app you can use that code to perform a request to create a token.. and is up to you:
You're able to retrieve profile data from the user such as address, phone..
request:
curl -v https://api.sandbox.paypal.com/v1/oauth2/token -H "Accept: application/json" -H "Accept-Language: en_US" -H "Authorization: Bearer OPEN_ID" -u "APP_CLIENT_ID:APP_SECRET" -d "grant_type=client_credentials"
response:
{"scope":"https://uri.paypal.com/services/identity/proxyclient https://uri.paypal.com/services/subscriptions https://api.paypal.com/v1/payments/.* https://api.paypal.com/v1/vault/credit-card https://uri.paypal.com/services/applications/webhooks openid https://uri.paypal.com/payments/payouts https://api.paypal.com/v1/vault/credit-card/.* https://uri.paypal.com/services/identity/grantdelegation","nonce":"2017-05-05T14:33:28Z488Zx8aUM1aSVo_wpq8IOecfccJMHptR1PVO2OpWcbA","access_token":"A21AAHZCMP5vBuLMzz2m78DJGZhhpmu854amEVEO5WOavfk1GlNl_gmjSi01_69tJLRi5N_6pT-3GpRqZ81_pD1qKIAGANHMQ","token_type":"Bearer","app_id":"APP-80W284485P519543T","expires_in":32400}
Then you're able to follow this: https://developer.paypal.com/docs/integration/direct/make-your-first-call/#make-an-api-call
I am trying to do Facebook authentication in same window of my web application's login page.
I am using following code when user clicked login button to go to authentication page.
function loginUsingOAUTH()
{
top.location = 'https://graph.facebook.com/oauth/authorize?client_id=839846246064537&scope=email&redirect_uri=http://www.olcayertas.com/testqa/result.html';
}
1) After authentication Facebook redirects me to my redirect url and returns a parameter "code".
At this point I want to access Facebook user information but I don't know how to do that.
What is this "code" parameter for?
2) Is there any other way to access user information?
3) Do you have any other advice facebook authentication with same window login?
Thank you in advance for your help
When you get the code you should make a server side request to get an access token and than pass the access token to user. It is explained in Facebook Developer page:
Exchanging code for an access token
To get an access token, make an HTTP GET request to the following
OAuth endpoint:
GET https://graph.facebook.com/v2.3/oauth/access_token?
client_id={app-id}
&redirect_uri={redirect-uri}
&client_secret={app-secret}
&code={code-parameter}
This endpoint has some required parameters:
client_id. Your app's IDs
redirect_uri. This argument is required and must be the same as the original request_uri that you used when starting the OAuth login
process.
client_secret. Your unique app secret, shown on the App Dashboard. This app secret should never be included in client-side code or in
binaries that could be decompiled. It is extremely important that it
remains completely secret as it is the core of the security of your
app and all the people using it.
code. The parameter received from the Login Dialog redirect above.
Response
The response you will receive from this endpoint will be returned in
JSON format and, if successful, is
{“access_token”: <access-token>, “token_type”:<type>, “expires_in”:<seconds-til-expiration>}
If it is not successful, you will receive an explanatory error
message.