Friends,I got a question,and I have googled it,but I didn't find the answer.
I create an iOS twitter app,and apply for a twitter API.
I used my API key in my app,Xcode returns error.
Just like this: http://tinypic.com/r/262ksnk/8
("Failed to validate oauth signature and token")
and this picture is my twitter api status
(sorry,I do not have enough coin to upload a pic,so post my pic here. )
what is wrong with my twitter api,can anyone help me?
Thanks very much.
What is wrong?
Best regards.
This error message relates to a HTTP 401 response.
Please make sure you are properly signing your OAuth requests. This guide will help you with the common pitfalls: Troubleshooting OAuth 1.0A.
In particular, if you are using valid keys and properly signing your OAuth requests but still receiving 401 errors, please check your system time. Since the OAuth signature relies on the current time, it must be in sync with the one from Twitter servers (exposed in all Date response headers from the Twitter API).
The "performance issues" described on the Twitter API status page apply to Twitter as a whole, and have nothing to do with your application. If you are having issues interacting with the Twitter API, we cannot diagnose those from the information provided ("error 3").
** UPDATE **
It truly seems that Google has just screwed every single person on the planet by absolutely requiring user interaction to upload a video. Of course I know, they are free. Exactly what I warned the client years ago about, so I don't need to be reminded. Thank You.
So I would like to try to take this in a different direction and just find a loophole and a workaround to still keep doing what we are doing in spite of Google's complete lack of support or caring in any way about the developers and what they have to deal with.
It would be different if you can actually call a phone number and talk to a human being about YouTube Partner access, but you can more quickly get access to the Illuminati.
OAuth 2.0 is now the only supported authentication method period. It does require user interaction.
But what about that token? Does anybody know how long the token lasts?
If I can obtain a token just once using user interaction and place it in the database, I can automate possibly hundreds or thousands of interactions afterwards.
In other words, I'm trying to turn the user interaction into a speed bump instead of a concrete wall.
If anybody has any examples of obtaining that token, caching it, and using it afterwards, that would be a godsend to me right now.
Thanks for the comments and the help. I'm not surprised that the YouTube Developers Forum just folded and said to come here instead :)
It seems that Google has completely pulled the plug on the existing dashboard.
https://code.google.com/apis/youtube/dashboard/gwt/index.html
That link is now 404'd. Tried from several different browsers on different systems.
Registered under the new Google APIs Console already, but still get the problem.
// Set the authentication URL for this connection object
$authenticationURL= 'https://www.google.com/youtube/accounts/ClientLogin';
// Try to connect to YouTube with the channel credentials passed
try {
$httpClient =
Zend_Gdata_ClientLogin::getHttpClient(
$username = $channelfields['EMAIL_ADDRESS'],
$password = $channelfields['PASSCODE'],
$service = 'youtube',
$client = null,
$source = 'Redacted Data',
$loginToken = $channelfields['CACHED_TOKEN'],
$loginCaptcha = '',
$authenticationURL);
} catch (Zend_Gdata_App_HttpException $httpException) {
$update_error['response_body'] = $httpException->getRawResponseBody();
$update_error['error'] = 1;
} catch (Zend_Gdata_App_Exception $e) {
$update_error['message'] = $e->getMessage();
$update_error['error'] = 1;
}
This code has worked perfectly fine before, but does not work with the older API key, or the newer one generated inside the Google APIs console.
I'm attempting a simple upload and this concerns me greatly:
"The service account flow supports server-to-server interactions that do not access user information. However, the YouTube Data API does not support this flow. Since there is no way to link a Service Account to a YouTube account, attempts to authorize requests with this flow will generate a NoLinkedYouTubeAccount error."
From all reports it seems that Google has forced YouTube uploads to become interactive in all cases precluding all possibility of platforms that automatically upload generated content from working at all.
Any help or insights into the process is appreciated.
P.S - Ohhh, it's been awhile since I looked at that system and Google shut down the YouTube Developer Forums and said "YOU" were responsible for their support now :)
OAuth2 does support the ability to avoid user interaction through the offline access type parameter (ie, using access_type=offline). Check out Google documentation for details.
The solution is really rather simple. Your app needs to use oauth to request offline access. It will be given an access cide which you convert to a refresh token, which is the thing you store in your database. This doesn't expire. Well actually it sometimes does, but that's another story. Whenever you need to access the api, use the stored refresh token to request an access token which you include in each api call.
See https://developers.google.com/accounts/docs/OAuth2WebServer for details.
I don't know what you did but https://code.google.com/apis/youtube/dashboard/gwt/index.html works perfectly fine for me. Maybe it was a temporary issue. If you want no user interaction you HAVE to use YouTube API v2 OR you have to use v3 with methods that don't require authentification OR you have to provide your own youtube account credentials which is not recommended and probably not appropriate for you situation.
Several issues to respond here, I think.
1) The older API console has not been removed, but I've noticed intermittent outages to it and to the newer API console while Google is rolling out their new "cloud console."
2) ClientLogin was officially deprecated in April of 2012, not just 48 hours ago. Jeff Posnick has detailed all the changes over the months (and related ones, such as AuthSub, Youtube Direct, etc.) at his blog (apiblog.youtube.com).
3) You're right that, with v3 of the APIs, you cannot do automatic uploads across the board, as the oAuth2 flow requires user interaction. However, given the limited description of your use case, using refresh tokens is probably your best bet. If the content is user generated, somewhere they must be logging into your app, correct? (so that your app knows which credentials to leverage to do the uploads). At the point they're logging into your app, and you're starting the oAuth2 flow, you just have to hit the first oAuth endpoint and pass it the parameter access_type=offline (along with any other parameters). This will ensure that, when they grant that initial permission, you're returned a refresh token instead of an access token. With that refresh token, you can exchange it for multiple access tokens as needed (an access token lives for about an hour. I don't know how long a refresh token lives, but I've never had one expire before my own login cookies did, and then I just get a new one when my users re-login to my app).
Here's some more info on how to use the refresh token; note, too, that the various google api client libraries make it pretty smooth.
https://developers.google.com/accounts/docs/OAuth2WebServer#refresh
Also, this video tutorial from a Google Developers Live broadcast a couple of months ago might help illustrate the point: http://www.youtube.com/watch?v=hfWe1gPCnzc -- it's using the oAuth playground rather than a client library, but the concept is the same.
The answer is to use google-api-php-client, create an interactive auth page, and set up YouTube API v3 correctly with the new API console.
You can create a very simple page that will authenticate for the supplied channel and then store the correct token in your database. Is already working and uploading hundreds of videos on one channel. You do need to remember to fully activate yourself under the new API console and add the services required. Just keep authenticating and adding the services it says it needs. After that, the regular v3 upload process works just fine. On failure send a group an email and they can get a new token in 10 seconds.
Not the most elegant solution, but the documentation from Google is far from elegant anyways that Stack Overflow is now their front line support.
Just hang in there, a solution is always found. Don't give up!
I didn't get here by myself either, the other answers on this page helped me get all the way to this point. Thanks guys.
P.S - Don't forget the scopes
$client->setScopes("https://www.googleapis.com/auth/youtube https://www.googleapis.com/auth/youtube.upload");
Problem : I am facing difficulties in getting user's birthday from api calls and I am new to OAuth.
Steps followed : (Have followed all steps required for implementing login with google+)
1. Created an app.
2. Obtained app_id and secret_key.
3. Did not make use of SDK, implemented the process without SDK in php.
4. Obtained "CODE" by calling accounts[dot]google[dot]com/o/oauth2/auth?
5. Using the code from the URL parameters requested for access token by HTTPS POST method to https://accounts.google.com/o/oauth2/token, using CURL
6. When accessing the login page, user is asked for permissions to access the information such as email, profile, DOB etc., but I am not able to find a way to get that date of birth
7. I have tried access www[dot]googleapis[dot]com/plus/v1/people/User_ID?key={THE_API_KEY} . Still no luck
Please guide or suggest me on how to get the DOB. Also let me know if there is any other information I missed to share.
Thanks in advance.
Cheers!
Farhan
Well Well Ofcourse.. It has to be a security thing from google.
I got to know after I did a part of unit testing with different scenarios and missed out on a simple thing that google only responds with the b'day information if the user has allowed to in his profile settings.
all if the birth year is hidden, it will throw 0000 as year in the response of the HTTPS Post method.
If I am wrong in any of the information provided, Please do correct me.
Cheers!
Farhan.
I'm trying to get a iOS client to make use of Yammer's Oauth2 to validate a user. I first tried the GTM-OAuth2 code, but I cannot get it to understand the response from Yammer. It appears that the GTM code is expecting the access_code as a query parameter, where as Yammer is returning it as a uri fragment. I hack he GTM code to see the fragment, but now it appears to be thinking that there is an error because the code and message fields are not in the response from Yammer.
I've also tried to use OAuth2Client api but the problem there is that Yammer does not seem to want to use the redirect_uri I pass to it, so Safari never gets the custom url and therefore never calls back to the app.
Does anyone have a working example of using Yammer's OAuth2?
I would also be interested if anyone has got GTM-OAuth2 to work with Facebook?
Yeah Yammer has a shitty implementation of oAuth. Looks like each service has taken its own implementation of oauth. anyway yammer requires the user to copy a 4-digit code from its website, go back to your service paste that code in your website. Only then you can request for access code.
check this - http://www.tutorialjinni.com/2011/04/yammer-api-example.html (its in php but hope you can get the gist).
Nothing you can do about it but a fun read - Yammer API sucks
The scenario is I want to post some details on a facebook page created by me from my other app. So want to know how can we give access to app through access token means how can we get the access token for this?
Thank You
Regards
Yes, take a look at the following URL and the "Page Access Tokens" section for information on how to do obtain a token.
API - Obtain Page Token
Note, however, that there is a known issue when trying to use the links api point, if you intend to define your own link in the post.
Bug report
You'll probably want to use the feed API point instead. I've not actually managed to get this working yet though, and I'm awaiting feedback from FB themselves. I'll update you if/when I hear something useful back.
Good luck.
You can get the access_token for you page by enabling the manage_pages permission, and then calling the API endpoint: /me/accounts to get the access_token for all the pages you manage.
You can then use this access token to post to your page using the Graph API call: /{page_id}/feed