I would like to use the python instagram api but am struggling over the correct setting for the redirect url.
I have been able to feed the authorize url in by hand into a browser and get a
token back in the return url. I that case; I set the URI to localhost (127.0.0.1)
Whenever I do this via the api I end up with 400 returns.
What I would really appreciate is
1) a working example
2) when running via a script; what should be listening for the server's response that contains the token in its url ?
Thanks for any and all help
Related
i try to use the Quickstart sign-in of Microsoft using python.
Currently i have this in redirects URL: redirect url
and in my config file i have: Config file
i have not make any change in the others files but when i try to test i receive this message:
Error
how can i solve this issue?
Thanks!
This error usually occurs when the real redirect_uri doesn't match the reply url in Azure portal. You can track the auth request url to find the real redirect_uri. The request url is something like
https://login.microsoftonline.com/{tenant}/oauth2/authorize? client_id=6731de76-14a6-49ae-97bc-6eba6914391e &response_type=code &redirect_uri=http%3A%2F%2Flocalhost%3A12345 &response_mode=query &resource=https%3A%2F%2Fservice.contoso.com%2F &state=12345
After clicking sign in button and before inputting the account, you will find the request url.
The reply URL in the portal needs to match exactly what is configured in the application code. For example, https and http register differently, and a mismatch would cause this error. The application ID/Client ID and tenant IDs also need to match in both places.You need to change the port from 5000 to the effective one.
I also had this problem. I was using the link from flask to go to http://127.0.0.1:5000/ instead of getting http://localhost:5000/ in the browser. Although both these urls point to the site, only the the localhost url is recognized by the app registration.
I am writing a Python program part of which authenticates with OAuth 1.0 to access a privileged API. I have figured out how to get the authorization URL. After signing in, the browser redirects to http://localhost which I registered as the callback with the provider. How do I get the request to localhost and continue with my bot? I figure I need to have a http server of some sort. I would rather not install a full Apache server. What is a lightweight alternative that can receive the request and forward the token to my bot code to continue with API calls?
This is my first application using Flask and Python.
I am using below URL format to send a POST request from Arduino to the flask application running on Pythonanywhere server instance.
Valid POST request: 3 URL parameters
http://voyagers.pythonanywhere.com/senddata?node=1234&lat=18.5580&lng=73.8075
I need to block the request from further processing by validating the URL in some form. I want this to secure my app from un-authenticated POST requests.
Say something like this:Anything more than 3 URL Parameters
http://voyagers.pythonanywhere.com/senddata?node=324&lat=18.5580&lng=73.8075&a=c&a=d
How can I achieve this in Flask ?
Also suggest , If there is any better way which could be used to secure application from un-authorised requests.
You can get flask to validate the parameters and throw an error automatically if you are willing to switch from URL parameters (i.e. anything after the '?' symbol in the URL) to path parameters (i.e. anything that is in the Path HTTP header, or the part of the URL after the first '/' and abefore the '?').
Your example could look like this:
#app.route('/post/<int:node_id>/<float:lat>/<float:lng>', methods=['POST'])
def process_post_request(node_id, lat, lng):
# do some work
return your_result
Then you could send request to URL that would look for example like this: http://example.com/post/1234/-11.45/21.34
You can find more about this here: http://flask.pocoo.org/docs/0.12/quickstart/#variable-rules
For securing access you can use some of the example snippets here: http://flask.pocoo.org/snippets/category/authentication/
I would recommend restricting access to HTTPS only and using the basic auth if you are just playing around. This is something you can do with a simple decorator as described here: http://flask.pocoo.org/snippets/8/
You will get a prompt in your browser asking you for username and password and browser will remember it for the duration of the session. Alternatively, you can set the username and password in base64 encoded form in the Authorization header: https://en.wikipedia.org/wiki/Basic_access_authentication
I need refresh token so that I can send messages to registered Chrome browsers using GCM. However most of the tutorials I consulted require a server to be running at my side and I have to do everything manually, open the auth url, authenticate it and get redirected to my server to get refresh token.
I was hoping if there is a way to do this without running a server at my side. Is it possible to get refresh token just using client id and client secret?
Once I get a refresh token I have to do a POST to GCM server to send notifications.
You can not get refresh token just using client_id and client_secret. Only in authorization code flow, refresh token is issued. Good news is refresh token will not be expire until user revoke it, so you can use it for a long long time. So you can once get it and use it. In authorization code flow, you need a server to get redirected tokens.
I use Ajax Push Engine as push engine and Django for main site. I wrote the server
module which must send the request to my Django-based application when
new user join the channel by using Http module. My Django-based project runs on the local
machine on local.jjjbbb.org.
Ape.addEvent("join", function(user, channel) {
var request = new Http('http://local.jjjbbb.org/test-
this/'); // this is a my test url
request.set('method', 'POST');
request.writeData('test-message', 'Hello APE!');
request.getContent( function(result) {
Ape.log(result); // this code never work
});
});
But this code doesn't work, request doesn't receive. When I change url
to anything else (like www.google.com or localhost for example) all
works correctly and I have a result. But when I try to send request to
my application request doesn't work. This problem is only when I try
to send request from server side, when I use jQuery for sending from
client side all works correctly.
Why I cannot send POST request from server side to my domain?
Sorry, I already found my problem. APE works fine, it was a little trouble with CSRF protection in Django.