It seems like I must be missing something here. I'm working on a simple app and I'm starting with Dropbox's tutorial:
# Install this the SDK with "gem install dropbox-sdk"
require 'dropbox_sdk'
# Get your app key and secret from the Dropbox developer website
APP_KEY = 'XXXXXXXXXXXXXXX'
APP_SECRET = 'XXXXXXXXXXXXXXX'
CODE = 'QEL2VDUKRj4AAAAAAAAAAcBT_U9GoEvKF2UCXp3h4UA'
flow = DropboxOAuth2FlowNoRedirect.new(APP_KEY, APP_SECRET)
puts flow.start()
access_token, user_id = flow.finish(CODE)
client = DropboxClient.new(access_token)
file = open('working-draft.txt')
response = client.put_file('/magnum-opus.txt', file)
puts "uploaded:", response.inspect
The code only seems to work for one request (or at least one run of the script), and then I get an error:
E:/RailsInstaller/Ruby1.9.3/lib/ruby/gems/1.9.1/gems/dropbox-sdk-1.6.2/lib/dropbox_sdk.rb:69:in `parse_response': invalid_grant (DropboxError)
What do I have to do in order to get this to work without authorizing every single time?
Just store the access token somewhere and reuse it as much as you want.
To try this manually, just print out the value of access_token and then modify your code to just be:
access_token = '<value from previous run>'
client = DropboxClient.new(access_token)
Related
I am trying to do what look simple but clearly isn't - authenticate with NTLM.
The example in the documentation (http://www.rubydoc.info/gems/httpclient/2.1.5.2/HTTPClient) looks straightforward, but when I try it I always get a 401.
I created a simple website in IIS whch requires NTLM. I tested this works in IE & chrome.
I then
require 'httpclient'
require 'pp'
require 'kconv' #seemed to be needed due to a bug..
require 'rubyntlm' # probably not needed directly?
domain = 'http://qvcluster1/'
url = 'http://qvcluster1/default.htm'
user = 'testuser'
password = 'testpassword'
client = HTTPClient.new
client.set_auth(nil ,user,password)
r = client.get("http://qvcluster1/default.htm")
pp r
From my understanding there is not much more to it, yet it is failing
this is the tail end of what I get from the last line:
#reason_phrase="Unauthorized",
#request_absolute_uri=nil,
#request_method="GET",
#request_query=nil,
#request_uri=#<URI::HTTP http://qvcluster1/default.htm>,
#status_code=401>,
Any suggestions are appreciated !
As an aside, I just tested from curl and this works fine:
"C:\Program Files\cURL\bin\curl.exe" --ntlm -u testuser:testpassword http://qvcluster1/default.htm
False Alarm - as it turns out there were problems with the web server communicating with the domain controller so it was messing up authentication. I removed and re-added it to the domain and all is fine now!
I'm using a Google service account to make API calls for my Dashing dashboard to Analytics. I'm using the Legato gem to get Analytics data, and authenticating using the gem's wiki's instructions for service accounts.
I've put my Google username and private key into ENV (after base 64-encoding it), and am using dotenv to synchronize these settings between local and Heroku (heroku config confirms that everything is set correctly). So, my authentication code looks like this:
class GoogleAnalyticsAccount
attr_accessor :user, :profile
# Thanks to the "Service Accounts" section at
# https://github.com/tpitale/legato/wiki/OAuth2-and-Google
def initialize scope="https://www.googleapis.com/auth/analytics.readonly"
client = Google::APIClient.new application_name: '[App name]',
application_version: '1.0'
key = Google::APIClient::PKCS12.load_key(Base64.decode64(ENV['GOOGLE_PRIVATE_KEY_BASE64']), "notasecret")
service_account = Google::APIClient::JWTAsserter.new(ENV['GOOGLE_USER'], scope, key)
client.authorization = service_account.authorize
oauth_client = OAuth2::Client.new("", "", {
:authorize_url => 'https://accounts.google.com/o/oauth2/auth',
:token_url => 'https://accounts.google.com/o/oauth2/token'
})
token = OAuth2::AccessToken.new(oauth_client, client.authorization.access_token)
#user = Legato::User.new(token)
end
def profile
#user.profiles.first
end
end
Locally, this code works just fine. On Heroku, I get the following response from Google:
{
"error": "invalid_grant"
}
No more detail than that. Based on extensive Googling, I've found that the two most likely reasons for this are A) I've hit my request limit (but it can't be that, because the same credentials work locally), and B) the server clock isn't synced with NTP. I've set the timezone on Heroku to America/Chicago (same as my local machine), but no dice.
Any ideas? Thanks!
Huh. I was using dotenv and heroku-config to push my settings up to Heroku. Turns out, putting my GOOGLE_USER and GOOGLE_PRIVATE_KEY_BASE64 inside quote marks in my .env file was taken literally by heroku-config, and it was pushing those settings with quote marks to my Heroku config. Thus, the username/key were invalid—hence invalid_grant.
And to think I've been working on this problem for days...
I'm trying to get an access token from Google API in my Ruby on Rails app, as part of an overall goal of setting up a raketask. I am able to get an Auth Code fine, but when I make a post request to get an access token, I am getting a 302 error. I'll describe my current code first, and afterward list how I've tried to solve the problem so far.
Current code:
#users_controller
def auth_access
client = Signet::OAuth2::Client.new(
:authorization_uri => 'https://accounts.google.com/o/oauth2/auth',
:token_endpoint_uri => 'https://accounts.google.com/o/oauth2/token',
:client_id => ENV['OAUTH_CLIENT_ID'],
:client_secret => ENV['OAUTH_CLIENT_SECRET'],
:scope => 'https://www.googleapis.com/auth/analytics.readonly',
:redirect_uri => 'http://localhost:3000/google/auth_callback'
)
redirect_to client.authorization_uri.to_s
end
This part works fine so far. It redirects to the consent page, and when the user agrees it then redirects them to the page with the auth code in the url parameters. Next I take that auth code and try to make a POST request to API for an access token:
#users_controller
def auth_callback
http = Net::HTTP.new('accounts.google.com')
path = '/o/oauth2/token'
data = "code=#{params['code']}&client_id=#{ENV['OAUTH_CLIENT_ID']}&client_secret=#{ENV['OAUTH_CLIENT_SECRET']}&redirect_uri=http://localhost:3000/auth_final&grant_type=authorization_code"
response = http.post(path, data)
end
This when I run into a problem. The Google API returns a 302, and includes a message saying something akin to "we moved to 'https://accounts.google.com/o/oauth2/token'".
Here's how I've tried to fix the problem so far:
I assumed that the problem was that the http.post method is making a call to an http and not https.
I've tried including
http.use_ssl = true
http.ssl_version = :SSLv3
This returns the error "SSL_connect returned=1 errno=0 state=SSLv3 read server hello A: wrong version number".
I can take a guess at what this means, but I am still unsure of what the actual problem is and how to solve it. Googling the error message has not been a help.
In a similar vein, I tried using gems to make the https call for me, in particular HTTParty and Typheous, although I was not able to make any progress with them (and am still not even sure that it's an http/https problem).
I've tried using the Signet-Rails gem. This was the most productive method by far, making a successful API call and returning the information. However, it either wasn't saving the refresh token or I cannot find where it is being saved. As I need access to that token to run the rake tasks, I gave up on Signet-Rails.
I tried using Legato, and was constantly running into various problems. Overall, Legato left me with the impression that it did not integrate getting the auth code, consent and tokens into the app, instead requiring the developer to set those up in advance outside of the app's scope. I want to be able to set up the auth code as part of the app. If I am understanding Legato properly, then it is not the gem I need.
I've also tried other various odds and ends but to no avail. The above solutions were the tactics I kept coming back to. Primarily I'm looking for an answer to what is going wrong in my code, and what is the best avenue to fix it (and if I was going down the right track with any of my attempted solutions above, which one?)
Thanks for taking the time to read this and answer!
(on a complete sidenote, those last three list items should be 2, 3, 4, but the stackoverflow text editor thinks it knows better than me...)
Specify the port:
http = Net::HTTP.new('accounts.google.com', 443)
Source: SSL Error on HTTP POST (Unknown Protocol)
I'm trying to use Google's Custom Search API through the Google API Ruby client. I have setup my API key through the Google API console, and have also created my CSE. Based on the documentation, it seems that, as long as I provide an API key (which I am doing), I shouldn't need an OAuth2 authentication token to call the list method. However, when I try to execute the code below, I get the following error:
ArgumentError: Missing access token.
What am I missing? Here's my code:
# create client
client = Google::APIClient.new
# Fetch discovery doc
search = client.discovered_api('custom search')
# Call list method
response = client.execute(
search.cse.list, 'key' => '<my API key>', 'cx' => '<my CSE id>', 'alt' => 'json', 'q' => 'hello world'
)
I believe this is in fact a bug in the client (it's in alpha). After fiddling with it a little more, I've found a workaround:
just after creating the client object, assign it a "dummy" access token:
client.authorization.access_token = '123'
then you can call the search.cse.list method without getting the 'ArgumentError: Missing access token.' error.
If you're just after using Google CSE with ruby, try google-cse. I just built the gem, although I've been using it for a while privately. Much easier to work with than the alpha client
I found out that adding client.retries = 3 to my code solves this problem.
With the current version of the gem (0.7.1), you need to set the authorization to nil in addition to setting the key:
require 'google/api_client'
client = Google::APIClient.new
client.key = ENV['GOOGLE_API_KEY']
client.authorization = nil
client.execute ...
xI've been working for days to get Twitter to authenticate with Ruby, but I'm not having any luck.
My first attempt was something like this:
class TwitterController < ApplicationController
def index
#callback_url = "http://dev.twipler.com:3000/twitter/auth"
#auth= TwitterOAuth::Client.new( :consumer_key => "xxx", :consumer_secret => "xxxxxxxxxxxxxxxxx" )
#rtoken = #auth.request_token :oauth_callback => #callback_url
#token = #rtoken.token
#secret = #rtoken.secret
#link = #rtoken.authorize_url
session['token' ] = #token
session['secret'] = #secret
redirect_to #link
end
def auth
#auth.authorize_from_request(session[:rtoken], session[:rsecret], params[:oauth_verifier])
end
end
And a very similar way but with the Twitter gem, and the same with the OAuth gem directly. No matter what OAuth::Consumer::token_request dies with a 401 error.
So, out of desperation I attempted to git clone Snitter, add my Twitter creds, and try it, but it too dies with a 401.
I've tried using localhost:300/twitter/auth, http://dev.twipler.com:3000/twitter/auth, and a bit.ly for each of the former 2. Nothing works.
Any help?
EDIT: Of course I would forget to do the most logical thing to do and delete my secrets. (They've been changed ;)).
You may want to edit your consumer secret out. With that, anyone can make requests on behalf of your app.
That said, make sure your system time is synced to an ntp server. If your system time has drifted fast or slow, OAuth requests will fail, since their include a timestamp and relatively short TTL. I had this exact problem a while back.
Failing that, you can crack open the oauth gem and turn on HTTP debugging, which will show you the full HTTP transaction including any error message returned.