After 2 weeks that I was using that API correctly and I have upload a few video on YouTube, today I receive this error when I try to get a new access token:
Error 400: invalid_scope
Some requested scopes were invalid. {invalid=[https://googleapis.com/auth/youtube.upload]}
Also with the old access token that was working yesterday, now I cannot proceed..
Now I can think that YouTube for some reason have blocked me or something like that because I haven't changed the code.. Anyone have experienced something like this? How I can proceed? At least I want to know if I was 'blocked' and for what reason.
We're using oauth2 authetication for devices in order to allow our app to upload videos to YouTube accounts. This has been working fine for a number of weeks, but when I tried to authorise an account today, when I enter the phase where we poll for a token by calling https://www.googleapis.com/oauth2/v4/token it now returns 428 Precondition required.
I can only find a vague description of this in the global Google API docs. We haven't changed any code so unless Google have changed something at their end, I don't understand why this is suddenly no longer working.
Has anyone else had this issue recently and if you have, do you know of a solution?
Many thanks,
Damien
thanks for the reply. Yes I did debug it and the authentication tokens are correct.
After some experimentation, I've found that what's happening is that the API response for the polling for token call is now returning http status code 428 instead of 400 (for situations where the user hasn't accepted access yet and where the response would be authorization_pending). If I handle this code in the same way as a 428 it all works without problem.
Not sure why Google are now doing this as it can potentially break a lot of apps, but if anyone else is having this issue, you just need to check for code 428 instead.
I have been using reverse auth in my Twitter app for a year now. This morning my app reverse auth stopped working. After doing some inspecting, I found out that I am receiving an error message that states "Reverse auth credentials are invalid." This is extremely confusing to me, as I have changed nothing. I have emailed Twitter but haven't heard back yet.
Any help would be greatly appreciated!
We just noticed a similar issue in our app. Unfortunately the documentation is no longer accessible.
Changing the HTTP method of the initial https://api.twitter.com/oauth/request_token request from GET to POST fixed it for us.
I recently got oAuth working for my iOS app to log in to Tumblr. Now I'm having trouble posting using the new API calls. I'm able to generate a request and prepare Autorization headers but I'm still getting errors.
Here is my URL:
http://api.tumblr.com/v2/blog/my_blog.tumblr.com/post?tweet=no&tags=my%2C%20app&state=published&type=text&title=Hello&body=I%2520finally%2520got%2520this%2520to%2520work
Here is my Authorization header with x's in place of sensitive info:
Authorization = "OAuth realm=\"\", oauth_consumer_key=\"XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX\", oauth_token=\"XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX\", oauth_signature_method=\"HMAC-SHA1\", oauth_signature=\"XXXXXXXXXXXXXXXXXXXXXXXXX\", oauth_timestamp=\"1347656207\", oauth_nonce=\"XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX\", oauth_version=\"1.0\"";
There error I receive:
{"meta":{"status":400,"msg":"Bad Request"},"response":{"errors":["Post cannot be empty."]}}
Does anyone have experience with this? I've been working at it for at least 20 hours over a two day period.
Any help is greatly appreciated.
EDIT: I've also tried including authorization data in the url (i.e., oauth_token, oauth_consumer_key), essentially the stuff found in the header. When I do this I get a 401 "Not Authorized" error, which I know isn't correct because I just successfully called "http://api.tumblr.com/v2/user/info" which requires a valid authorization.
found solution, see explanation here.
I am using the ruby twitter gem and oauth to gain access to users twitter accounts. In my code, I have:
unless #user.twitter_authd?
oauth = Twitter::OAuth.new('token', 'secret')
session[:twitter_request_token] = oauth.request_token.token
session[:twitter_request_secret] = oauth.request_token.secret
#twitter_auth_url = oauth.request_token.authorize_url
end
where token and secret have my actual token and secret inserted. When I click on the link to the #twitter_auth_url, I am taken to twitter and asked to grant access. I click allow and then twitter redirects me to my callback URL http://www.mydomain.com/twitter_callback/?oauth_token=fmy2aMvnjVgaFrz37bJ4JuB8r5xN79gsgDQRG4BNY which then hits this code:
oauth = Twitter::OAuth.new('token', 'secret')
logger.info("session[:twitter_request_token] = #{session[:twitter_request_token]}")
logger.info("session[:twitter_request_secret] = #{session[:twitter_request_secret]}")
oauth.authorize_from_request(session[:twitter_request_token], session[:twitter_request_secret])
session[:twitter_request_token] = nil
session[:twitter_request_secret] = nil
#user.update_attributes({
:twitter_token => oauth.access_token.token,
:twitter_secret => oauth.access_token.secret,
})
redirect_to root_path
The twitter request token and secret are being set just fine. However I end up with an authorization error:
OAuth::Unauthorized in MainController#twitter_callback
401 Unauthorized
RAILS_ROOT: /Users/TAmoyal/Desktop/RoR_Projects/mls
Application Trace | Framework Trace | Full Trace
/Library/Ruby/Gems/1.8/gems/oauth-0.3.4/lib/oauth/consumer.rb:167:in `token_request'
/Library/Ruby/Gems/1.8/gems/oauth-0.3.4/lib/oauth/tokens/request_token.rb:14:in `get_access_token'
/Library/Ruby/Gems/1.8/gems/erwaller-twitter-0.6.13.1/lib/twitter/oauth.rb:29:in `authorize_from_request'
/Users/TAmoyal/Desktop/RoR_Projects/mls/app/controllers/main_controller.rb:70:in `twitter_callback'
The code is failing at this line:
oauth.authorize_from_request(session[:twitter_request_token], session[:twitter_request_secret])
when it tries to get an access token. You can see the source code of authorize_from_request here. I am not sure why this is happening. Anyone have ideas?
A bit late to the party but just ran into the same issue myself. I tracked the issue down to the setup of my OAuth app in Twitter. I had initially not specified a callback URL as I was unsure of it.
Once I had setup my rails app I went back to find Twitter had assumed I was a desktop application as I hadn't specified a callback URL. Once I changed this to website and entered a callback URL I stopped getting 400s.
If you're getting error 401 - OAuth::Unauthorized, make sure you edit the settings of your Twitter application as follows:
Application Type: Browser
Callback URL: http://127.0.0.1:3000/auth/twitter/callback
this is an issue about time synchronization of your system with twitter server.
Twitter doesn't allow localhost as part of a valid callback URL.
Instead use http://127.0.0.1:3000/auth/twitter/callback
Hope this helps
This was one of the most annoying things to debug that I have come across. I was outputting in a couple places by accident because the URL's are dynamic and they happened to not be defined in my test case (i use this to display chart data and there is not enough right now so the google chart api URL's are blank). This caused my browser to make multiple requests to my localhost when some pages were loaded. Somehow that made the oauth process crap out. Obviously there is no way for people on S.O. to know about my application specific issue so I had to answer my own question.
I had this same problem and none of the suggestions in this thread worked for me.
I found the problem for me was the TIMESTAMP on my request. The mobile device I was running my scripts on had a jacked up clock. When I updated the system time on my device to the correct time (i.e. now), all of my requests came back "200 OK" instead of "401 Unauthorized".
This problem seems to be caused by twitter not being able to handle connection keep-alive correctly. Make sure you set connection=close http header in the request to twitter. Wasted a weekend debugging this.
not enough info for me, but when was twitter gem last updated? twitter changed their oauth 'stuff' in mid may approx. perhaps you have an old one. I'd update your question to show the callback_url, and make sure you have the right token and secret, which it looks like you don't have.
also, did you put the right callback url in your twitter app page? alot of times that screws you up too.
if that fails use mbleighs twitter_auth instead. it worked for me and is pretty slick.