My code:
var authkey = "OAuth oauth_consumer_key="xvz1evFS4wEEPTGEFPHBog",
oauth_nonce="kYjzVBB8Y0ZFabxSWbWovY3uYSQ2pTgmZeNu2VS4cg",
oauth_signature="tnnArxj06cWHq44gCs1OSKk%2FjLY%3D",
oauth_signature_method="HMAC-SHA1",
oauth_timestamp=""+(new Date().getTime()/1000).toFixed(0)+"",
oauth_token="370773112-GmHxMAgYyLbNEtIKZeRNFsMKPR9EyMZeS9weJAEb",
oauth_version="1.0"";
var result = Meteor.http.get("https://api.twitter.com/1.1/account/verify_credentials.json",{headers:{Authorization : authkey});
Here's the error:
Your app is crashing. Here's the latest log.
Errors prevented startup:
While building the application:
server/accounts.js:81:50: Unexpected identifier
Your application has errors. Waiting for file change.
Line 81 points to the authkey.
There's an example on this SO post.
Basically, you need to do the following:
Generate your oauth keys on twitter for your app
Fill in those keys into a variable, such as the authkey variable shown in that SO post
Pass that variable in using the object that includes {headers: {Authorization: authkey}}
There are details for creating the oauth signature on Twitter's documentation.
Related
I have created a custom OAuth client for the snowflake account by referring documentation here, https://docs.snowflake.com/en/user-guide/oauth-custom.html
I created an OAuth custom instance for my local using the following query:
create security integration My_Snowflake_Connector
type = oauth
enabled = true
oauth_client = custom
oauth_client_type = 'CONFIDENTIAL'
oauth_redirect_uri = 'http://localhost:4200/api/auth/callback/snowflake'
oauth_issue_refresh_tokens = true
oauth_refresh_token_validity = 86400
blocked_roles_list = ()
pre_authorized_roles_list = ('SYSADMIN', 'ACCOUNTADMIN', 'SECURITYADMIN')
oauth_allow_non_tls_redirect_uri = true
I have obtained authorization & token URLs using the following query:
DESCRIBE security integration My_Snowflake_Connector
I also obtained secrets using the following query:
SELECT SYSTEM$SHOW_OAUTH_CLIENT_SECRETS( 'MY_SNOWFLAKE_CONNEECTOR' )
I have used passport-oauth2 plugin & OAuth2Strategy
On initiating OAuth flow I am rightly taken to the snowflake account I log in it shows the OAuth consent screen but upon redirection, I get an error invalid_client.
I am getting the following error JSON blob:
{\n "data" : null,\n "error" : "invalid_client",\n "code" : null,\n "message" : "This is an invalid client.",\n "success" : false,\n "headers" : null\n}
I have verified the callback URL, client id & secret none seems to be wrong.
What may be wrong with my configuration?
Update
We could not figure out the reason behind the OAuth error, Finally, we ended up using the Node js client from snowflake. For more info: https://docs.snowflake.com/en/user-guide/nodejs-driver.html
I could see a similar error when testing OAuth2 from Postman when Client Authentication is set to "Send Client Credentials in body".
On changing this to "Send as Basic Auth Header",token generation works fine and proceeds successfully.
I guess this change should resolve the issue in your case as well. One of the reference that I checked is here : https://github.com/ciaranj/node-oauth/pull/316
I'm using Stripe to process payments in my iOS Swift app and Firebase Cloud Functions for the backend. I setup an example app using Stripe's Example project located here:
Stripe iOS Standard Integration
When I load the CheckoutView I get an Error 400 response. The issue I believe is with the backendURL that I set in CheckoutViewController (customized using the link to the example above):
// 2) Next, optionally, to have this demo save your user's payment details, head to
// https://github.com/stripe/example-ios-backend/tree/v13.0.3, click "Deploy to Heroku", and follow
// the instructions (don't worry, it's free). Replace nil on the line below with your
// Heroku URL (it looks like https://blazing-sunrise-1234.herokuapp.com ).
let backendBaseURL: String? = "https://us-central1-app-1253c.cloudfunctions.net/https-client-donateToUser"
I get the following messages in my Cloud Function logs:
Request has incorrect Content-Type. application/x-www-form-urlencoded
Invalid request IncomingMessage
Function execution took 498 ms, finished with status code: 400
I tried using the URL of the actual Firebase app (ex: appname123.firebaseapp.com) but that returns an Error 404 instead.
Any ideas for a solution would be greatly appreciated. Thank you.
EDIT:
Thanks to #psmvac I fixed the backend URL. However, I'm now getting error The data couldn't be read because it isn't in the correct format. I believe this is because I don't have a cloud function to accept ephemeral keys. This is what I have so far, what else does this need in order to match the iOS Stripe Example? I'm struggling to find any Cloud Function examples of this online.
export const ephemeral_keys = functions.https.onCall(async (data, context) => {
const stripe_version = data.api_version
stripe.ephemeralKeys.create(data.customer_id,stripe_version)
}
)
I have get access token and when I try to post rtm.start, I am getting below error:
{
error = "missing_scope";
needed = client;
ok = 0;
provided = "identify,read,post";
}
I have set the scope to read,post,identify in authorize API. I have read the API document over and over again. Only rtm.start mentioned client scope. But in oauth document I didn't find a client scope. So, what's wrong?
You have to do it before you get the token.
when you do the initial request to connect the app, include &scope="identify,read,post,client"
Under App Credentials get your Client ID and Client Secret.
Goto:
https://#{team}.slack.com/oauth/authorize?client_id=#{cid}&scope=client
replacing #{team} and #{cid} with your values.
When you approve the authorization you’ll goto that real url that doesn’t resolve. Copy the whole url to your clipboard and paste it into a text file. Extract out just the “code” part.
Now goto:
https://#{team}.slack.com/api/oauth.access?client_id=#{cid}&client_secret=#{cs}&code=#{code}"
And you’ll get back a token like:
xoxp-4422442222–3111111111–11111111118–11aeea211e
(from here: https://medium.com/#andrewarrow/how-to-get-slack-api-tokens-with-client-scope-e311856ebe9)
In the process of checking out Stripe Connect.
I've got to the stage where I can access the token (which is explained here https://stripe.com/docs/connect/oauth#token-request) but I'm having trouble accessing other parts of the object.
To retrieve the object I use:
response = #client.auth_code.get_token(code, params)
and to get at the token I use:
#token = response.token #strangely it isn't response.access_token
My problem is that I can't access other parts of Stripe's response which contains amongst other things a publishable key.
I have debugged the response and I get this (trimmed down and sensitive data altered):
...#token="sk_test_abc123", #refresh_token="rt_abc123", #expires_in=nil, #expires_at=nil, #options={:mode=>:header, :header_format=>"Bearer %s", :param_name=>"bearer_token"}, #params={"livemode"=>false, "token_type"=>"bearer", "stripe_publishable_key"=>"pk_test_abc123", "stripe_user_id"=>"abc123", "scope"=>"read_write"}
Can anyone tell me how to access the stripe_publishable_key in this response?
I've tried:
response.params[:stripe_publishable_key]
and
response.params.stripe_publishable_key
Have you tried response.params['stripe_publishable_key']
The hash is using strings rather than symbols for keys. You have to access the values using a string like this:
response.params["stripe_publishable_key"]
Does anyone have sample code or clear instructions on how to use libEtPan to connect to a GMail account using OAuth? I couldn't find anything.
Details for OAuth in GMail are here: http://code.google.com/apis/gmail/oauth/
libetpan has some documentation in its header files, for IMAP it's in https://github.com/dinhviethoa/libetpan/blob/master/src/low-level/imap/mailimap_oauth2.h
/*
mailimap_oauth2_authenticate()
Authenticates the client using using an oauth2 token.
To gather a deeper understanding of the OAuth2 aunthentication
process refer to: https://developers.google.com/gmail/xoauth2_protocol
For a quick start you may follow this brief set of steps:
1. Set up a profile for your app in the Google
API Console: https://code.google.com/apis/console
2. With your recently obtained client_id and secret
load the following URL (everything goes ina single line):
https://accounts.google.com/o/oauth2/auth?client_id=[YOUR_CLIENT_ID]&
redirect_uri=urn%3Aietf%3Awg%3Aoauth%3A2.0%3Aoob&
response_type=code&scope=https%3A%2F%2Fmail.google.com%2F%20email&
&access_type=offline
3. The user most follow instructions to authorize application access
to Gmail.
4. After the user hits the "Accept" button it will be redirected to another
page where the access token will be issued.
5. Now from the app we need and authorization token, to get one we issue a POST request
the following URL: https://accounts.google.com/o/oauth2/token using these parameters:
client_id: This is the client id we got from step 1
client_secret: Client secret as we got it from step 1
code: This is the code we received in step 4
redirect_uri: This is a redirect URI where the access token will be sent, for non
web applications this is usually urn:ietf:wg:oauth:2.0:oob (as we got from step 1)
grant_type: Always use the authorization_code parameter to retrieve an access and refresh tokens
6. After step 5 completes we receive a JSON object similar to:
{
"access_token":"1/fFAGRNJru1FTz70BzhT3Zg",
"refresh_token":"1/fFAGRNJrufoiWEGIWEFJFJF",
"expires_in":3920,
"token_type":"Bearer"
}
The above output gives us the access_token, now we need to also retrieve the user's e-mail,
to do that we need to perform an HTTP GET request to Google's UserInfo API using this URL:
https://www.googleapis.com/oauth2/v1/userinfo?access_token=[YOUR_ACCESS_TOKEN]
this will return the following JSON output:
{
"id": "00000000000002222220000000",
"email": "email#example.com",
"verified_email": true
}
#param session IMAP session
#param auth_user Authentication user (tipically an e-mail address, depends on server)
#param access_token OAuth2 access token
#return the return code is one of MAILIMAP_ERROR_XXX or
MAILIMAP_NO_ERROR codes
*/
LIBETPAN_EXPORT
int mailimap_oauth2_authenticate(mailimap * session, const char * auth_user,
const char * access_token);
LIBETPAN_EXPORT
int mailimap_has_xoauth2(mailimap * session);
I haven't tried it out myself yet, but when I get around to implement it I'll post a link of the implementation.
Update March 2021
I finally got around to implement support for Google OAuth 2.0 in my email client nmail now. The commit can be viewed here but essentially I ended up doing steps 2-6 above in a separate external script, as libetpan does not do the token generation/refresh for us. The token handling is fairly straight-forward - see oauth2nmail.py for example.