When I try to call:
POST /oauth2/v1/tokens/bearer?grant_type=authorization_code&code=XXX&redirect_uri=https://developer.intuit.com/v2/OAuth2Playground/RedirectUrl
Content-Type: application/x-www-form-urlencoded
Accept: application/json
Authorization: Basic XXX
I get Status: 400 Code: InvalidFieldFormat Type:SYSTEM from every platform (curl, postman, mongodb stitch). The only place where it works is the intuit playground.
I do not see what is invalid.
You're trying to pass everything via a query string, and you should be passing it in the POST body.
You should be POSTing to this URL: https://oauth.platform.intuit.com/oauth2/v1/tokens/bearer
And passing in a HTTP request body like this:
grant_type=authorization_code&
code=L3114709614564VSU8JSEiPkXx1xhV8D9mv4xbv6sZJycibMUI&
redirect_uri=https://www.mydemoapp.com/oauth-redirect
It's the POST body, not the query string.
This is documented on Intuit's site here:
https://developer.intuit.com/app/developer/qbo/docs/develop/authentication-and-authorization/oauth-2.0#step-5-exchange-authorization-code-for-refresh-and-access-tokens
Related
My API consumes requests only with Header - Content-type:application/json object.
To do the same I use:
#OA\RequestBody(
description= "Provide company search parameter",
required= true,
#OA\JsonContent(
type="object",
#OA\Property(property="company_name", type="string")
)
)
But for some requests I don't need the RequestBody, only hit the resource and get data. How do I do it without RequestBody?
P.S. This request requires a GET method (POST can be used, if that helps) but GET doesn't accept a RequestBody.
This case cannot be described by OAS 3.0, and the restriction on GET requestBodies is to avoid attempting to describe API behaviour which the HTTP spec says is undefined. The restriction on specifying Content-Type as a 'manually' defined header is also to ensure there is no ambiguity as to which mechanism is supposed to set this header.
https://github.com/OAI/OpenAPI-Specification/issues/1628
When a client is sending the Content-Type header, it is used to describe the body of the request (not the response)
To influence the the response type a client can send an Accept header.
For example: Accept: application/json
As far as I understand, POST parameters can be sent using Content-Type only either multipart/form-data or x-www-form-urlencoded. Is that right?
I want to send the parameters wrapped in JSON. Is that possible?
Will the parameters in the request
POST /login HTTP/1.1
Host: localhost:8080
Content-Type: application/json
{"username": "test","password": "test"}
be identified as username=test&password=test?
I am using Google APIs to perform various operations on my contacts. I wanted to add a contact to my contact list for this I used:
POST:
https://www.google.com/m8/feeds/contacts/default/thin?alt=json&max-results=500&v=3.0
With the header
Authorization: Bearer "access_token"
Content-Type: application/json
data:{title: "BATMAN", phonenumber: "3333", email:"tdk#gmail.com"}
The get the response alright:
HTTP/1.1 201 Created
This response was recorded by both Google OAuth 2.0 playground as well as Postman.
However when I wish to fetch the contact it is nowhere to be found. To fetch I my request is:
GET:
https://www.google.com/m8/feeds/contacts/default/thin?alt=json&max-results=500&v=3.0
With the header
Authorization: Bearer "access_token"
I get all contacts but the one just created. Would like to know where I'm going wrong?
I'm not a ruby or rails programmer, but I'm tasked with reverse engineering an API for an RoR app. My HTTP POST requests are failing a validation check, where this line is supposed to provide a specific piece of data:
value = #_request.env['HTTP_X_MY_TOKEN'];
From what little experience I have and searching I've done, it appears to be looking for an HTTP request header MY_TOKEN but I'm unsure if that's the case.
My current HTTP request looks like this:
POST /myapp HTTP/1.1
Host: website.com:80
Content-Type: application/json
Content-Length: 12
my post data
If that is the case, can I simply add it to my HTTP post request headers as follows:
POST /myapp HTTP/1.1
Host: website.com:80
Content-Type: application/json
MY_TOKEN: sometokentext
Content-Length: 12
my post data
If not, how do I fill this value during my HTTP POST request?
Sending X-MY-TOKEN should do the trick.
As a side note, prepending custom headers with X- is no longer recommended and deprecated according to RFC-6648:
Custom HTTP headers : naming conventions
I've managed to get an adaptive payments script to work in the apigee console, here is the request:
X-PAYPAL-REQUEST-DATA-FORMAT: JSON
X-PAYPAL-APPLICATION-ID: APP-80W284485P519543T
X-HostCommonName: svcs.sandbox.paypal.com
Host: svcs.sandbox.paypal.com
Content-Length: 428
X-PAYPAL-DEVICE-IPADDRESS: 127.0.0.1
X-Forwarded-For: 10.203.10.109
X-PAYPAL-REQUEST-SOURCE: APIGEE-CONSOLE-1.0
X-Target-URI: https://svcs.sandbox.paypal.com
X-PAYPAL-RESPONSE-DATA-FORMAT: JSON
Content-Type: text/plain; charset=ISO-8859-1
Connection: Keep-Alive
"{
"actionType":"PAY",
"currencyCode":"USD",
"receiverList":{"receiver":[{"amount":"5.00","email":"cam_1315509411_per#btinternet.com"}]},
"returnUrl":"http://apigee.com/console/-1/handlePaypalReturn",
"senderEmail":"qwom_1315508825_biz#btinternet.com",
"feesPayer":"SENDER",
"cancelUrl":"http://apigee.com/console/-1/handlePaypalCancel?",
"requestEnvelope":{"errorLanguage":"en_US", "detailLevel":"ReturnAll"}
}"
How do I actually post this information to the https://svcs.sandbox.paypal.com/AdaptivePayments/Pay url? I can't find the easiest way to do it, should I use cURL and what are the variables names for each post value?
That depends on the rest of your application. PHP with cURL is fairly straightforward, but it's not too much of a hassle in other languages either.
PayPal has sample code online at https://www.x.com/developers/PayPal/documentation-tools/code-sample/78
If you were to do this yourself, you'd need to (in a nutshell):
- Send a proper HTTP header with the X- headers as shown above including the application ID.
- Send the API call via JSON, SOAP or NVP as POST or GET to the API endpoint
- Decode the response and act accordingly