This question is about the search-tweets-ruby client provided by twitter for use with their premium and enterprise API's.
I am following the instructions and run into a 'Bad Authentication data' error when running the app (via terminal - Mac OS X) to retrieve tweets with a single rule.
The 'bearer token' and 'dev environment' are correct because a Curl request works.
The following are the contents of my ./config/config.yaml file
auth:
app_token: my_generated_bearer_token
labels:
environment: my_dev_environment_name
options:
search_type: premium
archive: fullarchive
max_results: 500
write_mode: standard-out
out_box: ./output
I'm not sure what I'm missing here, but would appreciate an assist. I haven't worked with the Twitter API before, although I've reviewed the documentation before asking on SO.
Thanks, everyone.
Update:
The first sample call, from the provided link is:
$ruby ./search-app.rb -r "snow profile_region:colorado has:media".
This yields a 'bad authentication error'.
I provided the contents of my yaml file, because presumably that is the only difference between the Curl request and the client app, if the 'bearer token' and 'environment name' work with Curl.
curl --request POST \
--url https://api.twitter.com/1.1/tweets/search/30day/prod.json \
--header 'authorization: Bearer AAAAAAAAAAAAAAAAAAAAAMLheAAAAAAA0%2BuSeid%2BULvsea4JtiGRiSDSJSI%3DEUifiRBkKG5E2XzMDjRfl76ZC9Ub0wnz4XsNiRVBChTYbJcE3F' \
--header 'content-type: application/json' \
--data '{
"query":"from:TwitterDev lang:en",
"maxResults": "100",
"fromDate":"201811010000",
"toDate":"201811062359"
}'
There is no code.
I think the issue is that your YAML file is configured for the full-archive search endpoint, yet your CURL-based call is going to the 30-day search endpoint. If you update the YAML file to point to the '30day' endpoint, I suspect it will succeed.
Related
I am building an Github OAuth app and attempting to see if I can validate the access_token returned by github upon login. The access_token is returned by github by making a POST call to the end point https://github.com/login/oauth/access_token and passing in CLIEND_ID and CLIENT_SECRET provided by github. Using this access_token, we can then access users information. My main question is, is there an end point to validate this token? I wanted this because I am running a node server which accesses files on github. As of now, the node end point is open and anyone can just call the functions in it. In each function, I would like to check if the user has a valid token or not before returning data to them and as such, have some form of security to my node API.
This is how I get the access_token in node
const params = "?client_id="+CLIENT_ID+"&client_secret="+ CLIENT_SECRET +"&code="+req.query.code;
await fetch("https://github.com/login/oauth/access_token"+params,{
method: "POST",
headers:{
"Accept": "application/json"
}
}).then((response) => {
return response.json();
}).then((data)=> {
res.json(data);
});
I have tried the following cURL end points, and it does return data
curl -H 'Authorization: token myGitHubAccessToken' https://api.github.com/user/repos
reference: https://onecompiler.com/questions/3uxsn58yz/how-to-test-a-github-access-token-is-valid
The above command does return data and my client ID, so it is somewhat useful. However, the access_token, which github returns a new one every time the user logs in, it itself seems to never expire. So I can copy a previously returned token to get the same data dump in the above command. I had read whats the lifetime of Github OAuth API access token that the token never expires, but then that itself is an issues. Is there some other method I should use to get around this issue? I dont want my API's to be open. If I could validate the access_token provided by github in every one of the node functions and also have it expire upon logging out, the issue will be resolved.
Also tried some options mentioned here: https://developer.github.com/changes/2/
of which, https://docs.github.com/en/rest/apps/oauth-applications?apiVersion=2022-11-28#check-a-token
made the most sense to me. But the cURL command given on that page:
curl \
-X DELETE \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer <YOUR-TOKEN>"\
-H "X-GitHub-Api-Version: 2022-11-28" \
https://api.github.com/applications/Iv1.8a61f9b3a7aba766/token \
-d '{"access_token":"e72e16c7e42f292c6912e7710c838347ae178b4a"}'
does not seem to work. It returns Bad Data.
Please advise! Thank you!!
Found the answer:
To check access token:
curl -H 'Authorization: token access_token' https://api.github.com/user/repos
The above command returns repos. For me, this is enough because I just want some reply from github using the token thats not a 404
To delete the token:
curl \
-X DELETE \
-H "Accept: application/vnd.github.v3+json" \
-u CLIENT_ID:CLIENT_SECRET \
https://api.github.com/applications/CLIENT_ID/token \
-d '{"access_token":"ACCESS_TOKEN"}'
Reference: Remove/revoke GitHub OAuth 'access_token'
Apologies for the bad editing. Cant get it to look just right.
I'm trying to download my master thesis from google docs as a pdf file..
The ui method (pdf > download > PDF document) fails because of internet connection and the size of the document which is quite big.
I want to download it using wget command from a Linux server which had a good internet connection, I tried a lot of solutions such this one, but they didn't work..
any help please!
If your server can access the user interface of Docs I strongly recommend you to download the PDF with it to save complexity. If the server doesn't offer that option you could use this curl command below to capture Files.export() from Drive API.
curl \
'https://www.googleapis.com/drive/v3/files/{DOC ID}/export?mimeType=application%2Fpdf' \
--header 'Authorization: Bearer {ACCESS TOKEN}' \
--header 'Accept: application/json' \
--compressed >> Doc.pdf
You'll need an access token for a single use, so could use OAuth 2.0 Playground to generate one by selecting the https://www.googleapis.com/auth/drive scope and clicking on Exchange authorization code for tokens.
I am trying to upload a zip file to Google drive account using curl.
The file is uploaded successfully but the filename is not getting updated. It gets uploaded with default filename i.e. "Untitled".
I am using below command.
curl -k -H "Authorization: Bearer cat /tmp/token.txt" -F "metadata={name : 'backup.zip'} --data-binary "#backup.zip" https://www.googleapis.com/upload/drive/v2/files?uploadType=multipart
You can use Drive API v3 to upload the zip file. The modified curl code is as follows.
curl -X POST -L \
-H "Authorization: Bearer `cat /tmp/token.txt`" \
-F "metadata={name : 'backup.zip'};type=application/json;charset=UTF-8" \
-F "file=#backup.zip;type=application/zip" \
"https://www.googleapis.com/upload/drive/v3/files?uploadType=multipart"
In order to use this, please include https://www.googleapis.com/auth/drive in the scope.
The answer above works fine and was the command I used in uploading my file to Google Drive using Curl. However, I didn't understand what scope was and all of the initial setup required to make this command work. Hence, for documentation purposes. I'll give a second answer.
Valid as at the time of writing...
Visit the Credentials page and create a new credential (this is assuming you have created a project). I created credentials for TVs and Limited devices, so the work flow was similar to:
Create credentials > OAuth client ID > Application Type > TVs and Limited Input devices > Named the client > Clicked Create.
After doing this, I was able to copy the Client ID and Client Secret when viewing the newly created credential.
NB: Only the variables with double asterisk from the Curl commands should be replaced.
Next step was to run the Curl command:
curl -d "client_id=**client_id**&scope=**scope**" https://oauth2.googleapis.com/device/code
Scope in this situation can be considered to be the kind of access you intend to have with the credential having the inputted client_id. More about scope from the docs For the use case in focus, which is to upload files, the scope chosen was https://www.googleapis.com/auth/drive.file.
On running the curl command above, you'll get a response similar to:
{ "device_code": "XXXXXXXXXXXXX", "user_code": "ABCD-EFGH",
"expires_in": 1800, "interval": 5, "verification_url":
"https://www.google.com/device" }
Next step is to visit the verification_url in the response in your browser, provide the user_code and accept requests for permissions. You will be presented with a code when all prompts have been followed, this code wasn't required for the remaining steps (but there may be some reasons to use it for other use cases).
Next step is to use the Curl command:
curl -d client_id=**client_id** -d client_secret=**client_secret** -d device_code=**device_code** -d grant_type=urn%3Aietf%3Aparams%3Aoauth%3Agrant-type%3Adevice_code https://accounts.google.com/o/oauth2/token
You will get a response similar to:
{ "access_token": "XXXXXXXXX", "expires_in": 3599,
"refresh_token": "XXXXXXXXX", "scope":
"https://www.googleapis.com/auth/drive.file", "token_type": "Bearer"
}
Now you can use the access token and follow the accepted answer with a Curl command similar to:
curl -X POST -L \
-H "Authorization: Bearer **access_token**" \
-F "metadata={name : 'backup.zip'};type=application/json;charset=UTF-8" \
-F "file=#backup.zip;type=application/zip" \
"https://www.googleapis.com/upload/drive/v3/files?uploadType=multipart"
I'm working on putting a Parse Server on Heroku. I'm using this app:
https://github.com/ParsePlatform/parse-server-example
Uploading to heroku using this guide:
https://devcenter.heroku.com/articles/getting-started-with-nodejs
I've updated the db and server URLs in the parse server code, and everything uploads and deploys properly. However, when I attempt to use cURL to test the server as indicated in this guide:
https://github.com/ParsePlatform/parse-server
I get the following error:
{"error":"Unexpected token '"}
I have copied and pasted the cURL command, modified for my url:
curl -X POST -H "X-Parse-Application-Id: myAppId" -H "Content-Type: application/json" -d '{"score":1337,"playerName":"Sean Plott","cheatMode":false}' http://my-app-name.herokuapp.com/parse/classes/GameScore
Heroku logs show the request coming in (so I know it's going to the right place) but no errors. I'm deploying from Windows 7, if that matters. This is my first experience with heroku and parse server so I'm kind of flying blind. Anybody see the problem?
Try to invert simple quote to double quote for your POST data field, it's work for me :
#here : "{'score':1337,'playerName':'Sean Plott','cheatMode':false}"
curl -X POST -H "X-Parse-Application-Id: myAppId" -H "Content-Type: application/json" -d "{'score':1337,'playerName':'Sean Plott','cheatMode':false}" http://my-app-name.herokuapp.com/parse/classes/GameScore
instead
#here : '{"score":1337,"playerName":"Sean Plott","cheatMode":false}'
curl -X POST -H "X-Parse-Application-Id: myAppId" -H "Content-Type: application/json" -d '{"score":1337,"playerName":"Sean Plott","cheatMode":false}' http://my-app-name.herokuapp.com/parse/classes/GameScore
I had that issue - for me the fix was is I was using a restApi key which is no longer needed in the Parse-Server.
It was also affecting my s3 adapter - was not allowing me to upload any images through dashboard.
I removed the restApi key and everything started working.
Just trying to play with google app scripts. In anonymous mode things seem fine. Except that anyone can call my script simply like that snippet shows:
curl "https://script.google.com/macros/s/.../exec?ip=\"$myIp\""
I used this manual for tips on how to authenticate through GoogleLogin. The problem is "401 Unauthorized" I received when sent auth token and "Me(owner)/Only myself" options were set on google side. (The token seems correct itself. If I omit password or mistype it, then I receive "Bad auth") If I set "Anyone, even anonymous" again, it works, but auth stuff seems like ignored. What's the correct way to do the trick?
#!/bin/bash
gmail=$1
password=$2
myIp=$3
GoogleAuthToken=""
GoogleAuthToken=`curl --silent https://www.google.com/accounts/ClientLogin --data-urlencode Email=$gmail \
--data-urlencode Passwd=$password -d accountType=GOOGLE -d source=YouDontSay -d service=lh2`
echo $GoogleAuthToken
GoogleAuthToken=$(echo "$GoogleAuthToken" | grep 'Auth=' | sed s/Auth=//)
echo $GoogleAuthToken
curl -L --silent --header "Authorization: GoogleLogin auth=$GoogleAuthToken" "https://script.google.com/macros/s/.../exec?ip=\"$myIp\""
You use ClientLogin
https://www.google.com/accounts/ClientLogin
This is google error :
Important: ClientLogin has been officially deprecated since April 20,
2012 and is now no longer available. Requests to ClientLogin will fail
with a HTTP 404 response. We encourage you to migrate to OAuth 2.0 as
soon as possible.