I am using twilio client to make & accept calls from a browser. But when I run the accept page, I get a javascript error on the browser -
Uncaught Twilio.Exception: 401: Unable to determine account.
# line - twilio.js:2683
Here's the code from my controlled thats gets executed when showing the accept call page/view -
def prepare_accept_call
# create the twilio capability object
capability = Twilio::Util::Capability.new TWILIO_ACCOUNT_SID, TWILIO_AUTH_TOKEN
# guessing this is not needed for accepting calls, but added to see if it fixes my issue and it doesnt :(
capability.allow_client_outgoing TWILIO_APP_SID
capability.allow_client_incoming "some-client-identifier"
# use this token for client JS - Twilio.Device.setup("#{#token}");
#token = capability.generate
end
NOTE -: I am successfully able to show the make call page, there are no javascript error - when i click the call button I get the flash microphone permission popup. There are no 401. So guessing my key, tokens etc are ok.
Any idea what could be happening here?
I also had this error with similar conditions where all my credentials were correct but the Twilio client debugger was spitting out "Application not found 31001" - which is a Twilio client error code by the way. I realized that I had not entered the Voice request url that is in the applications section. Apparently this is a necessary prerequisite to access the Twilio Client service.
I feel they should have been more clear with their message but regardless I solved it by entering a publicly reachable callback url using a SSH tunneler like Localtunnel or free server like Heroku.
looking at the code it should work, because it looks good. Can you verify where TWILIO_ACCOUNT_SID and TWILIO_AUTH_TOKEN are ultimately being defined? maybe that could have something to do with it?
Related
These don't work in IE and the application that I am calling them from must be using IE - I can't change that. Is there another way to pass within the URL?
https://[AccountSID:Token]#api.twilio.com/2010-04-01/Accounts
https://api.twilio.com/2019-04-01/Accounts?AccountSid=[AccountSid]&AuthToken=[Token]
When I try these in an IE browser, it keeps popping up asking for the credentials.
Tried both formats
https://[AccountSID:Token]#api.twilio.com/2010-04-01/Accounts
https://api.twilio.com/2019-04-01/Accounts?AccountSid=[AccountSid]&AuthToken=[Token]
When I try these in an IE browser, it keeps popping up asking for the credentials.
Twilio developer evangelist here.
We do not recommend that you make API calls to Twilio from the client-side regardless of which browser you are using. To make an API call from the client-side you need to include your credentials in the page somewhere, and if you do that you run the risk of a malicious user taking the credentials and abusing your account.
Instead, we recommend you run a server through which you can proxy requests to the Twilio API. That way, the server can store your credentials and no users can get hold of them. You can then make calls to the server through a form or an XMLHttpRequest from the browser.
I am facing an issue regarding account linking in Actions on Google:
I am able to authenticate the user and access his email address and username however after this how can I redirect the user back to the google assistant and close the browser where he was authenticated?
Any help will be appreciated!
Update: Hey Prisoner thanks a lot for that.
I did what you said and yeah now it does redirect to google.com but without result_code=SUCCESS when I test it in the simulator.
The link is:
https://www.google.co.in/?gws_rd=cr&dcr=0&ei=z77fWbjQGIXxvATs_oqwBA
Now if I type talk to... again it shows me the message you need to link your account!
In the device the browser automatically closes and it shows SIGNING_IN however when I type an intent it is not recognized.
It would be great if you could point me in the right direction! (I am not sure but I might be at the token exchange stage that you mentioned, but I don't have a clue how to proceed!)
Update 2: As requested the entire flow that I am following:
This is the URL that I receive from debugInfo:
https://assistant.google.com/services/auth/handoffs/auth/start?account_name=cha***#gmail.com&provider=***_dev&scopes=email&return_url=https://www.google.com/
When I paste this in the browser the request that I receive at the authorization endpoint is:
ImmutableMultiDict([
('response_type', 'code'),
('client_id', ****.apps.googleusercontent.com'),
('redirect_uri', 'https://oauth-redirect.googleusercontent.com/r/****'),
('scope', 'email'),
('state', ' CtcCQUxWM2ROU3hNMjl4LUItVXhQSGd4THRMLU4yNExnb3lYbGRKQnQwa3NwTVFva19NUWpYNE5jNGJURzIyZFN3RDBXd2d4enFGVWJGb0Q0ZW1vaS1OaFdkaHdhb05HZ2xlWTR6SllKVlRWYktwd09faklyUTVheFhQbGw2dmVKYzVFTk05N3B1QkxaZG41RVdHN0wyTktvRFdCYzFPVFBzM1dQUlFtN2RmM1VtRU4****(state)')
])
The response (redirect_url) that I send back:
https://accounts.google.com/o/oauth2/v2/auth?scope=email&response_type=code&redirect_uri=https%3A%2F%2F******.herokuapp.com%2Fcallback%2Fgoogle&client_id=****.apps.googleusercontent.com
When it reaches my endpoint again the request arguments are:
ImmutableMultiDict([
('code', '4/***********')
])
Now I am able to access the email address and other details
The url that I redirect to from here:
https://oauth-redirect.googleusercontent.com/r/****?code=abcdefgh&state=CtcCQUxWM2ROU3hNMjl4LUItVXhQSGd4THRMLU4yNExnb3lYbGRKQnQwa3NwTVFva19NUWpYNE5jNGJURzIyZFN3RDBXd2d4enFGVWJGb0Q0ZW1vaS1OaFdkaHdhb05HZ2xlWTR6SllKVlRWYktwd09faklyUTVheFhQbGw2dmVKYzVFTk05N3B1QkxaZG41RVdHN0wyTktvRFdCYzFPVFBzM1dQUlFtN2RmM1VtRU4****(state)
This redirects me to :
https://www.google.co.in/?gws_rd=cr&dcr=0&ei=5c_fWdfKNYndvASO7o6ACA
Edit 3: I checked the network logs:
result_code=FAILURE&result_message=Account+linking+failed
I also added /token/google as the token URL in AoG. It is detected in heroku however I never receive this request in my code.
Note: I am using python flask and hosting my app on heroku
Once you have authenticated the user, you'll need to return a temporary auth code back to Google. Later, Google will exchange this auth code for an access token and a refresh token, but you're not there yet. The important part is that this code needs to be unique and that, later, you'll be able to recognize what user it is for. The code should be valid for a limited time - 10 minutes is a generally accepted time frame.
In the request Google sent to you as part of the login, they've provided a redirect_uri and a state as parameters. You'll need to use these in your reply. (state can be anything - you shouldn't care what it is, you're just going to send it back with your redirect. Its purpose is to improve security by preventing replay attacks.)
Verify that the redirect_uri has the form
https://oauth-redirect.googleusercontent.com/r/YOUR_PROJECT_ID
Where YOUR_PROJECT_ID is... you guessed it, the ID of your project. You can find this in the cloud console.
You'll then redirect the user to this URL with a few additional parameters:
https://oauth-redirect.googleusercontent.com/r/YOUR_PROJECT_ID?code=AUTHORIZATION_CODE&state=STATE_STRING
Where YOUR_PROJECT_ID is as noted above, AUTHORIZATION_CODE is the code you've generated, and STATE_STRING is the value of the state parameter that you were sent in the request.
For details, you can see https://developers.google.com/actions/identity/oauth2-code-flow#handle_user_sign-in
I'm working with the PayPal API and am trying to create an account as shown here.
The request is made to https://svcs.sandbox.paypal.com/AdaptiveAccounts/CreateAccount.
I'm able to send a valid request and get a response indicating success back but the redirect URL that's also returned as part of the response payload (which according to their docs is supposed to take the user to a PayPal sign up/registration page) is directing them to the following:
I've been unable to find anything on Stackoverflow or Google regarding this. Has anyone encountered this before? I'm assuming that even though it's a sandbox environment it should allow me to simulate the workflow somehow. I've tried with both the default sandbox credentials as well as for my own environment.
Looks like the issue was due to the IP address header in the request. The default configuration is:
-H "X-PAYPAL-DEVICE-IPADDRESS: 192.0.2.0"
While testing on localhost, I changed it to:
-H "X-PAYPAL-DEVICE-IPADDRESS: 127.0.0.1"
Also had to ensure that the email address didn't already have an account registered to it - in which case it would lead to a login page instead of the registration page (which is a little poorly designed in my opinion since you can't really test without making new accounts each time).
I'm trying to run the example here:
https://www.twilio.com/docs/quickstart/python/client/outgoing-calls
I run the flask script on port 5000 and try loading in my browser and I see the input box for my phone number but it just says Loading Pigeons below that. I click Dial and nothing happens.
My application sid, account sid and auth_token are all present. Nothing is showing up in my Twilio debug when I try this. If I view source I can click the link to all 3 javascript files so I know the path to them is good.
My Twilio account also works ok in other applications. I also tried this in Chrome, IE and Firefox, same result in all 3.
Twilio developer evangelist here.
There appears to be an escaping issue in the Twilio client quick start documentation here.
Where the JavaScript is currently set to:
Twilio.Device.setup("{{ token }}");
It should really say:
Twilio.Device.setup("{{ token }}");
I will raise this with the team responsible and hopefully this will be fixed swiftly. In the meantime, I hope you get your Twilio Client application up and running now. Let me know if I can do anything else to help.
I'm about to build a console application that needs access to the authenticated YouTube Data API. Calling the API's themselves is not a problem, I know quite well how to make and process HTTPS requests.
I've already gotten the API key and the Client ID. No problems there, either.
The problem is the authentication.
I've checked here: https://developers.google.com/youtube/v3/guides/authentication#installed-apps
On the "Installed applications" tab, in step two, it instructs on how to set up a url to call to do the authentication step. All good so far. But before programming anything, I thought I'd try and see what that url does in the browser.
Turns out it just displays a login prompt. Well how about that. That won't work in this kind of console application. The idea is, presumably, that the user is somehow shown this webpage and be instructed to login and allow access. Then, somehow, by some kind of magic perhaps, the access token is sent back to my console application.
Two things I'm not quite sure about:
1) How do I prompt for the username and/or password in the console app and send that to the authentication URL?
2) How would I get the access token back from it?
The biggest problem is that the API seems to require a browser... Which isn't there. My console application will (eventually) run unattended, so starting up a browser and displaying a webpage and doing nothing until it returns a code, is out of the question. I need to somehow supply the authentication page a username/password and get back the code right away.