I've seen a few questions/guides about implementing 3 step OAuth inside of a Rails app, but I'm interested in only the client side part of it. I'm trying to authenticate as a consumer to an OAuth2 server. As far as I can tell, I'm building the access token correctly.
#consumer = OAuth::Consumer.new(#config[:client_id], #config[:client_secret],
{
:site => "http://api.server.com",
:oauth_version => "2.0",
:http_method => :post,
:authorize_path => "/oauth2/authorize",
:access_token_path => "/oauth2/token",
:request_token_path => "/oauth2/request_token"
})
token_hash = { oauth_token: #config[:client_id], oauth_token_secret: #config[:client_secret] }
#access_token = OAuth::AccessToken.from_hash(#consumer, token_hash)
All of this succeeeds, the access token ends up looking like this:
#<OAuth::AccessToken:0x007fb6f2290468
#token="client_id",
#secret="secret",
#consumer=#<OAuth::Consumer:0x007fb6f2290800
#key="client_id",
#secret="secret",
#options={:signature_method=>"HMAC-SHA1",
:request_token_path=>"/outh2/request_token",
:authorize_path=>"/oauth2/authorize",
:access_token_path=>"/oauth2/token",
:proxy=>nil,
:scheme=>:header,
:http_method=>:post,
:oauth_version=>"2.0",
:site=>"https://api.server.com"
}
>,
#params={:oauth_token=>"client_id",
:oauth_token_secret=>"secret"
}>
The problem is that any request I make using #access_token returns a Forbidden error.
Any ideas what part of my request is wrong?
Related
I'm new to Ruby and I'm trying to implement a oauth2 with client credentials flow.
I've found the "ouath2" gem, but that requires a redirect_uri that I don't have.
Here is the gem.
Here is what I'm trying to implement
secret_id = 'this-is-a-secret-id'
token_id = 'this-is-a-token-id'
scope = 'such-a-good-scope'
grant_type = 'client_credentials'
#client = nil
# Get access token
def GetAccessToken
HttpRequest request = HttpRequest::Post("https://awesome-page.com/oauth/token")
request.content = {
{ "client_id" => token_id },
{ "client_secret" => secret_id }
{ 'grant_type' => grant_type },
{ 'scope' => scope}
}
response = request.send
json = response.content
accessToken = JsonConvert.DeserializeObject<Token>(json)
#client = Client.new(bearer: accessToken)
end
# Refresh token
def RefreshToken
HttpRequest request = HttpRequest::Post("https://awesome-page.com/oauth/token")
request.content = {
{ "client_id" => token_id },
{ "client_secret" => secret_id }
{ 'grant_type' => grant_type },
{ 'refresh_token' => scope}
}
response = request.send
json = response.content
accessToken = JsonConvert.DeserializeObject<Token>(json)
#client = Client.new(bearer: accessToken)
end
# End then implementing the "getting the resources with the client" part and so on...
Any idea how to do this, I'm getting a little bit desperate now
Any help is greatly appreciated!
You’re kind of going about this all wrong. With the Oauth2 gem you need to:
Initialise a new Oauth2::Client with your client ID, secret, scope, and define the token and redirect url (this is a url in your app that users logging in get sent back to. Not used for Client Credentials flow as it’s for server to server comms)
Call token = client.client_credentials.get_token. This sets token to an AccessToken it obtained.
Then call token.get(‘https://your-url.com/path/to/resource’) - or post/patch/delete.
Look at the access_token.rb file in the repo to see the methods you can call. They also take a series of params, for things like additional headers or body payload you can pass. It’s based on Faraday so you can always look up Faraday docs for help with that part.
I am trying to create some simple Ruby code to add emails using the Campaign Monitor API. Below is my code.
require 'httparty'
require 'json'
def request
url = 'https://api.createsend.com/api/v3.1/subscribers/MYLISTID.json'
auth = {:username => 'MYAPIKEY', :password => 'x'}
response = HTTParty.post(url,
:basic_auth => auth, :body => {
'EmailAddress' => 'mike#hotmail.com',
'Name' => 'Test',
'Resubscribe' => true,
'RestartSubscriptionBasedAutoresponders' => true
})
puts response
puts response.code
end
request
I can connect with the API. However, when I try to add the email I am getting the following response.
{"Code"=>400, "Message"=>"Failed to deserialize your request.
Please check the documentation and try again.
Fields in error: subscriber"}
400
When I change the request to get instead of put
my response is:
{"Code"=>1, "Message"=>"Invalid Email Address"}
I can't understand what I am doing wrong as I have followed the documentation on the Campaign Monitor API
It looks like you have everything setup correctly, you just need to turn the body of the post into a json string.
response = HTTParty.post(url,
:basic_auth => auth, :body => {
'EmailAddress' => 'mike#hotmail.com',
'Name' => 'Test',
'Resubscribe' => true,
'RestartSubscriptionBasedAutoresponders' => true
}.to_json)
I'd like to point out that a Campaign Monitor API gem also exists that will do all of that work for you.
Campaign Monitor API Gem
the goal is to have one Google (YouTube) account for the web app. Users of the web app will be able to upload videos via this account to the one YouTube channel. After many hours im in the ends. I've found plenty of samples how to implement for Google user <-> web app interaction, but I don't need such comprehensive solution.
I'm trying over OAuth 2.0 (as recommended) and with Google API Ruby Client (https://github.com/google/google-api-ruby-client)
So far I have authorized the Google account (which will have that YouTube channel) with the web app, all necessary scopes included, offline access too and I have mechanism for refreshing access token. So I have access token, refresh token, client id and client secret.
But I don't know how to send a simple authorized request. The result below returns me "Daily Limit for Unauthenticated Use Exceeded." after a while so something wrong - i guess im missing part with client id and client secret.
So the question is: How to send simply authorized request via OAuth 2.0 with Google API Ruby Client, when we work with only one user and we have all necessary ids, secrets and tokens?
Thanks for any help or suggestion.
# Faraday connection
conn = Faraday.new(:url => 'https://accounts.google.com',:ssl => {:verify => false}) do |faraday|
faraday.request :url_encoded
faraday.response :logger
faraday.adapter Faraday.default_adapter
end
# Refresh token
result = conn.post '/o/oauth2/token', {
'refresh_token' => "1/1lDIvifN******************dk9Akuc9ELVKM0",
'client_id' => "61********506.apps.googleusercontent.com",
'client_secret' => "********************g_dLfKmi",
'grant_type' => 'refresh_token'}
#output = ActiveSupport::JSON.decode result.body
#access_token = #output['access_token']
#token_type = #output['token_type']
# Google Client
client = Google::APIClient.new
# YouTube API v3
api = client.discovered_api('youtube', 'v3')
# Retrieve list of playlists (not working)
#result = client.execute(
:api_method => api.playlists.list,
:parameters => {'part' => 'snippet', 'mine' => 'true'},
:authorization => {'token_type' => #token_type, 'access_token' => #access_token}
)
Ok, so I though the :authorization param in the execute request will add HTTP header Authorization: token_type access_token itself, but not and it was a problem.
So this works:
#result = client.execute(
:api_method => api.playlists.list,
:parameters => {'part' => 'snippet', 'mine' => 'true'},
:authorization => {:token_type => #token_type, :access_token => #access_token},
:headers => {:authorization => #token_type + ' ' + #access_token}
)
i am using omniauth to authenticate a user via twitter. omniauth provides access tokens. now i want to send the get or post request to twitter. i dont want to use any gems. i want to do with net::http.
even in twitter api documentation ! I am not able to find a good tutorial for this
can any one help? thanks
Here it is exactly what you need, so, since you've got the token and the secret from omniauth, now you are going to use it:
def prepare_access_token(oauth_token, oauth_token_secret)
consumer = OAuth::Consumer.new("APIKey", "APISecret", { :site => "https://api.twitter.com", :request_token_path => '/oauth/request_token', :access_token_path => '/oauth/access_token', :authorize_path => '/oauth/authorize', :scheme => :header })
token_hash = { :oauth_token => oauth_token, :oauth_token_secret => oauth_token_secret }
access_token = OAuth::AccessToken.from_hash(consumer, token_hash )
access_token
end
Then you, for example, post a tweet:
msg = {'status' => 'Hey look I can tweet via OAuth!'}
access_token = prepare_access_token(token, secret)
response = access_token.post('https://api.twitter.com/1/statuses/update.json', msg, { 'Accept' => 'application/xml' })
Read the article presented on the link for more informations.
I have the following code:
token = client.auth_code.get_token(code, :redirect_uri => 'http://localhost:3000')
response = token.get('https://api.foursquare.com/v2/users/self/checkins', {:mode => :query})
The problem is that no matter what :mode I specify I always get a Bearer token in Authorization header. The code in question is a private set_token which always depends on the default :mode which is always :header.
Am I using it wrong?
Thanks!
There seems to be a problem how the oauth2 gem passes variabels inside the objects so mode and param_name seems to be lost on the way. A solution to the problem would be to create a new AccessToken object with the correct parameters instead of using the shorthand. This example is tested against Foursquares api and it works.
require "oauth2"
client = OAuth2::Client.new(
"CLIENT_ID",
"CLIENT_SECRET",
:authorize_url => "/oauth2/authorize",
:token_url => "/oauth2/access_token",
:site => "https://foursquare.com/"
)
puts client.auth_code.authorize_url(:redirect_uri => "http://localhost:4000")
code = gets.chomp
token = client.auth_code.get_token(code, :redirect_uri => "http://localhost:4000")
token = OAuth2::AccessToken.new(client, token.token, {
:mode => :query,
:param_name => "oauth_token",
})
response = token.get('https://api.foursquare.com/v2/users/self/checkins')
puts response.body