when I follow http://msdn.microsoft.com/en-us/library/office/jj873844.aspx and publish (with F5) my app and function is called:
function getAssignments() {
assignments = PS.EnterpriseResource.getSelf(projContext).get_assignments();
projContext.load(assignments,
'Include(Project, Name, ActualWork, ActualWorkMilliseconds, PercentComplete, RemainingWork, Finish, Task)');
// Run the request on the server.
projContext.executeQueryAsync(onGetAssignmentsSuccess,
// Anonymous function to execute if getAssignments fails.
function (sender, args) {
alert('Failed to get assignments. Error: ' + args.get_message());
});
}
I get following error:
Error: GeneralSecurityAccessDenied
Do you have any idea why? Everywhere I am using my local account that belongs to administrator group.
Have you followed the article up to the end?
There is an AppManifest.xml sample, and it contains 2 permissions:
<AppPermissionRequests>
<AppPermissionRequest Scope="http://sharepoint/projectserver/statusing" Right="SubmitStatus" />
<AppPermissionRequest Scope="http://sharepoint/projectserver/projects" Right="Read" />
</AppPermissionRequests>
If u dont give those permissions to the app, it cant get data from project server and give you Error: GeneralSecurityAccessDenied
Related
I have a desktop Java app that I am migrating from Google Contacts API to People API. I have some of it working. For example, I can retrieve contact information. But when I tried to create a new contact, I get the following error:
com.google.api.client.googleapis.json.GoogleJsonResponseException: 403 Forbidden
POST https://people.googleapis.com/v1/people:createContact
{
"code" : 403,
"details" : [ {
"#type" : "type.googleapis.com/google.rpc.ErrorInfo",
"reason" : "ACCESS_TOKEN_SCOPE_INSUFFICIENT"
} ],
"errors" : [ {
"domain" : "global",
"message" : "Insufficient Permission",
"reason" : "insufficientPermissions"
} ],
"message" : "Request had insufficient authentication scopes.",
"status" : "PERMISSION_DENIED"
}
Here's the relevant code:
protected void createContact() throws Exception {
Credential credential = authorize(PeopleServiceScopes.CONTACTS, "people");
PeopleService service = new PeopleService.Builder(
httpTransport, JSON_FACTORY, credential).setApplicationName(APPLICATION_NAME).build();
Person contactToCreate = new Person();
List<Name> names = new ArrayList<Name>();
names.add(new Name().setGivenName("John").setFamilyName("Doe"));
contactToCreate.setNames(names);
Person createdContact = service.people().createContact(contactToCreate).execute();
System.out.println("CREATED Contact: " + createdContact.getNames().get(0).getDisplayName());
}
protected Credential authorize(String scope, String subDir) throws Exception {
File dataStoreDir = new File(System.getProperty("user.home"), ".store/myapp/" + cfg.dataStore + "/" + subDir);
// initialize the transport
httpTransport = GoogleNetHttpTransport.newTrustedTransport();
// initialize the data store factory
dataStoreFactory = new FileDataStoreFactory(dataStoreDir);
// load client secrets
GoogleClientSecrets clientSecrets = GoogleClientSecrets.load(JSON_FACTORY,
new InputStreamReader(SyncMgr.class.getResourceAsStream("/client_secrets.json")));
if (clientSecrets.getDetails().getClientId().startsWith("Enter")
|| clientSecrets.getDetails().getClientSecret().startsWith("Enter ")) {
System.out.println(
"Enter Client ID and Secret from https://code.google.com/apis/console/?api=calendar "
+ "into /client_secrets.json");
System.exit(1);
}
// set up authorization code flow
GoogleAuthorizationCodeFlow flow = new GoogleAuthorizationCodeFlow.Builder(
httpTransport, JSON_FACTORY, clientSecrets,
Collections.singleton(scope)).setDataStoreFactory(dataStoreFactory).build();
// authorize
return new AuthorizationCodeInstalledApp(flow, new LocalServerReceiver()).authorize(cfg.gUser);
}
When I first ran it, I had the scope set to CONTACTS_READONLY. And I got the consent screen. But then I changed the scope to CONTACTS when I added the code to create a new contact. And that's when I got the ACCESS_TOKEN_SCOPE_INSUFFICIENT error.
I saw in another post that I need to force your app to reauthorize the user when you change the scope, so that you get the consent screen again. But I'm not sure how to do that. Any suggestions?
Thanks.
UPDATE 1/4/22
I tried Gabriel's suggestion of removing access to the application. After removing access, I ran the application again. This time I got this error on the execute() call:
com.google.api.client.auth.oauth2.TokenResponseException: 400 Bad Request
POST https://oauth2.googleapis.com/token
{
"error" : "invalid_grant",
"error_description" : "Token has been expired or revoked."
}
And even the execute() statement that worked before to retrieve contacts is giving the same error now.
My application also used the Calendar API. I didn't touch that code. But when I try to use it, I get the same "invalid_grant" error. What do I do now?
You appear to be using the People.createContact method. If we take a look at the documentation we will see that this method requires a consent to the following scope of permissions from the user
Now if we check your code you apear to be using
Credential credential = authorize(PeopleServiceScopes.CONTACTS, "people");
Which is the exact scope needed. But you oringally had readonly there. So when your code ran the first time the user authorized to the read only scope and not the full contacts scope and your stuck.
The key here is this section of code.
// set up authorization code flow
GoogleAuthorizationCodeFlow flow = new GoogleAuthorizationCodeFlow.Builder(
httpTransport, JSON_FACTORY, clientSecrets,
Collections.singleton(scope)).setDataStoreFactory(dataStoreFactory).build();
// authorize
return new AuthorizationCodeInstalledApp(flow, new LocalServerReceiver()).authorize(cfg.gUser);
Kindly note I am not a Java developer I am a .net developer. The libraries are very close and i have been helping with questions this in both languages for years.
dataStoreFactory is where the consent from the user is stored. There should be a json file some where in your directory structure with the users name associated with it this is how your system reloads it. When your code runs it will look for a file in that directory with cfg.gUser name.
There should be a way in the Java client library to force it to rerequest authorization of the user. prompt type force. But i will have to look around to see how to do it in java.
The easiest solution now would be to find that directory and delete the file for the user or just change the users name cfg.gUser to cfg.gUser +"test" or something this will cause the name to change and the file name as well. Forcing it to prompt the user for authorization again.
This time when it requests consent take note which scope of permissions it asks for.
Token has been expired or revoked.
This is probably due to the fact that your refresh tokens are expiring. When your application is in the testing phase the refresh tokens are expired or revoked automatically by google after seven days.
This is something new and something that Google added in the last year or so. Unfortunately the client libraries were not designed to request access again if the refresh token was expired in this manner.
If you are looking to retrieve the consent screen again you can remove access to your application from your account settings by following the steps in this documentation and then try to authorize the app again. As you mentioned, the error received is due to the scope that was granted with authorization was CONTACTS_READONLY instead of CONTACTS when checking the authorization scope for this specific create contacts method.
I'm trying to make a call to the Facebook Graph API, I'm using node & express for this, it's my first time using them, when I make a call to the API I get the error below, how can I get the access token or set it so the call goes through ?
message: 'Invalid OAuth access token.',
type: 'OAuthException',
code: 190,
fbtrace_id: 'hgjhguoiu' }
// This is the call to API I'm making :
FB.api('4', function (res) {
if(!res || res.error) {
console.log(!res ? 'error occurred' : res.error);
return;
}
console.log(res.id);
console.log(res.name);
});
// This is the authentication call:
app.get('/auth/facebook/callback',
passport.authenticate('facebook', {
successRedirect : '/',
failureRedirect: '/login'
}));
Thanks
I know this is 12 months old, but anyways:
I am using 'fb' (https://www.npmjs.com/package/fb) for node and I had the same errors as described.
To authenticate your request you just have to write FB.setAccessToken(<your_token>);
You need a different token for different purposes. You can read about them here: https://developers.facebook.com/docs/facebook-login/access-tokens/?locale=de_DE
Hope it helps anyone.
I am trying to use soap-ui 5.0.0. to make a call to web service using spnego-kerberos authentication.
I have followed:
http://www.soapui.org/SOAP-and-WSDL/spnego-kerberos-authentication.html
My login.conf:
com.sun.security.jgss.login {
com.sun.security.auth.module.Krb5LoginModule required
client=true;
};
com.sun.security.jgss.initiate {
com.sun.security.auth.module.Krb5LoginModule required
debug=true
useTicketCache=true
useKeyTab=true
keyTab="C:\\kerberos\\testuser.keytab"
principal=testuser#XX1.AD.XX.COM
doNotPrompt=true;
};
com.sun.security.jgss.accept {
com.sun.security.auth.module.Krb5LoginModule required
client=true
useTicketCache=true;
};
However, when I make the call I get the following error:
ERROR:java.lang.SecurityException: Configuration Error:
Line 11: expected [option key], found [null]
This seems to point to line 11 in login.conf:
keyTab="C:\\kerberos\\testuser.keytab"
ISSUE:
This is caused by line principal=testuser#XX1.AD.XX.COM.
It does not like the #XX1.AD.XX.COM, with principal=testuser, it proceeds further and but now I get authentication 401 error instead.
Please advise.
Thanks,
B.
Wrap the principal value with double quotes as for the keyTab.
principal="testuser#XX1.AD.XX.COM"
And it will work as desired.
Cheers,
Piotr
Based on this excellent screencast and example, I've been able to unit test my Ember (RC7) app successfully, writing to model objects and such. I'm having trouble with integration testing. I even tried the most basic sort of test, as seen below, but to no avail. Any tips on what I'm doing wrong?
I'm getting this error from the console:
LOG: 'App ready'
INFO: 'generated -> route:application', Object{fullName: 'route:application'}
LOG: 'NeedsAuthMixin: user not authenticated (1).'
INFO: 'Rendering application with ', Object{fullName: 'view:application'}
INFO: 'Rendering login with ', Object{fullName: 'view:login'}
LOG: 'Transitioned into 'login''
LOG: 'testing... login screen loads OK 1'
LOG: 'Transitioned into 'login''
Chrome 28.0.1500 (Mac OS X 10.6.8) Integration Tests - load login page FAILED
Expected 1 assertions, but 0 were run
Background: As you can see, as my app loads, it checks for user authentication, whereupon it transitions to a login page if user isn't authenticated.
This is the code that calls the test (generated from coffeescript):
asyncTest("test: load login page", function() {
expect(1);
console.log("testing... login screen loads OK 1");
return visit("/login").then(function() {
return ok(1 === 1, "Value equal 1.");
});
});
My Karma config file is here.
Bryan
I think it will work if you use test() instead of asyncTest()
I try to use strophe + ejabberd to make something like webchat.
What i've done already:
when I login to website, i also authenticate to ejabberd (to achieve RID and SID),
after login is finished, i attach RID and SID i got from context processor,
connection status seems to be: connection established, logs:
.
POST: <body rid='406266360' xmlns='http://jabber.org/protocol/httpbind' sid='9c66aa19123e96dc2925c24d4f985d458763eb67'><presence xmlns='jabber:client'><priority>-1</priority></presence><presence to='localhost/m' xmlns='jabber:client'><x xmlns='http://jabber.org/protocol/muc'/></presence></body>
RESP: <body xmlns='http://jabber.org/protocol/httpbind'><success xmlns='urn:ietf:params:xml:ns:xmpp-sasl'/></body>
After that, connection hangs on:
POST: <body rid='406266361' xmlns='http://jabber.org/protocol/httpbind' sid='9c66aa19123e96dc2925c24d4f985d458763eb67'/>
When i try to send a message now (while its hanged):
POST: <body rid='406266362' xmlns='http://jabber.org/protocol/httpbind' sid='175e45333109f74c36f9dffbe4e3cc6cffc80df4'><message to='localhost' type='groupchat' xmlns='jabber:client'><body>yrdy</body></message></body>
Im getting:
RESP: <body type='terminate' condition='remote-stream-error' xmlns='http://jabber.org/protocol/httpbind' xmlns:stream='http://etherx.jabber.org/streams'><stream:error><xml-not-well-formed xmlns='urn:ietf:params:xml:ns:xmpp-streams'/></stream:error></body>
Whats wrong? Strange thing is that after some seconds request is aborted, and next request hangs again. When i try to send message then, there are no errors but response is:
RESP: <body xmlns='http://jabber.org/protocol/httpbind'/>
With no errors (connection is still connected and authenticated, but message doesnt seem to be delivered).
Code I use to send message:
var body = $('#input_text').val(); | // make sure this presence is for the right room
var msg_body = { | if (room === Groupie.room) {
to: Chat.room, | var nick = Strophe.getResourceFromJid(from);
type: 'groupchat' |
} | if ($(presence).attr('type') === 'error' &&
var msg = $msg(msg_body).c('body').t(body); | !Groupie.joined) {
| // error joining room; reset app
Chat.connection.send(msg);
You can use Strophe.js to attach like so:
Chat.connection = new Strophe.Connection(Chat.BOSH_SERVICE_URL);
Chat.connection.attach(jid, sid, rid, onConnectHandler);
onConnectHandler is then called once you've attached successfully. From then one, you don't have to worry about the SID and RID again (until page reload).
Also, are you aware of the MUC strophe plugin?
If you want some example code to use/study, I wrote something similar to what you're doing for Plone, called collective.xmpp.chat
The javascript is reusable separately: converse.js