The simple goal here is to access the Xbox Music RESTful API on Azure and I stumble on the first part of it which is getting the Access Token. By following this procedure: http://msdn.microsoft.com/en-us/library/dn546686.aspx it's simply not allowing me to get a token.
Thus far I have:
I have a datamarket registration
I registered an application, got a client_id and client_secret
Subscribed to the Xbox Music RESTful API
Then I simply try to get a token either through a POST using XMLHttpRequest or Advanced Rest Client for Chrome and thus far all I receive is this Json response:
{
"error":"invalid_client",
"error_description":"ACS50012: Authentication failed.\r\nTrace ID: d2469189-d620-4725-98c6-544e3899d711\r\nCorrelation ID: 3726a6c7-de19-4873-a90c-b51c7ca447a7\r\nTimestamp: 2014-05-08 14:18:31Z"
}
I did some research for this error here: http://msdn.microsoft.com/en-us/library/gg429787.aspx but can't seem to pull an explanation for this.
The data explorer is also broken as I receive this:
The request resulted in a backend time out or backend error. The team is investigating the issue. We are sorry for the inconvenience. (502)
In the end I assume something is bogus with my account but can't figure it out. Any help with this would be greatly appreciated.
See comment, recreate a new application and copy client secret properly.
Related
I have looked at the post of people saying the resolved this issue by allowing the API to accept "text/plain".
Even though I have done so, I am still getting the below error:
"{ \"error\": { \"code\": \"InvalidRequest\", \"message\": \"Subscription validation request failed. Notification endpoint must
respond with 200 OK to validation request.\", \"innerError\": {
\"request-id\": \"ec325726-5b30-4cb1-bec5-3ba3debf88b0\",
\"date\": \"2020-03-23T13:02:01\" } }}"
I have tested my API on Postman using the same request Microsoft sends when they are validating an API.
All seems to be fine in Postman.
The image shows Postman results:
Please help.
Subscribing to user's mailbox settings for change notifications is not supported at the moment by Microsoft Graph. If you'd like to request support for such feature, please go to uservoice and create/upvote an idea.
If it were to be added to supported resources for change notifications, it more than likely that the resource would be /users/{userid}/mailboxsettings as /users/mailboxsettings is not a valid resource on Microsoft Graph. (resources for subscriptions follow the same pattern as the URLs of the APIs)
I'm using Google Apis, instead of Google Sign In, to connect to Google on my app because I'm developping with Xamarin.
This is the library I'm using : https://github.com/xamarin/google-apis
When I'm logging in, i get this error :
Authentication Error
Unexpected character '<'. At line 1, column 0.
Maybe it's because my AccessTokenUrl is not good, but I've tried many things. I know for a fact that my ClientId, my RedirectUrl and my Secret are okay.
When logging in, Google asks correctly for the good permissions that I want, but after I accept, this is when I receive the error.
I've tried finding the request to see if there was the '<' in it but had no luck accessing it.
Is there a good way to connect to Google with Xamarin using this library or I'm just doing something bad?
Should I just do it nativaly on iOS and Android?
Thanks
I just encountered a similar problem using Xamarin.Auth to hit a custom OAuth service (i.e. not Google). In my case, the accessTokenUrl pointed to an action on a controller that was entirely protected by the [Authorize] attribute. Naturally, the user was required to login before hitting the /oauth/authorize endpoint using a web browser, but the request to /oauth/token to exchange the resulting authorization code for an access token was not inside the same web browser/session. It was trying to get back token data in JSON format but was being redirected to an HTML login screen. Once I changed the token endpoint for anonymous access, things started working (Note: A valid authorization code cannot be obtained without authenticating).
General Recommendations
The error message strongly suggests that the response coming back is HTML (or at least some form of XML). This could be an authentication redirect as it was in my scenario, or possibly some sort of error page. I would first start by setting up a proxy. I used Charles Proxy to uncover some interesting information. You will need to configure SSL on the proxy to see anything except high level information. This will show the exact requests coming out of your app to the OAuth application.
Another technique I used was simulating the requests that the OAuth2Authenticator would be making in a web browser and/or Postman. The first request would be to authorize:
https://your.domain.here/oauth/authorize?client_id=<some_client_id>&redirect_uri=https%3A%2F%2Fyour.domain.here%2F&response_type=code&scope=<some_scope>&state=<some_state>
That endpoint should be protected, so you will likely be redirected to something like this:
https://your.domain.here/Account/Login?returnurl=%2Foauth%2Fauthorize%3Fclient_id%3D<some_client_id>%26redirect_uri%3Dhttp%253A%252F%252Fyour.domain.here%252F%26response_type%3Dcode%26scope%3D<some_scope>%26state%3D<some_state>
After authenticating, the authorize endpoint should redirect to your redirect URI with the authorization code and state included as query string parameters. You will use the code in the next step.
Lastly, using a fresh web browser (i.e. new session), you should hit the token endpoint with your new authorization code and other client information.
https://your.domain.here/oauth/token?client_id=<some_client_id>&client_secret=<some_secret>&grant_type=<your_grant_type>&code=<your_authorization_code>&redirect_uri=https%3A%2F%2Fyour.domain.here%2F
If the response is not JSON data, it should give you an indication about what is failing with Xamarin.
Got the same error.
Solved by using https://accounts.google.com/o/oauth2/token as AccessTokenUrl
I'm running a Rest-Service using ServiceStack under Apache2 in C#/Mono. The Apache-Server is using SSL and BasicAuthentication with a htpasswd-file.
If I access my Rest-Service I get the auth-Request of the apache which is good. After authenticating my RestService is accessed. Now my question is: How am I able to get the user (the apache-session user) which has requested the service and authenticated to it?
I allready tried to get the Environment-Variables but didn't get the requested Information there.
The built in Authentication of ServiceStack requires me, as I understand, to implement authentication on my own. But I want to use the authentication of the apache.
Does anyone know a sollution?
Greetings
daily
P.S.
Below are the Mono and SSL relevant Sections of my Site-config for apache:
SSLEngine on
SSLCertificateFile /etc/apache2/ssl/apache.pem
SSLCertificateKeyFile /etc/apache2/ssl/apache.key
SSLOptions StrictRequire +StdEnvVars
SSLProtocol all -SSLv2
MonoServerPath wcs.service.de "/usr/bin/mod-mono-server4"
MonoDebug wcs.service.de true
MonoSetEnv wcs.service.de MONO_IOMAP=all
MonoAutoApplication disabled
MonoApplications wcs.service.de "/:/var/www/wcs"
A little bit later than pronounced, but here is the answer to the question.
In your ServiceStack Service you get your RequestDTO as parameter. See this link:
https://github.com/ServiceStack/ServiceStack/wiki/Access-HTTP-specific-features-in-services
Under the point Services you can see what I mean. You don't need the RequestFilter as I suggested in my answer above. However.. you have this IHttpRequest of Servicestack. On this object you can get the OriginalRequest. This is the original ASP.net-Request. You have to cast the Result to HttpRequest (ASP.net).
var orgRequest = (HttpRequest)request.OriginalRequest;
On this newly casted object you have an accessable field Param. You can now get the REMOTE_USER param which contains the SSL-User I needed.
var sslUser = orgRequest.Param["REMOTE_USER"];
I hope this may help someone running into the same problem.
Greetings, daily
This is similar to some questions on here, but none have seemed to produce an answer that has helped me. I'm calling the graph api from a c#/.Net application to get photos for a particular album, and I'm receiving a 403 error...sometimes.
I've never received the error in my development environment, only in production. I'm also caching the responses for an hour, so the most the application would hit the API in a given hour would be around 20 times, and not all at once. I'm currently swallowing the exception when it errors out and simply not showing the images, but that isn't a long-term solution.
var request = WebRequest.Create("https://graph.facebook.com/ALBUM_ID/photos");
var stream = request.GetResponse().GetResponseStream();
This just started happening about a month ago but I didn't see anything in the breaking changes list that would suggest this behavior. Any insight would be appreciated.
Update
This was hidden away in the response stream.
{"error":{"message":"(#4) Application request limit
reached","type":"OAuthException","code":4}}
I don't see for the life of me how I could be hitting a limit considering I'm only hitting the api a few times.
if you make a GET request to one of FB graph API endpoints that does not require access_token that does not mean you should not include it in request parameter. If you do as FB documentation says as do not include access_token then in FB server side it registers into your server machine. So limit (whatever amount is it exactly) can be reached very easily. If you however, put the user access token into the request (&access_token=XXXXXX) then requests register into the specific user, so the limit hardly ever be reached. You can test it with a simple script that makes 1000 requests with and without user access_token.
NOTE, FB app access token will not be sufficient as you will face the same problem: requests will be registered into app access_token that situation is alike making requests without access_token.
I'm trying to parse through and obtain my (my personal account not my app) albums from Facebook using the Facebook C# SDK. My goal is to grab the 10-12 most recent photos on my account. However, I understand I have to grab the albums first.
So, I've tried numerous things and ended up with the following url which returns a 400 Bad Request:
https://graph.facebook.com/{my_user_id}/albums?access_token={my_access_token}
The token was obtained by calling:
https://graph.facebook.com/oauth/access_token?client_id={0}&client_secret={1}&grant_type={2}&scope={3}
Any ideas why I'd be getting the 400?
When using grant_type = client_credentials you're requesting the an app access token. This will allow you to do various administrative actions for your application. See App Login in http://developers.facebook.com/docs/authentication/.
However, when using the user-parts of the Graph Api you need to perform a User Login using the oAuth Dialog. There are different ways of doing this such as with the Javascript SDK which should be straightforward to use.
I've not found a nice way of doing this in a standalone web app using Facebook C# SDK without the Javascript SDK (it's easy in a canvas app using the CanvasAuthorize attribute).
Here's an example of how to do it i a WinForms app http://blog.prabir.me/post/Facebook-CSharp-SDK-Writing-your-first-Facebook-Application.aspx. It might work in a Asp.Net app if you could use the WebBrowser control. I've tried with WebClient but didn't have any luck.
Update
By looking at the sample here http://facebooksdk.codeplex.com/SourceControl/changeset/view/534da45e108f#Samples%2fCSMvcWebsite%2fControllers%2fHomeController.cs it looks like you should be able to use the FacebookAuthorize attribute in a standalone site.
Error code 400 means that the request was not correctly formatted. Verify that that the Final URL looks OK and try it in a browser.
The request could not be understood by
the server due to malformed syntax.
The client SHOULD NOT repeat the
request without modifications.
I.e. that you try the following https://graph.facebook.com/someuser/albums?access_token=1234 You would pre presented with the following:
{
"error": {
"type": "OAuthException",
"message": "Invalid OAuth access token."
}
}
If you provide an OK token and a real user, the result will probably look a bit different, but in your case you get a 400 because there is something wrong with the request.