I have already managed to add some posts to my blog using google api and oauth and ran into some problems. I have tried for days - or weeks - to find the best question to ask and I believe I have isolated the problem. Apparently the secret key only works only for one hour. but after an hour at this line:
$service->blogs->getByUrl("theurlofmyblog.blogspot.com");
I get this error:
Google_Service_Exception in REST.php line 118:
{
"error": {
"errors": [
{
"domain": "global",
"reason": "authError",
"message": "Invalid Credentials",
"locationType": "header",
"location": "Authorization"
}
],
"code": 401,
"message": "Invalid Credentials"
}
}
Some of the experts on forums have suggested that one must go to this address https://developers.google.com/oauthplayground/ and get a referesh token. But nobody has mentioned that how should we use that token. Do I put it inside the json file? There must be something like this - don't laugh please, this is supposed to be a suedo code -:
if(the key is expired)
use my referesh key and get me another key
Any experience?
As described in Google’s OAuth 2.0 documentation, you should receive a refresh token during the authentication flow. You should store that token someplace, then use it to get a new access token when necessary.
The exact procedure to exchange a refresh token for a new access token will depend on what OAuth client library you are using. In Signet (Google’s OAuth library for Ruby), for example, it’s done as part of fetch_access_token.
Related
I am trying to obtain an authorization token to consume a published API in Azure API Management, for which I am performing the following steps:
Call the authorization URL as follows:
https://login.microsoftonline.com/common/oauth2/authorize?
client_id=<CLIENT_ID>
&response_type=code
&response_mode=query
&redirect_uri=<REDIRECT_URI>
&scope=SCOPE
Immediately after, I call the following URL with the obtained authorization code and other parameters in the body and to send them as form-data:
POST https://login.microsoftonline.com/common/oauth2/token
client_id=<CLIENT_ID>
scope=SCOPE
grant_type=authorization_code
client_secret=<CLIENT_SECRET>
code=<AUTHORIZATION_CODE_PREVIOUS_STEP>
As a result, I get the following error and cannot continue:
{
"error": "invalid_grant",
"error_description": "AADSTS54005: OAuth2 Authorization code was already redeemed, please retry with a new valid code or use an existing refresh token.\r\nTrace ID: f0264d85-2f41-4009-9e8e-1a211209e100\r\nCorrelation ID: c6b15ffb-82e8-49aa-941f-6c85be4d9601\r\nTimestamp: 2022-01-18 15:06:55Z",
"error_codes": [
54005
],
"timestamp": "2022-01-18 15:06:55Z",
"trace_id": "f0264d85-2f41-4009-9e8e-1a211209e100",
"correlation_id": "c6b15ffb-82e8-49aa-941f-6c85be4d9601"
}
I understand that the authorization code is for one use only but, in my case, on the first attempt I get this error.
Any help is appreciated
I'm trying to to a request to the Google Calendar API using Postman. Following this Google documentation:
https://developers.google.com/calendar/v3/reference/?apix=true
I'm doing a:
GET https://www.googleapis.com/calendar/v3/calendars/{my_calendar_id_here}
On the Postman Authorization tab i'm specifying that i want to use OAuth 2.0 and i also put my access token (which i use to make Calendar API calls from code, works fine). However, Postman responds with the following body:
{
"error": {
"code": 401,
"message": "Request had invalid authentication credentials. Expected OAuth 2 access token, login cookie or other valid authentication credential. See https://developers.google.com/identity/sign-in/web/devconsole-project.",
"errors": [
{
"message": "Invalid Credentials",
"domain": "global",
"reason": "authError",
"location": "Authorization",
"locationType": "header"
}
],
"status": "UNAUTHENTICATED"
}
}
I really don't understand what i'm doing wrong, and other answers don't seem to target my particular scenario. I'd be grateful if someone could point out what am i doing wrong.
I would recommend replicating the request in Google's OAuth 2.0 Playground. Then using the confirmed to be working access token to troubleshoot Postman.
For Postman you could also pass the access token as a request header and if that resolves the issue.
Postman Headers Tab Input:
| Key | Value |
|---------------|-----------------------|
| Authorization | Bearer {access_token} |
I am using Laravel-php, I have following code :
$client = new Google_Client();
$client->setClientId(env('GOOGLE_ID'));
$client->setClientSecret(env('GOOGLE_SECRET'));
//$client->setRedirectUri($redirect_uri);
$client->addScope("https://www.googleapis.com/auth/youtube.force-ssl");
$client->addScope("https://www.googleapis.com/auth/youtube");
$client->addScope("https://www.googleapis.com/auth/youtube.readonly");
$client->addScope("https://www.googleapis.com/auth/youtubepartner");
$youtube = new \Google_Service_YouTube($client);
$searchResponse = $youtube->channels->listChannels('snippet', array('mine' => true));
//$subscriptions = Curl::to('https://www.googleapis.com/youtube/v3/subscriptions')->withData(['part' => 'snippet', 'mine' => 'true'])->get();
echo "<pre>";
print_r($searchResponse);
Above code gives me following error :
Google_Service_Exception in REST.php line 118:
{
"error": {
"errors": [
{
"domain": "usageLimits",
"reason": "dailyLimitExceededUnreg",
"message": "Daily Limit for Unauthenticated Use Exceeded. Continued use requires signup.",
"extendedHelp": "https://code.google.com/apis/console"
}],
"code": 403,
"message": "Daily Limit for Unauthenticated Use Exceeded. Continued use requires signup."
}
}
I have tried to use CURL call also but that also gives me same error, any suggestions will save my day
What am I missing in code ?
Your error means that you haven't set up a Google APIs console project. The resource you are accessing requires OAuth authorization. You need to obtain authorization credentials in the Google Developers Console to be able to use OAuth 2.0 authorization.
Open the Credentials page.
The API supports API keys and OAuth 2.0 credentials. In your case, use OAuth 2.0 for your project:
OAuth 2.0: Your application must send an OAuth 2.0 token with any request that accesses private user data. Your application sends a client ID and, possibly, a client secret to obtain a token. You can generate OAuth 2.0 credentials for web applications, service accounts, or installed applications.
See the Creating OAuth 2.0 credentials section for more information.
You may also check this related thread: list user subscriptions to all youtube channels after getting access token
First thing is that it needs to be an authenticated call.
So you need to get the person to "Authenticate" through the Oauth2 and collect the token.
Then with the token send this call
https://www.googleapis.com/youtube/v3/subscriptions?part=id,snippet,contentDetails&maxResults=50&channelId='.$channelId.'&access_token='.$access_token
Then you can access the JSON response and collect them.
I am struggling to get oauth2 working between postman and the Google Apps Admin Sdk. I have created a client app in the google console and set the Authorized redirect URIs to https://www.getpostman.com/oauth2/callback and my settings in postman are as follows
Auth URL - https://accounts.google.com/o/oauth2/v2/auth
Access Token URL - https://www.googleapis.com/oauth2/v4/token
Client Id - some id here
Client Secrent - some secret here
Scope - https://www.googleapis.com/auth/admin.directory.user.readonly
Token Name - Google
Grant Type - Authorization Code
Request Access Token Locally - Checked
This returns a token - xyz - after logging in.
I do a GET request with the token in the url
https://www.googleapis.com/admin/directory/v1/users?key=xyz
The error I am getting is below
{
"error": {
"errors": [
{
"domain": "global",
"reason": "required",
"message": "Login Required",
"locationType": "header",
"location": "Authorization"
}
],
"code": 401,
"message": "Login Required"
}
}
From what I have read this should work. Where else do I have to login? What am I doing wrong?
After playing around I figured out my url was incorrect. Changing key to access_token did the trick.
Just a side note, ensure you specify the domain or customer parameter otherwise you will receive a bad request error.
I'm working on a scripts that checks if the user is already subscribed to my channel. The idea is to get all the channels the user had subscribed into then check if my channel id is one of them. First I get the access token correctly using POST and it works fine than send these as GET but the result is "failed to open stream: HTTP request failed! HTTP/1.0 403 Forbidden false". Doc page: https://developers.google.com/youtube/v3/docs/subscriptions/list#request_url
$data =file_get_contents('https://www.googleapis.com/youtube/v3/subscriptions?part=snippet
&maxResults=50&access_token='.$token.'&mine=true&key=My API Key');
var_export($data);
and pasting the full url
https://www.googleapis.com/youtube/v3/channels?part=snippet&mine=true&access_token={Access_Token}
I get this
{
"error": {
"errors": [
{
"domain": "global",
"reason": "insufficientPermissions",
"message": "Insufficient Permission"
}
],
"code": 403,
"message": "Insufficient Permission"
}
}
Add a heaer:
Authorization: Bearer ya29.DwG_A_V6cybZ2KGqRwPMBF02w0sYw9msqSKoCBI53So0zzIHFRKlwEv68C4aI_NdadQ4wKHUrV2pBA
key is your client id
Google restricts access with API keys. If you go over the free limits, they charge you. You need to get a Google API key and add it to the URL like this: &key=YOUR_API_KEY
Create the API key from Google's console (you'll need to sign up and create a project): https://console.cloud.google.com/apis/credentials
Your new URL for the request would be:
https://www.googleapis.com/youtube/v3/channels?part=snippet&mine=true&access_token={Access_Token}&key=YOUR_API_KEY
I was having this error, and I solved it when I found out I needed to add the Youtube scope to my OAuth sign-in request: "https://www.googleapis.com/auth/youtube"