I'm trying to setup my old ASP.NET MVC app with Xero's latest OAuth 2.0 protocol. As per the documentation, I'm using the official Xero-NetStandard library.
I can successfully redirect the user to Xero's consent page, and also get redirected back to localhost with a valid-looking code as expected. However, problems arise when I try to retrieve the Access Token.
var xeroToken = _xeroClient.RequestAccessTokenAsync( code ).Result;
When this code is executed on my localhost environment, very little seems to happen. The request just gets stuck and won't continue past this point. The only occasional error I see is a 'request timeout' after quite a few minutes.
Please understand I have looked at all the references and examples I can find, but most of them either have specific Dotnet Core stuff, or are completely out of date (the Xero client seems to have changed quite a bit since they were created 5+ months ago).
Maybe I'm going crazy but this was working as expected a couple of months ago when I started work on our new Xero integration, but now I have no clue what's wrong 😢
It looks like that function requires being called in an async fashion:
await client.RequestAccessTokenAsync(code);
https://github.com/XeroAPI/Xero-NetStandard/blob/df9051feee2b49c0cdd3253bb6acafc4491869b5/Xero.NetStandard.OAuth2Client/src/Client/XeroClient.cs#L132
Related
Morning all,
I've not posted on SO for quite some time, but I need to ask the question, I’ve spent a day and a half trying to get this to work - it’s super frustrating considering I managed to implement v2 with posting a tweet in 2 - 3 hours but because I need the media endpoint (does not exist in v2), I rebuilt my flow into v1 to upload media.
Ok, so my app allows the user to authenticate with twitter and tweet/upload media. I’m using (I think) the 3-legged oauth flow.
Currently, the flow is :
https://api.twitter.com/oauth/request_token - 200 status code and I
confirm the callback URL
I use the access token from step 1, and then call/redirect
https://api.twitter.com/oauth/authorize?oauth_token={accessToken}
this obviously redirects to my endpoint.
I extract the oauthToken and oauthVerifier and call:
https://api.twitter.com/oauth/access_token, this returns an
oauthToken and oauthTokenSecret, I store the values.
All of the above conforms to what is in the docs, but when I use the stored values from step 3 to post a tweet I get unauthorized.
The signing logic works because it’s what’s used in “Request access token” - with a couple of changes.
I'm learning more towards a flow issue due to trying various nuget packages(tweetinvi in particular) and I get exceptions in those too.
Any help is greatly appreciated.
Not really an answer per-se, but rather notable actions.
At this point in time, you cannot upload media with V2 of the API, whilst you can integrate quite quickly and send a tweet, it's almost pointless without media.
So, you'll need to build/integrate with V1.
The unknowns and curve balls:
The most important! V1 requires elevated access! Which you'll need to
apply for, not all get accepted! but V2 just integrate and tweet with
no elevated access - very strange.
Always ensure to read the resp correctly, and try few times in code, postman,
fiddler etc. Whilst the resp contains a collection of errors object,
you'll never get a collection of errors.
If you're not using any sort of package/library, pay close attention
to crafting the request signature - it's a pain.
I have a very basic Single Sign On app built on VS 2015 using MVC and Web Forms. It is supposed to be a simple proof of concept and is based on some code found here and here which are essentially the same things. I've finally gotten it all converted to use .Net 4.5 but when running it on my local server it throws a 404 with no debug information.
The 404 itself wasn't initially a surprise as I was supposed to be able to change the url to one of the secure pages (for instance /WebSecApp1) which would redirect me back to the signon page but no matter what I put as the url I get the 404.
I've also tried changing the urls in the code so that they contain the port numbers for the localhost but that doesn't work either.
It was suggested to me that the RouteConfig.cs could be the culprit but I don't see how that could be since I'm calling a single page with no parameters.
I know this is kind of lite on details but does anyone have any suggestions?
Yes this looks like a routing issue as you also thought it to be. Routing is essential for web api too .Pls see https://www.asp.net/web-api/overview/web-api-routing-and-actions/routing-and-action-selection. Does your api request look like this
GET http://localhost:34701/api/products/1?version=1.5&details=1
You do have to mention the port in the request.
While the routing that Arathy mentioned above was partially to blame, the real problem turned out to be relatively simple. In my case simply selecting Properties->Web for each of offending pages and setting "Override application root URL" to checked fixed the whole problem.
I'm using MVC External Authentication providers for both Google and Facebook. I have easily gotten both working many times before.
For some reason today, on a brand new project (File | New Project | MVC 5 Web App) in VS 2015 - it is the completely default project. The only thing I have done is provide the App Keys and Secrets for both Google and facebook.
Facebook works all the way through, calls back - asks me to register as a new user - and then logs me in as that user.
Google gets all the way to the point where it WOULD call back to the OAuth Callback url - but that never happens, and instead I'm just redirected back to the login page with no further explanation. There are no errors, no messages are logged anywhere that I can find, and no exceptions are thrown.
If instead, I register as a password user, and then try to link the account - I am able to do so without any trouble with facebook. However, again, with the Google external provider, it gets to the point where the OAuth callback uri WOULD Be triggered, but instead, it just take me back to the "/ManageLogins" page with the generic error "An Error has Occurred".
I have enabled every type of exception that I could possible trap - but I get absolutely no feedback from the process except that it didn't work. And since I literally have not yet had a chance to write a single line of code, I'm not sure what else to try.
I have spent almost 6 hours now trying to get this basic identity management part of the project completed - and while it usually only takes 10-15 minutes, I am completely blocked. And since there is so little feedback from the code itself, I'm hoping that someone has run into this before and might be able to help.
Thanks.
Other Things I've tried:
1) it was original http - I thought that might be the problem, so I got an ssl certificate - and have converted it to https. Same problem.
2) I have cleared my cookies, tried incognito, tried in many browsers - always the same result.
3) Original it was a new project in a larger solution - so I have now just created a new web project in it's own solution. Same problem.
4) I have switched to 2 different domains, and tried it from localhost of course.
Running out fo things to try....
EJ
I know its an old thread, but I ran into the exact same issue. You have to make sure that Google+ API is enabled in Google Developers Console.
I've discovered something peculiar that's been going on for the past 2 days.
I'm returning back custom JSON message in my Web API 2.0. E.g. when there's been an Unauthorized Response (HttpStatusCode 401)..it's only returning back the HttpStatusCode and NOT the JSON.
Simply put, anything apart from a HTTP Status Code 200 is NOT returning back the custom JSON that I've explicitly put in my ActionHandlers to return back.
This has happened recently, in the past 2 days. I've tested my code locally and I'm getting the expected output I need..the custom JSON error messages but as soon as I publish to one of my slots whether it be production or dev..only HttpStatus Codes are being returned.
Can anyone verify this for me? I need a way to sort this issue out or atleast have Azure take a look at this and tell me what to do. I suspect it's been an Azure update which I'm unaware of.
Probably some kind of customErrors logic kicks in when you are remotely testing your site. Those logics are usually disabled when browsing locally.
Check your configuration. Under IIS, there is also the httpErrors configuration which may interfere.
And have you set TrySkipIisCustomErrors to true when your code yields an error responses?
Ok, so I've figured out the issue.
Upgraded Visual Studio to 2015 to get the .NET Framework to use 4.6.
Changed all of my projects in the solution to point to 4.6, re-compiled, published and finally tested.
Errors are returning back JSON now too.
IMO, Azure could've atleast sent us an update. Anyways, posting this answer so hopefully anyone else using Web Api can easily forgo this issue.
This is similar to some questions on here, but none have seemed to produce an answer that has helped me. I'm calling the graph api from a c#/.Net application to get photos for a particular album, and I'm receiving a 403 error...sometimes.
I've never received the error in my development environment, only in production. I'm also caching the responses for an hour, so the most the application would hit the API in a given hour would be around 20 times, and not all at once. I'm currently swallowing the exception when it errors out and simply not showing the images, but that isn't a long-term solution.
var request = WebRequest.Create("https://graph.facebook.com/ALBUM_ID/photos");
var stream = request.GetResponse().GetResponseStream();
This just started happening about a month ago but I didn't see anything in the breaking changes list that would suggest this behavior. Any insight would be appreciated.
Update
This was hidden away in the response stream.
{"error":{"message":"(#4) Application request limit
reached","type":"OAuthException","code":4}}
I don't see for the life of me how I could be hitting a limit considering I'm only hitting the api a few times.
if you make a GET request to one of FB graph API endpoints that does not require access_token that does not mean you should not include it in request parameter. If you do as FB documentation says as do not include access_token then in FB server side it registers into your server machine. So limit (whatever amount is it exactly) can be reached very easily. If you however, put the user access token into the request (&access_token=XXXXXX) then requests register into the specific user, so the limit hardly ever be reached. You can test it with a simple script that makes 1000 requests with and without user access_token.
NOTE, FB app access token will not be sufficient as you will face the same problem: requests will be registered into app access_token that situation is alike making requests without access_token.