I'm kinda new to this topic so please be gentle ;) I'm attempting to use a 3rd-party Health API called Dossia (http://dossia.org).
I setup a test account and have received my OAuth Consumer Key and Secret, in the config there's a line which says
define('USER_SIG_METHOD','HMAC-SHA1');
My question is how do I make my server's "Signature Method" HMAC-SHA1?
This is just a non-ssl dev box with Fedora, I do have a production box with SSL on it, but I was hoping to get a sandbox post before moving it to production.
When I curl a post, I get a 404 error and the curl handle's info reads this:
[ssl_verify_result] => -8179
So I'm assuming this is the issue, I have scoured their wiki, which is found here however the only thing it says about the signature method is that they only support HMAC, do I need to include a certificate like the one on my prod box? Or am I going in completely the wrong direction?
Any advice would help me,
Thank you!
The signature Method was not the issue here, it was an issue with the record ID needed to be consistent in order to post to the right patient,
Related
I have an APP written in Ruby. The authentication is made through Facebook-Graph_API.
I am using an SSL certificate which is validated through Globe SSL.
The connection is encrypted and almost everything is working fine. BUT!
The connection is insecure caused by mixed content. The pictures which the app is loading are coming through http. But I need this from an https source.
I found here:
Graph API for Facebook developers
that I have to use something like this:
return_ssl_resource => true
But I donĀ“t know at which Position I have to paste this!
Does anybody have an example or experience with this? I you need further Information please let me know.
Thx for your help!
When you're requesting the data from Facebook that contains the images you're going to display, append return_ssl_resource=true as a query parameter to the request you make.
https://graph.facebook.com/<UID>/picture?return_ssl_resources=true
I am trying to connect to Jira using OAuth. I have followed this manual and I have created app link in Jira instance and configured it with proper consumer key and public key. When I try to request a token using code from the example I am getting 401 with following message (same for python and perl instance):
oauth_problem=consumer_key_unknown
I am out of ideas what can be wrong. I will appreciate any tips.
Well, I believe that I have configured Application link in the wrong place. I have been somehow navigated to the link wiki/admin/listapplicationlinks.action. Then I accidentally found plugins/servlet/applinks/listApplicationLinks which looked pretty much the same as first but content was different. I have added link to the second location and everything works well now. Sorry for confusion.
I also had this similar error. So I then used different "consumer key"(tried to make this unique) other than the given one in the example manual. After searching a lot in internet about this error, I got to know that as most people are using that same consumer key(given in example manual), a database error occurred due to which this error was thrown.
I'm adding Google Oauth2 to a Rails app, but have been unable to get past the early stages.
I've set up an app, and defined client ID and secret.But I'm getting Invalid parameter value for redirect_uri: Non-public domains not allowed: http://localhost/path/to/callback
What does this mean? Is this because I'm testing on a local dev environment?
Thanks for any ideas.
EDIT
This might be because the app's URI differs from the sending URI. But when I go to Google and try to authorize the path to my dev app, I get OAuth2 redirect is invalid. Is this a limitation of using a locally hosted app?
EDIT 2
The request I'm generating looks like this:
https://accounts.google.com/o/oauth2/auth?response_type=code&client_id=###########&redirect_uri=http%3A%2F%2Fmyapp.dev%2Fusers%2Fauth%2Fgoogle_oauth2%2Fcallback&scope=https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fuserinfo.profile&approval_prompt=&access_type=offline
Is this correct. I've tried this with client_id including and excluding the .apps.googleusercontent.com section. Neither seems to work.
I was getting the redirect error for my python / tornado app running on ubuntu. Using localhost didn't work as the accepted answer highlighted. Google wants a public domain.
My solution was to piggyback "example.com" which is public and create a sub domain in my /etc/hosts file. The sub domain would work on my local dev box and google would be happy with the example.com domain. I registering the redirects via the google console and the redirect worked successfully for me.
I added the following to my /etc/hosts:
192.168.33.100 devbox devbox.example.com
In my case the IP was that of my machine. I could also have used 127.0.0.1 instead.
My Google API console (https://code.google.com/apis/console) set up for a new client ID was:
"Application Type: Web Application".
Via "Your site or hostname (more options)":
In "Authorized Redirect URIs" I entered http://devbox.example.com/
In "Authorized JavaScript Origins" I entered http://devbox.example.com/
Using xip.io you can provide a public url to redirect to like http://your_pow_app.192.168.0.1.xip.io/user/auth/google_oauth2/callback
Tested and working.
I used my public hostname. It helps if you have a static IP address. I used http://www.displaymyhostname.com/ to get my hostname. I plugged it straight into the Authorized JavaScript origins field when I created a new Web Application Client ID.
P.S. My hostname looked something like this: 111.111.111.111.static.exetel.com.au
This is my answer to a related question https://stackoverflow.com/a/23517146/1320083
For anyone else finding this, my problem was combination of several things.
I could not get callbacks to work on a local machine. The console API console suggests it is possible, but I couldn't get it working. Not sure of this is down to the service, or to my network/ connection/ firewall/ etc.
In the API console you must specify the full redirect URI, not just the root url back to your app.
Google lists scope parameters here https://developers.google.com/gdata/faq#AuthScopes. It seems this information is outdated, and the correct format for these is now https://www.googleapis.com/auth/plus.me, https://www.googleapis.com/auth/youtube, etc. Maybe someone else can confirm this?
I had a few other things going on as well. I had written a full explanation on another of my questions here on SO. Unfortunately my comments were deleted instead of moved by a moderator because I posted in the wrong place. I can't now remember all that I wrote. For others facing similar issue, feel free to comment, it may jog my memory so I can offer some ideas.
Error redirect_uri_mismatch - This error can occur when you entered an incorrect bundle ID in your Google Developers Console project that does not match your app's bundle ID. Check that your client ID and bundle ID match the values that are displayed in the Developers Console.
For me it was the function that built up the google url. I put line breaks in the string, once I removed the line breaks the url worked again.
I faced this issue but found it was really not an issue. As explained in my blog you can use the public redirect URI even when you are working on your localhost development machine. Google will just return the authorization code to the public URI where you can cut and paste it to your local machine.
I'm trying to implement a ogone test account in my rails development application, but I keep getting the error message 'Merchant not active'
After some investigation I believe it has something to do with the SHA encoding?
Problem is I don't really get how this works, Ogone has multple SHA parameters to fill out and I haven't found a way in activemerchant to put it in there.
Someone with some experience in this matter?
The reason you are getting the Merchant not active error is because your account is not configured to be able to use Direct Link or several other options. To activate this you should get a higher subscription or contact their support and ask them to activate it for you.
As for SHA, you need to configure a secret passphrase by which you separate the parameters you're sending. For instance:
Passphrase: ogonepass123
Post variables: CN=JohnDoeogonepass123AMOUNT=1000ogonepass123CURRENCY=EURogonepass123PSPID=MyPSPID
Eventually you Hash your post variables to SHA-1 and add that key to your post parameters as
....ogonepass123SHASIGN=<40-characters-SHA-key>
This way you secure your data and make sure nobody can tamper with those variables.
Also make sure that when you get a response from Ogone you re-form a SHA hash using the parameters they've send you and you then compare this own-formed SHA hash with the one sent to you by Ogone. If these two match you can be sure that the parameters have not been messed with.
Hope this helps you or others who come across this question.
to work with Ogone Direct Link with an account created after Mai 10, 2010 you will need this patches : https://github.com/Shopify/active_merchant/pull/85
(This also works with accounts created before this date.)
This will also give you more details on the aliases usage, fix some issues with new updates from Ogone, ... make sure to read the inline doc within the ogone gateway code : https://github.com/ZenCocoon/active_merchant/blob/master/lib/active_merchant/billing/gateways/ogone.rb
As of today, the SHA1 is supported and to be used.
I am having problems generating a QBOE connection key, when i follow the wizard to generate the connection key, the text box that sould have generated the key is simply blank.
Can anyone help me?
Post a screenshot of your application registration screen, and the URLs you're visiting to establish the connection.
You most likely have something mis-configured with your application registration, but you'll need to show us/tell us what you've done so far if you expect to get any useful answers.