This is a c# .NET application. The app makes an OAuth2 authenticated YouTube Data v3 ChannelList query that had been working for two months. Recently, the query fails with a 403 Forbidden message from Google. It fails from our Azure Web server and when running in Visual Studio on a developer desktop. The query works for at least one user but fails for all others tested. The query (listed here) works for all users from within the API Explorer. I cannot find additional error description returned from Google.
Update (7/15/2013): The query now runs after adding the access_token to the query. Previously, it executed successfully with the access_token only in the Service object, not explicitly part of the query. Although the query is successful with access_token directly appended, we are getting a downstream JavaScript error on on the YouTube embedded player. Not sure if that is related. I see there was a .NET API update in late June. #Ikailan, did something change at Google to break the access_token auth in the Service object. Note: we DID update to the new API. Are changes required to our code to use the June 2013 API updates?
Error Message "The remote server returned an error: (403) Forbidden."
Method that was failing but now works with the Auth token added to the query.
//Gets the channel information of the current user
public static ChannelListResponse GetCurrentUserChannel(string token)
{
YouTubeService service = new YouTubeService(GlobalSettings.applicationName, GlobalSettings.developerKey);
GAuthSubRequestFactory authFactory = new GAuthSubRequestFactory("YouTube", GlobalSettings.applicationName);
authFactory.Token = token;
service.RequestFactory = authFactory;
ChannelListResponse response = new ChannelListResponse();
try
{
System.IO.Stream resultStream = service.Query(new Uri("https://www.googleapis.com/youtube/v3/channels?part=id%2Csnippet%2CcontentDetails%2Cstatistics%2CtopicDetails&mine=true&access_token=" + authFactory.Token));
using (var reader = new System.IO.StreamReader(resultStream))
{
string value = reader.ReadToEnd();
response = JObject.Parse(value).ToObject<ChannelListResponse>();
}
}
catch (Exception ex) { }
return response;
}
Line that throws the exception. Added the Auth Key (see code above). Now the query executes successfully.
System.IO.Stream resultStream = service.Query(new Uri("https://www.googleapis.com/youtube/v3/channels?part=id%2Csnippet&mine=true"));
However, we are getting an Access Denied error for an embedded YouTube video player.
A first chance exception of type 'System.Threading.ThreadAbortException' occurred in mscorlib.dll
An exception of type 'System.Threading.ThreadAbortException' occurred in mscorlib.dll but was not handled in user code
Exception was thrown at line 4224, column 4 in http://localhost:49185/YotaCast_Prototype/Scripts/jquery-1.9.1.js
0x800a139e - JavaScript runtime error: SyntaxError
Exception was thrown at line 4242, column 4 in http://localhost:49185/YotaCast_Prototype/Scripts/jquery-1.9.1.js
0x800a139e - JavaScript runtime error: SyntaxError
Exception was thrown at line 360, column 9 in http://localhost:49185/YotaCast_Prototype/Scripts/foundation/foundation.js
0x800a1391 - JavaScript runtime error: 'Zepto' is undefined
Exception was thrown at line 1, column 97 in http://s.ytimg.com/yts/jsbin/www-embed-player-vflXN6WzI.js
0x80070005 - JavaScript runtime error: Access is denied.
Related
I'm trying to search with app-only credentials and the MS Graph Beta SDK.
The search query works fine in the graph explorer. I've copied the C# code snippet from there:
GraphServiceClient graphClient = new GraphServiceClient( authProvider );
var requests = new List<SearchRequestObject>()
{
new SearchRequestObject
{
EntityTypes = new List<EntityType>()
{
EntityType.DriveItem
},
Query = new SearchQuery
{
Query_string = new SearchQueryString
{
Query = "test"
}
},
From = 0,
Size = 25
}
};
await graphClient.Search
.Query(requests)
.Request()
.PostAsync();
However the request returns an exception:
Microsoft.Graph.ServiceException: 'Code: 0x713DBA9F Message: The
call failed, please try again. Inner error: AdditionalData: date:
2020-07-01T10:13:47 request-id: db08906e-2b78-4a57-8109-dcbc6b306c2e
ClientRequestId: db08906e-2b78-4a57-8109-dcbc6b306c2e
It should not be a permission error, as I fixed one exception about permission by adding Files.Read.All to the App in AD and giving consent to the tenant.
How can I find out what's going wrong?
I found this which seems to show /beta/search is not supported for application token, but needs delegate token.
I'll try to use /drives/{drive-id}/root/search(q='{search-text}') instead which should support application tokens.
https://github.com/microsoftgraph/microsoft-graph-docs/issues/7727
I'm getting started on Alexa Skill MAnagement SMAPI, so I need to get a refresh token. In the documentation it is specified that 'ask util generate-lwa-tokens' should be used, but in the current version 2.0 of 'ask' this option is no longer available. Thus, I obtained access tokens using postman as described here:
https://gist.github.com/marcelobern/fe44cee1dd5ed624e03b690a447e47fd
But when running some example of smapi what I get is a server error. The example and the error:
from ask_smapi_sdk import StandardSmapiClientBuilder
smapi_client_builder = StandardSmapiClientBuilder(client_id='***',
client_secret='***',
refresh_token='***')
smapi_client = smapi_client_builder.client()
try:
result = smapi_client.list_skills_for_vendor_v1(vendor_id='***', full_response=True)
print("==========================================")
print(result.headers)
print(result.body)
print("==========================================")
except Exception as e:
print(e.body if hasattr(e, 'body') else e)
The error:
{'error_description': 'The server encountered an internal error trying to '
'fulfill the request',
'error_type': 'ServerError'}`
Thank you,
Fernando
This command is now added in the ask-cli v2.1.0, you can check the changelog at
https://github.com/alexa/ask-cli/blob/develop/CHANGELOG.md#210-2020-04-16
Solved. You have to be sure to use a refresh token since access token will throw a server exception
I have an test API (get method) which I have deployed on production with test data.
This API if I call from anywhere directly from Browser , it works perfectly.
I created a web application, just a submit click button, to call that API. I deployed web application on Azure.
It doesn't work. It keeps giving me Operation has timed out exception. API doesn't get a hit. API get request works from browser. I tried to using logger in api, log file remains blank.
Can please anyone help me in this?
EDIT:
When I call through browser, I get following response
This XML file does not appear to have any style information associated with it. The document tree is shown below.
<ArrayOfMessage xmlns:i="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://schemas.datacontract.org/2004/07/ValidationWebApi">
<Message>
<MessageDesc>
[{"NO":"111","NAME":"Miss Jane ","EXTENSION":"","MOBILE":"","EMAIL_ID":SOME EMAIL ID}]
</MessageDesc>
<MessageId i:nil="true"/>
<WebApiInfo i:nil="true"/>
<isValid>1</isValid>
</Message>
</ArrayOfMessage>
But if I call through Azure hosted site, I get following error...
`System.Net.WebException: The operation has timed out at System.Net.WebClient.DownloadDataInternal(Uri address, WebRequest& request) at System.Net.WebClient.DownloadString(Uri address) at System.Net.WebClient.DownloadString(String address) at Test.btnSubmit_Click(Object sender, EventArgs e)
Edit:
The way this has been called to check whether it gets hit or not is as follows
This is button click event. we are just trying to print this response on screen. Get method is used.
string strApi = "https://domain.com/myApiName/Jane";
try
{
using (var client = new WebClient())
{
var result = client.DownloadString(strApi);
Response.Write(result);
}
}
I get exception on var result statement. It waits there for sometime and gives exception.
Regards,
Ashay
Try enabling CORS ( cross-origin HTTP request ) to you API controller ..
Thanks
Kasam Shaikh
Our project lets users upload videos to OUR public youtube channel when they are signed into our session. We do not want to require additional OAuth2 verification, and instead follow the follow of Google API v2.
My code (php) and error are below, but my general question is: can my server make the insert-video POST using my API key/secrets without requiring the user to authenticate.
This question - Google Calendar API v3 hardcoded credentials - is very similar. Howevr if CURLing Google for the access_token is the only answer, i'll be disappointed. Thanks regardless.
Google API V3 Settings:
Client ID: xxxx.apps.googleusercontent.com
Email address: xxxx#developer.gserviceaccount.com
Client secret: xxxx
Redirect URIs: http://fbtabs.imagendigital.co/unilever/sedal/surprise/galeria
JavaScript origins: https://fbtabs.imagendigital.co
API key:
AIzaSyBgS-jMJQUPIiAyX20xC-encFWTPsR7qxQ
Referers:
Any referer allowed
Activated on: Jul 4, 2013 1:21 PM
Activated by: xxxx#gmail.com – you
Code:
<?php
require_once BASE_CD . 'app/src/Idframework/Tools.php';
require_once BASE_CD . 'app/vendor/google-api-php-client/src/Google_Client.php';
require_once BASE_CD . 'app/vendor/google-api-php-client/src/contrib/Google_YouTubeService.php';
$client = new Google_Client();
$client->setApplicationName('Google+ PHP Starter Application');
$client->setClientId('xxx.apps.googleusercontent.com');
$client->setClientSecret('xxxx');
$client->setRedirectUri('http://fbtabs.imagendigital.co/unilever/sedal/surprise/galeria');
$client->setDeveloperKey('xxxx');
$youtube = new Google_YoutubeService($client);
$snippet = new Google_VideoSnippet();
$status = new Google_VideoStatus();
$video = new Google_Video();
if (isset($_POST['tip_desc'])) $snippet->setDescription($_POST['tip_desc']);
$snippet->setTitle($_POST['tip_name']);
$snippet->setTags(array("sedal","hair","pello","cabello"));
$status->privacyStatus = "public";
$video->setSnippet($snippet);
$video->setStatus($status);
$filename = $_FILES['videoInp']['tmp_name'];
$mime = \Idframework\Tools::get_mime($filename);
try {
$part = "status";
$obj = $youtube->videos->insert($part, $video,
array("data"=>file_get_contents($filename),
"mimeType" => $mime));
} catch(Google_ServiceException $e) {
print "Caught Google service Exception ".$e->getCode(). " message is ".$e->getMessage(). " <br>";
print "Stack trace is ".$e->getTraceAsString();
}
Error:
Notice: Undefined index: content-type in C:\DATA\IDInteractive\SedalSurprise\app\vendor\google-api-php-client\src\service\Google_MediaFileUpload.php on line 99
Caught Google service Exception 401 message is Error calling POST https://www.googleapis.com/upload/youtube/v3/videos?part=player&uploadType=multipart&key=AIzaSyBgS-jMJQUPIiAyX20xC-encFWTPsR7qxQ: (401) Login Required
Stack trace is #0 C:\DATA\IDInteractive\SedalSurprise\app\vendor\google-api-php-client\src\io\Google_REST.php(36): Google_REST::decodeHttpResponse(Object(Google_HttpRequest)) #1 C:\DATA\IDInteractive\SedalSurprise\app\vendor\google-api-php-client\src\service\Google_ServiceResource.php(186): Google_REST::execute(Object(Google_HttpRequest)) #2 C:\DATA\IDInteractive\SedalSurprise\app\vendor\google-api-php-client\src\contrib\Google_YouTubeService.php(789): Google_ServiceResource->__call('insert', Array) #3 C:\DATA\IDInteractive\SedalSurprise\youtuber.php(56): Google_VideosServiceResource->insert('player', Object(Google_Video), Array) #4 {main}
First off, letting arbitrary users upload videos into a "master" YouTube channel is not recommended, for the reasons outlined in this blog post.
That being said, if you're determined to do it, then you need to include an access token associated with your channel in each upload request. The appropriate way to get a fresh access token (they expire after an hour) is to take a refresh token that you've previously generated and stored somewhere and make an HTTP request to the appropriate URL to get back an access token, as explained in the OAuth 2 documentation. There's no way around that—I'm not sure whether there's a native method in the Google APIs PHP client library that will automate the process for you, but that's what needs to happen under the hood.
The information in Google Calendar API v3 hardcoded credentials does seem relevant.
I was testing Zend Gdata 1.10.1 in my localhost.
I downloaded Zend Gdate from this link:
http://framework.zend.com/download/webservices
Inside the Zend Gdata zip file, there was a folder called demos.
I extracted it and used the YouTudeVideoApp to upload a sample video to Youtube.
But every time after I logged into Youtube, before it redirected me to my localhost,
I received a warning message like this warning message:
localhost: This website is registered
with Google to make authorization
requests, but has not been configured
to send requests securely. We
recommend that you continue the
process only if you trust the
following destination:
localhost:8080/youtube/operations.php
So I googled on how to resolve the problem of getting this warning message when
I saw some people suggesed changing the value of $secure to True in operation.php.
Here is the script mentioned:
function generateAuthSubRequestLink($nextUrl = null)
{
$scope = 'http://gdata.youtube.com';
$secure = true;
$session = true;
if (!$nextUrl) {
generateUrlInformation();
$nextUrl = $_SESSION['operationsUrl'];
}
$url = Zend_Gdata_AuthSub::getAuthSubTokenUri($nextUrl, $scope, $secure, $session);
echo '<a href="' . $url
. '"><strong>Click here to authenticate with YouTube</strong></a>';
}
After I altered the value of $secure to True,
I found that the warning message changed to this:
localhost: Registered, secure. This
website is registered with Google to
make authorization requests
The new warning message is somehow shorter and looks better than the previous warning message.
But once I pressed the Allow Access button, it turned out to be this:
ERROR - Token upgrade for
CI3M6_Q3EOGkxoL-_____wEYjffToQQ failed
: Token upgrade failed. Reason:
Invalid AuthSub header. Error 401
ERROR - Unknown search type - ''
I don't know why this happened.
Could you help me solve the problem please?
edit your php.ini file and enable the openssl extensions
extension=php_openssl.dll
restart the httpd or IIS server