I'm trying to use Twitter's API and OAuth to send status updates (new Tweets). I am using Shannon Whitley .NET code example http://www.voiceoftech.com/swhitley/?p=681 (as recommended on the Twitter API docs). I can read (GET) using OAuth just fine, however when I try to send a status update via http ://twitter.com/statuses/update.xml (using a POST), it returns a 401 with the following XML:
<?xml version="1.0" encoding="UTF-8"?>
<hash>
<request>/statuses/update.xml</request>
<error>Read-only application cannot POST</error>
</hash>
I swear I have set up my application to use read and write, the authorise page at Twitter (http ://twitter.com/oauth/authorize) even says "The application TweeVerbs.com (Development) by would like the ability to access and update your data on Twitter."
Yet it's still saying "Read-only application cannot POST". WTF!?
I have googled this error message until I was blue in the face. I found somewhere that said to add the querystring paremeter oauth_access_type=write to the redirect URL which goes to the Twitter authorise page which I have done, but it still gives me a 401.
If it helps, here is the data that is getting sent back and firth as per the OAuth workflow:
Request Authorise Token:
http ://twitter.com/oauth/request_token?oauth_consumer_key=tViV8vAt4cqSKbGdPGWT7Q&oauth_nonce=2790042&oauth_signature_method=HMAC-SHA1&oauth_timestamp=1244567068&oauth_version=1.0&oauth_signature=KzxcXN%2bQ0AJoAJ%2flQfzs8SLjC%2fQ%3d
Generated Authorize Redirect URL:
http ://twitter.com/oauth/authorize?oauth_token=EpyBg3nJGOmtmBjRUAsqqaGHARb2F2F2VcccqHkwio&oauth_access_type=write
Authorise Screen Message: "The application TweeVerbs.com (Development) by would like the ability to access and update your data on Twitter. This application plans to use Twitter for logging you in in the future. Sign out if you want to connect to an account other than Sironfoot."
Get Access Token:
http ://twitter.com/oauth/access_token?oauth_consumer_key=tViV8vAt4cqSKbGdPGWT7Q&oauth_nonce=2016804&oauth_signature_method=HMAC-SHA1&oauth_timestamp=1244567166&oauth_token=EpyBg3nJGOmtmBjRUAsqqaGHARb2F2F2VcccqHkwio&oauth_version=1.0&oauth_signature=%2bEVQUxUPLT%2b%2bkfaG0Vq1YJZXcAw%3d
Status Update API call:
URL - http ://twitter.com/statuses/update.xml
POST data - oauth_consumer_key=tViV8vAt4cqSKbGdPGWT7Q&oauth_nonce=5707692&oauth_signature_method=HMAC-SHA1&oauth_timestamp=1244567268&oauth_token=19130957-nb89DjZhjCAzcbHUa96yRWHqlQFQIJ0AKyXpqnHt1&oauth_version=1.0&status=HelloWorld&oauth_signature=WqA%2bWY0IxveeSJ7G3Ewy3whh1sE%3d
I don't know what the problem was, but I deleted my Application registration on Twitter (You have to register apps in Twitter to get OAuth keys etc.), and then recreated it. Now it works fine. Weird, probably a problem with Twitter screwing up.
I'm also using Tweetsharp (http://tweetsharp.com/), highly recommend it, it's got a nice fluent API. Note: switching over to Tweetsharp wasn't the fix, I had already switched over and had the same problem until I delete and recreated app registration on Twitter.
If you authorized your application to access your Twitter account when the application was set in "read only access" mode and you get the "Read-only application cannot POST" error after changing the application settings to be "read and write access" then you have to revoke access to the application on https://twitter.com/settings/connections and then reauthorize it. The "read only" access_token tends to be sticky until you revoke it.
Go to http://www.twitter.com/oauth_clients
Select your App.
Edit Application Setting.
Set Default Access type to Read & Write.
Save & Run.
Hope this helps.
plus also see if your system's CLOCK is synched with internet; on windows you can do it by adjusting date time settings
because if you CLOCK is not synched you will get 401 unauthorized exception; best of luck
cheers
I've dont that several times now, without succes, I'm getting a 401 exception while requesting an acces token from twitter.
I'm using Tweetsharp as well as you.
Related
We had a working application, we went through the go-live process, and everything was running live for several days. Then we started getting SSL errors, and we saw that the nuget package for the DocuSign package had an update (I believe this was all for the 11/13/2019 2019 certificates auto-update), so we updated our code, but now every request returns the USER_LACKS_MEMBERSHIP error for every token-authenticated request.
Things I can confirm are not the issue:
We have authenticated the app via account.docusign.com and the oauth signature impersonation scope, and the testing and live paths are in the API approved Redirect URIs.
We have the correct base path in the configuration (https://na3.docusign.net, as shown on our Apps and Keys page)
The base path did not change after we get the token back (The BaseUri on the Account object matches what we started with)
We are using the correct user for the configuration (The value labeled "API Username" in the Apps and Keys page is entered as "IMPERSONATED_USER_GUID" in appsettings.json and successfully used in creating the token as parameter UserID, which also matches our user account's ID shown in the backend, so we are not confusing it with TARGET_ACCOUNT_ID or CLIENT_ID, and shuffling those around causes errors much earlier at the token generation step).
We only have one user: the administrator of the DocuSign account. Their ID appears in the API configuration labeled as "API Username". The DocuSign administration backend doesn't display a membership tab anywhere for us to correct any possible issues with a user lacking membership. As far as I can tell, Membership is a higher tier account option than what we're paying for, so I'm confused how we could be having problems with a feature we haven't bought.
We get this error for checking envelope status. We get this error for trying to create new envelopes. We get this error for trying to get Account information. The only thing we can do is get an authentication token, but then that token can't be used to make any further authenticated requests.
Is there anything I'm missing that could be causing this other than some database error on DocuSign that I can't correct through the tools available to me? The package update changed the order of which class constructor accepts the ApiClient object, and there's a new AccessToken field on the Configuration class (which I filled out, but doesn't seem to have any effect, since we're still adding the Authorization/Bearer header manually). I'm out of ideas on what to try next.
Are you using the production environment or the demo environment?
I suspect that what's happening is that you are getting them mixed. As the baseUrl should not be demo.docusign.net etc. if you're using production (as indicated by your na3.docusign.net address) but you must ensure that the same account/user from production is also used.
So, the 4 things to check:
userId
accountId.
baseURI
authURI (account-d.docusign.com vs. account.docusign.com)
All of these should match and be for the same account in the same env.
I am trying to incorporate Cognito built-in sign in logic into our workflow.
Here is scenario I try put to work:
I need redirect to specific URI after successful signing in through Cognito built-in UI of the user, which has been created in the User Pool. But I do not understand how to do it.
I've created User Pool, app client, configured domain, provided callback url, created a user.
I configured "Allowed OAuth Flows" to useAuthorization code grant "Allowed OAuth Scopes" is set to openid
So far - so good.
Then I came up following URL to conjure up Cognito built-in UI:
https://<my-domain>.amazoncognito.com/authorize?response_type=code&client_id=<my-client-id>&redirect_uri=https://<my-domain>.amazoncognito.com/login?client_id=<my-client-id>
Upon executing it in a browser of my choice I am hitting Cognito built-in sign in page. But upon clicking "Sign in" button I've got an error: Required String parameter 'redirect_uri' is not present
Ok, I thought to myself, let's add redirect_uri attribute at the end of the aforementioned URL and path would be cleared to success, but such optimism has been short lived. I've got dreaded: "redirect_mismatch" error. I've tried to provide multiple callback urls, but with no success. redirect_mismatch error blocking my way.
And now I have no idea how to instruct Cognito to redirect to desired url. Any ideas are welcome.
You shouldn't set the 'redirect_uri' to Cognito's Login Endpoint. It makes no sense. The 'redirect_uri' is a parameter to tell Cognito where to take the user after login, which would be your application's url.
The 'redirect_uri' should exactly match one of the Callback URIs for the app client you configured for security reasons, otherwise you will get a' redirect_mismatch' error.
To access the login endpoint:
https://mydomain.auth.us-east-1.amazoncognito.com/login?response_type=code&client_id=CLIENT_ID&redirect_uri=REDIRECT_URI
For the authorize endpoint:
https://mydomain.auth.us-east-1.amazoncognito.com/oauth2/authorize?response_type=code&client_id=CLIENT_ID&redirect_uri=REDIRECT_URI
The authorize endpoint firsts checks to see if you have a session cookie indicating that you're already logged in, and if you are, it automatically redirects you to the redirect_uri, otherwise it will take you to the login page via the Login Endpoint with the query strings provided to the authorize endpoint.
We are using AD B2C for authentication on our web app. Last week we started receiving a 403.76 when calling our APIs that are hosted in Azure and locked down by Active Directory using our AD B2C tenant.
We haven't changed any config settings in AD when the change occurred. We rolled back all of our code which didn't help. We verified that our token is valid in jwt.io. We confirmed that our audience is correct and permissions was set properly in app registrations. We can see the easy auth error 403.76 when going in to "Diagnose and solve problems" section of the function app and drilling into 4xx errors.
The function app just does a GetAsync against Cosmos to get your user profile on sign in. However we aren't getting that far, as we are receiving a 403.76 when verifying our token with AD.
We should be able to do a GET against our API and receive data as we were before. Instead we get HTTP status 403 with a sub status of 76.
The error in "Diagnose and solve problems" section:
EasyAuth:AuthorizationCheckFailed. For more details, refer to HTTP Status Codes by EasyAuth Module
We banged our heads against a wall for five days, so I wanted to make sure this was posted on stack overflow for anyone else facing this issue. Especially since it affected customers.
After working with Microsoft 24/7 for the last three days, we finally received word that this was due to an issue on their end with EasyAuth. The workaround was to add this in our Configuration of the function app:
WEBSITE_AUTH_AAD_BYPASS_SINGLE_TENANCY_CHECK = true
I have been struggling with this now for a while. So if someone could help me it would be great.
I am trying to get a simple access token from the TwitchTV API. I am referring to this link: https://dev.twitch.tv/docs/authentication/#getting-tokens
GET https://id.twitch.tv/oauth2/authorize
?client_id=<your client ID>
&redirect_uri=<your registered redirect URI>
&response_type=<type>
&scope =<space-separated list of scopes>
So thats where I begin to struggle already. How exactly do I make such requests in an ASP.NET MVC application? I see that I have an Startup.Auth.cs class where I can configure OAuth Authentications. But how does such authentication have to look like?
It then says in the documentation:
If the user authorizes your application, the user is sent to your
redirect URI, with an ID token and optionally an access token (if that
was requested):
https://<your registered redirect URI>#id_token=<an id
token>&access_token=<an access token>
Now how do I access this token? Can someone please give me a small Code example of how I should start with this API? I really dont have any experience with such technology. How do I have to configure my Startup.Auth.cs and how does my Action have to look like, that starts the authentication?
Please refer to the link above in your answer. Thank you!
You can create a redirect URI as callback URL.
when a user logged in in your app the callback will be triggered containing the Access Token and other information.
here is the sample snippet in PHP (https://yourhost.com/outhcallback.php)
<?php
$acccesstoken=$_REQUEST["access_token"];
$id_token=$_REQUEST["id_token"];
store_to_session(accesstoken);
?>
now you have the token. if this token you require in server-side store to the session and if require in client-side store to local storage.
I apologize if this has already been answered, but all the information out there on Facebook publishing is so confusing and conflicting, I haven't been able to get anything to work yet. I'm trying to set up an application that runs on my local server to publish content to my organization's fan page (this will tie in with my WCMS to cross-post content). I believe I want a Facebook Connect application to do this which I've set up properly in Facebook and gotten an application key and secret. Here's the code I'm trying to execute, but each time it's run I get "User has not authorized access" even if I'm just trying to publish to the application wall.
ConnectSession fbSession = new ConnectSession("APP_KEY", "APP_SECRET");
Api fbAPI = new Api(fbSession);
fbAPI.Stream.Publish("hello world");
I've also tried:
fbAPI.Stream.Publish("hello world", null, null, FAN_PAGE_ID, APP_ID);
I've granted my application access to publish on the fan page.
EDIT:
I've tried turning this into a Desktop application instead because it appears as though Javascript needs to be involved in order for it to be a Connect application. Here's the updated session initialization line. This now gives me a "Incorrect signature error."
DesktopSession fbSession = new DesktopSession("APP_KEY", false);
There is a similar question titled "How can I post to a facebook wall from a c# web service?" for which I provided a very lengthy answer, specifically indicating how to post to a page.
casperOne's solution works, however, I found this article to be the best solution.
http://tech.karolzielinski.com/publish-post-of-facebook-page-wall-as-a-page-not-a-user-python-facebook-rest-api
This authorizes the application to post directly to the Fan Page without having to go through an admin account.