Morning all,
I've not posted on SO for quite some time, but I need to ask the question, I’ve spent a day and a half trying to get this to work - it’s super frustrating considering I managed to implement v2 with posting a tweet in 2 - 3 hours but because I need the media endpoint (does not exist in v2), I rebuilt my flow into v1 to upload media.
Ok, so my app allows the user to authenticate with twitter and tweet/upload media. I’m using (I think) the 3-legged oauth flow.
Currently, the flow is :
https://api.twitter.com/oauth/request_token - 200 status code and I
confirm the callback URL
I use the access token from step 1, and then call/redirect
https://api.twitter.com/oauth/authorize?oauth_token={accessToken}
this obviously redirects to my endpoint.
I extract the oauthToken and oauthVerifier and call:
https://api.twitter.com/oauth/access_token, this returns an
oauthToken and oauthTokenSecret, I store the values.
All of the above conforms to what is in the docs, but when I use the stored values from step 3 to post a tweet I get unauthorized.
The signing logic works because it’s what’s used in “Request access token” - with a couple of changes.
I'm learning more towards a flow issue due to trying various nuget packages(tweetinvi in particular) and I get exceptions in those too.
Any help is greatly appreciated.
Not really an answer per-se, but rather notable actions.
At this point in time, you cannot upload media with V2 of the API, whilst you can integrate quite quickly and send a tweet, it's almost pointless without media.
So, you'll need to build/integrate with V1.
The unknowns and curve balls:
The most important! V1 requires elevated access! Which you'll need to
apply for, not all get accepted! but V2 just integrate and tweet with
no elevated access - very strange.
Always ensure to read the resp correctly, and try few times in code, postman,
fiddler etc. Whilst the resp contains a collection of errors object,
you'll never get a collection of errors.
If you're not using any sort of package/library, pay close attention
to crafting the request signature - it's a pain.
Related
I have been researching over and over again how to get a list of transactions (to be clear, I am a PayPal Merchant and the transactions I want are payments made TO US) and I keep finding old, deprecated, and misleading information.
Backing up, my problem is this:
We use PayPal's IPN system to notify us when we have orders. This works great 99% of the time. Every once in a while, PayPal drops the ball and never sends the IPN. I have an old app I wrote in VB6 that I use to query our PayPal account and create my own, simulated IPN entries, but it's clunky and crashes sometimes. I don't like it anyway because it has to run on a PC used as a webserver and calls a bunch of PHP scripts that I personally did not write. For some reason I am unable to make changes to the program now so I need to replace it with something in C#.NET
I know you folks like code examples, so here's what I have. I was easily able to get the OAuth credentials to work, but I cannot for the life of me figure out how to see payments made to us (or refunds issued by us). This example was one of the rabbit holes I went down and it turned out that Payment.List gives me payments WE MADE, not payments made TO US. I have researched so many different functions/methods/whatever you folks like to call them, and I can't find ANYTHING that will yield a list of payments made to us where you only have to specify a date range (it doesn't help to have a function where I need to specify the transaction ID because the transaction IDs are one of the things I'm looking for.
private void cmdPayPalTest_Click(object sender, EventArgs e)
{
var config = ConfigManager.Instance.GetProperties();
config.Add("clientId","<<PayPalclientId Goes here>>");
config.Add("clientSecret", "<<PayPal clientSecret Goes here>>");
var accessToken = new OAuthTokenCredential(config).GetAccessToken();
var apiContext = new APIContext(accessToken);
var bob = PayPal.Api.Payment.List(apiContext, 20, "", 0);
var sam = bob.ConvertToJson();
}
Does anyone know the modern, non-deprecated, approved method of getting a list of transactions paid to us as a merchant? I am frustrated and have hit a wall multiple times.
Edit:
Because I couldn't find anything in the documentation for the REST API for searching transactions, I attempted to add some code to translate the Curl that PayPal provides for TransactionSearch (which I am entirely unclear whether that is REST or NVP/SOAP). I see from the answer below from Preston PHX that perhaps TransactionSearch is my only option, but the code I have written gives me an error - "StatusCode:403, ReasonPhrase: 'Forbidden'..." Does this have something to do with the 9 hours referenced in Preston PHX's answer? I have another application that is constantly running on another computer that is using TransactionSearch in some PHP scripts. I have temporarily shut that down in the event that my problem is whatever this "9 hours" refers to and I will try my new code in the morning. In the meantime, if anyone has another explanation for my 403 error, I would love to hear it. Here is my code that I am feeding the Oauth token accessToken from my code above:
private async void CurlRequest(string MrToken)
{
using (var httpClient = new HttpClient())
{
using (var request = new HttpRequestMessage(new HttpMethod("GET"), "https://api-m.paypal.com/v1/reporting/transactions?start_date=2020-01-01T00:00:00-0700&end_date=2021-05-25T23:59:59-0700&fields=all&page_size=100&page=1"))
{
request.Headers.TryAddWithoutValidation("Authorization", MrToken);
var response = await httpClient.SendAsync(request);
MessageBox.Show(response.ToString());
}
}
}
The response string displays the 403 error I spoke of. Happy to provide the rest of the error message as well if that means anything, but I think perhaps it really doesn't.
The PayPal-NET-SDK mention in comments is deprecated and should not be used. If you are going to make API calls for anything other than the Checkout-NET-SDK or Payouts-NET-SDK use cases, use direct REST API calls.
The best method to obtain a list of transactions is to download an activity log report in CSV format from www.paypal.com
However, if for some reason you require an API for this accounting task, the only publicly available one is the Transaction Search API: https://developer.paypal.com/docs/api/transaction-search/v1 -- which you must enable for the client ID you are using, and wait up to 9 hours (or terminate the token) if you have already requested an access token with it.
Maybe title is not that clear but..
I have created a POST query that works in Postman using OAuth 1.0 authentication.
Mu calls are made to url:
https://lo.enghist.liveperson.net/abc/api/def/1234567/ghi/search
How does postman know all other urls - to request token url etc.
I’m trying to rewrite it in a custom C# app but have no idea how to track what happens when I click send - if I go to Developer Console I only see the final request with final params that were obtained somewhere?
Is it always sth default like:
https://lo.enghist.liveperson.net/oauth/request_token
Answering myself:
I didn't correctly understand OAuth 1.0. I first thought that there is a different URL that we make calls to receive the token which we then use to make the final call. This is not the case, we create our token using secrets, nonce (random string) and few other rules, then it's all hashed and sent to WebService which does the same and compares both values.
Postman now provides you with code - below the button "Send" there is a link "Code" which gives you so many languages and one of them is C# using RestSharp.
Regarding above, it sadly shows a semi working solution - quite a lot of logic is skipped and all the values are precalculated so I was thinking I need to calculate them myself even if RestSharp can do that for you, please check my final working code here:
https://stackoverflow.com/a/64819771/1619684
I'm using MVC External Authentication providers for both Google and Facebook. I have easily gotten both working many times before.
For some reason today, on a brand new project (File | New Project | MVC 5 Web App) in VS 2015 - it is the completely default project. The only thing I have done is provide the App Keys and Secrets for both Google and facebook.
Facebook works all the way through, calls back - asks me to register as a new user - and then logs me in as that user.
Google gets all the way to the point where it WOULD call back to the OAuth Callback url - but that never happens, and instead I'm just redirected back to the login page with no further explanation. There are no errors, no messages are logged anywhere that I can find, and no exceptions are thrown.
If instead, I register as a password user, and then try to link the account - I am able to do so without any trouble with facebook. However, again, with the Google external provider, it gets to the point where the OAuth callback uri WOULD Be triggered, but instead, it just take me back to the "/ManageLogins" page with the generic error "An Error has Occurred".
I have enabled every type of exception that I could possible trap - but I get absolutely no feedback from the process except that it didn't work. And since I literally have not yet had a chance to write a single line of code, I'm not sure what else to try.
I have spent almost 6 hours now trying to get this basic identity management part of the project completed - and while it usually only takes 10-15 minutes, I am completely blocked. And since there is so little feedback from the code itself, I'm hoping that someone has run into this before and might be able to help.
Thanks.
Other Things I've tried:
1) it was original http - I thought that might be the problem, so I got an ssl certificate - and have converted it to https. Same problem.
2) I have cleared my cookies, tried incognito, tried in many browsers - always the same result.
3) Original it was a new project in a larger solution - so I have now just created a new web project in it's own solution. Same problem.
4) I have switched to 2 different domains, and tried it from localhost of course.
Running out fo things to try....
EJ
I know its an old thread, but I ran into the exact same issue. You have to make sure that Google+ API is enabled in Google Developers Console.
This is similar to some questions on here, but none have seemed to produce an answer that has helped me. I'm calling the graph api from a c#/.Net application to get photos for a particular album, and I'm receiving a 403 error...sometimes.
I've never received the error in my development environment, only in production. I'm also caching the responses for an hour, so the most the application would hit the API in a given hour would be around 20 times, and not all at once. I'm currently swallowing the exception when it errors out and simply not showing the images, but that isn't a long-term solution.
var request = WebRequest.Create("https://graph.facebook.com/ALBUM_ID/photos");
var stream = request.GetResponse().GetResponseStream();
This just started happening about a month ago but I didn't see anything in the breaking changes list that would suggest this behavior. Any insight would be appreciated.
Update
This was hidden away in the response stream.
{"error":{"message":"(#4) Application request limit
reached","type":"OAuthException","code":4}}
I don't see for the life of me how I could be hitting a limit considering I'm only hitting the api a few times.
if you make a GET request to one of FB graph API endpoints that does not require access_token that does not mean you should not include it in request parameter. If you do as FB documentation says as do not include access_token then in FB server side it registers into your server machine. So limit (whatever amount is it exactly) can be reached very easily. If you however, put the user access token into the request (&access_token=XXXXXX) then requests register into the specific user, so the limit hardly ever be reached. You can test it with a simple script that makes 1000 requests with and without user access_token.
NOTE, FB app access token will not be sufficient as you will face the same problem: requests will be registered into app access_token that situation is alike making requests without access_token.
I'm trying to authenticate an api call using oauth
I have the consumer keys and secrets, so was hoping to just use DotNetOpenOAuth and hey presto, but after a frustrating day and a sore head, I cant figure it out..
I've got the following sample - that works in python using the python-oauth2 library - anyone have any experience / ideas about how to translate this? Everything I can find is dealing with user based callback urls - but here i just have a more complicated version of the good old user/pwd (know its a little more complicated - but hopefully get my gist!)
consumer=oauth.Consumer(key='CONSUMERKEY', secret='ITSASECRET')
# Your unique key:
token= oauth.Token('CLIENTKEY','ITSASECRET')
# The client object which combines both consumer and token:
client = oauth.Client(consumer, token=token)
# To figure out what reporting options you have, first run the following:
response_headers, response_content = client.request(url)
# The below will display the reporting options you have available:
print cjs
on.dumps(response_content)
EDIT: updated to reflect that this is OAuth 1.0, not 2