I have referred http://www.broadleafcommerce.com/blog/why-your-ecommerce-site-should-integrate-with-spring-social to bring fb and twitter login to my broadleaf site but i am facing following error despite trying many of the solutions posted on stackoverflow and twitter dev support
GET request for "https://api.twitter.com/1/account/verify_credentials.json" resulted in 401 (Unauthorized); invoking error handler
Anybody have any idea how to deal with this error? Is it because in the tutorial 1.0.2.RELEASE version of spring social is used?
After days of effort finally got to know the issue. The problem was version of spring social api. Since the post i was referring to was of sept,2012 as a result i was using 1.0.2-Release which used auth1.0 to connect to twitter but in 2013 twitter started using auth1.1 whose support is in spring social 1.0.3-Release api. Hence i simply changed the version of spring social and the problem got resolved.
Also one thing i found out the twitter does not allow user's email id to be seen so the api calls to get email of a user will always return null.
Related
I am in the process of calling Okta API for Authentication "Primary Authentication" as shown in the pic below and I tested this using post man and it was working as expected with proper response.
I am trying to integrate this API call out with APEX by making use of "Web Source Modules" (APEX version 19.2) as shown below
There is no Authentication required by this API as it is open. I am unable to discover the service and I am faced with error "405 Method not allowed" when I try to test the POST operation. Thanks to anyone who can help me in this regard.
Your web source operations only have put, add post.
I'm building a Angular 6 front-end and Spring boot based REST api. Angular app is going to be hosted separately behind a nginx. I want to implement spring security in order to secure REST apis. As per my understanding I need to two following things.
Spring security to authenticate API calls for valid tokens and respond 403 if not
Angular library in order to redirect user to google login and maintain access/refresh tokens, pass access token for api calls in headers and refresh access token if backend respond with 403.
I'm not quite sure whether the authenticate request go via spring backend or directly to google.
I have been searching for a good tutorial for sometime but didn't find one matching my requirement( most are html pages hosted within spring ). So please correct if my understanding on how to do this is wrong and share if there are tutorials.
Check this article. This might be the article which help to you.
Moreover let me know if it worked.
I am deploying an app on Heroku that uses Google OAuth2. When I test the app, I go to the auth url (/auth/google) and I see the following error message (note that I replaced domain name with *** just for posting here:
That’s an error.
Error: invalid_client
The OAuth client was not found.
Request Details response_type=code
redirect_uri=https://****.com/auth/google/callback scope=profile email
client_id=process.env.GOOGLE_CLIENT_ID That’s all we know.
I have looked at the following questions before posting and have been trying to debug for several hours:
Error: invalid_client with Google Apps API OAuth2
invalid_client in google oauth2
I have tried to do the following:
Ensure there are no spaces before and after the values in Heroku
The consent screen in Google Console has the name and email address completed
I have renamed the app within Google Console
I have deleted the key/value from Heroku and re-created
Despite all this, I am unable to fix this. Any ideas on what I maybe missing?
The answer is in the question.
Google can't find any reference to your client, which is identified by the client_id in the URL. Instead of a valid client_id (which looks something like "40740878192.apps.googleusercontent.com") you have given a client_id of "process.env.GOOGLE_CLIENT_ID". It looks like a bug in your code that instead of using process.env.GOOGLE_CLIENT_ID as a variable, you have used it as a literal.
I'm using the OAuth 2.0 spec for retrieving fantasy football data in the same way this site is using it: http://yfantasysandbox.herokuapp.com/resource/user/game_teams (github repo: https://github.com/whatadewitt/yfsapi)
After retrieving my access_token and refresh_token, I'm trying retrieve the user teams resource and getting this 401 error for no apparent reason
{
"lang": "en-US",
"description": "Please provide valid credentials. OAuth oauth_problem=\"bearer_token_not_over_ssl\", realm=\"yahooapis.com\""
}
It had been working for a few days and it all stopped working suddenly without me having changed anything. Please let me know if the spec has changed. I'm using the https protocol for each of my API requests and am sure to get new access_tokens if needed. My callbackUrl is also using https if that helps.
Its working perfectly now. Looks like it was a disruption in service with the API and not anything fundamental. Good luck this season!
Another possible explanation is that the urls you are passing are http, not https. I was getting this issue, too, until I updated all of my requests to use https.
I am using Spring Social and the Spring Social Google Provider in a project. I am doing an implicit sign up when a user try to login into the application.
Everything is ok until now, the problem is I want to check if the domain of the username's email matches some pattern, if it doesn't I am returning null (the documentation says that, here http://goo.gl/SF2rF0), but doing it I don't have a way to show the error to the user: You can not login with that email.
How can I face this? Should I throw an Exception and handle it in a GlobalHandler (ugly approach)?