I have a permissions request that looks like this:
timestamp, signature = genPermissionsAuthHeader.getAuthHeader(str(self.username), str(self.password), str(access_token), str(token_secret), "POST", "https://api-3t.sandbox.paypal.com/nvp") # https://svcs.sandbox.paypal.com/Permissions/GetBasicPersonalData
log.info(timestamp)
log.info(signature)
authorization_header = "timestamp=" + timestamp + ",token=" + access_token + ",signature=" + signature
log.info(authorization_header)
headers = {
"X-PAYPAL-AUTHORIZATION": authorization_header,
}
url = "https://api-3t.sandbox.paypal.com/nvp"
nvp_params = {
"METHOD": "TransactionSearch",
"STARTDATE": "2012-01-01T05:38:48Z",
}
r = requests.post(url, data=nvp_params, headers=headers)
log.info(r.text)
self.response.content_disposition = "text/html"
self.response.write(r.text)
I have an access token and token secret from the permissions API using my PayPal credentials on developer.paypal.com under "Sandbox Accounts"
When I run this method I get the error message:
TIMESTAMP=2014%2d04%2d21T22%3a50%3a18Z&CORRELATIONID=c8f9212035b60
&ACK=Failure&VERSION=0%2e000000&BUILD=10277387&L_ERRORCODE0=10002
&L_SHORTMESSAGE0=Authentication%2f
Authorization%20Faile
d&L_LONGMESSAGE0=You%20do%20not%20have%20permissions%20to%20make%20this%20API%20call
&L_SEVERITYCODE0=ErrorNone
I can make a call to GetBasicPersonalDetails and it seems to work. Any help would be great, thanks!
I found the answer, I was missing the "SUBJECT" parameter on the parameter string being sent for the payment. So just in case anyone else runs across this in the future the full code after getting the permissions tokens to run a test payment for the sandbox is:
def test_sales(self, access_token=None, token_secret=None):
timestamp, signature = genPermissionsAuthHeader.getAuthHeader(str(self.username), str(self.password), str(access_token), str(token_secret), "POST", "https://api-3t.sandbox.paypal.com/nvp") # https://svcs.sandbox.paypal.com/Permissions/GetBasicPersonalData
log.info(timestamp)
log.info(signature)
authorization_header = "timestamp=" + timestamp + ",token=" + access_token + ",signature=" + signature
log.info(authorization_header)
headers = {
"X-PAYPAL-AUTHORIZATION": authorization_header,
}
url = "https://api-3t.sandbox.paypal.com/nvp"
nvp_params = {
"METHOD": "DoDirectPayment",
"PAYMENTACTION": "Sale",
"AMT": "22.00",
"ACCT": "4111111111111111",
"CVV2": "111",
"FIRSTNAME": "Jane",
"LASTNAME": "Smith",
"EXPDATE": "012018",
"IPADDRESS": "127.0.0.1",
"STREET": "123 Street Way",
"CITY": "Englewood",
"STATE": "CO",
"ZIP": "80112",
"VERSION": "86",
"SIGNATURE": self.signature,
"USER": self.username,
"PWD": self.password,
"SUBJECT": "person_who_you_acting_on_behalf_of#domain.com"
}
r = requests.post(url, data=nvp_params, headers=headers)
log.info("Search transaction\n\n" + r.text + "\n\n")
self.response.content_disposition = "text/html"
self.response.write(urllib.unquote(r.text).decode('utf8'))
And for generating the header I used: https://github.com/paypal/python-signature-generator-for-authentication-header
Hope this helps someone, thanks!
Here is some information on the error message you are getting. One reason is invalid API Credentials. Another possibility is you are trying to pass an expired token. Once a transaction is created on PayPal the token is no longer valid. Instead you have a transaction id created.
Below is some more information on PayPal API Error Messages.
PayPal API Error Messages
If you are attempting a transaction search for your most recent transactions in PayPal, then you can use the PaymentDetailsRequest API
Here is an integration guide from the PayPal Developer Site:
Get Payment Details PayPal API Codes
TransactionSearch is not part of the AdaptivePayments API,
so no "X-PAYPAL-AUTHORIZATION" is required with this method.
Assuming that you got the permission for TransactionSearch method on the target account (see https://developer.paypal.com/docs/classic/permissions-service/gs_PermissionsService/)
the following code will works:
import requests
api_username="username"
api_password="password"
api_signature="signature"
target_account_email="xxx.yyy-buyer#zzz.com" #customers email
data_req = {
'METHOD':'TransactionSearch',
'SUBJECT':, target_account_email,
'VERSION':'86.0',
'STARTDATE':'2009-10-11T00:00:00Z',
'USER':api_username,
'PWD':api_password,
'SIGNATURE':api_signature
}
response=requests.post(url_en_point,data=data_req,timeout=3).text
print response
Related
I am trying to automate my blog writing a bit by using Blogger API v3.0.
I have my API_KEY and by using it I managed to access my blog like that:
import requests
APIKEY = 'XXX-YYY-ZZZ'
BLOGID = '12345678'
get_blog = 'https://www.googleapis.com/blogger/v3/blogs/{BLOGID}?key={APIKEY}'.format(BLOGID=BLOGID, APIKEY=APIKEY)
response = requests.get(get_blog)
Next I tried to create a new post:
params = {
"kind": "blogger#post",
"blog": {
"id": BLOGID
},
"title": "A new post",
"content": "With <b>exciting</b> content..."
}
new_post = 'https://www.googleapis.com/blogger/v3/blogs/{blogID}/posts/?key={APIKEY}'.format(blogID=bereshitID, APIKEY=APIKEY)
response = requests.post(get_blog, params=params)
But I got an Error:
{u'error': {u'status': u'PERMISSION_DENIED', u'message': u'The caller does not have permission', u'code': 403, u'errors': [{u'reason': u'forbidden', u'message': u'The caller does not have permission', u'domain': u'global'}]}}
So I figured I need to have OAuth 2.0 credentials. So I created it and now I have client_id and client_secret and I tried to add it to the params:
CLIENT_SECRET = 'ABCD-EFGH'
CLIENT_ID = '1111'
params = {
"client_secret" : CLIENT_SECRET,
"client_id" : CLIENT_ID,
"kind": "blogger#post",
"blog": {
"id": BLOGID
},
"title": "A new post",
"content": "With <b>exciting</b> content..."
}
new_post = 'https://www.googleapis.com/blogger/v3/blogs/{blogID}/posts/?key={APIKEY}'.format(blogID=bereshitID, APIKEY=APIKEY)
response = requests.post(get_blog, params=params)
However I am still getting the error as before.
Clearly I am missing something here but I couldn't find a solution... So how should I use the OAuth 2.0 credentials correctly?
I found this guide by Rajashekar Jangam (ImRaj90) very informative.
I followed it and managed to work with my blog using the API.
Thank you Rajashekar.
I'm creating an application in Azure AD as a daemon to get user phone
authentication methods using the python msal library and calling the following following endpoint GET https://graph.microsoft.com/beta/users/{id | UPN}/authentication/phoneMethods but i get the following error
{
"error": {
"code": "accessDenied",
"message": "Request Authorization failed",
"innerError": {
"message": "Request Authorization failed",
"date": "2020-11-19T19:26:28",
"request-id": "11975e07-ee6b-4bd2-9a74-7c175c5da560",
"client-request-id": "11975e07-ee6b-4bd2-9a74-7c175c5da560"
}
}
}
My app has the required application permissions to get the info i'm looking for, which are UserAuthenticationMethod.Read.All and UserAuthenticationMethod.ReadWrite.All and it already works with different end points such as GET https://graph.microsoft.com/beta/users/{id | UPN}, this is the code i'm using in order to get the access token required and call the graph api
import json
import logging
import requests
import msal
config = {
"authority": "https://login.microsoftonline.com/TENANT_NAME",
"client_id": "APP_ID",
"scope": ["https://graph.microsoft.com/.default"],
"secret": "APP_SECRET",
"endpoint": "https://graph.microsoft.com/beta/users/{USER_ID}/authentication/phoneMethods"
}
app = msal.ConfidentialClientApplication(
config["client_id"], authority=config["authority"],
client_credential=config["secret"],
)
result = None
result = app.acquire_token_silent(config["scope"], account=None)
if not result:
logging.info("No suitable token exists in cache. Let's get a new one from AAD.")
result = app.acquire_token_for_client(scopes=config["scope"])
if "access_token" in result:
graph_data = requests.get(
config["endpoint"],
headers={'Authorization': 'Bearer ' + result['access_token']}, ).json()
print("Graph API call result: ")
print(json.dumps(graph_data, indent=2))
else:
print(result.get("error"))
print(result.get("error_description"))
print(result.get("correlation_id"))
i tried to do the same thing using curl or postman and i get the exact same error, so i'm guessing it's an access token issue maybe ?
Thanks in advance
The api call does not support application permissions. You need to grant delegated permissions to the application, and then use the auth code flow to obtain the token.
I'm trying to make a data partition refresh (post) following this azure documentation : https://learn.microsoft.com/en-us/azure/analysis-services/analysis-services-async-refresh
Either with post or get I got 401 Unauthorized (Even when the service is Off !).
I got the token from azure AD (ServicePrincipalCredential).
I added the AD as Analysis Services Admins (https://learn.microsoft.com/en-us/azure/analysis-services/analysis-services-server-admins)
I gave the owner role to AD in Analysis Services IAM.
it worked with Analysis Services management rest api (https://learn.microsoft.com/en-us/rest/api/analysisservices/operations/list) With the same authentification (got code response 200)
My python code :
from azure.common.credentials import ServicePrincipalCredentials
import requests
credentials = ServicePrincipalCredentials(client_id="ad_client_id",
secret="ad_secret",
tenant="ad_tenant")
token = credentials.token
url = "https://westeurope.asazure.windows.net/servers/{my_server}/models/{my_model}/refreshes"
test_refresh = {
"Type": "Full",
"CommitMode": "transactional",
"MaxParallelism": 1,
"RetryCount": 1,
"Objects": [
{
"table": "my_table",
"partition": "my_partition"
}
]
}
header={'Content-Type':'application/json', 'Authorization': "Bearer {}".format(token['access_token'])}
r = requests.post(url=url, headers=header, data=test_refresh)
import json
print(json.dumps(r.json(), indent=" "))
Response I got :
{
"code": "Unauthorized",
"subCode": 0,
"message": "Authentication failed.",
"timeStamp": "2019-05-22T13:39:03.0322998Z",
"httpStatusCode": 401,
"details": [
{
"code": "RootActivityId",
"message": "aab22348-9ba7-42c9-a317-fbc231832f75"
}
]
}
I'm hopeless, could you please give me somes help to make this clear ?
Finally I resolved the issue.
I had wrong token. The api expect an OAuth2.0 authentification token (The Azure analysis services rest api documentation ins't very clear about the way to get one)
For thoses will encounter the same issu there is the way to get one.
from adal import AuthenticationContext
authority = "https://login.windows.net/{AD_tenant_ID}"
auth_context = AuthenticationContext(authority)
oauth_token = auth_context.acquire_token_with_client_credentials(resource="https://westeurope.asazure.windows.net", client_id=AD_client_id, client_secret=AD_client_id)
token = oauth_token['accessToken']
Documentation about this :
https://learn.microsoft.com/en-us/python/api/adal/adal.authentication_context.authenticationcontext?view=azure-python#acquire-token-with-client-credentials-resource--client-id--client-secret-
https://github.com/AzureAD/azure-activedirectory-library-for-python/wiki/ADAL-basics
Most likely your token is not right.
Have you tried validating your token? Use something like http://calebb.net/
I see some examples of ServicePrincipalCredentials that stipulate the context or resource like this:
credentials = ServicePrincipalCredentials(
tenant=options['tenant_id'],
client_id=options['script_service_principal_client_id'],
secret=options['script_service_principal_secret'],
resource='https://graph.windows.net'
Good samples here:
https://www.programcreek.com/python/example/103446/azure.common.credentials.ServicePrincipalCredentials
I think the solution is try a couple more things that make sense and follow the error details.
You need token which has resource (audience) set to https://*.asazure.windows.net
For token validation I like https://jwt.io
Also if you want to automate this properly you have two options
Either by Logic Apps
or with Azure Data Factory
Both of which I have very detailed posts on if you want to check them out
https://marczak.io/posts/2019/06/logic-apps-refresh-analysis-services/
https://marczak.io/posts/2019/06/logic-app-vs-data-factory-for-aas-refresh/
I'm trying to integrate Vantiv payment gateway using python language.
But when I request on URL https://w1.mercurycert.net/PaymentsAPI/Credit/Sale with the provided test credentials merchant id: 755847002 and password: xyz it still gives me an error message like:
Unauthorized: Access is denied due to invalid credentials.
I am passing JSON data as provided in the documentation:
card_data = {
"InvoiceNo": "1",
"RefNo": "1",
"Memo": "MPS Example JSON v1.0",
"Purchase": "1.00",
"Frequency": "OneTime",
"RecordNo": "RecordNumberRequested",
"TerminalName": "MPS Terminal",
"ShiftID": "MPS Shift",
"OperatorID": "MPS Operator",
"AcctNo": "4003000123456781",
"ExpDate": "0517",
"Address": "4 Corporate Square",
"Zip": "30329",
"CVVData": "880",
}
headers = {
'Authorization': 'Basic [Wzc1NTg0NzAwMV06W3h5el0=]',
'Content-Type': 'application/json',
}
payment = requests.post(
'https://w1.mercurycert.net/PaymentsAPI/Credit/Sale',
headers=headers,
data=card_data)
When I look at the response variable payment, it still shows that error message.
Can anyone help me on how to overcome this?
Actually, All I needed was to encode "Authorization" header and it worked.
I was using this API at wrong place, API that I used (RESP API) can be used with scanner devices only which can encode data. Instead I needed to use Hosted Checkout API and it worked for me.
In the Step Sending an Activity to the bot As per the documentation Here,
https://docs.botframework.com/en-us/restapi/directline3/#navtitle
I should pass this as the body content of the post request
{
"type": "message",
"from": {
"id": "user1"
},
"text": "hello"
}
I am using the following parameters to make POST request in python, but its not working.
msg = {"type": "message","channelId": "directline","conversation":{"id": str(convId)},"from":{"id": "test_user1"},"text": "hello"}
header = {"Authorization":"Bearer q1-Tr4sRrAI.cwA.BmE.n7xMxGl-QLoT7qvJ-tNIcwAd69V-KOn5see6ki5tmOM", "Content-Type":"application/json", "Content-Length": "512"}
send2 = "https://directline.botframework.com/v3/directline/conversations/"+str(convId)+"/activities"
rsa1 = requests.post(send2,data=msg, headers=header)
This gives me this error:
{
"error": {
"code": "MissingProperty",
"message": "Invalid or missing activities in HTTP body"
}
}
Before this step everything is working fine.
Edit 1: Even i added content-length as updated in the code, it gives the same error
Edit 2: If i changed the msg to json.dumps(msg)
rsa1 = requests.post(send2,data=json.dumps(msg), headers=header)
I get response:
{u'error': {u'message': u'Failed to send activity: bot returned an error', u'code': u'ServiceError'}}
{
"error": {
"code": "ServiceError",
"message": "Failed to send activity: bot returned an error"
}
}
The directline API is only not working, on skype client everything is working fine.
According to the code that you've posted, your request body looks like this:
{
"type": "message",
"channelId": "directline",
"conversation": {
"id": str(convId)
},
"from": {
"id": "test_user1"
},
"text": "hello"
}
I'd suspect that your error is caused by the fact that the conversation ID value that you're including in the request body is not surrounded with double quotes in the JSON that's sent over the wire.
For simplicity (and to eliminate the error you're receiving), I'd suggest that you try omitting the channelId property and the conversation property from the request body, as I don't believe that either of these properties are necessary (i.e., you are issuing the request to the Direct Line URI, so the Bot Framework knows that Direct Line is the channel, and the conversation ID is already being specified in the request URI). In other words, try this as your request body:
{
"type": "message",
"from": {
"id": "test_user1"
},
"text": "hello"
}
When passing a dictionary to data it gets urlencoded automatically, so the api returns an error as it expects json data.
You can either use the json lib, or preferably pass your dictionary to the json parameter.
Using json.dumps :
rsa1 = requests.post(send2, data=json.dumps(msg), headers=header)
Using requests only :
rsa1 = requests.post(send2, json=msg, headers=header)
Also you don't have to add "Content-Length" in header and if you use the second example you don't have to add "Content-Type" either.