I know you can now get the users address in Alexa, but what about the users current location if they use the built in Alexa function in the Amazon Shopping app?
I'd like to make suggestions based on the users current location, not their home address.
Try use Device address API,
https://developer.amazon.com/public/solutions/alexa/alexa-skills-kit/docs/device-address-api
Copied from above souce,
Base URIs and Geographic Location of the Skill
The base URI varies depending on the geographic location of your skill, which is a separate value than the device address of the customer’s Alexa device. You can set the apiEndpoint value in the System object to obtain the appropriate base URI.
The base URI for US calls for device address data is: https://api.amazonalexa.com/.
The base URI for UK and DE calls for device address data is: https://api.eu.amazonalexa.com
The examples on this page use the US URI.
Get Country and Postal Code
Gets the country and postal code associated with a device specified by deviceId. The endpoint is case-sensitive.
Endpoint: /v1/devices/*deviceId*/settings/address/countryAndPostalCode
Request Message Example
Host: api.amazonalexa.com
Accept: application/json
Authorization: Bearer Atc|MQEWY...6fnLok
GET https://api.amazonalexa.com/v1/devices/{deviceId}/settings/address/countryAndPostalCode
Request Headers
Header Description Type Required
Authorization A current consent token in the format: Bearer Atc|your consent token| string yes
Request Parameters
Parameter Description Type Required
deviceId The deviceId to retrieve the country and postal code for string yes
Response
Successful Response Message Example
This example shows a successful response for a request for “Country & Postal Code”.
Host: api.amazonalexa.com
X-Amzn-RequestId: xxxx-xxx-xxx
Content-Type: application/json
{
"countryCode" : "US",
"postalCode" : "98109"
}
Related
I try to use Google Photos API to upload my images, base on the steps of the following link.
https://developers.google.com/photos/library/guides/upload-media
After following the Using OAuth 2.0 for Web Server Applications, I just get the Oauth2.0_token response(a JSON format with access_token, refresh_token...). However, after I put this token string with "Bearer " into request headers, the response is error 401, the error message is "code 16 Authentication session is not defined".
I cannot find any information to deal with it, thank for any help.
You probably have incorrect permissions. Make sure you request the token with the appropriate scope. For write-only access you need 'https://www.googleapis.com/auth/photoslibrary.appendonly'
src: https://developers.google.com/photos/library/guides/authentication-authorization#what-scopes
One reason this might be happening is that you initially authorized your user for read-only access. If you went through the authorization flow with a .readonly scope, your bearer token reflects that authorization (and the token is retained in your credentials file). If you change your scope but don't get a new auth token you will get this error when trying to upload. Simply redo the authorization flow with the new scope defined:
SCOPES = 'https://www.googleapis.com/auth/photoslibrary'
store = file.Storage('path_to_store')
if not creds or creds.invalid:
flow = client.flow_from_clientsecrets('google_credentials.json', SCOPES)
creds = tools.run_flow(flow, store)
and your store will be populated with a new token that can be used for uploading.
You say you "just get the Oauth2.0_token response(a JSON format with access_token, refresh_token...)" and "put this token string with "Bearer " into request headers".
Unfortunately documentation on this isn't super clear in a lot of places. What you are supposed to provide after "Bearer" is the "access_token" field only, not the entire JSON string with all the token fields in it. For reference, this is a single string of random looking characters which probably starts with "ya29." and is pretty long - in my case it's 170 characters.
I am using Google APIs to perform various operations on my contacts. I wanted to add a contact to my contact list for this I used:
POST:
https://www.google.com/m8/feeds/contacts/default/thin?alt=json&max-results=500&v=3.0
With the header
Authorization: Bearer "access_token"
Content-Type: application/json
data:{title: "BATMAN", phonenumber: "3333", email:"tdk#gmail.com"}
The get the response alright:
HTTP/1.1 201 Created
This response was recorded by both Google OAuth 2.0 playground as well as Postman.
However when I wish to fetch the contact it is nowhere to be found. To fetch I my request is:
GET:
https://www.google.com/m8/feeds/contacts/default/thin?alt=json&max-results=500&v=3.0
With the header
Authorization: Bearer "access_token"
I get all contacts but the one just created. Would like to know where I'm going wrong?
I can not figure out what I'm doing wrong. I'm developing an App for BigCommerce and can not get the simple oAuth exchange to work correctly.
The initial get request is being made to https://www.my-app.com/oauth/bigcommerce/auth. This is the code in the controller for that request. It's a Laravel 5.6 app:
use Illuminate\Http\Request;
use Bigcommerce\Api\Client as Bigcommerce;
class BigcommerceOAuthController extends Controller
{
public function auth(Request $request)
{
$object = new \stdClass();
$object->client_id = 'my-client-id';
$object->client_secret = 'my-client-secret';
$object->redirect_uri = 'https://my-app.com/oauth/bigcommerce/auth';
$object->code = $request->get('code');
$object->context = $request->get('context');
$object->scope = $request->get('scope');
$authTokenResponse = Bigcommerce::getAuthToken($object);
$storeHash = str_replace('stores/', '', $request->get('context'));
Bigcommerce::configure(array(
'client_id' => 'my-client-id',
'auth_token' => $authTokenResponse->access_token,
'store_hash' => $storeHash
));
echo "<pre>";
print_r($authTokenResponse);
print_r(Bigcommerce::getTime());
echo "</pre>";
}
}
Every time I try to install my draft app from the BigCommerce control panel, I get an error because $authTokenResponse is not an object. When I debug further into the Bigcommerce\Api\Connection class, I can see that the response from the server is empty, and the status is a 401, which means "Unauthorized".
I can't figure out why I am getting this error. As far as I can see, I'm doing everything right. I've tried urlencoding the string retrieved from $request->get('scope'), since that string becomes unencoded by Laravel, but that didn't seem to help.
I am also confused how this is even supposed to work at all. In the BigCommerce docs, they show this example POST request, which uses application/x-www-form-urlencoded Content-Type and passes the request body as a url encoded string:
POST /oauth2/token HTTP/1.1 Host: login.bigcommerce.com Content-Type:
application/x-www-form-urlencoded Content-Length: 186
client_id={CLIENT_ID}&client_secret={CLIENT_SECRET}&code=qr6h3thvbvag2ffq&scope=store_v2_orders&grant_type=authorization_code&redirect_uri=https://app.example.com/oauth&context=stores/{STORE_HASH}
However, if you inspect what's going on in the Connection class, you can see that the Content-Type is being set to application/x-www-form-urlencoded as the docs say, but the request body is being passed in as a json string, not a url string. Shouldn't the request be a url encoded string as the docs suggest?
A couple of things here to check:
Do you have a public URL where you can receive the Auth Callback?
If so, did the store owner registered the app successfully? https://developer.bigcommerce.com/api/registration
When you have the client_id and secret_id. You should have all of the details needed to send a POST request to the BC Auth Token Service at https://login.bigcommerce.com/oauth2/token
The content uses URL encode Make sure to URL encode your content. Be careful of of the encoding of & and = signs when those are actually being used as separators.
More details can be found in this post:
Can BigCommerce Private Apps use OAuth
How can I locally reproduce the https GET call that my Azure Scheduler job would execute that uses Basic Authentication with a username/password?
I know I can just type in the URL in the browser to hit the action in my MVC controller, but how does Azure Scheduler send the username/password?
If Azure Scheduler uses Basic Authentication then it will send the username and password as Base64 encoded Authorization header.
The username and password are combined into a string separated by a colon, e.g.: username:password
The resulting string is encoded using the RFC2045-MIME variant of Base64, except not limited to 76 char/line.
The authorization method and a space i.e. "Basic " is then put before the encoded string.
So for example if your username=john and password=secret, the Authorization header would look like this:
Authorization: Basic am9objpzZWNyZXQ=
So you should make the following HTTP request:
GET /yourcontroller/youraction HTTP/1.1
Authorization: Basic am9objpzZWNyZXQ=
Connection: close
I have an external tool which I connected to my D2L site through LTI. When a student completes his work, I want the tool to send the grade back to the LMS.
I receive a "Not authenticated" message from D2L when sending the grade with the XML payload. How do I authenticate my grade posting?
The authentication required is down to how it must be done as described in the LTI 1.1 implementation guide. In particular (from LTI 1.1 impl guide), pay attention to section 4: LTI Security Model and section 6.1: LTI Basic Outcome Service.
Quick summary of requirements, I believe (as per section 4.3: Security for application/xml Messages):
form up the POX (plain 'ol XML) body
calculate the body hash value
set the oauth_body_hash parm to this value
sign the request as per Oauth signing rules, and note that the oauth_body_hash must be included in the base string to sign together with the other request parms
transmit the oauth_body_hash parm along with the OAuth parms in the signed request
D2L highly recommends that implementors use a reliable OAuth standard library for their particular platform to do the signature generation and verification, rather than attempt to implement the OAuth signing/verification algorithm on their own.
Note that the Oauth parms in this case get transmitted in the request header and not in the body data. The IMS spec itself contains an example of what the body should look like (sec 4.3):
POST http://www.imsglobal.org/developers/BLTI/service_handle.php HTTP/1.0
Host: 127.0.0.1:80
Content-Length: 757
Authorization: OAuth realm="",oauth_version="1.0",
oauth_nonce="29f90c047a44b2ece73d00a09364d49b",
oauth_timestamp="1313350943",oauth_consumer_key="lmsng.school.edu",
oauth_body_hash="v%2BxFnmDSHV%2Fj29qhxLwkFILrtPo%3D",
oauth_signature_method="HMAC-SHA1",
oauth_signature="8auRpRdPY2KRXUrOyz3HKCs92y8%3D"
Content-type: application/xml
<?xml version = "1.0" encoding = "UTF-8"?>
<imsx_POXEnvelopeRequest xmlns = "http://www.imsglobal.org/services/ltiv1p1/xsd/imsoms_v1p0">
<imsx_POXHeader>
<imsx_POXRequestHeaderInfo>
<imsx_version>V1.0</imsx_version>
<imsx_messageIdentifier>999999123</imsx_messageIdentifier>
</imsx_POXRequestHeaderInfo>
</imsx_POXHeader>
<imsx_POXBody>
<readResultRequest>
<resultRecord>
<sourcedGUID>
<sourcedId>3124567</sourcedId>
</sourcedGUID>
</resultRecord>
</readResultRequest>
</imsx_POXBody>
</imsx_POXEnvelopeRequest>