This happens in the API Explorer and using the .NET client API. In the API Explorer, I was trying to use the query param, but eventually I just removed it and now send the request with no params, and it still turns around 400 even though I am authenticating successfully with OAuth2 in browser.
Why is this endpoint broken?
https://developers.google.com/admin-sdk/directory/v1/reference/users/list
The problem was the customer field was not filled in. It must contain a valid customer id. Once I populated that, it worked.
Really wish Google would work on providing better error feedback and improve their docs. This field (as of today) is still listed as optional.
As the documentation says:
either the customer or the domain parameter must be provided
I tried to specify domain name and it worked.
Related
I have GSuite Service Account and My app uses following scopes (these are working fine) :
https://www.googleapis.com/auth/admin.directory.customer.readonly,https://www.googleapis.com/auth/admin.directory.user.readonly,https://www.googleapis.com/auth/admin.directory.domain.readonly,https://www.googleapis.com/auth/drive.readonly,https://www.googleapis.com/auth/drive.metadata.readonly,https://www.googleapis.com/auth/drive.photos.readonly
Now I Have to access gsuite groups, As mentioned here in api documentation : https://developers.google.com/admin-sdk/directory/v1/reference/groups/list
I Added these two scopes :
https://www.googleapis.com/auth/admin.directory.group.readonly,
https://www.googleapis.com/auth/admin.directory.group
in my already existing scopes, and I'm unable to authorise my application now.
When I try to check this via api explorer in the above link, It throws an error : 400 - Bad Request. But the strangest thing happen, it returned 200 ONCE only while trying and returned the group I created, But I'm unable to make successful call again and keeps getting error.
Is there anything I'm missing here? Any help will be really appreciated.
Thanks.
NOTE: I can access gsuite users with above scopes as well, the issue is only with the groups.
As is mentioned on the documentation, 400 error is not related to the scopes that you are using. However the explorer API information is not correct as the "Customer" field is required, You can try it typing my_customer on that field and you should get a 200 if your user has the proper permissions.
I have submitted a request to update the current documentation.
I keep getting invalidSearchFilter error when using YouTube API v3. I have the following params:
part: snippet
q: testtag
forMine: true
type: video
I am using the API playground, and noticed that if I do an OAuth call, it will work, but with just the API key (Execute without OAuth), it fails. Same thing happens in my code. A basic list call works in both, so I am suspecting a bug in their API, or I'm missing something.
Can anyone else confirm this to see if I'm missing something?
It works if I leave off the forMine and type params, but then it searches globally, which is not what I want.
I have searched for this, and the only other references I've found have been related to not setting the type param, but I have it set.
I found this link which suggests a possible API bug: youtube v3 api error when searching with forMine set to false
The documentation is your friend Search: list
forMine boolean This parameter can only be used in a properly
authorized request. The forMine parameter restricts the search to only
retrieve videos owned by the authenticated user. If you set this
parameter to true, then the type parameter's value must also be set to
video.
So yes you are missing something the part where you can only use forMime type parameter with authorized requests. Using an Api key is an unauthorized request you are accessing the public API. How do you think it would be able to search videos that yours if you aren't authenticated? It doesn't know who you are.
I am trying to make Google OAuth 2 authentication work with a toy app I am running on my computer (at localhost:8080) using Social Auth for Java.
However when my app connects to Google to authenticate the user, Google responds with this error page:
My app, named "My Hobby App", is configured in the Developer Console as such:
In the Google OAuth 2 docs, it is specified that:
redirect_uri: One of the redirect_uri values listed for this project
in the Developers Console.
Determines where the response is sent. The
value of this parameter must exactly match one of the values listed
for this project in the Google Developers Console (including the http
or https scheme, case, and trailing '/').
I have a couple of questions:
How can I add multiple redirect_uris to my app?
Why is Google identifying my app as "Project Default Service Account" rather than "My Hobby App"?
It's actually easier than you think, unfortunately, it took me a couple of hours to figure it out.
How can I add multiple redirect_uris to my app?
Normally when you add multiple links to something on Google or elsewhere you separate it by , or ; but with Redirect URIs you have to use a new line, it's actually not very intuitive. So when you press the Edit Settings button, you can add to the URI and/or Origins if you have a couple more links, separated by newlines (enter).
No need for complicated app configurations or new keys.
Why is Google identifying my app as "Project Default Service Account" rather than "My Hobby App"?
On your second question: You have to go to the "Consent Screen" tab to change your app info such as your PRODUCT NAME, HOMEPAGE, LOGO, etc.
This answer may not be an exact answer to the question, but I think this might help those who are using Google OAuth for the first time and are wondering why their multiple URIs are not being recognized.
We use the redirect URI at 2 places in the code. First time, while fetching the auth code and a second time, when exchanging this code for an access token.
In the Google docs, it is clearly mentioned that the response for the auth code request(1st request) will be sent to the redirect URI. So, if you make the request from an endpoint A and specify the rediredt URI as endpoint B, Google will send the auth code to endpoint B. This is clear and worked fine without any errors.
Coming to the second request, the documentation is somewhat ambiguous. The redirect_URI parameter is described as below:
redirect_uri: The URI that you specify in the API Console, as described
in Set a redirect URI.
This is where I made a mistake in understanding how this works. Following a similar approach to the first call, I used a third endpoint C and passed this endpoint C in the redirect_URI parameter while making the second call. I got a URI mismatch error although my endpoints B and C are specified in the API console.
The problem is that, unlike in the case of first call, the response to the second call comes to the same endpoint from where the request is made. I made a request in python like below:
r = requests.post(token_endpoint, params)
r has the response with the token.
I was getting a URI mismatch because, I am supposed to use the same redirect_URI in both the calls.
So, for a single OAuth request, we need to use a single redirect_URI.
But then, that brings up the question, why are multiple redirect_URIs allowed in the API console for a single app. I am assuming that if we need to make multiple pairs of authCode-token calls in the same app, we have the leeway of using multiple redirect_URIs.
I have a tumblr api-application and i need to receive infos about a specific blog.
To get this information I need the following request:
api.tumblr.com/v2/blog/{base-hostname}/info?api_key={key}
But I don't know how i get the {base-hostname} from the user who is logged in. Oauth provides just the conusmer-key, the consumer-secret, theo auth-token, and the oauth-token-secret. But i need the blog-name which matches with the user credentials. It works perfectly fine with the tumblr_client gem but due to some reason I am not allowed to use ist.
Can anybody help me with that?
I think you can parse the response from /user/info api (which is based on oauth creds provided for the request). It returns the name / url for the user's blog(s), which you can then use in your {base-hostname}.
I am not able to get a request token from the oauth/initiate page because it says page not found. What could be the problem?
I have created an oAuth customer, given the appropriate REST roles and attributes. Also, appended the consumer key, secret, nonce etc. in the authorization for the oAuth request.
What am I missing?
Oauth will give you page not found if the request params are incorrect. It's likely your client isn't sending the parameters correctly, or your signature doesn't match the one Magento is calculating.
I added some temporary logging to the OAuth server to try and track down the issue.
Add this to file app/code/core/Mage/Oauth/Model/Server.php after line 594, it will help you see what specific oauth error is being raised
Mage::log($response, Zend_Log::DEBUG, 'oauth.log');
Try your initiate request again, and then check var/log/oauth.log to see what the error is.
Don't even think about doing this on a production system, and ensure you roll back your changes afterwards. You should never modify core files other than for temporary debugging.