I'm trying to connect with Magento 1.X Rest Api, but when I try to do a get request on:
http://magentohsot.com.br/admin/oauth_authorize?oauth_token=XXXXXX
I get the error: An error occurred. Your authorization request is invalid.
I already checked the oauth consumer key and oauth consumer secret and they are right.
To generate the oauth_token I did a get request in Postman with this:
http://magentohost/oauth/initiate?oauth_consumer_key=xxxx&oauth_signature_method=HMAC-SHA1&oauth_timestamp=1475102900&oauth_nonce=5wq5DG&oauth_version=1.0&oauth_signature=nWhmHcih/DvtXuDOjjvJJVnWrss=&oauth_callback=xxxx
How can I fix this?
Related
I am trying to get new access token from my refresh token for google drive api. In my google playground it works but when I want to create the same request in postman or my code it doesn't work and I always get error "Invalid grand type". I don't know to find what is problem.
google developers playground
postman headers and body
You need to understand that there is three steps to the Oauth2 dance.
step one is requesting access of the user and getting the authorization code.
HTTP GET https://accounts.google.com/o/oauth2/auth?client_id={clientid}.apps.googleusercontent.com&redirect_uri=urn:ietf:wg:oauth:2.0:oob&scope=https://www.googleapis.com/auth/analytics.readonly&response_type=code
Note &response_type=code tells the server you want an authorization code returned.
step two is to exchange that code for an access token and refresh token.
POST https://accounts.google.com/o/oauth2/token
code=4/X9lG6uWd8-MMJPElWggHZRzyFKtp.QubAT_P-GEwePvB8fYmgkJzntDnaiAI&client_id={ClientId}.apps.googleusercontent.com&client_secret={ClientSecret}&redirect_uri=urn:ietf:wg:oauth:2.0:oob&grant_type=authorization_code
Note the part where it says &grant_type=authorization_code. this tells the server you are giving them an authorization code.
3 the final step is refreshing your access token.
POST https://accounts.google.com/o/oauth2/token
client_id={ClientId}.apps.googleusercontent.com&client_secret={ClientSecret}&refresh_token=1/ffYmfI0sjR54Ft9oupubLzrJhD1hZS5tWQcyAvNECCA&grant_type=refresh_token
Note &grant_type=refresh_token you are telling the server you are sending them a refresh token.
You appear to be sending a refresh token with the wrong grant type.
I have a video on how to set up postman to use google oauth2
How to set up Oauth2 in PostMan.
Google 3 Legged OAuth2 Flow
Note: Due to a recent change with Making Google OAuth interactions safer by using more secure OAuth flows redirect uri of urn:ietf:wg:oauth:2.0:oob is going to stop working soon.
I need to create request for getting data from Google Analytics API in Postman. I managed to generate access token with playground platform but I need permanent refresh token (in playground I can generate only 24h token).
I tried to generate token in Console API:
I've created project
Add analytics API in my project
Generate client ID and secret code
But I don't know which redirect URL using. Default value that was generate in JSON is urn:ietf:wg:oauth:2.0:oob","http://localhost
Than I've generated authorization code with request (from browser):
https://accounts.google.com/o/oauth2/auth?scope=https://www.googleapis.com/auth/analytics&redirect_uri=http://localhost&response_type=code&client_id=XXXX
And when I tried to generate access_token with POST request in Postman, sending such keys:
code:XXXXXX
redirect_uri:urn:ietf:wg:oauth:2.0:oob (also tryed http://localhost)
client_id:YYYYY
client_secret:ZZZZZZ
scope:https://www.googleapis.com/auth/analytics
grant_type:authorization_code
And got error
{
"error": "invalid_grant",
"error_description": "Bad Request"
}
How should I set grant for Postman? Could you help me to resolve issue and understand what I do wrong
I managed to resolve my issue. It should be added redirect_url https://www.getpostman.com/oauth2/callback
Steps I have followed:
Create a project in Google API console and also enabled Google+
API.
Fetch client API and client secret.
Uncomment code and replace the appropriate value in the code:
Fetch Authorization token using Angular6 after sign in to Google.
While Calling API from postman getting the following error:
"Message": "Authorization has been denied for this request.
I am trying to get the permanent access_token and access_token_secret from Mangento 1.9.
I have consumer_key and consumer_secret and have configured the required permission by following this link http://devdocs.magento.com/guides/m1x/api/rest/permission_settings/permission_settings.html
I have successfully generated the temporary access_token and access_token_secret. But while trying to generate the oauth_verifier I am getting:
An error occurred. Your authorization request is invalid.
How can I solve this problem?
You can generate permanent access token and and token secrete using Postman.
Follow the link.
How to use POSTMAN rest client with magento REST api with Oauth. How to get Token and Token Secret?
1) Create rest api consumer (Collect temporary consumer key and screte key from here)
2) Creat web -> admin role, given all the resource permision
3)Create magento admin user role->linked it with the Rest role
username-username
password-password
For getting the permenant access key and token
4)Oauth initiate GET request in postman will return temporary
oauth_token=---------------- oauth_token_secret=------------------
oauth_callback_confirmed=true
5)then o-auth authorize with parameter as a token(from the last request) simple GET request
6)The login form will open ->filled with the consumer role credentials and made a POST request
7)click on authorize will give the following in responce
"oauth_token": ----------------,
"oauth_verifier": ----------------
8)making request with all the parameters will give
permenant token and secrete key:
oauth_token=----------------
oauth_token_secret=----------------
will have to use this tokens in headers while requesting resources.
In Postman in oauth1.0 filling all the tokens(select auto add params to header and params and keep empty parameter)
and url http://yourhost/app/api/rest/customers
will return all the customer
I'm using the google plus ruby quickstart to add "sign in with google" to a small sinatra application. I am able to successfully request the authorization code client side, but the request to exchange the code for a token fails. I've replaced all of my application's code with the code in the example repo, but I receive the same error.
# received the authorization code
# exchange it for a token
$authorization.fetch_access_token!
Error
Signet::AuthorizationError - Authorization failed. Server message:
{
"error" : "invalid_request",
"error_description" : "Required parameter is missing: grant_type"
}
I know that things are failing inside signet but i'm not sure how to inspect the request to see what is wrong.
Have you tried to set the grant_type to the refresh_token before you fetch the token from google?
I've used the same client in a rails app and shimming the grant_type into the signet auth object works.
client.authorization.grant_type = 'refresh_token'
client.authorization.fetch_access_token!
=> {"access_token"=>"foo", "token_type"=>"Bearer", "expires_in"=>3600, "id_token"=>"foo"}