Trying to make a request like shown below
(https://learn.microsoft.com/en-us/graph/api/user-list?view=graph-rest-1.0&tabs=http#code-try-15)
picture
picture
Tried to see if it works on their graph explorer ---> https://developer.microsoft.com/en-us/graph/graph-explorer
I need specifically to make this request work ---> https://graph.microsoft.com/v1.0/users?$search="displayName:wa"
But as you see I get this error which suggests that I didn't add the consistencyLevel header but I did, in multiple ways. It's annoying :))
============================================
Update:
I logged in my student microsoft account and now I got this
picture
You missed the "?" in the url
====================Update====================
It can work, but you need to send request with a correct access token. I'm afraid it met some issue when test in the self-contained test tool.
Related
I'm trying to fetch data from a website (https://gesetze.berlin.de/bsbe/search). Using Mozilla, I've taken a look at the network analysis. Usually, I'm just messing around with the parameters of the POST-Request to see how I might influence the response of the server. But when I simply re-send the request (making no changes at all), I'm getting HTTP-response 500. The server answer states as message: security_notAuthenticated.
Can anyone explain that behaviour? The request is done by the same PC, the same browser in the same session, and there is no login function on that website. Pictures shown below.
Picture 1 - Code 200
Picture 2 - Code 500
The response security_notAuthenticated indicates, that your way of repeating the request omits some authentication-related information.
When I repeat the request, using Mozilla Firefox's "Resend" or "Edit and resend" function, the Cookie header is not sent with the request. Although it occurs in the editable header list when using "Edit and resend" it's missing when watching the actual sent request. I'm not sure whether this is a feature or a bug.
When using Firefox's "Use as Fetch in Console" function, the header will automatically be included and you still have the ability to change the headers and the body. The fetch API is a web standard and some introductory material about fetch can be found on MDN.
If you want to do custom requests, in the browser, fetch is a good option.
In other environments and languages you usually use some HTTP client (just search the web for "...your language... http request" or similar, you will find something).
Let's say I use the website: redacted.com
Website works fine when I am using it normally.
When I start using BURP SUITE PROXY to intercept requests, I start to have this error:
[2021-04-14T02:45:46.724Z] #firebase/firestore: Firestore (7.24.0): Could not reach Cloud Firestore backend. Backend didn't respond within 10 seconds.
This typically indicates that your device does not have a healthy Internet connection at the moment. The client will operate in offline mode until it is able to successfully connect to the backend.
Error: Uncaught (in promise): FirebaseError: [code=unavailable]: Failed to get document because the client is offline.
Please provide me the solution to this.
The answers do not work anymore due to the Firebase updates - i will give you a short instruction on how to find your custom match-replace rule:
make sure to activate "Intercept Server Responses" in the proxy options tab.
go "intercept" tab
set your burp proxy to "intercept is on"
type "this.forceLongPolling" in the search bar on the bottom
forward the requests until you find a match
there should be a pretty big response file containing something like this:
constructor(t,o,u,p,D,Q,Te,it){
this.databaseId=t,this.appId=o,this.persistenceKey=u,this.host=p,this.ssl=D,this.forceLongPolling=Q,this.autoDetectLongPolling=Te,this.useFetchStreams=it
}
in my case it contains the string "this.forceLongPolling=Q"
now create a match replace rule for this very special string to replace "this.forceLongPolling=Q" with "this.forceLongPolling=true" and make sure to choose "response body" as type:
Screenshot Rule
Using the idea of this troubleshoot (https://github.com/firebase/firebase-js-sdk/issues/1190#), i made the following Match and Replace in my Burp Suite and it worked!
this.forceLongPolling=void 0!==t.experimentalForceLongPolling&&t.experimentalForceLongPolling
to
this.forceLongPolling=true
And someone said before
This can change depending on the version of firebase-js-sdk so it's best to look around for experimentalForceLongPolling within your JS files and make sure it gets enabled.
Workaround for this issue (source).
For Burp, the following match and replace worked for me:
this.experimentalForceLongPolling=!!t.experimentalForceLongPolling
to
this.experimentalForceLongPolling=true
This can change depending on the version of firebase-js-sdk so it's best to look around for experimentalForceLongPolling within your JS files and make sure it gets enabled.
Faced the same issue. What worked for me is adding “firestore.googleapis.com” to the “No proxy for” option in Firefox’s proxy configuration.
Firefox Proxy Configuration
Ever since Google made some minor changes to their Google OAuth API side, I haven't been able to correctly configure and use the Google OAuth, indicated by the error message: Error: redirect_uri_mismatch The configurations fail, despite me following the setting up Google OAuth instructions in detail.
Can someone kindly help point out what I am doing wrong or missing?
Just in case you aren't familiar with what I mean by the Google OAuth instructions, find below an image illustrating what I mean:
I skip 2. "Create Project" (since the project already has a priorly recorded name)
and head on to step 3.
After entering an email address and the product name as suggested
in step .3 , I save.
I carry out steps 4, 5 without any problem.
On step 6 I realise that my configuration instructions isn't up to date, because as at this point, I notice that Google has added a few Mandatory fields to be filled in. A person now has to Authorize Javascript Origins as shown in the image below. Note the https://3e908b9b.ngrok.io (fictitious for this case) link that I filled in.
I click the Authorized domains list link that takes me back to the OAuth Consent Screen and paste in the exact same link https://3e908b9b.ngrok.io as seen in the image below, then save as seen in the image below.
Doing this, permits me to complete the process successfully as seen in the image below finalised by clicking Save.
On my Meteor app side, I finalise by filling in the Client ID and the Client Secret details, as seen in the image below.
When i later try to login using Google OAuth I get this frustrating error message Seen below..
This is an issue i never used to get untill Google made a few changes on their side. I cant seem to figure this out.
Any help would be greatly appreciated!
The error message tells you exactly what the problem is the redirect uri you are sending from https://3XXXXXngrok.io/_oauth/google does not match one of the ones you have supplied in the Google Developer console for your project.
You appear to have set https://3XXXXXX.io/_oauth/google?close they must exactly match.
Solution
simply add https://3XXXXXngrok.io/_oauth/google as a redirect uri or remove ?close from the one you have added
I have an angular that sends calls to Apigee. After tracing the calls i can see that a response is returned. However the client does not get the response. I have no idea what i could be missing in this instance.
I have set up CORS correctly on Apigee and can see the options preflight response getting called successfully. The issue really is on the second call, a response is returned but the client receives null data
Well, working with the description you've sent, what you could do:
Debug the API call using the Chrome Developer tools: use ctrl-shift-J and then choose the 'network' tab. See if the clal is coming in. Clicking on the specific API call shows you the response
also maybe check the console that is shown when using above command (crl-shift-J)
indeed check the Apigee trace. But if the trace shows a reply is sent, then probably it is.
add some console.log in the Angular application or try to debug it so that you are certain it's an Angular issue.
maybe share some code so that we can better help you.
What this is NOT
a) a "sensor=true_or_false" issue
b) a key is wrong issue (unless the key I got has limitations)
c) too many requests (since I only make one request)
d) cross domain (since I load the url from the browser location bar)
What I did
Signed up http://code.google.com/apis/maps/signup.html
Tried the example on that page in the location bar (I know about cross domain from script)
works fine
Read the documentation
Pasted their example exchanging their key for mine
returns
{
"html_attributions" : [],
"results" : [],
"status" : "REQUEST_DENIED"
}
So far all entries failed due to wrong key or sensor=true_or_false
And for example the url in this one Google Places API jQuery.ajax() request fails with working URL
also gives me error when pasted into the browser.
What did I miss?
UPDATE
So I went to get some keys
Key for browser apps (with referers)
API key:
AIzaSyCStj9m5LNTu9mCf6cQGDVAFKZC7Y?????
Referers:
Any referer allowed
Activated on: Jan 30, 2012 1:03 PM
Activated by: me
and tried again. Still does not work.
This is actually (b): wrong key. Actually, you're using the wrong kind of key (from Sign Up for the Google Maps API which is only good for the JavaScript V2 API).
Please see Obtaining an API Key for how to get a new API key, of the new kind.
Edit: At the time this question arose, valid API keys that worked on Geocoding API did not work on Places API, but now seem to work fine. Looks like some issue on Google side.
I just got a REQUEST_DENIED response when making an autocomplete request in a Ruby app. It turned out that I had not specifically switched on the Places API in my google api console.
Go to: https://console.developers.google.com and login.
In the left menu go to "APIs & auth" -> "APIs"
Then find the "Places API" option and click on the status to the right to toggle it to "on"
This fixed the problem immediately for me.
Ohkay this worked for me and i know it will work as we are making the same mistake.
First go to API's and enable the google places api for web.
After that, go to credentials and in the credentials where your key is showing, click on it.
After clicking, in the restrictions tab, choose what will be the API will be doing.
Set that up, restart your script and voila... it will be done.
I faced the same issue. But was able to resolve it after enabling the Places API from Google console. I used the 'server' key to make a call from application. Hope this helps for others looking for solution.
This issue has been discussed on many threads here... but the bottom line is you should check your code to see if u are sending out too many requests at a time to the google API.
You are only allowed to send 1 request per 1 minute.
MKErrorDomain error 4 iPhone