I'm trying to get logged in soundcloud by using their API. I manage to got a code with a success response from /connect but when I try to get a token, I end up with a 401 error. Here is what I send :
POST /oauth2/token HTTP/1.1
Host: api.soundcloud.com
Content-Type: application/x-form-urlencoded
Cache-Control: no-cache
Postman-Token: 255c7769-0f65-5c40-27bc-9429ea8c38ea
client_id=<my client id>&
client_secret=<my secret id>&
redirect_uri=http%3A%2F%2Fmywebsite&
grant_type=authorization_code&
code=a99cfc85c0e46235d7fdb9ca74b7dddd%23
Does anyone knows what I miss here to get a working request ?
It turned out I was not calling /connect correctly, this is the correct way :
https://soundcloud.com/connect?
client_id=<my client id>
&redirect_uri=<my redirect url>
&response_type=token
&scope=non-expiring
&display=popup
With response_type=token, we directly receive an access token so we don't need to call /oauth2/token then.
Related
Please help me to get temporary token for API access from Redgifs. below is the instrution from their wiki. i do not know how to make the GET request. when i tried to send a get request to "https://api.redgifs.com/v2/auth/temporary HTTP/1.1". i get 404 error. Am i missing any header information. please advise
The details from wiki:
GET /v2/auth/temporary HTTP/1.1
Host: api.redgifs.com
Accept: application/json
{
"token":"...",
"addr":"2a00::579f:3c01:b94e",
"agent":"curl/7.81.0",
"rtfm":"https://github.com/Redgifs/api/wiki/API-access"
}
Remove the HTTP/1.1 from your request and it will work
POST https://www.googleapis.com/youtube/v3/commentThreads?part=snippet&key=[YOUR_API_KEY] HTTP/1.1
Authorization: Bearer [YOUR_ACCESS_TOKEN] issue is here how to resolve this, i am confused.
Accept: application/json
Content-Type: application/json
I finally found an explanatory answer to this problem that I was also facing, it may help you and others!!
Basically, you have two strings:
the ClientId (it's used on both: client and server)
the SecretKey (that must never come to the client-side!)
The user sees in the page a link: Click here to login (e.g.). When he clicks there he is redirected to the Google pages. He is asked to accept your application. If he clicks the Deny button you will get an error message: Access denied by the user (probably..). If he clicks Yes, you will get a temp code that is used to get the access token. You will make a POST request to https://accounts.google.com/o/oauth2/token providing the client_id, secret_key, code, redirect_uri, and grant_type parameters in the form data.
Then you will finally get the access token!
Complete discussion link:
https://github.com/IonicaBizau/youtube-api/issues/5
After you have the client ID and client secret, you send an HTTP POST to the OAuth 2.0 device endpoint at https://accounts.google.com/o/oauth2/device/code with your client_id and a list of scopes. Unlike the other OAuth 2.0 flows, response_type and redirect_uri are not needed in the device flow. The following is an example request for a user code:
POST /o/oauth2/device/code HTTP/1.1
Host: accounts.google.com
Content-Type: application/x-www-form-urlencoded
client_id=812741506391-h38jh0j4fv0ce1krdkiq0hfvt6n5amrf.apps.googleusercontent.com&
scope=email%20profile
I have tried but it results all time:
{
"error" : "invalid_scope",
"error_description" : "Some requested scopes were invalid. {invalid=[rad365rad#gmail.com]}",
"error_uri" : "http://code.google.com/apis/accounts/docs/OAuth2.html"
}
can anyone solve this..where i am wrong please
You can start from here, this should help get you the device code
curl -d "client_id=xxxxxxxxxxxxxxxxx.apps.googleusercontent.com&scope=email profile" https://accounts.google.com/o/oauth2/device/code
I'm trying to get Yahoo messenger notifications (comet style) to work on my Android app but I got a problem:
I have all the oauth tokens + IM cookie, I make the call to notify server but it responds with
403 Bad IM cookie or URI credential
The IM cookie which is sent is correct because it is the same as the one I got from POST /session.
The call:
POST to:http://rproxy2.messenger.yahooapis.com/v1/pushchannel/user_id?sid=T3qRkifs3BiGXCW4LOSoThi3lG2HvWNagr.mGA--&rand=-1131022177&count=10&seq=1&format=json&IM=2x5A0IOr9Js_8er8BgSYUCB9fjB.d20FbKds7NdJdkzWK4u2A92k5dMrM72OetLz9.q70NQCwZpAqafQ5.XM-|QTvOT1rY3ukBC8o4Z0zeRg--&oauth_consumer_key=dj0yJmk9cFNKb2NKbTdINEtFJmQ9WVdrOVpHMW1aVXhKTjJNbWNHbzlNamcyTnpNMU1UWXkmcz1jb25zdW1lcnNlY3JldCZ4PWJh&oauth_nonce=939bc51c9a594c7cbf903643bc10f7d1&oauth_signature_method=PLAINTEXT&oauth_timestamp=1328108171163&oauth_token=A%3DosG_yqL.hxped9sV4ZMVD2A5vugclvEOSKIw85DOg17vQa8N1jQK6UcGqeLGLXKFalrxnYA_iA_ArmhbN6oJ_CEINGwiq7MWsVjO_vQT5bwhmcBMwBLByhusduuH2BFJw1Zd2w_uDj5fEUVMK9bMDzg.fYEpdm1uK.OgwyYLPCwdkzW0w6ujPpaFAea7gwmsSBYHECzjXm8wduoe1Sw3rpJH4z9PGIe8Hkt3wrbyJpW9BuiU4g6OyE1f8nhzHVkcG_70KQiIR_oV3tP8_l4SCsbbHMvSzlyZjK1V6gJp0Q94fAcfuIWQ1Vd.iD.UZPEyzdzYK.k5Q6pE4H3At8czcXFOpmOL5eUwfbeQEtXePCL1b2v9oY4BxtH_dCUVTMhzQsV.YpKZV.ZRZzK8ThveL5gfGuqYcBZLHwVilQnQWo477XwT10GbvWUzJ2EH4v5m9q.sGMViSIKWjbE2O6YfwhYXAgQMA3d8wQLL7IoY4QC0.IR4T8M_KnZVlKoi_EiED8VuK9h7h3emBZeXoM15rqGk2..HUJQEuIe1d0YbTPEGKdM.fbCcT7_Y0Szzw3abf9b1Xjzm8VkNSKL.LXAmy8c9PyNatUT_hKFmzmWMd1RRYfd8rF7i6i7Ec_cVv06QhwCQyKlEsCQh7UChUe9JykUmiA6JOm4JOpsbTQWS1Iec35zrltc4YwouUlMx.y6JbzB_VYL9jkzeuu&oauth_version=1.0&oauth_signature=2cd720831677df11508571218aed6c36c9cf2b51%26e57b0e111092b000a43b4ae9c928178fd5da4b9f
connection: keep-alive
cookie: IM=2x5A0IOr9Js_8er8BgSYUCB9fjB.d20FbKds7NdJdkzWK4u2A92k5dMrM72OetLz9.q70NQCwZpAqafQ5.XM-|QTvOT1rY3ukBC8o4Z0zeRg--
User-Agent: Dalvik/1.2.0 (Linux; U; Android 2.2; sdk Build/FRF91)
Host: rproxy2.messenger.yahooapis.com
Content-Type: application/x-www-form-urlencoded
Content-Length: 0
The server responds with:
HTTP/1.1 403 bad IM cookie or URI credentials
Connection: close
I followed all the instrunctions from docs, not sure how can make it to work.
Thanks.
Your HTTP POST is empty (Content-Length: 0), the docs state:
Note: even though all inputs are optional, the server
still expects an empty POST body (JSON: "{}")
so, change your Content-Type to "application/json;charset=utf-8" and include
{}
as the body of the HTTP POST.
Long lived connections need to be GET calls; see "Notification Management (Comet-Style Push) API", here.
When I'm trying to use POST to get the Auth token from the ac2dm service I only get the SID and LSID, not the Auth, has this happened to anyone else, if yes, how did you solve this?
I'm using .NET (C#) on the server side, I have tried to send the post call with fiddler to but I'm getting the same result.
Post call in fiddler:
Content-Type:
application/x-www-form-urlencoded
Host: www.google.com Content-Length:
125 Expect: 100-continue
accountType=HOSTED_OR_GOOGLE&Email=myRegistredMail&Passwd=myPassword&Service=ac2dm&source=myAppPackageName
and the response (i get response code 200 so it should work):
SID=DQAAAMgAAADhKR...
LSID=DQAAAMoAAACCR...
as you can see there is no Auth token in the response...
Its as simple as big and small letters...
It should be service with a small "s" and Source with a big "S".
Thanx to MightyPush at android-c2dm group for pointing this out:)
Also if you are seeing the spanish documentation, instead of service it is wrote that you must use servicio, but this does not work.So for this to work, the keywords are
accountType
Email
Passwd
service
source