I query information of post id 104146902459712_115865294621206 but api return information of post id 104146902459712_115866081287794
Request:
curl --location --request GET 'https://graph.facebook.com/v14.0/104146902459712_115865294621206?access_token=*******'
Response:
{
"created_time": "2022-10-13T17:24:36+0000",
"message": "⭕ Giày thu đông, Thắt lưng\n🐸 Các mẫu , hot nhất thu đông 2022\n\n❌Hàng shop tự chụp, nhận hàng kiểm tra thanh toán, có hỗ trợ đổi sz\n\n637 Lương Ngọc quyến Tp Thái Nguyên",
"id": "104146902459712_115866081287794"
}
Why/When did it happen?
Related
I'm currently attempting to create a mock integration using the python AWS CDK for the purpose of running integration tests in an app.
This app needs to query an external API to validate a payload. The endpoint expects a Content-Type application/vnd.nasa.cmr.umm+json;version=1.6.3. For now, I would like the MockIntegration to always return a 200 status code with an empty response.
This is what I tried:
from aws_cdk import aws_apigateway
cmr_api = aws_apigateway.RestApi(
self, f"integration-test-cmr-api-try",
)
aws_apigateway.Resource(
self, "mock-cmr-validation", parent=cmr_api.root, path_part="ingest"
).add_resource(
"validate"
).add_method(
http_method="POST",
integration=aws_apigateway.MockIntegration(
request_templates={
"application/vnd.nasa.cmr.umm+json;version=1.6.3": json.dumps({"statusCode": 200})},
integration_responses=[
{
"statusCode": "200",
"responseTemplates": {"application/json": json.dumps({})},
}
],
),
method_responses=[
{
"statusCode": "200",
"responseModels": {
"application/json": aws_apigateway.Model.EMPTY_MODEL
},
}
],
)
Unfortunately a request to the generated gateway returns:
curl --request POST 'https://trfjg7ckha.execute-api.us-east-1.amazonaws.com/prod/ingest/validate' \
--header 'Content-Type: application/vnd.nasa.cmr.umm+json;version=1.6.3' \
--data-raw '{}'
Status code 500, {"message": "Internal server error"}.
Setting only application/json (or even application/vnd.nasa.cmr.umm+json) as the key in MockIntegration.request_templates, and using that as the Content-Type in the request, returns the intended result (status code 200, empty response). This makes me wonder if the issue can potentially be in setting the ;version=1.6.3 with the Content-Type?
Any help would be greatly appreciated!
After some further experimentation, I was able to get pass this issue by using application/vnd.nasa.cmr.umm+json in the request_template (without the version). When that is the request_template content type, any application/vnd.nasa.cmr.umm+json;version=XXX matches and the correct mock integration is triggered!
I'm using google directory search API but i coudn't retrive the users names(firstName, lastName) details in response even after applying proper readMask
below is the request details:
{
"method": "GET",
"headers": {
"Authorization": "Bearer access_token",
"Content-Type": "application/json"
},
"uri": "https://people.googleapis.com/v1/people:searchDirectoryPeople?query=ajay&readMask=names,nicknames,addresses,calendarUrls,emailAddresses,organizations,phoneNumbers,photos,relations&sources=DIRECTORY_SOURCE_TYPE_DOMAIN_CONTACT&sources=DIRECTORY_SOURCE_TYPE_DOMAIN_PROFILE"
}
NOTE: I'm getting the proper results with api, but issue is for some contact results, i'm not getting names(firstname, lastname) data/info in the response
If you are getting a "PERMISSION_DENIED" error, this means the access token you are using doesn't have the directory access scope:
https://www.googleapis.com/auth/directory.readonly
Which is required for accessing directory contacts.
Also your sources param should be:
sources=DIRECTORY_SOURCE_TYPE_DOMAIN_CONTACT,DIRECTORY_SOURCE_TYPE_DOMAIN_PROFILE
and not
sources=DIRECTORY_SOURCE_TYPE_DOMAIN_CONTACT&sources=DIRECTORY_SOURCE_TYPE_DOMAIN_PROFILE
P.S.
It's a very bad idea to post real access-tokens in public posts, you should always redact secrets when you post your API requests online.
I'm trying to create new order on PayU, via their REST api. I'm sending "get access token", and i have correct answer. Then i send 'create new order', aaaaand i ve got 103 error, error syntax.
I was trying on https://webhook.site/ , and realized why syntax is bad - i have no values in list.
Code of sending POST, when creating new order:
data = {
"notifyUrl": "https://your.eshop.com/notify",
"customerIp": "127.0.0.1",
"merchantPosId": "00000",
"description": "RTV market",
"currencyCode": "PLN",
"totalAmount": "15000",
"products": [{
"name": "Wireless mouse",
"unitPrice": "15000",
"quantity": "1"}]}
headers = {
"Content-Type": "application/json",
"Authorization": str('Bearer ' + access_token).encode()}
r = requests.post('https://webhook.site/9046f3b6-87c4-4be3-8544-8a3454412a55',
data=payload,
headers=headers)
return JsonResponse(r.json())
Webhooc show what i have posted:
customerIp=127.0.0.1¬ifyUrl=https%3A%2F%2Fyour.eshop.com%2Fnotify¤cyCode=PLN&products=name&products=unitPrice&products=quantity&description=RTV+market&merchantPosId=00000&totalAmount=15000
There is no values of 'name', 'unitprice' and 'quantity'. PayU confirmed thats the only problem.
Why? What is wrong?
Sending simple POST request to get a token is always successful.
If you want to send JSON, use the json argument of post():
r = requests.post('https://webhook.site/9046f3b6-87c4-4be3-8544-8a3454412a55',
json=payload, # Use the json argument
headers=headers)
Otherwise the data will be sent as form-encoded data, which I guess isn't what you want, given you're expecting to send the nested products list.
When you use the json argument, the content type is automatically set to application/json so you don't have to set it yourself.
headers = {
# Content-Type not required
"Authorization": str('Bearer ' + access_token).encode()
}
Further info on using requests to send JSON here
I am using django-rest-framework for my API. In order to post data to my API, a user has to first login with his credentials.
In command line posting looks something like this:
curl -X POST http://127.0.0.1:8000/snippets/ -d "code=print 789" -u username:password
{"id": 5, "owner": "tom", "title": "foo", "code": "print 789", "linenos": false, "language": "python", "style": "friendly"}
Now, I am trying to post data with angularjs. Here is the code:
$http.post('http://localhost:8000/snippets/', self.newSnippet)
.then(fetchSnippets())
.then(function (response) {
self.newSnippet = {};
})
Of course, it did not allow me to post this data as I did not login.
Question:
How do I send user credentials with this $http.post like I did with curl in command line (-u username:password)?
If it is HTTP Basic Authentication, put this before your request:
encodedCredentials = Base64.encode('username' + ':' + 'password');
$http.defaults.headers.common['Authorization'] = 'Basic ' + encodedCredentials;
You also need to have Base64 implemented or get it from some lib.
I am signing users in using their Google+ account. I sign them in and grab basic information and store it in the database. In this process, I store the access_token in the session and move on.
However, today I am trying to write a script that allows me to post to their 'moments' on Google+ using their in session access_token.
I am getting an error and the response looks like:
{ "error": { "errors": [ { "domain": "global", "reason": "authError", "message": "Invalid Credentials", "locationType": "header", "location": "Authorization" } ], "code": 401, "message": "Invalid Credentials" } }
I am not sure why this is happening, below is the code I am using to make the request (it is in ColdFusion script, but you should be able to see the principles behind it even if you do not know this syntax).
local.http = new http();
local.http.setMethod("post");
local.http.setCharset("utf-8");
local.http.setUseragent(cgi.http_user_agent);
local.http.setResolveurl(true);
local.http.setTimeout(20);
local.http.setUrl("https://www.googleapis.com/plus/v1/people/" & session.user.sourceid & "/moments/vault");
local.target = {};
local.target["kind"] = "plus##moment";
local.target["type"] = "http://schemas.google.com/AddActivity";
local.target["description"] = params.pin["description"];
local.target["image"] = session.user.image;
local.target["name"] = params.pin["title"];
local.target["url"] = URLfor(route="pinShow", key=obfuscateParam(pin.id), onlyPath=false);
local.target["latitude"] = session.user.latitude;
local.target["longitude"] = session.user.longitude;
local.http.addParam(type="formField", name="target", value=serialize(local.target));
local.http.addParam(type="formField", name="kind", value="plus##moment");
local.http.addParam(type="formField", name="type", value="http://schemas.google.com/AddActivity");
local.http.addParam(type="formField", name="access_token", value=session.access_token);
local.result = local.http.send().getPrefix();
As you can see, it all seems straight-forward.
I have test this straight-after signing in and despite that, it says the token is invalid in the header response:
HTTP/1.1 401 Unauthorized WWW-Authenticate: Bearer realm="https://www.google.com/accounts/AuthSubRequest", error=invalid_token Content-Type: application/json; charset=UTF-8 Content-Encoding: gzip Date: Wed, 11 Sep 2013 13:12:28 GMT Expires: Wed, 11 Sep 2013 13:12:28 GMT Cache-Control: private, max-age=0 X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block Content-Length: 162 Server: GSE Alternate-Protocol: 443:quic
Does anyone have any idea why this is happening and how to solve it?
I am not using any kind of library, as there isn't one for ColdFusion. In addition, I didn't want to, as my needs are only very basic and I wanted to see how it all worked.
Am I missing something obvious here?
Any help would be greatly appreciated as it's driving me nuts!
Thanks,
Mikey.
PS - I have removed the app from my account, cleared all cookies and sessions and then signed in again granting all permissions, so it seems that side of it has been eliminated.
UPDATE 1:
After some light shone from other users here, it turns out I should be posting a JSON response in the HTTP body, to make the request. So I changed my code to this:
local.request = {}
local.request["kind"] = "plus##moment";
local.request["type"] = "http://schemas.google.com/AddActivity";
local.request["target"] = {};
local.request.target["kind"] = "plus##itemScope";
local.request.target["type"] = "http://schemas.google.com/AddActivity";
local.request.target["description"] = params.pin["description"];
local.request.target["image"] = session.user.image;
local.request.target["name"] = params.pin["title"];
local.request.target["url"] = URLfor(route="pinShow", key=obfuscateParam(pin.id), onlyPath=false);
local.request.target["latitude"] = session.user.latitude;
local.request.target["longitude"] = session.user.longitude;
local.http = new http();
local.http.setMethod("post");
local.http.setCharset("utf-8");
local.http.setUseragent(cgi.http_user_agent);
local.http.setResolveurl(true);
local.http.setTimeout(20);
local.http.setUrl("https://www.googleapis.com/plus/v1/people/" & session.user.sourceid & "/moments/vault?debug=true&fields=kind%2Ctype%2Cdescription%2Cimage%2Curl&key={GOOLE_API_KEY}" );
local.http.addParam(type="header", name="Content-Type", value="application/json");
local.http.addParam(type="header", name="Authorization", value="Authorization: Bearer " & session.access_token);
local.http.addParam(type="body", value=serializeJSON(local.request));
local.result = local.http.send().getPrefix();
However, now I get another error (401 unauthorized):
{ "error": { "errors": [ { "domain": "global", "reason": "required", "message": "Login Required", "locationType": "header", "location": "Authorization" } ], "code": 401, "message": "Login Required" } }
Does anybody know how I can pass the access_token using my new method above?
UPDATE 2
It has been highlighted to me that this could originate from my original OAuth 2 process. I have removed the app from my Google+ account and started the confirmation / signin process again. Here is the generated URL:
https://accounts.google.com/ServiceLogin?service=lso&passive=1209600&continue=https://accounts.google.com/o/oauth2/auth?response_type%3Dcode%26scope%3Dhttps://www.googleapis.com/auth/userinfo.email%2Bhttps://www.googleapis.com/auth/userinfo.profile%2Bhttps://www.googleapis.com/auth/plus.login%26redirect_uri%3Dhttp://{MY_DOMAIN}.com/oauth/google/?do%253Dredirect%26state%3D2BFFBC14-29F9-4488-ABBF661C0E9E53DB%26client_id%3D{MY_CLIENT_ID}%26hl%3Den-GB%26from_login%3D1%26as%3D-593afcc82466f5f<mpl=popup&shdf=CnALEhF0aGlyZFBhcnR5TG9nb1VybBoADAsSFXRoaXJkUGFydHlEaXNwbGF5TmFtZRoIVW5pYmFuZHMMCxIGZG9tYWluGghVbmliYW5kcwwLEhV0aGlyZFBhcnR5RGlzcGxheVR5cGUaB0RFRkFVTFQMEgNsc28iFOyetn24YRlbdWKLAKGXFCH5C1p9KAEyFPquOHBH18K6iV1GTAg_P9zB2x60&sarp=1&scc=1
Am I missing something here? Is it a scope that is missing that should allow me to post to their AddActivity stream?
UPDATE 3
My OAuth login URL (I've tried to split on to new lines to improve readability):
https://accounts.google.com/o/oauth2/auth? scope=
https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fuserinfo.profile+
https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fuserinfo.email+
https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fplus.login&
request_visible_actions=
https%3A%2F%2Fschemas.google.com%2FAddActivity& state=
65B4A4D1-0C49-4C65-9B46163E67D88EAD& redirect_uri=
http%3A%2F%2FXXXXXXX.com%2Foauth%2Fgoogle%2F%3Fdo%3Dredirect&
response_type= code& client_id= XXXXXXXX.apps.googleusercontent.com
And on the permissions screen on Google+, this is what I see:
When I try to post an addActivity now, I get a bad request error as before.
The error JSON returned:
{ "error": { "errors": [ { "domain": "global", "reason": "invalid", "message": "Invalid Value" } ], "code": 400, "message": "Invalid Value" } }
The header returned:
HTTP/1.1 400 Bad Request Content-Type: application/json; charset=UTF-8 Content-Encoding: gzip Date: Fri, 13 Sep 2013 11:38:20 GMT Expires: Fri, 13 Sep 2013 11:38:20 GMT Cache-Control: private, max-age=0 X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block Content-Length: 123 Server: GSE Alternate-Protocol: 443:quic
There's a definite problem with at least one header:
local.http.addParam(type="header", name="Authorization", value="Authorization: Bearer " & session.access_token);
You will have authorization in there twice, should be.
local.http.addParam(type="header", name="Authorization", value="Bearer " & session.access_token);
What's probably happening with the people.get call is it is picking up the API key and returning publicly rather than as the signed in user.
As Brett says though, to write an app activity you need to a &request_visible_actions=http://schemas.google.com/AddActivity to the auth URL you are sending users to in the first place (if not using the JS sign in button), in order to have the user approve you to write that kind of action (it's like another type of scope).
Although I'm not completely familiar with ColdFusion, it looks like you may be mixing two concepts in here that can't be mixed. The access_token is usually specified either in the HTTP header, or as a URL query parameter. It is not typically set as a POST parameter, and that may be part of the problem.
If done in a header, the HTTP header should be
Authorization: Bearer 1/fFBGRNJru1FQd44AzqT3Zg
and if done with the URL query parameter, your URL might need to look something like
https://www.googleapis.com/plus/v1/people/123456789012345/moments/vault?access_token=1/fFBGRNJru1FQd44AzqT3Zg
See https://developers.google.com/accounts/docs/OAuth2UserAgent#callinganapi for details
Not sure if this is related or not, although it might be, but I'm not sure if the body of your POST is correct either. You're not setting a content-type for the body, and I don't know if CF will use something like "application/www-form-url-encoded" or "multipart/form-data", neither of which is valid. The body should be "application/json".
Update
So given your changed code, you probably want the setUrl line to be something like
local.http.setUrl("https://www.googleapis.com/plus/v1/people/" & session.user.sourceid & "/moments/vault?access_token=" & session.access_token );
The URL I provided above gives the definitive documentation for OAuth2 at Google. I'm not sure what other parameters you were trying to add to the URL, or why, but if they are essential you can add them after the access token in this way.
How exactly are you getting the Access Token? Are you using OAuth?
Are you using new Access Token each time? Not the one stored once in the DB? You need to keep in mind that tokens can expire quite quickly.
This bit:
"reason": "authError", "message": "Invalid Credentials", "locationType": "header", "location": "Authorization"
may mean that your Authorization header is incorrect - not existing I suspect, as I can't see sending any signature in the bit of code you provided.
I haven't used the G+ API, but it seems you need to use proper OAuth 2.0 to get any data:
https://developers.google.com/+/api/latest/people/get#examples
There's a CF library for OAuth here http://oauth.riaforge.org/
UPDATE:
If you go here: https://developers.google.com/+/api/latest/moments/insert#try-it and try running the example (using "me") as userid you'll see that the request looks like this:
POST https://www.googleapis.com/plus/v1/people/me/moments/vault?debug=true&key={YOUR_API_KEY}
Content-Type: application/json
Authorization: Bearer ya29.XXXXXXXXXXXXXXXXXXXXXXXXXXXX
You need to provide the "Authorization" header.
Edited in response to update 2
This sounds like a problem with setting up the OAuth flow. You appear to be missing the Based on your OAuth generated URL, you are missing the request_visible_actions parameter either being missing or malformed.
Add the following query parameter to your OAuth URL and this should start working:
&request_visible_actions=http%3A%2F%2Fschemas.google.com%2FAddActivity
Another problem with your request is that you should remove the userinfo.profile scope from your request. That scope is not necessary because you have plus.login included and can result in some weird issues.
Lastly, ensure that your page at the target URL has the minimal level schema.org metadata that is required for the AddActivity moment type. This isn't your problem now, but could be the next problem you run into.