I'm trying to make a spotify web manager with ruby, to make that I'm following the Authorization Guide.
My backend looks similar to the example made by the spotify's guys in this github. You can see mine here code here.
So the error I'm getting are 400 - Bad request or 415 - Unsupported media type.
At first I was using the net/http core library, but because maybe I was doing something wrong I've used Typhoeus and the result are the same.
This is the code is not working:
request = Typhoeus::Request.new("https://accounts.spotify.com/api/token",
method: :post,
body: {
grant_type: "authorization_code",
code: code,
redirect_uri: "http://localhost:5000/auth/spotify/callback"
},
headers: {
"Authorization": "Basic #{Base64.strict_encode64("#{settings.spotify_id}:#{settings.spotify_key}")}"
},
followlocation: true
)
logger.info request.inspect
request.on_complete do |response|
logger.info "[]" * 100
logger.info response
if response.success?
logger.info "SUCCESS"
elsif response.timed_out?
logger.info "TIMED OUT"
elsif response.code == 0
logger.info response.return_message
else
logger.info "HTTP request failed: #{response.code.to_s}"
redirect '/auth/failure'
end
end
request.run
Well, if someone of you have any idea of what is happenning, It would be helpful to know it.
Thanks in advance.
Edit
The string interpolation is is working properly, has been tested on console.
"Basic #{Base64.strict_encode64("#{settings.spotify_id}:#{settings.spotify_key}")}"
About the redirect_uri, must to work well, one thing because the guide is explained with localhost example, and second, the first request explained on the Authorization Guide is working properly, the problem happens when I'm trying to do the 4 step on that guide.
Are you sure that kind of string interpolation works? Did you look at the traffic in wireshark to see if it is working correctly? It looks suspicious cause you use double-quotes within double quotes and still expect it to work. If you don't wanna set up wireshark, have your app post the request text on the console. Furthermore, are you sure Spotify will allow redirect_uri's with localhost? Also, when do you get the 400, and when do you get the 415? This is important information, you can't just conflate them like that.
I've changed the Typhoeus gem for HTTParty, and now the error is becoming clearer.
The main thing here is not the 400 or the 415 error, is the message attached to this error. The error here is:
"error"=>"invalid_grant", "error_description"=>"Invalid authorization code"
So, It's my fault not to be aware of that, but was not clear the message, sometimes the fatigue and frustration makes you not seeing the obvious.
Now, just have to know why the auth. code is not valid.
Anyway thanks for the help.
Related
Using the documentation at https://developers.google.com/admin-sdk/directory/v1/guides/push#creating-notification-channels I subscribed to a notification using something like:
service = build('admin', 'directory_v1', credentials=credentials)
watch_data = {
'id': str(uuid.uuid1()),
'type': 'web_hook',
'address': 'https://example.appspot.com/push/user',
'payload': True,
}
subscription = service.users().watch(domain=domain, event='update', body=watch_data).execute()
# 'subscription' is stored
I got a proper reply and everything seem fine to that point.
Until I try to stop the notification with the following code:
# 'subscription' is retrieved from the storage
service = build('admin', 'directory_v1', credentials=credentials)
stop_data = {
'id': subscription.id,
'resourceId': subscription.resource_id
}
request = service.channels().stop(body=stop_data)
request.execute()
This raises an 'HttpError' 404 exception:
Response: <HttpError 404 when requesting https://www.googleapis.com/admin/directory/v1/admin/directory_v1/channels/stop? returned "Not Found">
Interestingly, using the same parameters (known good 'id' and 'resourceId' from the same user), the API explorer gadget at https://developers.google.com/admin-sdk/directory/v1/reference/channels/stop fails in the same way.
I've also been unable to find this endpoint in the full blown API explorer.
I believe that the discovery somewhat misbehaves.
The URI built by the client is: 'https://www.googleapis.com/admin/directory/v1/admin/directory_v1/channels/stop'
whereas the documentation states it should be:
'https://www.googleapis.com/admin/directory/v1/channels/stop'.
Could this be a bug in the API?
I'll try to make a "manual" authenticated request ASAP to check this hypothesis.
Edit 2016-11-09:
Tried a manual request using the following code:
# 'subscription' is retrieved from the storage
stop_data = {
'id': subscription.id,
'resourceId': subscription.resource_id
}
http = httplib2.Http()
http = credentials.authorize(http)
url = 'https://www.googleapis.com/admin/directory/v1/channels/stop'
method = 'POST'
response, content = http.request(url, method, body=json.dumps(stop_data),
headers={'content-type': 'application/json'})
I still get a 404 as a result. So I guess that the problem is not the endpoint URI.
If someone from Google reads this, can you please look into it?
It's not super critical but I'd like to not have dangling notification subscriptions.
Edit 2 2016-11-09:
Thanks to #Mr.Rebot for pointing out the reports API bug report.
Upon closer inspection, the problem here is exactly the same.
Using the manual request code above but adjusting the URI with an underscore, I'm finally able to make a successful request (returns 204).
url = 'https://www.googleapis.com/admin/directory_v1/channels/stop'
So there's definitely a bug somewhere and the following documentation pages have the wrong endpoint URI:
https://developers.google.com/admin-sdk/directory/v1/guides/push#stopping-notifications
https://developers.google.com/admin-sdk/directory/v1/reference/channels/stop
Also found this related post: Google Admin SDK Channel Stop endpoint is broken in client libraries
To those that wonders in the Google Docs hell for the past two years, and counting.
The wrong/right URL is:
https://www.googleapis.com/admin/reports_v1/channels/stop
And the Scope to use this URL is:
https://www.googleapis.com/auth/admin.reports.audit.readonly
I hope this helps someone :)
I'm trying to get an access token from Google API in my Ruby on Rails app, as part of an overall goal of setting up a raketask. I am able to get an Auth Code fine, but when I make a post request to get an access token, I am getting a 302 error. I'll describe my current code first, and afterward list how I've tried to solve the problem so far.
Current code:
#users_controller
def auth_access
client = Signet::OAuth2::Client.new(
:authorization_uri => 'https://accounts.google.com/o/oauth2/auth',
:token_endpoint_uri => 'https://accounts.google.com/o/oauth2/token',
:client_id => ENV['OAUTH_CLIENT_ID'],
:client_secret => ENV['OAUTH_CLIENT_SECRET'],
:scope => 'https://www.googleapis.com/auth/analytics.readonly',
:redirect_uri => 'http://localhost:3000/google/auth_callback'
)
redirect_to client.authorization_uri.to_s
end
This part works fine so far. It redirects to the consent page, and when the user agrees it then redirects them to the page with the auth code in the url parameters. Next I take that auth code and try to make a POST request to API for an access token:
#users_controller
def auth_callback
http = Net::HTTP.new('accounts.google.com')
path = '/o/oauth2/token'
data = "code=#{params['code']}&client_id=#{ENV['OAUTH_CLIENT_ID']}&client_secret=#{ENV['OAUTH_CLIENT_SECRET']}&redirect_uri=http://localhost:3000/auth_final&grant_type=authorization_code"
response = http.post(path, data)
end
This when I run into a problem. The Google API returns a 302, and includes a message saying something akin to "we moved to 'https://accounts.google.com/o/oauth2/token'".
Here's how I've tried to fix the problem so far:
I assumed that the problem was that the http.post method is making a call to an http and not https.
I've tried including
http.use_ssl = true
http.ssl_version = :SSLv3
This returns the error "SSL_connect returned=1 errno=0 state=SSLv3 read server hello A: wrong version number".
I can take a guess at what this means, but I am still unsure of what the actual problem is and how to solve it. Googling the error message has not been a help.
In a similar vein, I tried using gems to make the https call for me, in particular HTTParty and Typheous, although I was not able to make any progress with them (and am still not even sure that it's an http/https problem).
I've tried using the Signet-Rails gem. This was the most productive method by far, making a successful API call and returning the information. However, it either wasn't saving the refresh token or I cannot find where it is being saved. As I need access to that token to run the rake tasks, I gave up on Signet-Rails.
I tried using Legato, and was constantly running into various problems. Overall, Legato left me with the impression that it did not integrate getting the auth code, consent and tokens into the app, instead requiring the developer to set those up in advance outside of the app's scope. I want to be able to set up the auth code as part of the app. If I am understanding Legato properly, then it is not the gem I need.
I've also tried other various odds and ends but to no avail. The above solutions were the tactics I kept coming back to. Primarily I'm looking for an answer to what is going wrong in my code, and what is the best avenue to fix it (and if I was going down the right track with any of my attempted solutions above, which one?)
Thanks for taking the time to read this and answer!
(on a complete sidenote, those last three list items should be 2, 3, 4, but the stackoverflow text editor thinks it knows better than me...)
Specify the port:
http = Net::HTTP.new('accounts.google.com', 443)
Source: SSL Error on HTTP POST (Unknown Protocol)
I'm trying to do a PUT call on a Google Groups API using Ruby and the OAuth2 GEM. I've managed to authenticate OK, and the GET call works properly, but I can't seem to get the call to use the PUT method. I thought the following would work, since OAuth2 uses Faraday, but I just keep getting the 400 message back, with an indication that something's "required":
data = access_token.put('https://www.googleapis.com/groups/v1/groups/{email address}?alt=json').parsed do |request|
request.params['email'] = "{email address}"
end
Has anyone got a working example of passing parameters to a PUT request?
OK. Looks like the ".parsed" was interfering with the call here's what works, with some additions to the request object:
response = access_token.put('https://www.googleapis.com/groups/v1/groups/{email address}') do |request|
request.headers['Content-Type'] = 'application/json'
request.body='{"email": "{email address}"}'
end
# check this
puts response.status
# works if it's 200
[Cross-posted from the OAuth Ruby Google Group. If you couldn't help me there, don't worry bout it]
I'm working on integrating a project with TripIt's OAuth API
and am running into a weird issue.
I authenticate fine, I store and retrieve the token/secret for a given
user with no problem, I can even make GET requests to a number of
services using the gem. But when I try using the one service I need
POST for, I'm getting a 401 "invalid signature" response.
Perhaps I'm not understanding how to pass in data to the AccessToken's
post method, so here's a sample of my code:
xml = <<-XML
<Request>
<Trip>
<start_date>2008-12-09</start_date>
<end_date>2008-12-27</end_date>
<primary_location>New York, NY</primary_location>
</Trip>
</Request>
XML`
response = access_token.post('/v1/create', {:xml => xml},
{'Content-Type' => 'application/x-www-form-urlencoded'})
I've tried this with and without escaping the xml string before hand.
The guys at TripIt seemed to think that perhaps the xml param wasn't
getting included in the signature_base_string, but when I output that
(from lib/signature/base.rb) I see:
POST&https%3A%2F%2Fapi.tripit.com%2Fv1%2Fcreate&oauth_consumer_key
%3D%26oauth_nonce
%3Djs73Y9caeuffpmPVc6lqxhlFN3Qpj7OhLcfBTYv8Ww%26oauth_signature_method
%3DHMAC-SHA1%26oauth_timestamp%3D1252011612%26oauth_token
%3D%26oauth_version%3D1.0%26xml%3D%25253CRequest%25253E
%25250A%252520%252520%25253CTrip%25253E%25250A
%252520%252520%252520%252520%25253Cstart_date%25253E2008-12-09%25253C
%252Fstart_date%25253E%25250A
%252520%252520%252520%252520%25253Cend_date%25253E2008-12-27%25253C
%252Fend_date%25253E%25250A
%252520%252520%252520%252520%25253Cprimary_location%25253ENew
%252520York%252C%252520NY%25253C%252Fprimary_location%25253E%25250A
%252520%252520%25253C%252FTrip%25253E%25250A%25253C%252FRequest%25253E
%25250A
This seems to be correct to me.
I output signature (from the same file) and the output doesn't match
the oauth_signature param of the Auth header in lib/client/
net_http.rb. It's been URL-encoded in the auth header. Is this
correct?
Anyone know if the gem is broken/if there's a fix somewhere? I'm finding it hard to trace through some of the code.
Your oauth_token is empty. Not familiar with the protocol, is that ok?
Once you include the correct token, please also remember to use token_secret in the signing.
I'm new to Ruby coming from Java. I'm trying to make a http get request and I'm getting an http response code of 400. The service I'm calling over http is very particular and I'm pretty sure that my request isn't exactly correct. It'd be helpful to "look inside" the req object after I do the head request (below) to double check that the request_headers that are being sent are what I think I'm sending. Is there a way to print out the req object?
req = Net::HTTP.new(url.host, url.port)
req.use_ssl = true
res = req.head(pathWithScope, request_headers)
code = res.code.to_i
puts "Response code: #{code}"
I tried this: puts "Request Debug: #{req.inspect}" but it only prints this: #<Net::HTTP www.blah.com:443 open=false>
Use set_debug_output.
http = Net::HTTP.new(url.host, url.port)
http.set_debug_output($stdout) # Logger.new("foo.log") works too
That and more in http://github.com/augustl/net-http-cheat-sheet :)
If you want to see & debug exactly what your app is sending, not just see its log output, I've just released an open-source tool for exactly this: http://httptoolkit.tech/view/ruby/
It supports almost all Ruby HTTP libraries so it'll work perfectly for this case, but also many other tools & languages too (Python, Node, Chrome, Firefox, etc).
As noted in the other answer you can configure Net::HTTP to print its logs to work out what it's doing, but that only shows you what it's trying to do, it won't help you if you use any other HTTP libraries or tools (or use modules that do), and it requires you to change your actual application code (and remember to change it back).
With HTTP Toolkit you can just click a button to open a terminal, run your Ruby code from there as normal, and every HTTP request sent gets collected automatically.