I tried to connect the Google Analytics API to my Prestashop 1.6.1.11.
I created and install the Google Analytics, then configure the API Google Anlytics in v3.0 mode ( with OAuth 2.0 ), but each time I put the parameters (ID Client, secret key and Profile ), Google Analytics API redirect me to a 400 error with this message :
Error: invalid_request /
Invalid parameter value for redirect_uri: Missing scheme: modules/gapi/oauth2callback.php
I don't understand because when I create the API identification, I put the redirect URI like that :
http://www.websitename.com/modules/gapi/ouath2callback.php
And same for https, but still doesn't work
Did I miss something ? Thanks a lot in advance
It looks like you are using a relative URI "modules/gapi/oauth2callback.php". It needs to be the full, absolute URI, character for character identical to the URI you defined in the API Console, eg. "https://www.websitename.com/modules/gapi/ouath2callback.php". Also, don't use http for redirect URI. It's only a matter of time before plain text URLs are disabled for security reasons.
Related
I use the standard go library golang.org/x/oauth2 to acquire an OAuth2 token from Microsoft users.
This is the oauth2 config I use:
return oauth2.Config{
ClientID: clientID,
ClientSecret: clientSecret,
Endpoint: microsoft.AzureADEndpoint("common"),
Scopes: []string{
"https://graph.microsoft.com/.default",
},
}
This is how I get the redirect URL:
oauth2Config.AuthCodeURL(state, oauth2.ApprovalForce, oauth2.AccessTypeOffline)
And this is how I exchange the code acquired in my oauth2 callback to the oauth2 token:
oauth2Config.Exchange(ctx, code)
I use the same code for integrating with github, google cloud platform, bitbucket and digitalocean. It has been working fine for me and it does work with Microsoft but sometimes I randomly get one of the following errors:
AADSTS90013 Invalid input received from the user
or
AADSTS900144: The request body must contain the following parameter: 'grant_type'.
And I don't understand what might be the reason. The first error potentially could be caused by some JS bugs in the Microsoft consent screen. The second error makes no sense – oauth2 lib sets grant_type value correctly, I search for this error and it says the issue could be in the incorrect encoding which should be x-www-form-urlencoded but I've looked up oauth2 library and confirmed that's exactly what it does.
Or maybe there's a timeout for a repeated acquisition of a token under the same user.
UPD: I get these errors during the exchange of a code to a token
UPD2: I started to get oauth2 errors randomly with other providers, such as DigitalOcean, the errors also happens during the code to a token exchange. Errors like this:
ERROR STACKTRACE: oauth2: cannot fetch token: 400 Bad Request
Response: {"error":"bad_request","error_description":"invalid semicolon separator in query"}{"error":"invalid_request","error_description":"The request is missing a required parameter, includes an unsupported parameter value, or is otherwise malformed."}
could not get auth token
I've looked up values in my oauth2 config, it's all correct, the values however are not url encoded (I assume oauth2 lib handles this).
I've recently upgraded my go to 1.17.6
UPD3: I've noticed that my oauth2 configs both for DigitalOcean and Microsoft didn't have AuthStyle specified, so I've set it manually to oauth2.AuthStyleInParams. But this still didn't resolve the issue. After a few repeated attempts with DigitalOcean it started to randomly return the following error:
Response: {"error":"bad_request","error_description":"invalid semicolon separator in query"}{"error":"invalid_request","error_description":"The request is missing a required parameter, includes an unsupported parameter value, or is otherwise malformed."}
which I don't even think is a valid error, there's no semicolon symbol neither in the request URL nor the body
UPD4. It may sound stupid but when I restart my app (I run-debug it via GoLand) DigitalOcean oauth works just fine until I connect a Microsoft account via oauth2 (which also works fine), but then if I connect (reconnect) DigitalOcean account again then it just stops working ¯_(ツ)_/¯
UPD5. Below is the debug watch of doTokenRoundTrip function inside oauth2 library. The token exchange request returns 400 bad request
The request body:
client_id=[redacter]&client_secret=[redacted]&code=e50e6dc91ec6b855becdef7a32cc4e28684851ccf385b2f6bb667ed6ec1172df&grant_type=authorization_code&redirect_uri=http%3A%2F%2Flocalhost%3A8080%2Fv1%2Fdigitalocean%2Foauth2%2Fcallback
The URL and the body both looks good to me. However this returns the following error:
Response: {"error":"bad_request","error_description":"invalid URL escape "%\x9b\x06""}{"error":"invalid_request","error_description":"The request is missing a required parameter, includes an unsupported parameter value, or is otherwise malformed."}
UPD6. Exchange request headers:
The issue caused by the extra headers. Normally it should be only Content-Type: application/x-www-form-urlencoded header but as you can see above there are extra headers including Content-Encoding: gzip which probably causes the issues. These headers added after I connect Microsoft account via oauth2, more specifically is because I use microsoft graph sdk (github.com/microsoftgraph/msgraph-sdk-go) after acquiring the token. This SDK implements RoundTripper interface that eventually adds extra headers.
Submitted the issue to graph sdk https://github.com/microsoftgraph/msgraph-sdk-go/issues/91
I think second error refers to the grant_type missing in the config
grant_type:authorization_code,
code: {code you got from the authorization step},
client_secret: ****
Other way of accessing the OAuth 2.0 Token, Please refer this Document
I had implemented the code to received authorization code as described in this step:
https://developers.google.com/android-publisher/authorization#generating_a_refresh_token
We deployed this code to one server that has "https://..." domain and this works well. We can get the access_token, refresh_token...
But now we need to deploy the same code to a dev server that has no "https".
I created a new OAuth client id with redirect uri using the dev server (no https, the rest /api/v1/... is the same as the previous working server)
Now anytime I tried to go to this url and Allow access
https://accounts.google.com/o/oauth2/auth?scope=https://www.googleapis.com/auth/androidpublisher&response_type=code&access_type=offline&redirect_uri=http://dev_server/api/v1/...&client_id=dev_server_client_id
I got 401 Unauthorized.
I'm not sure why, but the only difference I can see is "https" vs "http".
Any idea why?
Thank you very much.
Actually I forgot to update the corresponding values in my code
const oauth2Client = new OAuth2(
config.googleApi.clientId,
config.googleApi.clientSecret,
config.googleApi.redirectUri // <= Especially this value
);
These values need to be updated to (beside values on google console).
I thought that using Google's official ruby client API would be the easiest way to validate an access_token that hits my backend server.
Not really.
Version 0.9 has not a simple sample of validating an access token and API docs doesn't help neither.
I have got this far:
require 'google/apis/oauth2_v2'
oauth = Google::Apis::Oauth2V2::Oauth2Service.new
oauth.tokeninfo({access_token: 'aaaaaaaa...'})
=> Google::Apis::ClientError: Invalid request
docs on google-api-client-0.9.4/generated/google/apis/oauth2_v2/service.rb say that tokeninfo method raises:
[Google::Apis::ServerError] An error occurred on the server and the request can be retried
[Google::Apis::ClientError] The request is invalid and should not be retried without modification
[Google::Apis::AuthorizationError] Authorization is required
How can I tell that the token is invalid ?!?
Can you guys share some examples ?
I am newbie Parse and I have a problem. I want to use parse classes for dynamic content such as blog posts. Everyting works as expected there is no problem ; but when I try to fetch as google in Google Webmaster Tools it says AJAX blocked. So google will not index this content anyway.
when I follow the link I saw this below.
this is what I see when follow class link
So google crawler try to get ajax content but it comes to it with a ConnectionFailed aka 100 error. (I tested it to show in a label on page what returns in parse query error callback. So I see what renders google)
Am I doing something wrong is this an expected behaviour ?
Anyone knows how to solve this ?
Btw: I am hosting this website on heroku with custom domain over https (with cloudflare dns redirected and free ssl)
I also deployed to Parse Cloud Hosting unfortunately the result is same :(
This is the full result of the Fetch as Google :
full page result of fetch as google
The page at https://api.parse.com/1/classes/GameScore is asking for authentication, and it's throwing a 401 Unauthorized status code for unauthorised requests. That's already a problem.
Besides that, the page at https://api.parse.com/robots.txt is currently showing
User-Agent: *
Disallow: /
Googlebot can't access that page because it's disallowed for crawling in the first place, but even if it could access it, it would run into an authentication gate which it wouldn't be able to pass.
If the content from that URL (https://api.parse.com/1/classes/GameScore) is essential for the page where its referenced/used, you would have to work with Parse to allow crawlers access those URLs.
If it's not essential, then you can safely ignore that warning.
There seems to be some confusion as to what is causing an error with Google Places API and using JSON as the output.
For example, the output (when pasting the URL into the address abr of your browser returns this:
{
"html_attributions" : [],
"results" : [],
"status" : "REQUEST_DENIED"
}
At first, I thought this may have something to do with my API Access Status set to 'Inactive' but after reading several posts here on SO...
REQUEST_DENIED Google Maps API v3 Places Error
Google Places API - REQUEST_DENIED
REQUEST_DENIED when using the Google Places API
...I am none the wiser. The aim of this post/thread is to try establish exactly the capabilities of Google Places API, whether or not the API Key is required, and why REQUEST_DENIED occurs so often for many users.
"status" : "REQUEST_DENIED" is returned when:
The sensor parameter is missing
The key parameter is missing
The sensor parameter is not set to true or false
There is a problem with the key parameter e.g.
You have not activated the Places API Service in your APIs Console Services Tab
Your API Key does not match the key in your APIs Console API Access Tab
Your API key has been compromised and blocked; you can generate a new API key in your APIs Console API Access Tab
The request is not sent as a HTTPS GET request
HTTPS is required for all Places API Web Service request
POST requests will only work for Places API Place Actions e.g Check-In and Event requests