I need oAuth2 on google drive . But i cant get token. Which parameters is wrong ? Google documentation API cant help me for understanding what is wrong .
I do fetch request.
const options = {
method: 'post',
client_id: '{EXAMPLE}deajshot.apps.googleusercontent.com',
redirect_uri: 'https://drive.google.com/open?id={EXAMPLE}',
scope: 'https://www.googleapis.com/auth/drive.metadata',
prompt: 'none',
mode: 'no-cors',
response_type: 'token'
};
fetch('https://accounts.google.com/o/oauth2/auth',options)
.then(function (response) {
console.log(response);
})
Now i have error - 400. That’s an error.
Error: invalid_request
Required parameter is missing: response_type;
By your code example , you first need to get a code and then request a access token.try to follow this tutorial: https://developers.google.com/identity/protocols/OpenIDConnect#authenticatingtheuser
You have there a request for example:
https://accounts.google.com/o/oauth2/v2/auth?
client_id=424911365001.apps.googleusercontent.com&
response_type=code&
scope=openid%20email&
redirect_uri=https://oauth2-login-demo.example.com/code&
state=security_token%3D138r5719ru3e1%26url%3Dhttps://oauth2-login-demo.example.com/myHome&
login_hint=jsmith#example.com&
openid.realm=example.com&
hd=example.com
After this , with your 'code' parameter you get you could make request to get a access token (you have there also a example of this request )
Good luck
Related
I am implementing the Microsoft Auth code flow but I am stuck with this error.
Based on this code example, here is how I am initializing the client:
const config = {
auth: {
clientId: process.env.MICROSOFT_CLIENT_ID,
authority: process.env.MICROSOFT_AUTHORITY,
clientSecret: process.env.MICROSOFT_CLIENT_SECRET,
},
};
const cca = new msal.ConfidentialClientApplication(config);
And later I want to create an authentication URL to redirect the user to:
const authCodeUrlParameters = {
scopes: ["user.read"],
redirectUri: "http://localhost:8080/oauth/microsoft",
state: 'state_here',
};
cca
.getAuthCodeUrl(authCodeUrlParameters)
.then((authCodeUrl) => {
return authCodeUrl;
})
.catch((error) => console.log(JSON.stringify(error)));
But I am getting this error: {"errorCode":"empty_url_error","errorMessage":"URL was empty or null.","subError":"","name":"ClientConfigurationError"}
Based on the docs about errors, it looks like it's thrown before requests are made when the given user config parameters are malformed or missing.
Anybody can spot where the configs are malformed?
The error is because of the missing configuration requirements in the application.
And most importantly , check the authorization request url for missing parameters like state and nonce and the redirect url.
Here request URL may require state and nonce parameters form cache as part of authCodeUrlParameters to construct the URL.
In authCodeUrlParameters see which of them is missed as they may lead to url to null.
You try to give your domain in knownAuthority
Ex:
auth: {
clientId: 'xxxx-xx-xx-xx-xxxxx',
authority: '<give authority>',
knownAuthorities: ['<domain here>']
redirectUri: 'https://localhost:8080'
},
cache: {
cacheLocation: "sessionStorage",
storeAuthStateInCookie: false,
secureCookies: false
},
Please make sure the redirect url is in correct format:
See Redirect URI (reply URL) restrictions - Microsoft Entra | Microsoft Learn
After setting the correct url, I could get proper response
I was following forge tutorials to embed the forge viewer in an html page.
I ended up at this forge-made page, link: https://autodesk-forge.github.io/forge-tutorial-postman/display_svf.html
I understand how to retrieve an access token using cURL however I would like to modify that website so that I don't have to enter the access token myself.
I would like the access-token from the cURL response to be automatically imported as the access token for that website. How is this possible.
The code for the webpage is here: https://github.com/Autodesk-Forge/forge-tutorial-postman/blob/master/docs/display_svf.html
How can I add a function/method to automatically retrieve an access token when I hit submit on the webpage.
Any help is much appeciated!
Cheers!
The server side code you are looking for is:
app.get('/api/forge/oauth', function (req, res) {
Axios({
method: 'POST',
url: 'https://developer.api.autodesk.com/authentication/v1/authenticate',
headers: {
'content-type': 'application/x-www-form-urlencoded',
},
data: querystring.stringify({
client_id: FORGE_CLIENT_ID,
client_secret: FORGE_CLIENT_SECRET,
grant_type: 'client_credentials',
scope: scopes
})
})
.then(function (response) {
// Success
access_token = response.data.access_token;
console.log(response);
res.send('<p>Authentication success!</p>');
})
.catch(function (error) {
// Failed
console.log(error);
res.send('Failed to authenticate');
});
});
Please refer the Forge 2-Legged Authentication tutorials for the code and more details. We also have more tutorials and workflow on Learn Autodesk Forge.
I have an iOS App with an Uber API integration where I use SSO to authenticate the user and then save the accessToken & refreshToken locally on my device. Then I'm calling my server who uses a javascript background function to call the node-uber (https://www.npmjs.com/package/node-uber) library to make a request to Uber.
So far, I'm trying to set up the uber client with my 2 local tokens from the SSO login like this:
var uber = new uberClient({
client_id: '...',
client_secret: '...',
server_token: '...',
name: 'My App',
sandbox: true, //optional
access_token: accessToken,
refresh_token: refreshToken
});
afterwards I want to call the uber.requests.getEstimatesAsync endpoint like this:
uber.requests.getEstimatesAsync({
"start_latitude": pickupLocation["lat"],
"start_longitude": pickupLocation["lng"],
"end_latitude": dropoffLocation["lat"],
"end_longitude": dropoffLocation["lng"]
})
.then(function(res) {
console.log(JSON.stringify(res));
})
.error(function(err) {
console.error(err);
});
})
Though every time I get an "invalid_grant" error 400 while doing this. Did I make a mistake authenticating myself or setting up the Uber client wrong? Is it even possible to use my SSO accessToken & refreshToken then on the uber client, which does a OAuth2 authentification? I thought that both access and refresh token should probably be the same what Uber sends back to be for SSO & OAuth2.
I'm using a Developer account for doing this, therefore I should actually have all the required permissions for the request endpoint, but I also obtained them previously in the App correctly.
This thread on the official uber documentation explains potential reasons but I guess they don't really apply to my case, do they? https://developer.uber.com/docs/riders/guides/authentication/introduction#common-problems-and-solutions
Any security expert here who can help?
Best regards,
Matt
P.S.: I also posted this question on the Uber library I'm using for making those requests, but nobody seems to be able to help me there so far. https://github.com/shernshiou/node-uber/issues/70
Edit: The following picture shows my authentication setup so far:
I found a solution. I think was a problem with the library itself. Because once I made the request with http with the "request" library (https://github.com/request/request) it worked. Include for that at the top of your code:
var request = require('request');
Both OAuth2 and SSO accessToken worked. You should give the method a pickupLocation with latitude and longitude and your obtained accessToken from Uber like this:
function getAllAvailableUberProducts(pickupLocation, accessToken){
var lat = pickupLocation["lat"].toString();
var lng = pickupLocation["lng"].toString();
var options = {
uri: "https://api.uber.com/v1.2/products?latitude="+lat+"&longitude="+lng,
method: 'GET',
headers: {
"Authorization": "Bearer " + accessToken,
"Accept-Language": "en_US",
"Content-Type": "application/json"
}
};
request(options, function (error, response, body) {
if (!error && response.statusCode == 200) {
console.log(JSON.parse(body).products);
} else {
console.log(error);
}
});
}
I hope this helps someone.
I'm trying to use Google's API to sign up and log in users to my rails webapp. I've been playing around with the authentication, but I'm getting stuck on this error after I get the authorization code.
Here's what I'm trying to do:
path = Rails.root.to_s + PATH_TO_JSON_FILENAME_FROM_GOOGLE_API
client_secrets = Google::APIClient::ClientSecrets.load(path)
auth_client = client_secrets.to_authorization
auth_client.update!(
:scope => 'https://www.googleapis.com/auth/drive.metadata.readonly',
:redirect_uri => REDIRECT_URI
)
auth_client.code = ACCESS_CODE_RETURNED_BY_GOOGLE_WHEN_USER_LOGS_IN
auth_client.fetch_access_token!
A few questions:
All I really want to be able to pull is the users name, and their email address. I'm unclear on what the proper value for :scope should be.
For the redirect_uri I'm setting it to one of the redirect uri's that are in my Google API console. Something along the lines of http://localhost:3000/auth/callback. Despite this, I'm getting the following json response:
{
"error" : "redirect_uri_mismatch"
}
Thoughts on what I might be doing wrong here?
Finally figured this out. I needed to set the redirect_uri to postmessage, because that's how I originally requested the authorization code. Here's my complete solution:
I load the Google Authentication library with the following:
function start() {
gapi.load('auth2', function() {
auth2 = gapi.auth2.init({
client_id: 'MY_CLIENT_ID',
});
});
};
I created an HTML button, which on click makes the call to the following function:
function(e){
e.preventDefault();
auth2.grantOfflineAccess({'redirect_uri': 'postmessage'}).then(this.signInCallback);
},
Right now the signInCallback function is just logging my authorization code so I can test out the ruby server code I'm writing:
function(authResult) {
console.log(authResult.code);
}
Here's what my ruby file looks like:
client = Google::APIClient.new
client.authorization.client_id = MY_CLIENT_ID
client.authorization.client_secret = MY_CLIENT_SECRET
client.authorization.redirect_uri = "postmessage"
client.authorization.code = CODE_THAT_WAS_LOGGED_TO_CONSOLE
client.authorization.fetch_access_token!
A little more info: you have to use 'postmessage' calling grantOfflineAccess. I tried putting in one of the actual redirect uri's from my developer console, and it didn't like that (see this SO question for more). What I figured out is that if you do this, then you need to do the same thing on the server side when you try to exchange the authorization code for an access token.
Redirect URI mismatch error definitely means that the redirect URI is not the same that is registered. Make extra sure that the URIs are identical.
I've retrieved the authorization code in Step 1 of OAuth without a problem, but for the life of me I can't complete a post to get the access token. I always get the same error:
content: "{"error":"invalid_request","error_description":"Could not find Shopify API appli... (length: 103)"
Here's what my code looks like...Meteor.http.post is a standard post request. I've tried all sorts of combinations without any luck. I'm developing on localhost:
var url = 'https://' + shopName + '/admin/oauth/access_token';
var data = { client_id: apiKey, client_secret: secret, code: code };
Meteor.http.post(url, data,
function(error, result) {
debugger;
});
Meteor.post is a standard server-side post request documented here. I've tried params (like the Node Wrapper), an array (like PHP) and a combination of other things. I have no idea.
Is it because I'm developing on localhost and server calls require https now? Is my post data structure wrong?
Any other ideas what I'm doing wrong?
I know you said you tried params but placing the params in as data like that wouldn't work. Try this..
var url = 'https://' + shopName + '/admin/oauth/access_token';
var data = { client_id: apiKey, client_secret: secret, code: code };
Meteor.http.post(url, {params:data},
function(error, result) {
debugger;
});