ask util generate-lwa-tokens is no longer available? - oauth-2.0

I'm getting started on Alexa Skill MAnagement SMAPI, so I need to get a refresh token. In the documentation it is specified that 'ask util generate-lwa-tokens' should be used, but in the current version 2.0 of 'ask' this option is no longer available. Thus, I obtained access tokens using postman as described here:
https://gist.github.com/marcelobern/fe44cee1dd5ed624e03b690a447e47fd
But when running some example of smapi what I get is a server error. The example and the error:
from ask_smapi_sdk import StandardSmapiClientBuilder
smapi_client_builder = StandardSmapiClientBuilder(client_id='***',
client_secret='***',
refresh_token='***')
smapi_client = smapi_client_builder.client()
try:
result = smapi_client.list_skills_for_vendor_v1(vendor_id='***', full_response=True)
print("==========================================")
print(result.headers)
print(result.body)
print("==========================================")
except Exception as e:
print(e.body if hasattr(e, 'body') else e)
The error:
{'error_description': 'The server encountered an internal error trying to '
'fulfill the request',
'error_type': 'ServerError'}`
Thank you,
Fernando

This command is now added in the ask-cli v2.1.0, you can check the changelog at
https://github.com/alexa/ask-cli/blob/develop/CHANGELOG.md#210-2020-04-16

Solved. You have to be sure to use a refresh token since access token will throw a server exception

Related

Discord Oauth2 receiving 'invalid client' error

I had Discord Oauth2 implemented so that my users could log into my website by authenticating through Discord. For months, everything worked great and now all of the sudden it stopped working.
Per Discord's oauth2 instructions,https://discordapp.com/developers/docs/topics/oauth2#shared-resources, I am able to successfully acquire the access code that is meant to be traded for the access token. However, when I try to receive the access token I receive an 'invalid_client' error.
First, I am hitting this endpoint:
https://discordapp.com/api/oauth2/authorize?client_id=${process.env.CLIENT_ID}&redirect_uri=http%3A%2F%2Flocalhost%3A5000%2Flogin%2Fdiscord%2Fcallback&response_type=code&scope=identify%20email%20gdm.join
which successfully returns the following:
http://localhost:5000/login/discord/callback?code={some_access_code}
The access code is then sent back to discord to obtain the access token. Here is the code that is failing:
export function getDiscordAccessToken(accessCode, call) {
const redirect = call === 'login' ? process.env.DISCORD_LOGIN_REDIRECT : process.env.DISCORD_CONNECT_REDIRECT
return new Promise((resolve, reject) => {
axios
.post(
`https://discordapp.com/api/oauth2/token?client_id=${process.env.DISCORD_CLIENTID}&client_secret=${process.env.DISCORD_SECRET}&grant_type=authorization_code&code=${accessCode}&redirect_uri=${redirect}&scope=identify%20email%20gdm.join`
)
.then(res => {
resolve(res.data)
})
.catch(err => {
// log error to db
console.log("Here is your error: ", err.response)
reject(err.response)
})
})
}
This code was working for months with no problems. Then, all of the sudden it stopped working. I even checked the Discord change logs which can be found here, https://discordapp.com/developers/docs/change-log, but I found no reference to authentication changes.
Any help you can provide is greatly appreciated!
The query parameters should be in the BODY of the POST request, not the URL for the oauth/token url.
Discord recently pushed a update to the oAuth2 which makes it confine more with the standard. This means they no longer support parameters in the URL for POST, but instead require them to be in the body and form encoded (basically the same, but in the body and without the leading ?).
So you basically need (not tested):
axios.post(
`https://discordapp.com/api/oauth2/token`,
`client_id=${process.env.DISCORD_CLIENTID}&client_secret=${process.env.DISCORD_SECRET}&grant_type=client_credentials&code=${accessCode}&redirect_uri=${redirect}&scope=identify%20email%20gdm.join`
)
I know the question has already been answered, but in my case I copied a wrong secret key. Just make sure that you copy the right one.
Secret Key is located under OAuth2 Tab and not under General Information tab on discord developer's dashboard.

getting error when enter uri for timeseries ingest

Hi I am trying to save data in timeseries db but I am facing an error at timeseries ingest when I enter wss://gateway-predix-data-services.run.aws-usw02-pr.ice.predix.io/v1/stream/messages in websocket uri it shows an error like this when I click on open socket
The request failed with status code: 500
{
"error": "Error: unexpected server response (401)",
"url": "wss://gateway-predix-data-services.run.aws-usw02-pr.ice.predix.io/v1/stream/messages"
}
and see this screenshot once.
Thanks&regards
Eswar G
From the error log, it looks you got authorization error. Check if you are using correct predix-zone-id of the time-series instance in the request header or you have configured correct UAA instance in predix tool kit.
Have you updated your UAA client with timeseries authorities?
To inserting time series data with particular user or client need permission. For getting permission, you need to add authorities into your UAA client.
Following are the authorities for timeseries.
Experiencing a similar problem. I'm posting only one of several received error messages. I've cycled through combos of the following for uri and zone id:
uri:
wss://gateway-predix-data-services.run.aws-usw02-pr.ice.predix.io/v1/stream/messages
https://time-series-store-predix.run.aws-usw02-pr.ice.predix.io/v1/datapoints
zone-id:
44853a54-3ecd-4589-85da-b54f2fda7cce
and the zone id shown in the photo, with .ingest at the end.
so, 401 unauthorized.
Did you happen to re-create the timeseries or uaa? Perhaps they are not associated. Also, I'm assuming you did "login as client" in the top menu.
Might be a good idea to create a new timeseries tied to that uaa. Then use the new zoneId.
Did you add predix..ingest and predix..user to the scope and authorities section in uaa client in your predix.io account. Please check the client id to add permission for in websocketriver.config file.

Google+ api with dart chrome app - 403 Daily Limit

I am trying to use the google_plus_v1_api + google_oauth2_client within a chrome packaged app.
Everythin works fine when i am using only the oauth2 lib:
chrome.identity.getAuthToken(new chrome.TokenDetails(interactive:true))
.then((token){
OAuth2 auth = new SimpleOAuth2(token);
var request = new HttpRequest();
request.onLoad.listen((d){print(request.response);
request.open('GET', 'https://www.googleapis.com/plus/v1/people/me');
auth.authenticate(request).then((request) => request.send());
});
But i can't make google+ lib works:
chrome.identity.getAuthToken(new chrome.TokenDetails(interactive:true))
.then((token){
OAuth2 auth = new SimpleOAuth2(token);
Plus plus = new Plus(auth);
plus.people.get('me').then((d)=>print(d));
});
Return this exception:
GET https://www.googleapis.com/plus/v1/people/me 403 (Forbidden)
Exception: APIRequestException: 403 Daily Limit for Unauthenticated
Use Exceeded. Continued use requires signup.
Am i missing something? How am i supposed to use google+ api lib?
I just saw your answer, but wanted to point out I had the same problem and solved it by setting the makeAuthRequests property of the Plus client to true:
final plusclient.Plus plus = new plusclient.Plus(auth)
..makeAuthRequests = true;
Seems like a more straightfoward solution, since the auth object already contains the token. I would've expected makeAuthRequests to be automatically set to true when constructing a Plus client with an OAuth2 object, but apparently it's not (probably an oversight).
Sorry, i figured out that this line was missing thanks to this tutorial :
plus.oauth_token = auth.token.data;
My google_plus_v1_api query is now working.
Sorry for the inconvenience.

Trouble with authlogic_rpx

I'm trying to run http://github.com/tardate/rails-authlogic-rpx-sample (only rails version was changed) but get error message http://gist.github.com/385696, when RPX returns information after successful authentication via Google Account. What is wrong here? And how I can fix it?
The code was successfully tested with rails 2.3.3 by its author: http://rails-authlogic-rpx-sample.heroku.com/
I run on Windows with cygwin and rails (2.3.5), rpx_now (0.6.20), authlogic_rpx (1.1.1).
Update
In several hours RPX rejected my app http://img96.imageshack.us/img96/2508/14128362.png
Update2
The same error message ( http://gist.github.com/386124) appears with http://github.com/grosser/rpx_now_example , but in this case RPX allows me to sign in (so far).
Solved
See below
Got error: Invalid parameter: apiKey (code: 1), HTTP status: 200
You have to first register your RPX app at http://www.RPXnow.com and set its name. You'll be assigned an API key which you should set in the config/environment.rb file:
RPX_API_KEY = ENV["RPX_API_KEY"]
RPX_APP_NAME = "your_app_name_here!"
Or: Read slide 35: http://www.slideshare.net/tardate/srbauthlogicrpx
You shouldn't have any constraints enforced at the database level.
The reason was trailing \r character in my API key. Apparently, non of the steps did key trimming and the exception was not processed in a good way.

failed to upgrade a token

I was testing Zend Gdata 1.10.1 in my localhost.
I downloaded Zend Gdate from this link:
http://framework.zend.com/download/webservices
Inside the Zend Gdata zip file, there was a folder called demos.
I extracted it and used the YouTudeVideoApp to upload a sample video to Youtube.
But every time after I logged into Youtube, before it redirected me to my localhost,
I received a warning message like this warning message:
localhost: This website is registered
with Google to make authorization
requests, but has not been configured
to send requests securely. We
recommend that you continue the
process only if you trust the
following destination:
localhost:8080/youtube/operations.php
So I googled on how to resolve the problem of getting this warning message when
I saw some people suggesed changing the value of $secure to True in operation.php.
Here is the script mentioned:
function generateAuthSubRequestLink($nextUrl = null)
{
$scope = 'http://gdata.youtube.com';
$secure = true;
$session = true;
if (!$nextUrl) {
generateUrlInformation();
$nextUrl = $_SESSION['operationsUrl'];
}
$url = Zend_Gdata_AuthSub::getAuthSubTokenUri($nextUrl, $scope, $secure, $session);
echo '<a href="' . $url
. '"><strong>Click here to authenticate with YouTube</strong></a>';
}
After I altered the value of $secure to True,
I found that the warning message changed to this:
localhost: Registered, secure. This
website is registered with Google to
make authorization requests
The new warning message is somehow shorter and looks better than the previous warning message.
But once I pressed the Allow Access button, it turned out to be this:
ERROR - Token upgrade for
CI3M6_Q3EOGkxoL-_____wEYjffToQQ failed
: Token upgrade failed. Reason:
Invalid AuthSub header. Error 401
ERROR - Unknown search type - ''
I don't know why this happened.
Could you help me solve the problem please?
edit your php.ini file and enable the openssl extensions
extension=php_openssl.dll
restart the httpd or IIS server

Resources