I'm trying to switch my picasa app to oauth2.0 .
from gdata.gauth import OAuth2Token
token = OAuth2Token(
client_id=client_id,
client_secret=client_secret,
scope=scope,
user_agent=useragent)
url = token.generate_authorize_url(redirect_uri='urn:ietf:wg:oauth:2.0:oob', approval_prompt='force', access_type="offline")
print url
code = raw_input('code:')
token.get_access_token(code)
And then, I get access token
access_token = token.access_token
When I want to get albums :
albums = gd_client.GetFeed("https://picasaweb.google.com/data/feed/api/user/default?access_token="+access_token)
print albums
Here's the problem. The access token will expired in short time and I'll get error message
(403) Token invalid - Invalid token: Token not found -- Forbidden
I tried many way but no luck.
Please help me to fix this. Thanks
Related
I am trying ti get user Token using Facebook oauth2 api but i am facing this error when redirect url call.
InsecureTransportError at /data/FacebookAuth/
(insecure_transport) OAuth 2 MUST utilize https.
I have running ngrok & https setup but i can't figure out why it is giving me this error
Here is my code to get this token in django
#Facebook App Credentials
client_id = 'xxxx'
client_secret = 'xxxxx'
# OAuth endpoints given in the Facebook API documentation>
authorization_base_url = 'https://www.facebook.com/dialog/oauth'
token_url = 'https://graph.facebook.com/oauth/access_token'
redirect_uri = 'https://ab207c1f.ngrok.io/data/FacebookAuthRedirect'
facebook = OAuth2Session(client_id, redirect_uri=redirect_uri)
facebook = facebook_compliance_fix(facebook)
#Getting Facebook Authentication
def FacebookAuth(request):
authorization_url, state = facebook.authorization_url(authorization_base_url)
redirect(authorization_url)
#Getting Facebook Authentication Redirect
def FacebookAuthRedirect(request):
redirect_response = request.GET.get('code', '')
token = facebook.fetch_token(token_url, client_secret=client_secret,
authorization_response=redirect_response)
print(token)
return HttpResponse('ibrahim')
After digging a bit. I found a solution that worked for me.
it was because of authorization_code = request.build_absolute_uri(). I tried printing it and it contained "http" instead of "https". I replaced the string with https using the following code.
redirect_response = redirect_response.replace("http://", "https://")
I've been playing with the LinkedIn api (OAuth 2) and I've found an example to help test it. I've followed the tutorial to the letter, but for some reason when I provide my full redirect URL (as requested in the code), I get the error: (invalid_request) A required parameter "client_id" is missing. I'm not sure what I'm doing wrong, but if anyone has any idea, I appreciate the feedback.
Upon searching for a solution, I've found another person struggling with this: "client_id" is missing when authenticate with LinkedIn
Here's the code from the example:
Linkedin.py
from requests_oauthlib import OAuth2Session
from requests_oauthlib.compliance_fixes import linkedin_compliance_fix
# Credentials you get from registering a new application
client_id = SECRET
client_secret = SECRET
# OAuth endpoints given in the LinkedIn API documentation
authorization_base_url = 'https://www.linkedin.com/uas/oauth2/authorization'
token_url = 'https://www.linkedin.com/uas/oauth2/accessToken'
linkedin = OAuth2Session(client_id, redirect_uri='http://localhost:8000')
linkedin = linkedin_compliance_fix(linkedin)
# Redirect user to LinkedIn for authorization
authorization_url, state = linkedin.authorization_url(authorization_base_url)
print ('Please go here and authorize,', authorization_url)
# Get the authorization verifier code from the callback url
redirect_response = input('Paste the full redirect URL here:')
# Fetch the access token
linkedin.fetch_token(token_url, client_secret=client_secret,authorization_response=redirect_response)
# Fetch a protected resource, i.e. user profile
r = linkedin.get('https://api.linkedin.com/v1/people/~')
print (r.content)
Link to example: https://requests-oauthlib.readthedocs.io/en/latest/examples/linkedin.html
Additional Note: The tutorial I used didn't have a date on it. I can only assume the links used in the API tutorial are correct and up to date.
This one is a little old but I thought I'd share some additional changes that need to be made to the LinkedIn example from the oauth requests documentation site.
Along with the updated links, it would seem that LinkedIn is expecting the client_id in the body of the request when trading the verifier code for a a token. I'm not exactly sure where or when it gets left behind but after drilling down in oauth-request source code I found that the fetch method has an argument which forces the client_id to be included in the request body (include_client_id) adding it to the fetch method should make the example work.
linkedin.fetch_token(token_url, client_secret=client_secret,
authorization_response=redirect_response,
include_client_id=True)
The issue is with the URLs, I wrote a similar program and it worked perfectly for me:
from requests_oauthlib import OAuth2Session
from requests_oauthlib.compliance_fixes import linkedin_compliance_fix
# Credentials you get from registering a new application
client_id = '<the client id you get from linkedin>'
client_secret = '<the client secret you get from linkedin>'
redirect_url = '<authorized redirect URL from LinkedIn config>'
# OAuth endpoints given in the LinkedIn API documentation (you can check for the latest updates)
authorization_base_url = 'https://www.linkedin.com/oauth/v2/authorization'
token_url = 'https://www.linkedin.com/oauth/v2/accessToken'
# Authorized Redirect URL (from LinkedIn configuration)
linkedin = OAuth2Session(client_id, redirect_uri=redirect_url)
linkedin = linkedin_compliance_fix(linkedin)
# Redirect user to LinkedIn for authorization
authorization_url, state = linkedin.authorization_url(authorization_base_url)
print('Please go here and authorize,', authorization_url)
# Get the authorization verifier code from the callback url
redirect_response = input('Paste the full redirect URL here:')
# Fetch the access token
linkedin.fetch_token(token_url, client_secret=client_secret,
authorization_response=redirect_response)
# Fetch a protected resource, i.e. user profile
r = linkedin.get('https://api.linkedin.com/v1/people/~')
print(r.content)
I hope it helps!
While this may not be the reason for your issue, you are using an older version of LinkedIn's authentication URLs. From LinkedIn's OAuth documentation (https://learn.microsoft.com/en-us/linkedin/shared/authentication/authorization-code-flow?context=linkedin/consumer/context) your authorziation_base_url should be
https://www.linkedin.com/oauth/v2/authorization
I'm using Active Directory Authentication library for python following the documentation. Earlier on I managed to get the access_token through the Acquire Token with Client Credentials sample:
import adal
RESOURCE_URI = 'https://<mydomain>.crm.dynamics.com'
AUTHORITY_URL = "https://login.microsoftonline.com/<tenant_id>"
CLIENT_ID = 'xxxx' #application_id
CLIENT_SECRET = 'xxxx'
context = adal.AuthenticationContext(AUTHORITY_URL)
token = context.acquire_token_with_client_credentials(
RESOURCE_URI,
CLIENT_ID,
CLIENT_SECRET)
print token
But I get an error message when I tried the Acquire token and Refresh token sample
context = adal.AuthenticationContext(AUTHORITY_URL)
token = context.acquire_token_with_username_password(
RESOURCE_URI,
USERNAME,
PASSWORD,
CLIENT_ID)
print token
>>> adal.adal_error.AdalError: Get Token request returned http error: 401 and server response: {"error":"invalid_client","error_description":"AADSTS70002: The request body must contain the following parameter: 'client_secret or client_assertion'.........."correlation_id"......}
adal.adal_error.AdalError: Get Token request returned http error: 401 and server response: {"error":"invalid_client","error_description":"AADSTS70002: The request body must contain the following parameter: 'client_secret or client_assertion'.........."correlation_id"......}
There are two kinds of app we can register on Azure, native or web app. Based on the error message, it seems that you have register a confident app which requires provide its client secret to acquire the access token.
For this issue please register a native app instead of web app. Also the resource owner password credentials flow should be consider used carefully since this may leak the credentials. Refer the flows from link below:
The OAuth 2.0 Authorization Framework - Authorization Grant
I suffered from the same error.
In app registration section in azure active directory I registered the app as web host/api.
When I changed it to native app everything started to work fine.
I am trying to get public profiles of people who work in company X to get their title, id, and connection. How do I properly use the Search API so I do not get 403 Forbidden error?
from linkedin import linkedin
CONSUMER_KEY = 'XXX'
CONSUMER_SECRET = 'XXX'
USER_TOKEN = 'XXX'
USER_SECRET = 'XXX'
RETURN_URL = ''
auth = linkedin.LinkedInDeveloperAuthentication(CONSUMER_KEY, CONSUMER_SECRET,
USER_TOKEN, USER_SECRET,
RETURN_URL,
permissions=linkedin.PERMISSIONS.enums.values())
app = linkedin.LinkedInApplication(auth)
mm=app.search_profile(selectors=[{'people': ['headline','id','num-connections',]}], params={'keywords': 'microsoft'})
print mm
So this code gives me a error
Message File Name Line Position
Traceback
<module> <module1> 30
search_profile C:\Python27\lib\site-packages\linkedin\linkedin.py 194
raise_for_error C:\Python27\lib\site-packages\linkedin\utils.py 65
LinkedInForbiddenError: 403 Client Error: Forbidden: Access to people search denied.
Was the search API updated so search cannot be accessed. I do not want to use the normal search and copy paste everything.
So it appears LinkedIn has a vetted process for developer access
http://developer-programs.linkedin.com/forum/error-403-client-error-forbidden-unknown-error
and you might have call customer service and agree to a TOS
http://community.linkedin.com/questions/116784/how-can-i-get-vetted-api-access-to-use-the-people.html
Another option would be to try using selenium to get the data http://www.seleniumhq.org/
Python bindings can be found here:https://selenium-python.readthedocs.org/
I'm trying to access a user's circles in this way:
from apiclient.discovery import build
service = build('plus','v1',developerKey=my_developer_key) # <-- NOT the user's token
people_request = service.people().list(userId=my_gplus_id, collection='connected')
all_people = people_request.execute()
The user approved the following scope:
'https://www.googleapis.com/auth/plus.login',
'https://www.googleapis.com/auth/userinfo.email',
'https://www.googleapis.com/auth/userinfo.profile'
But I'm getting this error:
<HttpError 403 when requesting https://www.googleapis.com/plus/v1/people/107512995392892664693/people/connected?alt=json&key=... returned "Forbidden">
Any ideas? Thanks~!
EDIT: I tried the same with google's JS API. It doesn't use the "key" url param but instead uses a "bearer" header with the user's access token, perhaps I'm using the wrong token?
The only supported userId is me for the currently authenticated user.