I am using an one legged OAuth1 web service! which means I don't need to get a token to get my result just consumer key and secret is enough.I have used many different APIs and got the same result every time,I don't get what I'm doing wrong!
here is the latest API I've used:
https://github.com/rhargreaves/oauth-dotnetcore
the OAuth classes are pretty much straight forward,I've used those and made my request this way:
OAuthRequest client = OAuthRequest.ForRequestToken("key", "secret");
client.RequestUrl = "http://some site/?q=api/sbu_rest/user_books_returned/username";
// For HTTP header authorization
string auth = client.GetAuthorizationHeader();
HttpWebRequest request = (HttpWebRequest)WebRequest.Create(client.RequestUrl);
request.Headers.Add("Authorization", auth);
HttpWebResponse response = (HttpWebResponse)request.GetResponse();
but I get the error:
The remote server returned an error: (401) Unauthorized.
It's worth to mention that I have checked my URL ,key and secret in postman and they work fine(I'll get the result I want which is a list of books!)
PS: the signature method is HMAC-SHA1
Related
I am able generate access token with docusign site by using link https://developers.docusign.com/oauth-token-generator
But when try to get access token in our system using c# code then getting message (The remote server returned an error: (400) Bad Request.)
I follow the authenticate process mentioned in below link.
https://developers.docusign.com/esign-rest-api/guides/authentication/oauth2-code-grant
I able to get authentication code. I used this authentication code to hit API (https://account-d.docusign.com/oauth/token).
Below is my code sample
string integrationKey = "key removed";
string secretKey = "key removed";
var httpWebRequest = (HttpWebRequest)WebRequest.Create("https://account-d.docusign.com/oauth/token");
httpWebRequest.ContentType = "application/x-www-form-urlencoded";
httpWebRequest.Method = "POST";
string apiStoreConsumer = "removed";
httpWebRequest.Headers.Add("Authorization", "Basic " + apiStoreConsumer);
using (var streamWriter = new StreamWriter(httpWebRequest.GetRequestStream()))
{
string input = "authorization_code&authorization_code= <authentication code goes here>;
streamWriter.Write(input);
streamWriter.Flush();
streamWriter.Close();
}
WebResponse response = (HttpWebResponse)httpWebRequest.GetResponse();
Query:
Why am I getting 400 error?
Do we have any expiry time for access token, if yes then how long?
Does authentication code get change for every request?
Please help me on this.
Thank You!
I recommend you use a library for OAuth in .NET/C#.
If you want to see how this is done, please clone this repo.
The issue is that you need to first get a code and then exchange it for a token. There are 2 steps involved if you do this manually.
The first step requires you to authenticate the user in a browser before you can call any API.
During that step you need to pass in your integration key and redirect back to your URL.
Once redirected back you'll receive a code that can be exchanged for an access token using the API call you had talks about.
I am following the Yahoo official documentation (https://developer.yahoo.com/oauth2/guide/openid_connect/getting_started.html). I can successfully get an authorization code after user logins with Yahoo. I am now at step 3, trying to exchange the authorization code for a token, but Yahoo keeps returning an http error 500.
To exchange the authorization code for the access token from Yahoo, I am using the following RestSharp syntax:
var client = new RestClient(provider.TokenUrl);
RestRequest request = new RestRequest() { Method = Method.POST };
request.AddParameter("client_id", codeModel.clientId, ParameterType.GetOrPost);
request.AddParameter("client_secret", provider.Secret, ParameterType.GetOrPost);
request.AddParameter("code", codeModel.code, ParameterType.GetOrPost);
request.AddParameter("grant_type", "authorization_code", ParameterType.GetOrPost);
request.AddParameter("redirect_uri", codeModel.redirectUri, ParameterType.GetOrPost);
request.AddHeader("Content-Type", "application/x-www-form-urlencoded");
var response = client.Execute<TokenResponseModel>(request);
responde.data returns the following:
content: {"error":"ACCESS_TOKEN_GENERATION_FAILED","error_description":"Access token generation failed"}
StatusCode: InternalServerError
The official documentations states: "The request parameters below are transmitted using HTTP POST in the request body. You can, however, also send the parameters client_id and client_secret in the HTTP Headers instead".
I have tried both methods (clientid and secret as part of the body and as an Basic Authorization Header) and both return the same result.
When sending the clientid and secret as part of the Basic Authorization header, both parameters above are replaced by the following:
client.Authenticator = new RestSharp.Authenticators.HttpBasicAuthenticator(codeModel.clientId, provider.Secret);
As stated before, the only message returned by Yahoo is "internal server error".
Is there something wrong with the RestSharp syntax that could be causing this? Any other ideas will be greatly appreciated.
Needless to say, all parameters of the request contain the data they need.
Thanks
When you create your application profile at YDN you must make sure to select at least one API permission. For example try "Profiles (Social Directory) Read Public".
If your application has no API permissions then token generation will fail just the way you described.
If you already created an application with no permissions then you will have to delete it and create it again.
I've created my app in Yelp, got my api key, and things work fine from Postman when executing a business search.
However, when testing from c#, I receive a 401 unauthorized error with a TOKEN_MISSING error that says ""{\"error\": {\"code\": \"TOKEN_MISSING\", \"description\": \"An access token must be supplied in order to use this endpoint.\"}}"".
I'm supplying my api key correctly though, and the Yelp documentation says that's all I need, so I'm not sure what the problem is. Here are 2 separate c# code samples that do NOT work (I've replaced my actual api key with for security concerns):
Example using WebRequest:
var webRequest = WebRequest.Create("http://api.yelp.com/v3/businesses/search?term=Clayton+Bicycle+Center&location=5411+Clayton+Rd%2c+Clayton%2c+CA+94517%2c+US");
webRequest.Method = "GET";
webRequest.Headers.Add("Cache-Control", "no-cache");
webRequest.Headers.Add("Authorization", "Bearer <my_api_key>");
HttpWebResponse webResponse = (HttpWebResponse)webRequest.GetResponse();
var stream = new StreamReader(webResponse.GetResponseStream(), Encoding.UTF8);
var content = stream.ReadToEnd();
Console.Write(content);
Example using RestSharp:
var client = new RestClient("http://api.yelp.com/v3/businesses/search?term=Clayton+Bicycle+Center&location=5411+Clayton+Rd%2c+Clayton%2c+CA+94517%2c+US");
var request = new RestRequest(Method.GET);
request.AddHeader("Cache-Control", "no-cache");
request.AddHeader("Authorization", "Bearer <my_api_key>");
var response = client.Execute(request);
Console.Write(response.Content);
I've examined the requests in Fiddler, and both are sending the same headers as the working Postman search, but both return 401 unauthorized error while Postman returns the search results. Any ideas?
Edit:
Well this is embarrassing, apparently my issue was I was attempting to access the Yelp API via http instead of https. Once I changed to https, everything worked as expected.
Changed endpoint to use https instead of http, works now.
I am a bit confused that when I get the error:
Problem during authentication process, check headers!
Unable to authenticate user, incorrect token
There is definitely something wrong with request header.
Can any one tell me the correct way of sending a request to GetResponse API?
I am using this way:
var request = new RestRequest("/campaigns", Method.GET);
request.AddHeader("X-Auth-Token", "api-key " + auth.myAuthorizationKey);
The header looks like this in request while debugging:
{X-Auth-Token=api-key d042eeae34ce076913681cc5c872741e2c5f88d2}
Use APIKEY instead AuthorizationKey
I'm working with google's OAuth api for web server applications, specifically asp.net mvc, and i'm able to get to the point where google returns an authorization code for a certain oauth request. At that point, I'm trying to obtain the access token using the following code:
public ActionResult GetOAuthToken()
{
HttpWebRequest myReq = (HttpWebRequest)WebRequest.Create(OAuthConfig.getTokenUrl(Request.QueryString["code"].ToString()));
myReq.Method = "POST";
myReq.Host = "accounts.google.com";
myReq.ContentType = "application/x-www-form-urlencoded";
WebResponse resp = myReq.GetResponse();
return View();
}
The OAuthConfig is just a class I wrote that contains a method getTokenUrl(), which returns a url with parameters such as code, client_secret, client_id etc. for the url: https://accounts.google.com/o/oauth2/token. I've debugged and checked that there's nothing wrong with this url.
I keep getting the following error: The remote server returned an error: (411) Length Required.
I don't know what to specify for the content length, or if there's something else that i need to include to fix this error?
Have you tried to have a look at Google-API .NET Client?
If you debug you will see Google uses "length" as an internal property when sending access-token request. you can try to fix it on your own, but you can use THEIR class in order to send the token request; If you use their class you do not have to worry about internal such as length...