I am trying to create a "Connect to QuickBooks" button using IPP as described here.
The Javascript code provided by IPP, intuit.ipp.anywhere.setup() requires a parameter grantUrl, which points to an oAuth handler in my application. I don't have an oAuth handler yet, nor have I ever written one.
Is there any open source oAuth handler I can use here? If I need to write one, what should it look like?
Intuit has a Java DevKit that you can grab over here:
http://docs.developer.intuit.com/0025_Intuit_Anywhere/0055_DevKits/0200_IPP_Java_DevKit
It has OAuth components which should do what you're asking:
http://docs.developer.intuit.com/0025_Intuit_Anywhere/0055_DevKits/0200_IPP_Java_DevKit/0400_Basic_Usage_Pattern
Related
In my current application under test using Karate framework, I came across TWO APIs - Token and Extended, which provides the APIGEE token value to access backend services.
API-1: Token API
Input payload (form-data) -
grant-type: authorization_code
code: *8-digit-characters*
redirect_uri: https://../oauth-code-callback
code-verifier:*28-digit-characters*
client_id: *Unique-Client-Key*
Response -
{"access-token":"..."}
API-2: Extended API
Input payload (JSON) -
{"access-token":"..."}
Response -
"APIGEE_Token"
Looking at the input payload in API-1, code and code-verifier are SHA-256 encrypted values generated using typescript. Now, in order to generate the final APIGEE token, I need to generate code and code-verifier values using the same typescript libraries in Karate. Is there any possibility as such? Else, please suggest if there is any alternative approach for my requirement. Thanks in advance!
First, I suggest you check if the tokens can be generated using some standard algorithm, in that case you can re-write them in Java or JS. Examples here: https://stackoverflow.com/search?q=%5Bkarate%5D+jwt
Else here are 2 extra creative solutions:
Karate uses the Graal JS engine, so if you can get the pure-JS equivalent of the routine you need, it may be possible to load it into Karate by reading the .js file. For example read() (or karate.read()) can return a JS function, which you can then invoke within your test flow.
If you have node / npm installed, you can write a command-line program that takes command-line args and returns the data you need. Note that you can even return JSON and use karate.fromString() to parse it. Karate happens to have very good support for OS command-line execution, refer: https://stackoverflow.com/a/62911366/143475 and a similar idea is described here: https://stackoverflow.com/a/51150286/143475
Finally, it may well be worth it to ask your dev-team to stand-up a small REST service that returns these tokens for you in your pre-prod environment. And the moment you have a REST option, guess what Karate is really good at :) The REST is up to you.
I am trying to create a Google Assistant for my Raspberry Pi in Kotlin. I implemented a OAuth flow using the so called "device flow" proposed in this IETF draft, since my Raspberry shall later just expose a web interface and does not have any input devices or graphical interfaces.
Google does support this flow (of course) and I obtain a valid access token with user consent in the end. For testing purpose I also tried a default authorization flow that will just forward the user to localhost, as it is normally done but it did not solve the problem.
I tested the access token using this tool and it confirmed validity of scope and token. So the token itself should work.
Scope is: https://www.googleapis.com/auth/assistant-sdk-prototype as documented here
This actually does not point to any valid web resource but is referenced in every documentation.
Then I tried to stream audio data to the assistant SDK endpoint using the gRPC provided java stubs. As took a third party reference implementation as a guide how to authenticate the rpc stub. But neither the reference implementation nor my own one works. They both report
io.grpc.StatusRuntimeException: UNAUTHENTICATED: Request is missing required authentication credential. Expected OAuth 2 access token, login cookie or other valid authentication credential. See https://developers.google.com/identity/sign-in/web/devconsole-project.
The stub is authenticated this way:
embeddedAssistantStub.withCallCredentials(
MoreCallCredentials.from(OAuth2Credentials
.newBuilder()
.setAccessToken(
myAccessToken,
myAccessTokenExpirationDate))
.build()))
and the authenticated request is performed like this:
val observer = authenticatedEmbeddedAssistantStub.converse(myStreamObserverImplementation)
observer.onNext(myConfigConverseRequest)
while(more audio data frames available) {
observer.onNext(myAudioFrameConverseRequest)
}
observer.onCompleted()
(I prefixed pseudo variables with "my" for clarity, they can consist of more code in the actual implementation.)
I even contacted the author of this demo implementation. He told me, last time he checked (several months ago) it was working perfectly fine. So I finally ran out of options.
Since the client implementation I took as reference used to work and I do actually authenticate the stub (although the error message suggests the opposite) Probably, either my valid access token with correct scope is not suitable chosen for the assistant API (though I followed the suggestions of google) or the API servers had a change not properly documented in the getting started articles by google.
So: Did anyone ran in the same problem and know how to fix it? I have the project on github. So if anyone needs the broken source code, I can do a temporary commit that produces the error.
Note, to save some works for mods: This issue referres to this and this question, both unresolved and using different languages but describing a similar problem.
Well, seems I was right about my second assumption: The error is server side. Here is the github issue, let's just wait for the fix.
https://github.com/googlesamples/assistant-sdk-python/issues/138
I have read the documentation of twitter , and created an app and have all the keys needed .
Now i am trying to understand that simple one line http request ,to get a user latest twits .
I have read this Simplest PHP example for retrieving user_timeline with Twitter API version 1.1
but there is not one line code in there to make the request ( i don't know java script).
so , i have this :
https://api.twitter.com/1.1/statuses/user_timeline.json?screen_name=twitterapi&count=2
Which will not work because my keys should be in this line, but i don't understand how to add them?? where and how i add my keys to this ?
This url is like a node or address so twitter server knows what kind of request you need.
https://api.twitter.com/1.1/statuses/user_timeline.json?screen_name=twitterapi&count=2
Beside url you can pass many other parameter using http header, which is best to be used with server langunge programming, e.g PHP.
In PHP you can pass your credentials by changing header. While current twitter API are using Oauth, it's going to difficult to learn using Oauth this way, the easiest option is to use others' library. Check out 'twitter API library' (just google it)
Yelp have a link to an API on their website: http://www.yelp.co.uk/developers/documentation/v2/authentication
I am trying to access it with iOS (using this API), but I am quite new to OAuth.
Can someone supply some example Objective-C of how to use this API?
The only ones I can find need a 'get request token' URL, and Yelp does not need this as is uses a signature.
Thanks
I don't know if it helps, but have you looked at their github examples? that should give you some enlightenment https://github.com/Yelp/yelp-api/tree/master/v2/ios/YelpAPI
The github example you mention has a test that demonstrates how to query restaurants in New York, which worked for me.
You need to edit Tests/OAuthTest.m to supply your OAuth info (i.e. replace the strings "CONSUMER_KEY", "CONSUMER_SECRET", "TOKEN", "TOKEN_SECRET" with valid values).
Then you need to make sure you are building the Tests target. The default, at least for me, was the YelpAPI target.
I am using Oauth for Delphi from ChuckBeasley.com
I am able to get a request token, then call with my callback url and put in my credentials.
I then get redirected correctly to my callback url in a TEmbeddedWB component.
I then get an access token (at least I believe I am) since screen_name and user_id come back in the response.
When I try and pull my home_timeline it gives me a 401 unauthorized as a response.
What can I be doing wrong?
Thanks
David
try my implementation, it doesn't use the OAuth library, but my own from scratch
http://eden.fm/2011/02/27/twitter-library-for-delphi/
You're also welcome to use my open-source Twitter component (TTwitter for Delphi) which is being developed as part of a "complete" suite of Social Networking components (if there is such a thing as "Complete" in terms of social networking). You can find it at: http://www.simonjstuart.com/delphi-stuff/ttwitter/
It's using the ChuckBeasley OAuth library, only I have fixed it (so it ACTUALLY WORKS). In the very least you'll be able to reverse engineer my component to suit your needs. It's an open beta (far from complete at its current released stage) but it handles timelines perfectly (including unicode characters).
Enjoy and good luck!