After following instruction on how to integrate Twilio in ROR apps, I have an issues when making a curl request:
curl -X POST http://localhost:3000/twilio/voice -d 'foo=bar'
Return me:
<html><body>You are being redirected.</body></html>
Thanks!!
Twilio developer evangelist here.
It looks like your /twilio/voice path is lying behind some user authentication. Your controller is being interrupted and sending you to the sign in page instead. You probably don't want user authentication in front of your Twilio routes.
Your app seems to require login before using the service. If you are trying to check using curl , please disable sign_in check. After testing you can enable it again.
Related
I am trying to get user token with requestUserToken method.I have also generated Developer token but it will return error like (SKErrorDomain error 7.) Please anyone help me
If you are using Ruby to get the develop token, it's the problem. Try to use python. This is my answer in another problem
It is the problem of develop token. I fixed it by using https://github.com/pelauimagineering/apple-music-token-generator. At the beginning, i use another ruby generator to get develop token. I test ok by using curl -v -H 'Authorization: Bearer [developer token]' "https://api.music.apple.com/v1/catalog/us/songs/203709340", but also get (SKErrorDomain error 7.) in sample code. Now it is ok. The ruby generator doesn’t work with requesting user tokens:https://github.com/pelauimagineering/apple-music-token-generator/issues/4
I am trying to use the Instagram OAuth using the developer documentation at
https://www.instagram.com/developer/authentication/.
Step 1 and 2 are working without any problems, so I have my Client-ID, the Client-Secret, the Redirect-URI and the code.
But every-time I am trying to get the Acces Token I get the following error:
{
"code": 400,
"error_type": "OAuthException",
"error_message": "Matching code was not found or was already used."
}
Any tips how to solve this?
We are experiencing the same issue. It appears that logging out of Instagram, then attempting to use Instagram OAuth through our site after we are logged out of Instagram is a workaround.
We're experiencing the same issue since yesterday (after months of working fine) - have reported it as an issue yesterday via the 'Report Issue' function on https://www.instagram.com/developer/clients/manage/ and I'd encourage you to do the same.
Yet to hear back, but seems likely it's their end having issues rather than something we're doing.
EDIT: It's also working fine for us on our development servers (which use different IPs for interacting with IG's API) but not working on our production server from any of the IPs we have available on the production server.
EDIT2: (July 2016) Just tested and it's mysteriously started working again on our production servers. No reply to the support ticket from Instagram as yet.
EDIT3: (December 2016) And now it's failing again with the same message... Seems like it's Instagram's end again. Nothing much we can do. Frustrating.
Logging in to Instagram, then complete Step 1 from the API Docs (https://api.instagram.com/oauth/authorize/?client_id=CLIENT-ID&redirect_uri=REDIRECT-URI&response_type=code), then follow the redirect and copying the code from the URL, then logging out of my account, then completing Step 3:
curl -F 'client_id=CLIENT_ID' \
-F 'client_secret=CLIENT_SECRET' \
-F 'grant_type=authorization_code' \
-F 'redirect_uri=AUTHORIZATION_REDIRECT_URI' \
-F 'code=CODE' \
https://api.instagram.com/oauth/access_token
That worked for me.
We are also experiencing the same issue from yesterday, looks like clearing browser (or new incognito window) do the trick. Although, the mobile app where we are authenticating through mobile browser, working fine.
Update: Deleted all my browsing history, cleared cache, etc. Like it was a brand new browser and now it works with no issue.
I've been hammering on the auth URL for weeks now. Testing and using the same stored token to re-authorize. Maybe stored tokens have a limit to the number of times they can be re-used?
======
Having the same issue as of today. Authorization was working fine earlier - now I'm getting the same 'Matching code...' response.
Signed in and out of my Instagram account repeatedly, created a new app id and disabled/enabled Implicit Oauth - all with no success.
The 'Authorized Applications' view in my Instagram account reports that my application has indeed been authorized, but I can't make calls to the API. Authenticating through an Incognito window returned a successful response but it's not a solution.
Tried reporting to Instagram through their 'Report Issue' form, but it won't allow me to submit the form.
I got the same error message. After 2 hours trying every workaround, I realized that I was using FB secret code instead of IG. Double check it first before trying any other solutions.
SOLVED! Just log out of Instagram and try again. That worked for me.
I solved this by creating a service on the backend/server side that authorised the user.
My backend API is a ruby on rails app. Here is a code snippet to understand.
def token
#response = Instagram.get_access_token(params[:code], redirect_uri: mobile_token_url)
instagram_user = InstagramUserCreator.new(user_params)
if instagram_user.find_or_create
redirect_to "taddarmobileapp://?token=#{instagram_user.user.token}"
else
redirect_to 'taddarmobileapp://'
end
end
I just store the token on the phone and use it to authorise the user to my backend API.
I am pretty newbie using Spree and I am just playing around with the 3.0 stable version.
I would like to log a user account into the store through API (or something like that) using the chrome app called "Advanced REST client", then visit the store and see the account logged there.
I couldn't find any reference for this kind of actions which involve users or accounts through API in https://guides.spreecommerce.com/api/. However, I noticed that if you make a POST request to localhost:3000/login sending the account details, you get the html code of the store which says that your were successfully logged.
After that I checked my browser cookies and the store session cookie was also created successfully. Finally, when I redirect the browser to the store (localhost:3000), the account is not logged in but the cookie still remains there.
I think is something related to the guest token generated by Spree, but I don't understand exactly why it doesn't work.
I would appreciate any help to clear this, also if you have any idea about how to get my goal it also would be appreciated.
In order to use a REST client, such as the Chrome app you mentioned, you have to authenticate against Spree's REST API. You need a spree api token to authenticate future request.
Have a look at the Spree Api Auth Gem. It allows you to you receive an api token like this:
\curl -v -H "Accept: application/json" -H "Content-type: application/json" -X POST -d ' {"user":{"email":"camelmasa#gmail.com", "password":"camelmasa"}}' http://localhost:3000/api/users/sign_in
You can also create new user account using this gem. Since Spree is using devise underneath, you can also use devise directly to authenticate your user.
I have an iOS application that I'm logging to Facebook to ask for an access_token.
Then I pass this access token to my server and I want to get the '/me' information, using my appsecret_proof but I noticed that I can do it without appsecret_proof:
curl "https://graph.facebook.com/me?access_token=THE_ACCESS_TOKEN"
{"id":"658267751","name":"Ricardo Otero",
"first_name":"Ricardo","last_name":"Otero",
"link":"https:\/\/www.facebook.com\/oterosantos",
"hometown":{"id":"107911285910314","name":"Coimbra, Portugal"},
"location":{"id":"110432202311659","name":"Lisbon, Portugal"}...
Although I have set the option "App Secret Proof for Server API calls" to true:
So, shouldn't the requests require the app secret? I don't get it!
Every access_token depends on app and user so for different app and user combination you will have different access token so you don't need to worry. though I am no sure why are you doing it this way
http://m-farhan.com/2014/03/ios-facebook-sdk-tutorial/
is the right way of doing this.
I am also navigating through the Facebook API "appsecret_proof" parameter -- here are the official docs on Facebook Developers Website:
https://developers.facebook.com/docs/graph-api/securing-requests#appsecret_proof -- it looks like this example PHP call can help you out:
$appsecret_proof= hash_hmac('sha256', $access_token, $app_secret);
Here's the Example Command-Line call they display:
curl \
-F 'access_token=<access_token>' \
-F 'appsecret_proof=<app secret proof>' \
-F 'batch=[{"method":"GET", "relative_url":"me"},{"method":"GET", "relative_url":"me/friends?limit=50"}]' \
https://graph.facebook.com
Here's someone who made a similar call with a Node.JS Server(dosen't look there is speciifc FACebook/API/SDK referecne though... :
Get signed_request in Node.js (Express) Facebook canvas app
When I share a link form my blog to facebook it goes to a totally different url, it only happens when the link is posted on facebook.
Igy is right consider checking the following in cURL
curl -i http://yourdomain.com -e https://facebook.com
option e sends the "Referer Page" information to the HTTP server.