I am trying to get the status of Paytm transaction
but the response which I am getting from the Paytm server is always this TXN_FAILURE
Anyone please help me what mistake I am doing here
I am using correct order_id and mid
You can check Transaction Status API on our Paytm Developer portal which should work. Please find a sample curl request for the same
curl -X POST 'https://securegw-stage.paytm.in/v3/order/status'
--header 'Content-Type: application/json'
--data '{"body":{"mid":"{mid}","orderId":"{order-id}"},"head":{"signature":"{signature}"}}'
Related
I am trying to upload an image to Twitter using their upload media endpoints. However, I always get a 403 Forbidden error.
I have created an application in my Twitter Developer Console, which gave me a bearer token and I am using that to pass in my headers. Here is what things are looking like in postman:
Here is the generated cURL:
curl --location --request POST "https://upload.twitter.com/1.1/media/upload.json?media_category=tweet_image" ^
--header "Content-Length: 53466" ^
--header "Authorization: Bearer AAAAAAAAAAAAAAAAAAAAAD1mTQ<REST_OF_BEARER_TOKEN>" ^
--header "Cookie: guest_id=v1%3A163072111368923415; personalization_id=\"v1_Enx+SO8Z5+LYLTsABCKDtg==\"" ^
--form "media=#\"/C:/Users/mikel/Desktop/lions_gate.jpg\""
I am clearly missing something. Why do I continue to get a 403 error?
Thanks!
A Bearer Token will not work with the media upload endpoints. A Bearer Token only provides “app authentication”. You need to use “user authentication” (also known as 3-legged OAuth) in order to identify as a user. Per the documentation:
Requires authentication? Yes (user context only)
I am trying to upload a Video to my YouTube account using my own Application(Spring-boot) with the help of Google Library. But every time when I try to call the insert API of YouTube it asks for a Physical Sign in to Google Account. I want to upload my Video without Google Signin via passing the API Key or the client credentials(generated in Google Console for OAuth) in a post Request. I don't want to signin to google every time to upload a video. My account should be verified with the credentials I provide in the post Request.
curl --request POST
'https://youtube.googleapis.com/youtube/v3/videos?key=[YOUR_API_KEY]'
--header 'Authorization: Bearer [YOUR_ACCESS_TOKEN]'
--header 'Accept: application/json'
--header 'Content-Type: application/json'
--data '{}'
--compressed
Another Question is How I can get [YOUR_ACCESS_TOKEN] ..?
End Point URL : POST https://www.googleapis.com/upload/youtube/v3/videos
Google Link : YouTube Upload Video steps
Any Suggestion would be Very Helpful.
JAVA code snippet :
you can find this on Google Link.
The only way to do that would be to request offline access. At which point you should get a refresh token back. You can then use the refresh token to request a new access token at a later date without requiring that you login to google again.
Since your code is in Curl i have posted a response using Curl, even though your question mentons java.
# Authorization link. Place this in a browser and copy the code that is returned after you accept the scopes.
https://accounts.google.com/o/oauth2/auth?client_id=[Application Client Id]&redirect_uri=urn:ietf:wg:oauth:2.0:oob&scope=[Scopes]&response_type=code
# Exchange Authorization code for an access token and a refresh token.
curl \
--request POST \
--data "code=[Authentcation code from authorization link]&client_id=[Application Client Id]&client_secret=[Application Client Secret]&redirect_uri=urn:ietf:wg:oauth:2.0:oob&grant_type=authorization_code" \
https://accounts.google.com/o/oauth2/token
# Exchange a refresh token for a new access token.
curl \
--request POST \
--data 'client_id=[Application Client Id]&client_secret=[Application Client Secret]&refresh_token=[Refresh token granted by second step]&grant_type=refresh_token' \
https://accounts.google.com/o/oauth2/token
Code ripped from my Gist
I have a problem with thingsBoard, I can make a relation in the website with a user account and I tried to relate a device to an asset but when it comes to rest API it gives me a 403 error code.
I used swagger UI and I used entity-relation API and I used save relation API for this.
I believe that your problems is that you are not logged to your swagger.
In your image, look the exclamation sign inside the red circle, that meaning you didn't set your token on the swagger.
How to get the token:
curl --location --request POST 'http://YOUR_IP_ADDRESS/api/auth/login'
--header 'Content-Type: application/json'
--header 'Accept: application/json'
--data-raw '{
"username": "YOUR_EMAIL_ADDRESS",
"password": "YOUR_PASSWORD"
}'
With the token received, go back to the top of the swagger and looking for the "authorize" button. There put your token.
When you go back to your operation, you can see that the exclamation sign now is in a blue circle. Try again! Now, your operation should work!!
I registered my webhook url successfully, but as my server slept and i missed the twitter crc check which occurs in every 24 hours, due to which my webhook id became invalid. From the documentation i found the following curl command
curl --request PUT
--url https://api.twitter.com/1.1/account_activity/webhook/:WEBHOOK_ID.json --header
'authorization: OAuth oauth_consumer_key="CONSUMER_KEY",oauth_nonce="GENERATED", oauth_signature="GENERATED", oauth_signature_method="HMAC-SHA1", oauth_timestamp="GENERATED", oauth_token="ACCESS_TOKEN", oauth_version="1.0"'
but I don't know how to generate oauth_nonce, oauth_signature. So i thought using Twurl which handles oauth 1.0 easily.
Does anyone knows the twurl command to do trigger the crc check for twitter?
Or does anyone knows the code for generating oauth_nonce and oauth_signature in python3?
That documentation is incorrect (where did you find it?), but I can help you.
If you have twurl set up correctly, authenticated with the correct consumer key and secret that your webhook app is using and with the user ID you're using with it, then this command should work (I just tried it here and it works for me)
twurl -X PUT "/1.1/account_activity/all/:ENV-NAME/webhooks/:WEBHOOK_ID.json"
So in my case, with an environment name of env-beta and a known webhook ID, this triggered the CRC check:
twurl -X PUT "/1.1/account_activity/all/env-beta/webhooks/10656zzzzMYIDzzz35232.json"
Hi I have the Google OAuth 2 explicit flow working according to:
https://developers.google.com/identity/protocols/OAuth2WebServer
I also have the implicit flow working on iOS with GIDSignIn, specifically I get the GIDSignInDelegate::sign(_ signIn: GIDSignIn!, didSignInFor user: GIDGoogleUser!, withError error: Error!) callback and have access to user.authentication.accessToken and user.authentication.refreshToken.
I'm trying to pass that refreshToken back to our private app server so that it can make requests on behalf of the user (mainly because it's easier to just sign in with the SDK than make the front end developers deal with raw URL requests).
However, when I try to use that refresh token to get a new access token on the back end:
curl --request POST \
--url https://www.googleapis.com/oauth2/v4/token \
--header 'cache-control: no-cache' \
--header 'content-type: application/x-www-form-urlencoded' \
--data 'client_id={client_id}&client_secret={client_secret}&refresh_token={refresh_token}&grant_type=refresh_token'
It returns:
{ "error": "invalid_grant", "error_description": "Bad Request" }
I think the issue is that my server has a client id and secret, but iOS only has a client id. Without a secret (sometimes called key) corresponding to the iOS client id, there is no way for me to refresh the token on the back end. I was hopeful that Google would detect that both the server client id and iOS client id were registered to the same app and let the server refresh the token with its credentials, but that doesn't work.
I've looked at both the "API keys" and "OAuth 2.0 client IDs" sections at:
https://console.developers.google.com/apis/credentials
But am at a loss.
Does anyone know a curl command for refreshing a token acquired through the iOS SDK?
Or is this simply not possible?
Thanks!
For anyone reading this, I got it working:
On a whim I tried calling the refresh token endpoint without passing client_secret (as there isn't one when using implicit flow on mobile). Here is the curl:
curl --request POST \
--url https://www.googleapis.com/oauth2/v4/token \
--header 'content-type: application/x-www-form-urlencoded' \
--data 'client_id={client_id}&refresh_token={refresh_token}&grant_type=refresh_token'
This appears to be undocumented. The closest example I found is at https://developers.google.com/identity/protocols/OAuth2InstalledApp#refresh but it shows client_secret=your_client_secret& and never mentions that with implicit flow, front end web and mobile apps don't normally use a client secret.
Please don't upvote my answer, as I haven't done anything. OAuth is generally not documented very well, or contains code snippets pertaining to platform SDKs without the underlying URL requests or curl examples. SDKs are often opaque/closed-source so would require dropping down to tcpdump or packet sniffing to see what's going on. I didn't do the due diligence, I just got lucky.
I have sent feedback to Google but if this issue has affected you, you can click the gear in Gmail and "Send feedback" to hopefully get documentation updated more quickly.
Please refer to this link:
https://developers.google.com/identity/sign-in/ios/offline-access
From the reference, you have to do 2steps below to let your server able to refresh your access token
Make sure your server and iOS app use credentials of the same project, 1 browser key and 1 iOS key
Add this line: [GIDSignIn sharedInstance].serverClientID = your_server_client_id