I'm using the fusion table SQL API (1.0) to insert data into a table. I own the table and the table is private. However, when I use the INSERT INTO SQL API to insert data into my table I get the error that I don't have permission to execute this method. Since I own the table I don't understand why I don't have the permission to insert.
I used the API explorer to test it. Here is the generated URL:
https://developers.google.com/apis-explorer/#p/fusiontables/v1/fusiontables.query.sql?sql=INSERT+INTO+1kYltHIvQBnfHeAFLwzoSO_F_xTA-Ef6N4MbHmvM+(Name%252C+Location)+VALUES+('Test'%252C+'Address')&_h=2&
Thanks,
GA
Have you authorized your request with OAuth? The request needs to have an authorization token that identifies you as the one making the request.
If you are using the API explorer, you can click on the button next to "Authorize requests using OAuth 2.0:" and it will set up the tokens for you automatically.
https://developers.google.com/fusiontables/docs/v1/using#auth
Related
I have a use case where I need to iterate over the Users collection using the #odata:nextLink (not using GraphClient, I am using HttpClient). The Users collection can be really large. The question that I have is, during the iteration over the Users collection, if there is a failure due to access token expiry, would the #odata:nextLink work seamlessly with a new access token. Or in other words, is the continuation token tied to the access token.
Yes, the #data.nextLink will work with a new access token.
In the #odata:nextLink there is a $skipToken parameter which contains an opaque token that references the next page of results.
The $skipToken usually identifies a starting point in the collection of entities identified by the URI containing the $skiptoken parameter.
There is no connection between the token in the #data.nextLink and the access token.
skipToken
I am using 2 Oauth services in my website. They both send back a query parameter called code. And I use a custom function to grab that code field when my page loads. Do OAuth services have a way you can change that code field to be custom? I am using Google OAuth for one and I am unable to locate this.
No, the standard specifies that the query parameter is named code, so there's no way to name them differently.
But the client can add a state parameter to the authorization request, which the authorization server has to return with the code. You can use that parameter to distinguish between the two authorization requests.
I am trying to put together some documentation on changes that need to be made to the Database back-end when different actions are performed so they can operate with IdentityServer4, but realizing that I am not sure what items in the database are affected when you perform actions like (adding a new user, adding a new client, and a scope, etc..) I am using this to get a better understanding of how all the elements work together, and how to relate to each other - See below which I am needing to expand on.
Can anyone with good experience with IdentityServer backend help me?
[Adding a new user]
- add a record to dbo.AspNetUsers – All user pertaining information.
- add a record to dbo.AspNetUserClaims – Identifying information stored similar to Key/Value Pair set with a reference pointing to the User
[Adding a new Client – (Controller Web API Endpoint)]
- add a record to dbo.Clients – Details that define the client
- add a record to dbo.ClientGrantTypes – All grant types allowed for authorization to the specified client.
- add a record to dbo.ClientSecrets – Password and secret information pertaining to the client.
- add a record to dbo.ClientScopes – Scope name matched to the ClientId for allowing. You will need to add scope(s) for the client so it can be accessed.
-?? Not sure how IdentityResoure and IdentityClaims are used here, and also how oidc ones are used here.
?? What is the difference between Api and Client in Identity Server DB?
[New Claim type is added, and needs to be included in the data returned with the JWT token]
...
use IdentityServer4.AspNetIdentity for storing users in SQL Server using EF http://docs.identityserver.io/en/release/quickstarts/6_aspnet_identity.html
use IdentityServer4.EntityFramework for storing clients and resources configuration in SQL Server using EF.
http://docs.identityserver.io/en/release/quickstarts/8_entity_framework.html
Look into the samples repository for code samples.
We are creating a custom dynamic sap Fiori/SAPUI5 application tile in our launchpad. It seems like you just need to put the odata service call with a $count for the dynamic tile to show list of pending items. For example
/MyListSet/$count
will output 100 pending items
But what if we want to check if the user has authorization to items in the list? I'm considering putting something like
/MyListSet('USER')/$count
but this doesn't seem to be possible as the USER is unknown until runtime.
Is there a way to get the logged user calling the OData service and pass this user to our OData call via RFC and filter the result from there?
The user should already be authenticated with the system if he sees your app/launchpad.
I would suggest that you use the sy-uname system variable and filter your entityset before responding to frontend.
This should not be implemented in SAPUI5 instead use the ABAP Gateway service.
I need to store the user's API key in an SQL database. This API key can be revoked or removed anytime from website so it isn't static. Is it okay if I store the API key in plain text in the sql database, or do I need to do something to keep it more secured. I need the API key in the sql database.