Houndify: Web SDK Sample: signed token rejected - houndify

I've been away from coding for a few years so excuse the simple nature of this question. I've downloaded the Houndify web sdk and followed instructions to get it running on my local web server (localhost). When running it I get the authentication error "signed token rejected". I've updated the config.json and index.html with my client ID and Key. Any ideas?
E W

Can you check:
if you have activated your account by clicking the link in the email
test the request from the API console from the Client dashboard page
I have had the same error and realized that my account was not activated.

Related

Q: Google OAuth 2 Error 400: redirect_uri_mismatch but redirect uri is compliant and already registered in Google Cloud Console

I am developing a NextJS application using next-auth with Google Oauth 2 as its authentication provider. The production build is running on Heroku. When attempting to sign in on my production build, Google OAuth is giving me "Error 400: redirect_uri_mismatch". Normally this would be an easy fix, except the exact uri is already registered in Cloud Console.
.
I have also tried added many different permutations of my uri, but this did not help.
This issue not solved by 11485271 or 69151061.
Error in question:
Error 400: redirect_uri_mismatch
You can't sign in to this app because it doesn't comply with Google's OAuth 2.0 policy.
If you're the app developer, register the redirect URI in the Google Cloud Console.
Request Details
If you’re the app developer, make sure that these request details comply with Google policies.
redirect_uri: https://middcourses2.herokuapp.com/api/auth/callback/google
And here is a link to the list of authorized domains in GCP.
Solved! So for some reason, Google changed my Client ID and Client Secret after I already set up those env variables. Once I noticed the change and inputted the new values it worked fine.
For me, clientID was not the issue, but this was due to a trailing slash( / ).
redirect_uri must be an EXACT MATCH on the developers console.
In the Google Cloud console, I had http://localhost:8080 under the redirect URIs in the list while my code was sending http://localhost:8080/ while making the oAuth call.

How do I secure a Web API with Azure AD B2C

I have a Angular application and a separate Web API solution built with .NET Core. I have successfully setup authentication with Azure AD B2C. I am able to login to the angular application. However I would like to secure one of my Web API calls. i.e. http://localhost/Profile/GetProfile. The trouble is that I'm able to query this url successfully even when not logged in.
I used code from the sample application in github and strangely I get 401 not authorized when trying to make my api call from my ClientApp. However, I am able to open that url successfully in a new tab (outside of my application). I am trying to achieve the opposite of this. i.e. it should 401 from a browser but 200 from my ClientApp. What am I doing wrong?
BTW the sample application throws a unhandled exception when trying to navigate to the todo menu item.
The trouble is that I'm able to query this url successfully even when
not logged in.
This is because the cache is still there after you successfully log in. Once you've used browser privacy mode, you'll need to log in again.
And is these screenshots below what you want to achieve? You can decode token in this.Whether the requested token is successful does not match the api endpoint.If so,please check your client app (API perssions) & server app(Expose an API).
401 from a browser
2.200 from my ClientApp.(Here's a microsoft graph me/endpoint demo.)

Error: invalid_client no registered origin

I have installed the Google Drive Realtime API sample files on my web server, following these instructions, including generating a client_id in the Cloud Console and inserting it into the index.html file.
When I visit that page and click the button to authorize the app, it pops up with a new window and shows:
Error: invalid_client
no registered origin
The Request Details are:
openid_connect_request=true
cookie_policy_enforce=false
scope=https://www.googleapis.com/auth/drive.install https://www.googleapis.com/auth/drive.file https://www.googleapis.com/auth/plus.me
response_type=token
access_type=online
redirect_uri=postmessage
proxy=oauth2relay865404532
origin=http://mywebsite.com
state=264939258|0.165356673
display=page
client_id=1077585001321.apps.googleusercontent.com
authuser=0
I can't see any other client_id that I should be using in the Cloud Console. Does anybody know how to overcome this error? Thanks for your help.
In the new Google API Console, configure your OAuth2.0 authorized origins from
Your Project > APIs & auth > Credentials
You might need to add a new Client ID specifically for a web application (I did because the default was for AppEngine)
Create Client ID > Web Application > Authorized Javascript origins
If you are running on a local dev server, just add the exact URL such as :
http://127.0.0.1:9000
UPDATE: I changed accepted answer to Johno Scott instead as he refers to the newer version of the console, whereas mine was only true for the older version.
I solved it. I needed to enter a WEB ORIGIN on the OAuth 2.0 Client ID screen. Specifically, it had to be the exact path/url of the index.html file, otherwise it defaults to the root domain which doesn't work.
This screenshot shows you exactly where it needs to be entered:

Google checkout integration with magento

I'm trying to add Google Checkout to my magento 1.7.0.0 shop. I've traced the issue and it seems to fail during posting to google's server because when I try to read the response it's false.
The error I get is: Google Checkout: Invalid response from Google Checkout server
I'm using magento 1.7, google sandbox with sandbox credentials, verified bank account, unchecked digitally signed carts, but am using a self-signed certificate on my development machine, and API version 2.2.
The issue is happening in app/code/core/Mage/GoogleCheckout/Model/Api/Xml/Abstract.php on lines 174, 175
$http = new Varien_Http_Adapter_Curl();
$http->write('POST', $url, '1.1', $headers, $xml);
$response = $http->read();
Not a PHP dev ~
Is this a sandbox server to server (Shopping Cart) POST? Check:
that you are using sandbox credentials in your headers;
that you are posting to a sandbox url for the xml you are sending
Note - unchecking "digital cart" only means your account will also accept HTML API cart POSTs, but it doesn't mean you can send XML without a digital signature if doing direct FORM post to Google - re: in XML API, you have 2 options to send XML data:
Direct HTML FORM POST to Google (must include signature), or;
Server to Server POST to Google (must use Basic Auth credentials)
You can also check your sandbox Integration Console for detailed error messages:
Tools -> Integration Console
Hth...
There was a problem with it being a local environment. The issue was either with Google not being able to communicate or with my tld ending in .dev. Possibly Google rejected the request for that reason.

Securesocial with Twitter and Playframework 2.0 on Heroku

I have sucesfully installed securesocial in my play 2 app and I have it working for google and facebook. But i am having an issue with twitter
My conf file has the following
#
# Twitter
#
securesocial.twitter.requestTokenURL=https://twitter.com/oauth/request_token
securesocial.twitter.accessTokenURL=https://twitter.com/oauth/access_token
securesocial.twitter.authorizationURL=https://twitter.com/oauth/authenticate
securesocial.twitter.consumerKey=mykey
securesocial.twitter.consumerSecret=mysecret
but I am getting the following exception.
securesocial.provider.AuthenticationException: Authorization failed (server replied with a 401). This can happen if the consumer key was not correct or the signatures did not match.
My key and secret are the same as they are on my twitter API account app that I have created for this app. I have also included the website and the #anywhere domain from where this request is being called from.
Any ideas?
Make sure the time in your computer is properly set. Twitter will return that error if the local time in your computer is out of some offset compared to the time in their servers. Hope this helps.

Resources