I am trying to connect to Jira using OAuth. I have followed this manual and I have created app link in Jira instance and configured it with proper consumer key and public key. When I try to request a token using code from the example I am getting 401 with following message (same for python and perl instance):
oauth_problem=consumer_key_unknown
I am out of ideas what can be wrong. I will appreciate any tips.
Well, I believe that I have configured Application link in the wrong place. I have been somehow navigated to the link wiki/admin/listapplicationlinks.action. Then I accidentally found plugins/servlet/applinks/listApplicationLinks which looked pretty much the same as first but content was different. I have added link to the second location and everything works well now. Sorry for confusion.
I also had this similar error. So I then used different "consumer key"(tried to make this unique) other than the given one in the example manual. After searching a lot in internet about this error, I got to know that as most people are using that same consumer key(given in example manual), a database error occurred due to which this error was thrown.
Related
I am trying to create a Google Assistant for my Raspberry Pi in Kotlin. I implemented a OAuth flow using the so called "device flow" proposed in this IETF draft, since my Raspberry shall later just expose a web interface and does not have any input devices or graphical interfaces.
Google does support this flow (of course) and I obtain a valid access token with user consent in the end. For testing purpose I also tried a default authorization flow that will just forward the user to localhost, as it is normally done but it did not solve the problem.
I tested the access token using this tool and it confirmed validity of scope and token. So the token itself should work.
Scope is: https://www.googleapis.com/auth/assistant-sdk-prototype as documented here
This actually does not point to any valid web resource but is referenced in every documentation.
Then I tried to stream audio data to the assistant SDK endpoint using the gRPC provided java stubs. As took a third party reference implementation as a guide how to authenticate the rpc stub. But neither the reference implementation nor my own one works. They both report
io.grpc.StatusRuntimeException: UNAUTHENTICATED: Request is missing required authentication credential. Expected OAuth 2 access token, login cookie or other valid authentication credential. See https://developers.google.com/identity/sign-in/web/devconsole-project.
The stub is authenticated this way:
embeddedAssistantStub.withCallCredentials(
MoreCallCredentials.from(OAuth2Credentials
.newBuilder()
.setAccessToken(
myAccessToken,
myAccessTokenExpirationDate))
.build()))
and the authenticated request is performed like this:
val observer = authenticatedEmbeddedAssistantStub.converse(myStreamObserverImplementation)
observer.onNext(myConfigConverseRequest)
while(more audio data frames available) {
observer.onNext(myAudioFrameConverseRequest)
}
observer.onCompleted()
(I prefixed pseudo variables with "my" for clarity, they can consist of more code in the actual implementation.)
I even contacted the author of this demo implementation. He told me, last time he checked (several months ago) it was working perfectly fine. So I finally ran out of options.
Since the client implementation I took as reference used to work and I do actually authenticate the stub (although the error message suggests the opposite) Probably, either my valid access token with correct scope is not suitable chosen for the assistant API (though I followed the suggestions of google) or the API servers had a change not properly documented in the getting started articles by google.
So: Did anyone ran in the same problem and know how to fix it? I have the project on github. So if anyone needs the broken source code, I can do a temporary commit that produces the error.
Note, to save some works for mods: This issue referres to this and this question, both unresolved and using different languages but describing a similar problem.
Well, seems I was right about my second assumption: The error is server side. Here is the github issue, let's just wait for the fix.
https://github.com/googlesamples/assistant-sdk-python/issues/138
I'm developer working on integration between our product and LinkedIn. It's been decided we use https://www.linkedin.com/uas/oauth2/authorization to authenticate user. I found out the following issue, that I'll explain in detail below.
Positive scenario, everything works as expected:
when using valid client_id, everything is fine. To make everything clear, please see this URL (API key replaced with fake one):
https://www.linkedin.com/uas/oauth2/authorization?response_type=code&client_id=VALID_API_KEY&state=b4ac5e2ab5404d6fad2f25521d83e825&redirect_uri=http%3A%2F%2Flocalhost%3A8085%2Fapply-app%2Fpages%2Fsocial-networks%2Flinkedin%2Fauthenticated%3FsiteIdentifier%3DPIUFK026203F3VBLZ6G79V7OU%26token%3Db4ac5e2ab5404d6fad2f25521d83e825
When I remove client_id, everything is also fine and message is displayed (Missing client_id. A valid client_id is required to proceed.)
But when I use invalid client_id in browser I receive Content Encoding Error and http status code 500. URL: https://www.linkedin.com/uas/oauth2/authorization?response_type=code&client_id=invalid_client_id&state=b4ac5e2ab5404d6fad2f25521d83e825&redirect_uri=http%3A%2F%2Flocalhost%3A8085%2Fapply-app%2Fpages%2Fsocial-networks%2Flinkedin%2Fauthenticated%3FsiteIdentifier%3DPIUFK026203F3VBLZ6G79V7OU%26token%3Db4ac5e2ab5404d6fad2f25521d83e825
And the most interesting part goes here: when I fetch same URL using either wget or even java HttpConnection.connect() there result is different: HTTP status code 200 and html response. But when I started to analyze given output, I noticed that is ends up unexpectedly after <ul class="permissions, so it must me error in your code, that requires fixing.
I reported that, because it's quite inconvenient to support such behavior. Could you please inform me if you have any plans to fix this? If you need any further details regarding steps to reproduce this issue, please do not hesitate to contact me.
Best regards,
Piotr
I'm not sure why I'm getting REQUEST_DENIED error when I'm using iOS key. When I used the one for web application, it works fine, but it's only for testing since I must test from specific IP address.
I followed the instruction on this page, Obtaining an API key, but I still can't get it work. Do you know if there is something else I have to do? I made sure the bundle name is correct already.
So it seems like as of 09/09/13, there is no support for Places API for iOS. You have to use the one for web with any referrer rather than specify any static IP. Hope this help saves someone sometime. It took me quite a few hours to find this out.
Man, what a nightmare!
Can anybody PLEASE point me in the direction of any kind of a proper tutorial or example of how to implement an OAuth2.0 server on Restlet (2.2 or 2.1.1). The only thing resembling a tutorial that I managed to find is this one here, but don't get too excited just yet, because it seems that the code in the framework is being changed more frequently than this tutorial is being updated.
Aside from the above mentioned article, there seems to be a near complete absence of any useful search results on this matter on Google. Surely someone out there must have got this right and is using OAuth2.0 on Restlet?
I did in fact manage to get my OAuth2.0 server as far as to return an access token to me (after spending hours analyzing the source code of the AccessTokenResource.java file), but it seems that it is only validating the client id and not the client secret. Assuming I can sort that out, I am still faced with the task of actually protecting the resources (which should be the job of the OAuthAuthorizer, but that appears to no longer even be present after 2.1.1).
Any help would be greatly appreciated!!
This extension is a work in progress. Please note that OAuth 2.0 has only recently been finalized.
We are currently updating the 2.2 branch to a very recent draft (31). The code has been updated and the documentation indeed needs to follow.
2.2 is still under development and isn't ready for production. We are looking for testers and contributors (code and doc) at this point.
In 2.2 OAuthAuthorizer has been split.
See this issue for additional details:
https://github.com/restlet/restlet-framework-java/pull/644
My Problem might be simple, but i just dont know how the pageViewer/pageOwner concept work or its better to say i dont know how i can get rid of this system.
I just want to make a Gadget, which handles all Oauth-authentifications for Networks like Twitter, Google+ etc.
So basicly i want to let the User say how many Networks he wants to access and then i make all Oauth-authentifications, i use Liferay and Opensocial for that task but get this error:
OAuth error: UNKNOWN_PROBLEM: Client state belongs to a different person (state owner=G-10180, pageViewer=10196) ==== Original request: GET /m8/feeds/contacts/default/base?alt=json Host: www.google.com X-Shindig-AuthType: oauth X-Forwarded-For: 87.139.78.177 X-shindig-dos: on ====
I guess i have to change something in the shindig.properties file, but this is where i need your help.
-------------------------------UPDATE----------------------------------
I know that the first part of my Authentication works because i get a authentication token, but it is invalid. I assume that the gadget expects a token identical to the token the owner stored.
It would be perfect if you have a little code example for me to identify the viewer as new user if he isnt already a member. Please tell me where i have to put this code in my gadget because the documentation of opensocial costed much lifetime til now, but i cant find an answere to this issue :).
Thanks in advance
Please see my response to your other question: link
You're basically encountering the same problem where the viewer is not the page owner. As I mentioned in your other question, the page viewer must be the page owner for OAuth gadgets (in other words, you must add the OAuth gadget to a page you own).
I'm hoping that a future version of Shindig will fully support adding OAuth gadgets to pages where the viewer != owner, but I'm having difficulty getting feedback from the Shindig community (see here)