Youtube Data API with Kotlin: The request is missing a valid API key - spring

So I'm trying to use the Youtube Data API with Kotlin + Spring Boot and I've been struggling a bit.
For now, I'm using hardcoded values for the api_key and the access_token for test purposes.
I'm trying to send a request to list my playlists but I keep getting this error:
"error": {
"code": 403,
"message": "The request is missing a valid API key.",
"errors": [
{
"message": "The request is missing a valid API key.",
"domain": "global",
"reason": "forbidden"
}
],
"status": "PERMISSION_DENIED"
Here's my code:
Controller:
#RestController
class PlaylistController(
private val youtubeService: YoutubeService
) {
#GetMapping("/playlists")
fun getPlaylists() : YoutubePlaylistResponse {
return youtubeService.getPlaylists()
}
}
Service:
#Service
class YoutubeService(
private val youtubeClient: YoutubeClient
) {
fun getPlaylists() = youtubeClient.getPlaylists(
access_token = "[ACCESS_TOKEN]",
api_key = "[API_KEY]"
)
}
Client
#FeignClient(name = "youtube", url = "https://www.googleapis.com/youtube/v3")
interface YoutubeClient {
#GetMapping("/playlists")
fun getPlaylists(
#RequestHeader("Authorization", required = true) access_token: String,
#RequestParam("api_key") api_key: String,
#RequestParam("part") part: String = "snippet",
#RequestParam("mine") mine: Boolean = true
): YoutubePlaylistResponse
}
Any thoughts on what I'm doing wrong?
PS: I'm getting the acess_token through the OAuth 2.0 Playground
Edit:
I was calling api_key but it's actually only key.
But now I'm getting a new problem:
"error": {
"code": 401,
"message": "The request uses the \u003ccode\u003emine\u003c/code\u003e parameter but is not properly authorized.",
"errors": [
{
"message": "The r... (464 bytes)]] with root cause
Apparently, it's because I'm trying to access my playlists and it says that I don't have the permission, but when I do the same request using cURL I get an appropriate response. Any thoughts on this?


According to the API documentation, the parameter should be called key rather than api_key:
Every request must either specify an API key (with the key parameter) or provide an OAuth 2.0 token. Your API key is available in the Developer Console's API Access pane for your project.
Source: https://developers.google.com/youtube/v3/docs

Related

Golang GMAIL API 400: Invalid label:

Using Gmail API to read my mailbox. The message reading process is working as expected but I want to change the label of reading messages just for acknowledgment purposes so that I can have track of the reading messages list in my Gmail inbox only. Tried given two methods to change the label but non of them worked for me. Need suggestion on the same
Methods:
Codebase is written in Golang (as a backend)
Tried with Google API Explorer
(METHOD 1) -
Go sample code:
gmsg: = gmail.ModifyMessageRequest {
RemoveLabelIds: [] string {
"INBOX". //system defined label
},
AddLabelIds: [] string {
"INBOXING" //my custom label. created through Gmail
},
}
_, errDelete: = gService.Users.Messages.Modify("me", messageid, &gmsg).Do()
if (errDelete != nil) {
logs.Error("GMAIL SERVICE ERROR:: for [", accountEmail, "] while moving message to [INBOXING] folder ", errDelete.Error())
}
Got below error :
{"level":"error","msg":"GMAIL SERVICE ERROR:: for [sample#gmail.com] while moving message to [INBOXING] folder googleapi: Error 400: Invalid label: INBOXING, invalidArgument","time":"2021-08-09 20:05:13"}
(METHOD 1) -
Gmail Modify API
Payload
{
"addLabelIds": [
"INBOXING"
],
"removeLabelIds": [
"INBOX"
]
}
Response from Google API -
{
"error": {
"code": 400,
"message": "Invalid label: INBOXING",
"errors": [
{
"message": "Invalid label: INBOXING",
"domain": "global",
"reason": "invalidArgument"
}
],
"status": "INVALID_ARGUMENT"
}
}
Observation - *
On modifying message with custom label's Gmail API return's 400 bad
request, but if we request with system labels it allows us to modify
the label.

You are using the label name instead of label id. To obtain the label id, you have to use the Method: users.labels.list
Response:
Once you have the ID, you can now use it in Method: users.messages.modify
Request body:
Response:

I am trying to make a call to accounts.notifylogin (Gigya API) from Postman but getting 403003 error

The API request I am calling from Postman is
https://accounts.eu1.gigya.com/accounts.notifyLogin?UIDSig=[dummy_UIDSig]&UIDTimestamp=1608199002&UID=2e607bf09ce12874a909c5c1513fa437&apiKey=[API_of_the_site]&siteUID=[site_uid]
for me, the issue seems to be in UIDSig (not sure how to create it),
and getting bellow response
{
"callId": "c1f16c61f09d4be5962c2ab046396cbf",
"errorCode": 403003,
"errorDetails": "invalid request signature",
"errorMessage": "Invalid request signature",
"apiVersion": 2,
"statusCode": 403,
"statusReason": "Forbidden",
"time": "2020-12-17T10:21:00.966Z"
}
Many Thanks.

You only pass UID Signature when on a mobile device, otherwise you pass providerSessions - which is the data you received from the social network. For generating a signature, it would require something similar to this (and should only EVER be done on the server, as it requires using your secret key):
string constructSignature(string timestamp, string UID, string secretKey) {
baseString = timestamp + "_" + UID; // Construct a "base string" for signing
binaryBaseString = ConvertUTF8ToBytes(baseString); // Convert the base string into a binary array
binaryKey = ConvertFromBase64ToBytes(secretKey); // Convert secretKey from BASE64 to a binary array
binarySignature = hmacsha1(binaryKey, binaryBaseString); // Use the HMAC-SHA1 algorithm to calculate the signature
signature = ConvertToBase64(binarySignature); // Convert the signature to a BASE64
return signature;
}

Web Api Query for Actions msdyn_BookingResource and msdyn_BookingResourceRequirement

From the web api reference here
I tried querying the api with no luck of success specially with the parameter Schedules being stated as type string.
1.) For msdyn_BookingResource
POST: https://bhaud365dev.crm6.dynamics.com/api/data/v9.0/msdyn_BookingResource
BODY:
{"ResourceId":[GUID],"BookingStatusId":[GUID],"BookingMethod":690970003,"BookingType":1,"Schedules":"[{\"StartDateTime\":\"2019-07-15T00:00:00Z\",\"EndDateTime\":\"2019-07-19T00:00:00Z\"}]","Timeframe":5}
RESPONSE: {
"error": {
"code": "0x80040224",
"message": "The added or subtracted value results in an un-representable DateTime.\r\nParameter name: value",
2.) For msdyn_BookingResourceRequirement
POST: https://bhaud365dev.crm6.dynamics.com/api/data/v9.1/msdyn_resourcerequirements([GUID])/Microsoft.Dynamics.CRM.msdyn_BookingResourceRequirement
BODY: {
"BookingMethod": 690970003,
"BookingStatusId": [GUID],
"BookingType": 1,
"EndDateTime": "2019-07-19T07:29:00Z",
"ResourceId": [GUID],
"StartDateTime": "2019-07-15T22:00:00Z"
}
RESPONSE: {
"error": {
"code": "0x80040224",
"message": "Object reference not set to an instance of an object.",
I was able to api query for functions but for the actions I am stuck and I am not sure on what am I doing wrong. Any tips or example is greatly appreciated.
BTW. tried the above queries also in CRM REST BUILDER v2.6.0.0 Same error responses.

I spent some time, getting same weird error and then I realized they are Internal Use only Actions. It's not intended for our usage & it's highly unsupported as they tend to break in future versions when Microsoft planned to change.
I was able to successfully create the Bookable Resource Bookings with the help of below web api request.
var entity = {};
entity["Resource#odata.bind"] = "/bookableresources(7B203E2F-F2FB-E911-A813-000D3A5A1BF8)";
entity["BookingStatus#odata.bind"] = "/bookingstatuses(026BDCEF-9257-4C10-9E49-C92539B883D6)";
entity["endtime"] = "2019-11-07T21:00:00Z";
entity["starttime"] = "2019-11-07T20:00:00Z"
entity.bookingtype = 1;
entity.msdyn_bookingmethod = 690970003;
Xrm.WebApi.online.createRecord("bookableresourcebooking", entity).then(
function success(result) {
var newEntityId = result.id;
},
function(error) {
Xrm.Utility.alertDialog(error.message);
}
);

Endpoints Google ID JWT, and Golang oauth2: have id_token, need access_token?

I have an app engine app behind endpoints and I'm having trouble following the documentation around adding authentication. My preference is to allow service accounts within the project through, then perform more granular app-side authorization.
In my case, most clients will be outside GCP and will be automated programs not people, so I'm using JSON key files thinking that is the way to go (correct me if I'm wrong please). I also don't want to have to redeploy the app to change user configs, so I follow the "GOOGLE ID JWT" information in the documentation from here:
https://cloud.google.com/endpoints/docs/openapi/service-to-service-auth
This is the security sections of my swagger JSON:
"securityDefinitions": {
"api_key": {
"type": "apiKey",
"name": "key",
"in": "query"
},
"google_id_token": {
"authorizationUrl": "",
"flow": "implicit",
"type": "oauth2",
"x-google-issuer": "https://accounts.google.com"
}
},
"security": [
{
"api_key": [],
"google_id_token": []
}
]
This deploys OK, but I am stumped on what to do from the client side to make use of the service account JSON.
In Go, I use the following, based on my understanding of the oauth2/google documentation:
package main
import (
"context"
"fmt"
"io/ioutil"
"log"
"os"
"golang.org/x/oauth2/google"
)
func main() {
ctx := context.Background()
apiKey := os.Getenv("API_KEY")
basePath := "https://SERVICE_NAME-dot-PROJECT_NAME.appspot.com" // changed for privacy
creds, _ := google.FindDefaultCredentials(ctx)
jwt, _ := google.JWTConfigFromJSON(creds.JSON, basePath)
client := jwt.Client(ctx)
res, _ := client.Get(fmt.Sprintf("%s/REQUEST_PATH?key=%s", basePath, apiKey)) // changed for privacy
body, _ := ioutil.ReadAll(res.Body)
log.Printf("### http status: %d %s", res.StatusCode, res.Status)
log.Printf("### http body: %s", body)
}
I've removed error-checking for this code paste for brevity, there are no errors when I run this. The result of this being:
2017/10/16 07:32:38 ### http status: 401 401 Unauthorized
2017/10/16 07:32:38 ### http body: {
"code": 16,
"message": "JWT validation failed: Missing or invalid credentials",
"details": [
{
"#type": "type.googleapis.com/google.rpc.DebugInfo",
"stackEntries": [],
"detail": "auth"
}
]
}
Upon inspection of the internals of what's happening, such as calling jwt.TokenSource(ctx).Token(), I see that Google is returning an id_token, but no access_token (spotted by adding some debug logs to the jwt package):
2017/10/16 07:38:47 ### oauth2/jwt -> tokenURL: https://accounts.google.com/o/oauth2/token, form: url.Values{"grant_type":[]string{"urn:ietf:params:oauth:grant-type:jwt-bearer"}, "assertion":[]string{"...cut..."}}
2017/10/16 07:38:47 ### oauth2/jwt <- response: {
"id_token" : "...cut..."
}
2017/10/16 07:38:47 ### oauth2/jwt <- token: &oauth2.Token{AccessToken:"", TokenType:"", RefreshToken:"", Expiry:time.Time{wall:0x0, ext:63643740079, loc:(*time.Location)(0x1424160)}, raw:map[string]interface {}{"id_token":"...cut..."}}
So when the oauth2 HTTP transport tries to add the auth header -- which is tied to the AccessToken field above -- it results in a string like Authorization: Bearer, thus the result fails.
I feel like I'm missing a step here which isn't obvious to me in the documentation.
Thanks for your time.

It would be expected for the oauth client to return id_token instead of access_token. You're using JWTConfigFromJSON, not ConfigFromJSON, which is correct. I think the second argument to JWTConfigFromJSON is incorrect, and you should be specifying scopes instead. In this case, try "email" instead of basePath.

WebApi 2.1 Model validation works locally, but does not show missing fields when run on the server

We are using WebApi v2.1 and validating ModelState via a filter applied in the WebApiConfig class.
Fields specified as required are not listed on the error message when we run on the server (Win Server 2008R2), but they work perfectly when we run locally (on IISExpress).
The request is correctly rejected locally and on the server, but the server response does not show the missing fields.
For Example:
Given a Local request that lacks the required abbreviation and issuerName fields, the response shows as expected:
{
"message": "The request is invalid.",
"modelState": {
"value": [
"Required property 'abbreviation' not found in JSON. Path '', line 18, position 2.",
"Required property 'issuerName' not found in JSON. Path '', line 18, position 2."
]
}
When the same request is sent to the server, the response shows:
{
"message": "The request is invalid.",
"modelState": {
"value": [
"An error has occurred.",
"An error has occurred."
]
}
}
Our filter is the following:
public class ValidateModelStateAttribute : ActionFilterAttribute
{
public override void OnActionExecuting(HttpActionContext actionContext)
{
if (!actionContext.ModelState.IsValid)
{
actionContext.Response = actionContext.Request.CreateErrorResponse(HttpStatusCode.BadRequest, actionContext.ModelState);
}
}
}
Our data model class is decorated with the DataContract attribute, and the required fields are attributed like so:
[DataMember(IsRequired=true)]
public string IssuerName

The server is more restrictive about sending errors down ot the client. Try setting the IncludeErrorDetails flag on your httpconfiguration to verify that this is the underlying issue.
In general though turning this flag on is not the best idea, and you will want to serialize the errors down differently.
For more info:
http://blogs.msdn.com/b/youssefm/archive/2012/06/28/error-handling-in-asp-net-webapi.aspx

Resources