I want to call /search method of Google cloud print from my webServer.
I am using OAuth web server guide obtaining a refresh_token/access_token to use with scopes:
https://www.googleapis.com/auth/userinfo.email https://www.googleapis.com/auth/userinfo.profile
Then I am calling search Api but I am obtaining a 403 forbidden.
Request DefaultHttpRequest(chunked: false)
POST /cloudprint/search HTTP/1.1
Host: www.google.com
Content-Type: text/plain; charset=utf-8
Authorization: OAuth yb29.1.AADtN_U9PYyVhGpcS-8MpFhfGVbT4KsZKEoIX2HGePwoNXypjrSwVsS0pGzmaqhktfGBAQ
Connection: keep-alive
Accept: */*
User-Agent: NING/1.0
Content-Length: 0
Response DefaultHttpResponse(chunked: true)
HTTP/1.1 403 Forbidden
Content-Type: text/html; charset=utf-8
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Date: Tue, 03 Dec 2013 17:05:09 GMT
Set-Cookie: NID=67=MQJFdl-YkMdz875n1J2yVNmeUeAvsjVtDGlNvGkNLZdNTHX3YbnStNx9Vg_MiRsmht6hj3XrwJcPJEQeFLlnYKqt2Of1xHJ5HDwNJgOB3svOdnN-JRFcPxYt4AU10eSM;Domain=.google.com;Path=/;Expires=Wed, 04-Jun-2014 17:05:09 GMT;HttpOnly
P3P: CP="This is not a P3P policy! See http://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Server: GSE
Alternate-Protocol: 443:quic
Transfer-Encoding: chunked
Is the scope correct?
What am I doing wrong?
Your scopes are wrong. The correct scope is https://www.googleapis.com/auth/cloudprint
I think this related to your HTTP Header 'Authorization'.
When playing at https://developers.google.com/oauthplayground/, I see the generated requests use 'Authorization: Bearer your-token', instead of 'Authorization: OAuth your-token'.
Related
configureMixer (documentation) should be available in beta, but we get errors back saying that a resource could not be found.
Request:
POST https://graph.microsoft.com/beta/communications/calls/871f5d00-7f40-4e0c-9aad-3283e8ac1035/participants/configureMixer HTTP/1.1
Host: graph.microsoft.com
Authorization: Bearer eyJ0eXA...tbA
Request-Context: appId=cid-v1:13adf9bf-aa12-42fe-88bd-afefc67c10d7
traceparent: 00-1613065e30751243bc361f896e5de4a4-294bb2dc7c7d6946-00
Content-Type: application/json; charset=utf-8
Content-Length: 209
{"clientContext":"whatever","participantMixerLevels":[{"exclusive":true,"participant":"80842906-de4c-4888-a66f-9aed5ba257bb","sourceLevels":[{"participant":"b42d073d-c55e-4f3b-a207-e0e95785be7c","level":0}]}]}
response
HTTP/1.1 404 Not Found
Date: Wed, 15 Sep 2021 12:55:47 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000
request-id: 9da6d1e6-4dc4-477d-a600-c72dadbaad0e
client-request-id: 9da6d1e6-4dc4-477d-a600-c72dadbaad0e
x-ms-ags-diagnostic: {"ServerInfo":{"DataCenter":"West Europe","Slice":"E","Ring":"5","ScaleUnit":"001","RoleInstance":"AM4PEPF0000F183"}}
{"error":{"code":"UnknownError","message":"{\"message\":\"No HTTP resource was found that matches the request URI 'https://pma-ukso-03.plat.skype.com:8000/newPlatform/v1/communications/calls/871f5d00-7f40-4e0c-9aad-3283e8ac1035/participants('configureMixer')'.\"}","innerError":{"date":"2021-09-15T12:55:48","request-id":"9da6d1e6-4dc4-477d-a600-c72dadbaad0e","client-request-id":"9da6d1e6-4dc4-477d-a600-c72dadbaad0e"}}}
I only found this Post(without answer). Anyone knows why this is returning 404??
Sometimes Microsoft Graph's One Drive Content API does not return HTTP status 302, but HTTP Status 200.
Occurs occasionally from 8/26.
GET https://graph.microsoft.com/v1.0/drives/{drive-id}/root:/{file-name}.xlsx:/content HTTP/1.1
SdkVersion: Graph-dotnet-1.4.0
Authorization: bearer {token}
Cache-Control: no-store, no-cache
Host: graph.microsoft.com
Connection: Keep-Alive
HTTP/1.1 200 OK
Date: Fri, 28 Aug 2020 03:20:43 GMT
Cache-Control: no-cache
Location: https://{tenant-name}-my.sharepoint.com/personal/{user-name}_onmicrosoft_com/_layouts/15/download.aspx?UniqueId={unique-id}&Translate=false&tempauth={tempauth}&ApiVersion=2.1
Strict-Transport-Security: max-age=31536000
request-id: {request-id}
client-request-id: {client-request-id}
x-ms-ags-diagnostic: {"ServerInfo":{"DataCenter":"Japan East","Slice":"E","Ring":"2","ScaleUnit":"000","RoleInstance":"TY1PEPF00000CC9"}}
Content-Length: 0
I am trying to use fiddler to test the oauth/request_token api but am getting a 'Failed to validate oauth signature and token' 401 error. I copied the authorization header values directly from my application and added an oauth_callback header. I am trying to follow the example in the following documentation:
https://dev.twitter.com/docs/api/1/post/oauth/request_token.
Any help would be greatly appreciated.
REQUEST:
POST https://api.twitter.com/oauth/request_token HTTP/1.1
Authorization: OAuth oauth_callback="http%3A%2F%2Flocalhost%3A61921%2Ftwitter%2Fprocesscallback", oauth_consumer_key="XXXXXXXXXXXXXXXXXXXXX", oauth_nonce="53891723ad7b32501c669d97f56c6d47", oauth_signature="qzN516EVspIA0NWBbpND83YcTr4%3D",
oauth_signature_method="HMAC-SHA1",
oauth_timestamp="1402955245",
oauth_token="2514015781-KqTbOPPag7p0CYQ6xByIibV3WEk8xLsWrhb9U4M",
oauth_version="1.0"
Host: api.twitter.com
Content-Length: 0
RESPONSE:
HTTP/1.1 401 Unauthorized
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-length: 44
content-type: text/html; charset=utf-8
date: Mon, 16 Jun 2014 21:54:56 GMT
expires: Tue, 31 Mar 1981 05:00:00 GMT
last-modified: Mon, 16 Jun 2014 21:54:56 GMT
pragma: no-cache
server: tfe
set-cookie: _twitter_sess=BAh7CDoPY3JlYXRlZF9hdGwrCEIJraZGAToHaWQiJTlmOTQ3Y2MyYWNlMTkx%250AYTMyYzVlZmYyMTA4ZjU4ZTdkIgpmbGFzaElDOidBY3Rpb25Db250cm9sbGVy%250AOjpGbGFzaDo6Rmxhc2hIYXNoewAGOgpAdXNlZHsA--3afebfe1105e8a7315baba72651e76a24f53e6d2; domain=.twitter.com; path=/; secure; HttpOnly
set-cookie: guest_id=v1%3A140295569643962216; Domain=.twitter.com; Path=/; Expires=Wed, 15-Jun-2016 21:54:56 UTC
status: 401 Unauthorized
strict-transport-security: max-age=631138519
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-mid: d31abfd0b6cbb0aa6434a6ffc6efdfac089ab0a5
x-runtime: 0.01273
x-transaction: 2dd94ca53f553801
x-ua-compatible: IE=edge,chrome=1
x-xss-protection: 1; mode=block
Failed to validate oauth signature and token
I'm having an issue playing with the Document List API on the OAuth 2.0 Playground. All the other APIs work except for this one. The request is being sent from the playground as:
GET /feeds/default/private/full/ HTTP/1.1
Host: docs.google.com
Content-length: 0
Authorization: OAuth <the oAuth string generated>
And the response is coming back as:
HTTP/1.1 400 Bad Request
status: 400
content-length: 19
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
expires: Tue, 29 May 2012 17:11:47 GMT
x-google-cache-control: remote-fetch
server: GSE
via: HTTP/1.1 GWA
cache-control: private, max-age=0
date: Tue, 29 May 2012 17:11:47 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
-content-encoding: gzip
Invalid request URI
Is the API simply deprecated because of Google Drive or is there something else I'm doing wrong?
You have to send requests to version 3 of the API, by either adding the ?v=3 query parameter to the URI or sending the GData-Version: 3.0 header.
I'm trying to use Google's OAuth in my system. I've successfully integrated Twitter and LinkedIn but i'm having hard times with Google.
I already have the consumer key, consumer secret and a valid access token. Using the G's OAuth playground I make a call to a protected resource (https://mail.google.com/mail/feed/atom). I've generated the token using this scope.
Using the authorization data in the HTTP header:
GET /mail/feed/atom HTTP/1.1
Host: mail.google.com
Accept: */*
Authorization: OAuth oauth_version="1.0", oauth_nonce="nounce", oauth_timestamp="1314727855", oauth_consumer_key="myconsumerkey", oauth_token="myvalidtoken", oauth_signature_method="HMAC-SHA1", oauth_signature="signature"
Content-Type: application/atom+xml
GData-Version: 2.0
The response I get from this is a valid HTTP call:
HTTP/1.1 200 OK
Content-Type: text/xml; charset=UTF-8
Set-Cookie: S=gmail=yp_A23KtGOD9:gmproxy=PxCjSERnJWBbe; Path=/mail; Secure
Date: Tue, 30 Aug 2011 18:10:55 GMT
Expires: Tue, 30 Aug 2011 18:10:55 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Content-Length: 353
Server: GSE
<XML response here>
But, (and here comes the error), using the same access token but sending it in the URL as param (https://mail.google.com/mail/feed/atom?oauth_token=myvalidtoken):
GET /mail/feed/atom?oauth_version=1.0&oauth_nonce=nonce&oauth_timestamp=1314729533&oauth_consumer_key=myconsumerkey&access_token=myvalidtoken&oauth_token=oauthtoken&oauth_signature_method=HMAC-SHA1&oauth_signature=signature HTTP/1.1
Host: mail.google.com
Accept: */*
Content-Type: application/atom+xml
GData-Version: 2.0
I get an 401 error:
HTTP/1.1 401 Unauthorized
Content-Type: text/html; charset=UTF-8
WWW-Authenticate: BASIC realm="New mail feed"
Content-Length: 147
Date: Tue, 30 Aug 2011 18:38:53 GMT
Expires: Tue, 30 Aug 2011 18:38:53 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Server: GSE
<HTML about my 401>
EDIT
I saw this example and I tried to use anonymous as consumer key and consumer secret. Now it works... but I need to show to the user the project's name declared in the Google's app registration page. I think i'm not using the correct consumer key and consumer secret.
Any clues on this will be appreciated. :)
Thanks in advance
https://www.rfc-editor.org/rfc/rfc5849#section-3.5.3
In OAuth 1.0, the parameter name is oauth_token not access_token...