I cannot upload a photo from Microsoft Graph Explorer. I am getting this error:
An internal server error occurred. The operation failed., The file you chose isn't an image.
I have image/jpeg as content-type and a valid binary data extracted from Fiddler. Authorization token is also there when I inspect my request from Fiddler.
What did I missed?
Request body: https://pastebin.com/YDUfpRmX
Response: https://pastebin.com/e6fzDYvi
PUT https://graph.microsoft.com/beta/users/[userprincipalName]/photo/$value HTTP/1.1
Content-Length: 64408
Authorization: Bearer eyJ0eXA...
Content-Type: image/jpeg
Graph Explorer doesn't support sending binary files at the moment. It can only handle string data in the POST/PUT/PATCH body.
Related
For some strange reason, I cannot upload files or create folders in a drive using the MS Graph API. I can view/list and even delete without any issues. Same goes for personal OneDrive files...I can list and delete, but not upload or create folders. I can't even create an upload session. I have set up the API permissions correct as far as I can tell (due to the ability to list and delete), but something is amiss.
I'm using Ruby and its Net::HTTP class to make the HTTP requests, but I've tried with other languages as well, even the Github Javascript SDK (https://github.com/microsoftgraph/msgraph-sdk-javascript) and Java SDK (https://github.com/microsoftgraph/msgraph-sdk-java). Every attempt I make results in the same 400 (invalid request) error. My request looks like this:
PUT /v1.0/drives/b!0jlSfAMWs0mywYCiVQrxB8cBs6dbx0FDr8CYTNg4ITob3Q2lz0OER6Snzs1G_vHh/items/01L5VYWTF6Y2GOVW7725BZO354PWSELRRZ:/test.txt:/content HTTP/1.1
Accept-Encoding: gzip;q=1.0,deflate;q=0.6,identity;q=0.3
Accept: application/json
User-Agent: Ruby
Host: graph.microsoft.com
Authorization: Bearer <my auth code>
Content-Type: text/plain
Connection: close
Content-Length: 24
My test.txt file content
The error response back has no useful information for diagnosing my problem:
HTTP/1.1 400 Bad Request
Cache-Control: private
Content-Type: application/json
request-id: c42545c0-ee40-40f3-9c7d-19d0e69d8ac8
client-request-id: c42545c0-ee40-40f3-9c7d-19d0e69d8ac8
x-ms-ags-diagnostic: {"ServerInfo":{"DataCenter":"North Central US","Slice":"SliceC","Ring":"3","ScaleUnit":"003","RoleInstance":"AGSFE_IN_45"}}
Strict-Transport-Security: max-age=31536000
Date: Mon, 03 Aug 2020 16:23:47 GMT
Connection: close
Content-Length: 215
{
"error": {
"code": "invalidRequest",
"message": "Invalid request",
"innerError": {
"date": "2020-08-03T20:35:44",
"request-id": "c42545c0-ee40-40f3-9c7d-19d0e69d8ac8"
}
}
I've tried a few different paths for this PUT request to upload the file and get the same error in response:
sites/#{site_id}/drive/items/01L5VYWTF6Y2GOVW7725BZO354PWSELRRZ:/test.txt:/content
sites/#{site_id}/drive/root:/test.txt:/content
me/drive/items/01FF6DWVN6Y2GOVW7725BZO354PWSELRRZ:/test.txt:/content
me/drive/root:/test.txt:/content
My app registration has the following API permissions and I'm requesting each of these when making the OAuth access token request:
openid
email
profile
https://graph.microsoft.com/User.Read
https://graph.microsoft.com/Files.Read
https://graph.microsoft.com/Files.Read.All
https://graph.microsoft.com/Files.ReadWrite
https://graph.microsoft.com/Files.ReadWrite.All
https://graph.microsoft.com/Sites.Manage.All
https://graph.microsoft.com/Sites.Read.All
https://graph.microsoft.com/Sites.ReadWrite.All
Again - I get similar errors trying to create a folder in any drive or trying to create an upload session. These are both POST requests with a JSON body to a slightly different URL, but the end result is the exact same....a 400 error with absolutely no helpful information. Same thing happens at the 'beta' endpoint.
Microsoft won't help me unless I'm a "Unified Support or Premium customer". Every case I try to submit immediately is closed.
Anyone have any ideas?
Ok - an update to this. I ended up getting Microsoft O365 support involved and we did a Teams meeting where I screenshared and showed them the problem. They had me try a few things (including creating a brand new Sharepoint site) and the problem persisted. Needless to say, they were stumped themselves.
I then asked some colleagues to try to upload files to a Sharepoint site and it worked for them. Turns out, there was something strange wrong with my Azure app registration. I have no clue what it was because all its config was the exact same as my colleague's. So I ended up creating a brand new app registration and when I use that, everything started working.
I tried to perform this request but I get errors:
1. { "error": "invalid_client", "error_description": "The OAuth client was not found." }
After I request it again:
2. 405. That’s an error.
The request method omPOST is inappropriate for the URL /oauth2/v4/token. That’s all we know.
Details:
POST /oauth2/v4/token HTTP/1.1
Host: www.googleapis.com
Content-length: 208
content-type: application/x-www-form-urlencoded
user-agent: google-oauth-playground
client_secret=MYSECRET&grant_type=refresh_token&refresh_token=MYTOKEN&client_id=MYCLIENTID
EDIT:
I was sending the request to an invalid endpoint, making it unavaiable for me to receive the expected data. I was able to fix it by following the steps in the google docs: https://developers.google.com/identity/protocols/OAuth2WebServer
The error indicates your client ID is wrong. Please make sure it's the client ID from the Google API console (console.developers.google.com) and it matches the Client Secret. The refresh token should also be one issued to the original client ID.
I'm trying to exchange an OAuth 2.0 Authorization Code for an Access Token using Google's OAuth Playground tool. So, I get to step 2 and there it shows the HTTP POST request it will be sending out to MY_SERVER (I obfuscated the exact IP address for security reasons).
To me this looks correct and if I use a POST tool with exactly this request, it does arrive on my server. Launching it from the Playground, it doesn't arrive on my web server (nothing in the logs).
Does anybody have an idea what might be going wrong?
THIS POST
POST /tb/html/token/ HTTP/1.1
Host: MY_SERVER.COM
Content-length: 170
content-type: application/x-www-form-urlencoded
user-agent: google-oauth-playground
code=Splxl0576dGF6567gFG&redirect_uri=https%3A%2F%2Fdevelopers.google.com%2Foauthplayground&client_id=jarne&scope=&client_secret=some_secret&grant_type=authorization_code
RESULTS IN
HTTP/1.1 400 Bad Request
Content-length: 105
Content-type: text/plain
An error occured while connecting to the server: Unable to fetch URL: http://MY_SERVER.COM/tb/html/token/
I am trying to use a custom java application of mine to upload videos to my youtube account via an access limited device like a Raspberry pi running as a server.
For this I am using the Google Oauth 2.0 for limited input device as a reference.
Here I am facing following problem:
After getting the Device code via following similar call (Step 2 from the link):
POST /o/oauth2/device/code HTTP/1.1
Host: accounts.google.com
Content-Type: application/x-www-form-urlencoded
client_id=1084945748469-eg34imk572gdhu83gj5p0an9fut6urp5.apps.googleusercontent.com&
scope=https://www.googleapis.com/auth/youtube
Google Oauth server responds with 'user_code' and 'verification_url' (Step 3 from the link):
{ "device_code" : "4/L9fTtLrhY96442SEuf1Rl3KLFg3y", "user_code" :
"a9xfwk9c", "verification_url" : "http://www.google.com/device",
"expires_in" : "1800" "interval" : 5, }
Now I am giving the requisite permission by opening the url as responded by google server.
Finally I am trying to get the access token from Google server (Step 4 from the link) by posting similar request:
POST /o/oauth2/token HTTP/1.1
Host: accounts.google.com
Content-Type: application/x-www-form-urlencoded
client_id=1084945748469-eg34imk572gdhu83gj5p0an9fut6urp5.apps.googleusercontent.com&
client_secret=hDBmMRhz7eJRsM9Z2q1oFBSem&
code=4/YMSlR3fSCC1NtUh073DuZKTJJ3ss&
grant_type=http://oauth.net/grant_type/device/1.0
but instead of getting the 'access_token' as response I am getting the following :
Status Code:400 Response: { "error" : "invalid_request",
"error_description" : "Required parameter is missing: grant_type" }
Note : With or without url encoding, my problem stays the same.
Can someone please help me as to whether it's the Google Oauth 2.0 api is buggy or my request is faulty?
***************************************UPDATE*************************************
I tried the same steps with some alternative tools instead of my custom java application, so I tried Fiddler and curl, the surprise is as follows:
All of the calls worked right as mentioned by Google Oauth 2.0 for limited input device for curl.
Same issue was observed with Fiddler as was with my custom java app.
I am still unable to figure out the difference yet, still need help.
************UPDATE#2**************
Fiddler request:
(url encoded, obscured client secret)
(One can get oauth credentials (client_id and client_secret) by following this)
POST HTTP/1.1
https://accounts.google.com/o/oauth2/token?client_id=308065994473-ur9dd7003ajs6mvr5s4kqnugr6j8tsf2.apps.googleusercontent.com&client_secret=XXXXXXXXXXXXXXX&code=4%2FWR-qiTquqB0e4-0LCy0-7rZ2kkE2&grant_type=http%3A%2F%2Foauth.net%2Fgrant_type%2Fdevice%2F1.0
Content-Type: application/x-www-form-urlencoded
(non url encoded, obscured client secret)
POST HTTP/1.1
https://accounts.google.com/o/oauth2/token?client_id=308065994473-ur9dd7003ajs6mvr5s4kqnugr6j8tsf2.apps.googleusercontent.com&client_secret=XXXXXXXXXXXXXX&code=4/WR-qiTquqB0e4-0LCy0-7rZ2kkE2&grant_type=http://oauth.net/grant_type/device/1.0
Java code project is available at (maven project, check the test case for the Oauth calls):
https://docs.google.com/file/d/0B8ltWBtPF-DVMDZFNHNMZXpCQlk
The value is wrong, you should use grant_type=authorization_code as this says.
I try the guide here: Path Developers Docs
I can get access token from Path API.
But I can not send post photo request "POST /1/moment/photo".
Does anyone can do it?
I used gtw-oauth2 to get access token from Path API.
If you see the request format
POST /oauth2/access_token HTTP/1.1
Host: partner.path.com
Content-Type: application/x-www-form-urlencoded
Content-Length: <LENGTH>
grant_type=authorization_code&client_id=CLIENT&client_secret=SECRET&code=CODE
Content-Length line is not required, in getting permanent access token
code=CODE - was very confusing, and i see you can get temporary access token, but can't get permanent access token, in this line, capital CODE MUST BE REPLACED WITH TEMPORARY ACCESS TOKEN
don't change grant_type=authorization_code only
I think this will help you a lot
POST /oauth2/access_token HTTP/1.1
Host: partner.path.com
Content-Type: application/x-www-form-urlencoded
Content-Length:
grant_type=authorization_code&client_id=CLIENT&client_secret=SECRET&code=CODE