in my C# application, I am trying to get aouth2 access and refresh tokens:
https://developers.google.com/accounts/docs/OAuth2InstalledApp
On the phase: Handling the Response, When I make the call I am supposed to get something like:
{
"access_token":"1/fFAGRNJru1FTz70BzhT3Zg",
"expires_in":3920,
"token_type":"Bearer",
"refresh_token":"1/xEoDL4iW3cxlI7yDbSRFYNG01kVKM2C-259HOF2aQbI"
}
but I get
{
"access_token":"1/fFAGRNJru1FTz70BzhT3Zg",
"expires_in":3920,
"token_type":"Bearer",
}
Thus: refresh_token is missing. I debugged and I am sure I hit the api method: FetchAccessAndRefreshTokens but I have no refresh_token.
PS: I am using 201306 API
Any ideas?
In the API, within OAuth2ProviderForApplications.cs file, in GetAuthorizationUrl() method, on line 100 if you add &approval_prompt=force to the string:
return string.Format("{0}?scope={1}&state={2}&redirect_uri={3}&response_type={4}&" +
"client_id={5}&access_type={6}&approval_prompt=force"
it works. But this is a horrible workaround plus it might create apache license issues.
How found: in google oauth2 playground (https://developers.google.com/oauthplayground/) this parameter (approval_prompt=force) is set and if you omit it, it does not give refresh token.
Related
I am new to JWT with basic idea of how it works. I have set the jwt token inside cookie from my web api.
Response.Cookies.Append("X-Access-Token", foundUser.Token
, new CookieOptions { HttpOnly = true }) ;
Now i am trying to call a web api get request which is marked as authorised from my agular application.
But inside angular i dont have a way to send the cookie. As per few documents i came to know that http only cookies are sent directly with our interference but i am not able to fetch the data with unauthorised error, which means that the token is not being used. I have not included the same in the get method as well. see below.
[Authorize(AuthenticationSchemes = JwtBearerDefaults.AuthenticationScheme)]
[HttpGet]
public async Task<ActionResult<IEnumerable<Invoice>>> GetInvoices([FromQuery]QueryParameters queryParameters)
{
return await _uOW.InvoiceRepository.GetInvoices(queryParameters);
}
Do i have to add some logic to read the cookie in backend? I didnt find any answer for this.
Please let me know if there is something missing.
Also inside angular i have not written any special code for calling this get. Is that required?
var headerForToken = new HttpHeaders({'Authorization':`Bearer ${sessionStorage.getItem("token")}`});
return this.http.get<any>(this.APIUrl+'Invoices/GetInvoices',{headers:headerForToken });
This is my current approach in which i am using local storage, but i really need to use the http only cookie.
If there is any link for solution or anything that would be really helpfull
Update 1: So we need to add a domain for this. I tried adding domain still it is not visible when i try to see the cookies.
Response.Cookies.Append("X-Access-Token", foundUser.Token
, new CookieOptions { HttpOnly = true, Domain = ".localhost:4200" }) ;
I'm working with the pipedrive API and trying to update a record (deal, but the endpoint isn't important). The format of the is as follows.
https://companyDomain.pipedrive.com/api/v1/deals/DealID?api_token=API-Token
Where companydomain specifies your account with them, dealID is the ID we're updating and API token is the token supplied by pipedrive to access the API. It's not a token that's returned by logging in, it's static one, given on day one and never changes.
HttpClient seems to want a base address so "https://companyDomain.pipedrive.com/", then something like the following:
HttpResponseMessage response = await client.PutAsJsonAsync(
$"api/v1/deals/{dealId}/", args);
Where args is a class with the field/s and value/s I want to update.
If I include the api_token as fields in "args", it returns a 404 not found. If I append it to the base url or the $api/v1/deals/{dealID}/ it returns permission denied.
Any suggestions as to how I can handle this?
I've managed to make a living coding for 30 years avoiding the web, now it's all anyone seems to want. Appears I have to finally get a handle on this, hence the recent questions! ;-)
Thanks in advance
Jim
Append it with a "?"
So your URL should look like api/v1/deals/YOUR_ID?api_token=THE_TOKEN
HttpResponseMessage response = await client.PutAsJsonAsync(
$"api/v1/deals/{dealId}?api_token={apiToken}", args);
I have been integrating QuickBooks's API to my web application. I made requests to get tokens (both request token and secret token), I stored them to database. So, how can I validate connection at second time or more, I mean because I had tokens in database, so I don't want to re-authorize to get other new tokens. I tried to find solutions to resolve it, but there's no anything. Please give me some methods or advices to get it done. Thank you very much!
So, how can I validate connection at second time or more,
You can validate tokens by doing a query against a v3 service, and checking to see if you get a 200 OK or a 401 Unauthorized response back.
Pseudo-code should look something like this:
function am_i_connected_to_quickbooks()
{
if (you have tokens stored in your database)
{
results = do_qb_query("SELECT * FROM Customer MAXRESULTS 1")
if (you got a 200 OK back from Intuit)
{
// You are connected, and the tokens are still valid/have not been revoked
return true
}
}
// You don't have tokens, or your tokens are invalid (revoked, expired, incorrect, etc.)
return false
}
Good afternoon,
I'm using version 5.4.1 of the Facebook C# SDK. I should note that I am using the source code directly rather than the DLLs (in case this makes any difference).
So the fact that filter attributes are setup is awesome (thank you dev team :).
My issue is occurring during the initial request (before I get to using verifying the GET response from Facebook)
Here is my initial request:
dynamic result = fb.Post(
string.Format("/{0}/subscriptions",
FacebookApplication.Current.AppId),
new Dictionary<string, object>
{
{"object", "user"},
{"fields", "friends"},
{
"callback_url",
"http://localhost:16917/subscription/verify"
},
{
"verify_token",
"77FB802F-1147-48F0-BB0F-E4E9BC1FBCFC"
}
});
I'm finding that an exception is internally being thrown and via Fiddler I'm seeing that the request is never going out. The exception is:
$exception {"(OAuthException) (#15) This method must be called with an app access_token."} System.Exception {Facebook.FacebookOAuthException}
I initially thought this may be related to Facebook.FacebookClient's PrepareRequest method:
if (httpMethod == HttpMethod.Get)
{
// for GET, all parameters goes as querystrings
input = null;
queryString.Append(FacebookUtils.ToJsonQueryString(parameters));
}
else
{
if (parameters.ContainsKey("access_token"))
{
queryString.AppendFormat("access_token={0}", parameters["access_token"]);
parameters.Remove("access_token");
}
}
but commenting out the line parameters.Remove("access_token"); made no difference.
Any help would be greatly appreciated!
What access_token are you using?
Are you using a User's access token, or an App access token?
If you are using an User's access token take a look here http://developers.facebook.com/docs/authentication/#app-login on how to get an App access token.
You will need to use the app access_token.
You can easily create an app access_token using the following constructor.
var fb = new FacebookClient("appid", "appsecret");
dynamic result = fb.Post( .... );
I am connecting to login facebook page through an url. I receive the access token in my application and i can prints all my contacts from the list. I have a problem: there are times when i do receive the access token and if i logout from facebook and rebuild my application the second time , i don't have any access token. WHY? If i wait i guess 10-15 minutes and try again it works. How to resolve this? THX
I am using the auth url. THe following link was my example link:
http://geekdeck.com/vb-net-facebook-get-access-token-for-desktop-application/
EDIT:
I have the following code:
browserFacebook.Navigate(#"https://graph.facebook.com/oauth/authorize?client_id="+ FacebookApplicationID + "&redirect_uri=http://www.facebook.com/connect/login_success.html&type=user_agent&display=popup");
string someString = browserFacebook.Url.ToString();
This returns something like the following:
"http://www.facebook.com/connect/login_success.html#access_token=ACCESS TOKEN.expires_in=0"
I can then easily use this access token with the Graph API to access an users facebook details as in the following code:
Facebook.FacebookGraphAPI g = new FacebookGraphAPI("ACCESS_TOKEN");
var fbUser = g.GetObject("me", null);
PROBLEM:
When I rebuild the application, the link that i receive is OpenDNS (or navigation to the webpage was canceled) and I have to access token. Why? How can I resolve this error? After a a while 1-2 hours I receive again the token.
"https://graph.facebook.com/oauth/authorize?client_id=" +
FacebookApplicationID +
"&redirect_uri=http://www.facebook.com/connect/login_success.html&type=user_agent&display=popup");