I'm trying to make a Reddit reposter but every time I run the program it says
"prawcore.exceptions.OAuthException: unauthorized_client error processing request (Only script apps may use password auth)"
def bot_login():
print('Logging in...')
r = praw.Reddit(username='**',
password='**',
client_id='**',
client_secret='**',
user_agent='None')
print('Logged in as user: "'+str(r.user.me())+'"')
print("------------------------------------------------------------------")
return r
any idea on how to fix it?
You probably made a web app on the reddit applications page on accident. Reddit only allows script type web applications to use password authentication for security purposes.
To Fix:
Go to https://www.reddit.com/prefs/apps
Choose the "script" type application
(picture)
Recreate your application
Related
I built a web app using Django and the wrapper for the Spotify api, Spotipy, and deployed it to Heroku. The problem I am facing is that the redirect uri opens on the machine running the code, which in this case is the linux server used by heroku. Because of this, the user never actually sees the page prompting them to authenticate the app and login to their Spotify accounts, resulting in a request timeout from Heroku. This happens when my REDIRECT_URI is set to http://localhost/. I have tried to set the REDIRECT_URI to https://nameofmyapp.herokuapp.com which then resulted in an EOFError from the Spotipy module. I have not been able to find a solution for this. For context, my authentication flow is set up as follows:
def index(request):
cache_handler = spotipy.DjangoSessionCacheHandler(request=request)
auth_manager = spotipy.oauth2.SpotifyOAuth(
env("CLIENT_ID"), env("CLIENT_SECRET"), env("REDIRECT_URI"), scope=env("SCOPE"), cache_handler=cache_handler)
session = spotipy.Spotify(
oauth_manager=auth_manager, requests_session=True)
I want to create a simple app that tracks how many minutes I listen to music on Spotify every day. To my knowledge, I need to use oAuth to receive this data (user-read-currently-playing). I am currently authenticating like this:
token = util.prompt_for_user_token("<username>", scope, client_id="<clientID>", client_secret="<client_secret>", redirect_uri="http://localhost:4466")
spotify = spotipy.Spotify(auth=token)
I know that it works because if I run it on Windows where I have a graphical display, everything is just fine and I can get the redirect Url and the auth code from the browser the login page opens in. Is there any way to get this code on a headless linux machine?
I found a solution to this problem:
Instead of using
token = util.prompt_for_user_token("<username>", scope, client_id="<clientID>", client_secret="<client_secret>", redirect_uri="http://localhost:4466")
spotify = spotipy.Spotify(auth=token)
You can use
spotify = spotipy.Spotify(auth_manager=SpotifyOAuth(
client_id="id", client_secret="secret", redirect_uri="http://localhost:4466", scope=scope, open_browser=False, ))
This achives the same goal. To authenticate in a headless envirement, you can copy the cashed Auth from for example a windows machine to your Linux machine as long as they are both in the folder cmd is opened in.
I'm building a Twitch chat-bot, integrating some Spotify features using Spotipy library.
The goal behind the implementation is to achieve full-automated Spotipfy API Authentication for the bot.
How the Spotify API and Spotipy library work is, an authorization token is needed first in order to do anything over Spotify-end. So that's why, whenever the bot is initially run over my VPS, it prompts me to copy a URL from the console, locate it on a browser to wait for its redirect and paste on the console the redirected URL including the desired token. That's how the authentication object retrieves the token data.
To automate this process, I've seen several solutions via Flask or Django.
Django implementation would be useful for me, since I also have Django environment active on the same VPS, except that Django environment runs on Python 2.7 while my Twitch chat-bot runs on a separate Python 3.6 environment. Hence, I would like to keep them separate unless there is no way to implement such automation without listening redirects over Django, Flask or any other web-framework. Unfortunately, my bot can only run on Python 3.6 or higher.
I'm specifically curious if there is any built-in function or a lightweight library to handle such operation.
The function which I'm using to fetch Spotify Auth token is:
def fetchSpotiToken():
global spotiToken, spoti
spotiToken = spotifyAuth.get_cached_token()
if not spotiToken:
spAuthURL = spotifyAuth.get_authorize_url()
print(spAuthURL)
# Prints the URL that Spotify API will redirect to
authResp = input("Enter URL")
# Console user is expected to visit the URL and submit the new redirected URL on console
respCode = spotifyAuth.parse_response_code(authResp)
spotiToken = spotifyAuth.get_access_token(respCode)
elif spotifyAuth.is_token_expired(spotifyAuth.get_cached_token()):
spotiToken = spotifyAuth.refresh_access_token(spotiToken["refresh_token"])
spoti = spotipy.Spotify(auth=spotiToken["access_token"])
return [spotiToken, spoti]
PS: I've been developing Python only for couple of weeks, even after doing some research, I wasn't able to find a solution to this problem in a way that I need. I'm not sure if it's even possible to achieve it that way. So, if that's impossible, please excuse me for my lack of knowledge.
I've found the solution myself.
It seems that requests is a good match for this example.
Following snippet works perfectly for now.
def tryFetchSpotiToken():
global spotiToken, spoti
try:
spotiToken = spotifyAuth.get_cached_token()
except:
if not spotiToken:
spAuthURL = spotifyAuth.get_authorize_url()
htReq = requests.get(spAuthURL)
htRed = htReq.url
respCode = spotifyAuth.parse_response_code(htRed)
spotiToken = spotifyAuth.get_access_token(respCode)
elif spotifyAuth.is_token_expired(spotifyAuth.get_cached_token()):
spotiToken = spotifyAuth.refresh_access_token(spotiToken["refresh_token"])
spoti = spotipy.Spotify(auth=spotiToken["access_token"])
I am trying to obtain a token from Azure AD from Python client application. I want users to seamlessly authenticate with just a username and password (client_id / secret will be embedded in the app). I registered my app and given it all permissions and hit the "grant permissions" button in the new portal according to this post:
The user or administrator has not consented to use the application - Send an interactive authorization request for this user and resource
I am sending an http post to:
https://login.microsoftonline.com/{tenant_id}/oauth2/token
with the following data:
headers = {
"Content-Type": "application/x-www-form-urlencoded"
}
body = "resource={0}&grant_type=password&username={1}&password={2}&client_id={3}&client_secret={4}&scope=openid".format(app_id_uri,user,password,client_id,client_secret)
I cannot seem to get past this error no matter what I try:
b'{"error":"invalid_grant","error_description":"AADSTS65001: The user or administrator has not consented to use the application with ID \'078c1175-e384-4ac7-9116-efbebda7ccc2\'. Send an interactive authorization request for this user and resource.
Again, my goal:
User enters user / pass and nothing else. App sends user / pass / client_id / client_secret, obtains token.
According to your comment:
The message I'm receiving says to do an interactive request but that is exactly what I'm trying to avoid because this is a python app with no web browser and I'm trying to avoid complexity.
I think you want to build a daemon app or an app only application integrating with Azure AD. You can refer to https://graph.microsoft.io/en-us/docs/authorization/app_only for the general introduction.
Furthermore, you can leverage the ADAL for Python to implement this functionality with a ease. Also, you can refer to client_credentials_sample.py for a quick start.
You should try logging in as an admin to be able to give consent to use the application on your tenant at all.
Prior to the 1.7.6 dev server update, I was able to use /_ah/remote_api to upload test data to my dev server having to go through the authentication process by not entering a username and password (hitting return twice). Since the update, this now continuously asks for a username and password, regardless of what I put in - often says error incorrect username or password. I am currently targeting localhost:8080,
def auth_func():
return (raw_input('Username:'), getpass.getpass('Password:'))
remote_api_stub.ConfigureRemoteApi(None, '/_ah/remote_api', auth_func,
'localhost:8080')
though there are two new servers including the API server and the admin server. Has anyone else encountered this? if so, how did you fix it?
Thanks!
Jon
Apparently thanks to Tim - If you use the new dev_appserver then you need to sepecify a email like looking username and a single character as a password on the local development server in order for it to accept and move past the login stage.