I'm developing a web application with golang and using an API of Twitter to do the login. It runs very well in my computer but I have that error when I put it in production.
Error getting request token, Post http://api.twitter.com/oauth/access_token: Call error 3: invalid security ticket
It's hard to tell without seeing the code, but I'd bet that your credentials are incorrect.
I'd recommend using a client library to handle your authentication to make debugging easier. (Here's a Go twitter client library I wrote).
If the error is that you're not creating the correct query, using a well-tested library will fix that. If you still get the same error, check that all of your credentials (including the callback URL!) are correct.
Related
I want to enable session for every user who requests for the token using the URL "/auth/local" which is the default API provided by Strapi. I guess Strapi is by default configured with Koa session but inspite of that no session cookie is returned in response by default.
What is the best way to enable session management in Strapi? Can anyone share their experience on this one ?
Why do not you try using the mechanism of sessionStrage.
I referred to this page of the official reference.
(I used non-react part because I do not use it)
Plugin Development - Front-end Helpers - Auth
https://strapi.io/documentation/plugin-development/utils.html#auth
github
https://github.com/strapi/strapi-examples/tree/master/login-react/react-login-front-end-app
blog?
https://medium.com/strapi/protected-routes-and-authentication-with-react-and-node-js-d31d234644cd
The source of auth.js is pretty helpful
https://github.com/strapi/strapi-examples/blob/master/login-react/react-login-front-end-app/app/utils/auth.js
I POST from the request module and returned to json
auth.setToken (body.jwt, body.rememberMe)
auth.setUserInfo (body.user, body.rememberMe)
Then we kept the data in sessionStrage.
I do not know if it will be helpful, but maybe it may be useful, so I wrote it.
I am a Japanese who is not good at English, so I'm going to google translate as it is.
Even if there is a strange part, I do not know, so please forgive that point.
I am trying to create a Google Assistant for my Raspberry Pi in Kotlin. I implemented a OAuth flow using the so called "device flow" proposed in this IETF draft, since my Raspberry shall later just expose a web interface and does not have any input devices or graphical interfaces.
Google does support this flow (of course) and I obtain a valid access token with user consent in the end. For testing purpose I also tried a default authorization flow that will just forward the user to localhost, as it is normally done but it did not solve the problem.
I tested the access token using this tool and it confirmed validity of scope and token. So the token itself should work.
Scope is: https://www.googleapis.com/auth/assistant-sdk-prototype as documented here
This actually does not point to any valid web resource but is referenced in every documentation.
Then I tried to stream audio data to the assistant SDK endpoint using the gRPC provided java stubs. As took a third party reference implementation as a guide how to authenticate the rpc stub. But neither the reference implementation nor my own one works. They both report
io.grpc.StatusRuntimeException: UNAUTHENTICATED: Request is missing required authentication credential. Expected OAuth 2 access token, login cookie or other valid authentication credential. See https://developers.google.com/identity/sign-in/web/devconsole-project.
The stub is authenticated this way:
embeddedAssistantStub.withCallCredentials(
MoreCallCredentials.from(OAuth2Credentials
.newBuilder()
.setAccessToken(
myAccessToken,
myAccessTokenExpirationDate))
.build()))
and the authenticated request is performed like this:
val observer = authenticatedEmbeddedAssistantStub.converse(myStreamObserverImplementation)
observer.onNext(myConfigConverseRequest)
while(more audio data frames available) {
observer.onNext(myAudioFrameConverseRequest)
}
observer.onCompleted()
(I prefixed pseudo variables with "my" for clarity, they can consist of more code in the actual implementation.)
I even contacted the author of this demo implementation. He told me, last time he checked (several months ago) it was working perfectly fine. So I finally ran out of options.
Since the client implementation I took as reference used to work and I do actually authenticate the stub (although the error message suggests the opposite) Probably, either my valid access token with correct scope is not suitable chosen for the assistant API (though I followed the suggestions of google) or the API servers had a change not properly documented in the getting started articles by google.
So: Did anyone ran in the same problem and know how to fix it? I have the project on github. So if anyone needs the broken source code, I can do a temporary commit that produces the error.
Note, to save some works for mods: This issue referres to this and this question, both unresolved and using different languages but describing a similar problem.
Well, seems I was right about my second assumption: The error is server side. Here is the github issue, let's just wait for the fix.
https://github.com/googlesamples/assistant-sdk-python/issues/138
I'm trying to debug posting content via the Content Item Message spec back to Brightspace after a successful launch to my Ruby on Rails application – but I'm getting nothing but inscrutable 500 errors from the Brightspace server –– I presume that I am sending a bad signature (Brightspace confirmed this one time), but I haven't been able to find conclusive documentation on exactly how the nonce, timestsamp and signature are calculated, nor have I been able to find an open source library that appears to handle this.
Any advice appreciated.
I discovered that Instructure's ims-lti gem, although not documented, can generate signed params which can then be posted server-side or iterated through to render an HTML form client side, and then auto-submit, using the IMS::LTI::Models::Messages::ContentItemSelection class at /lib/ims/lti/models/messages/content_item_selection.rb
I am trying to connect to Jira using OAuth. I have followed this manual and I have created app link in Jira instance and configured it with proper consumer key and public key. When I try to request a token using code from the example I am getting 401 with following message (same for python and perl instance):
oauth_problem=consumer_key_unknown
I am out of ideas what can be wrong. I will appreciate any tips.
Well, I believe that I have configured Application link in the wrong place. I have been somehow navigated to the link wiki/admin/listapplicationlinks.action. Then I accidentally found plugins/servlet/applinks/listApplicationLinks which looked pretty much the same as first but content was different. I have added link to the second location and everything works well now. Sorry for confusion.
I also had this similar error. So I then used different "consumer key"(tried to make this unique) other than the given one in the example manual. After searching a lot in internet about this error, I got to know that as most people are using that same consumer key(given in example manual), a database error occurred due to which this error was thrown.
I have a web application which i need to be load tested using LoadRunner. When I record the website using vugen it works good and there is no any application bug. But when I tried to replay the script, script failed after login and while navigating to next page, say, Transaction. At the end of log, I receive error:
Action.c(252): Error -26612: HTTP Status-Code=500 (Internal Server Error)
for "http://rob.com/common/transaction
Please help me to resolve this error.
LoadRunner generates HTTP request just as your browser does, this error is the same error you would get if you would go to that URL using your browser. Error code 500 is a generic server error that is returned when there is no better (more specific error to return).
Most likely the login process requires some form of authentication which is protected against a replay attack by using some form of token. It is up to you to capture this token using Correlations in LoadRunner and replay it as the server expects. The Correlation Studio in VuGen should detect and identify the token for you but since authentication methods vary it is sometimes impossible to do this automatically and you will have to create manual correlation. Please consult the product documentation for more details on how to do it. If your website is publicly available online then post its URL and I will try to record the script on my machine.
Thanks,
Boris.
Most common reasons
You are not checking each request for a valid result being returned and using a 200 HTTP status as an assumed correct step without examining the content of what is being returned. As a result when data being returned is incorrect you are not branching the code to handle the exception. Go one to two steps beyond where your business process has come off the rails with an assumptive success and you will have a 500 status message for an out of context action occurring 100% of the time.
Missed dynamic element. Record three times. Compare the code. Address the changing components.