I am trying to integrate google calendar with my micro service in Jersey.
I have configured the connection following Google documentation and at the moment I am able to create and remove webhooks, and create remove and list events.
However, when I create an event in Google Calendar, the payload of the webhook that Calendar itself hit my endpoint with instead of notifying me the creation of such event it says:
{
"error": {
"errors": [
{
"domain": "usageLimits",
"reason": "dailyLimitExceededUnreg",
"message": "Daily Limit for Unauthenticated Use Exceeded. Continued use requires signup.",
"extendedHelp": "https://code.google.com/apis/console"
}
],
"code": 403,
"message": "Daily Limit for Unauthenticated Use Exceeded. Continued use requires signup."
}
}
The scope of the connection to the project is CALENDAR (that should give read/write permission to the project) and in total I don't get to 100 requests, when the limit should be of 100K.
OAuth2.0 should also be correctly configured as I am able to do all the basic CRUD operations.
On Google-side I have enabled the Calendar API(s) and still no luck.
Any idea on what it can be or what I can try to do?
Thanks
Found the (silly) solution on my own... tried to access the uri resource link that Google provided using postman with OAuth2.0 as authentication method. And automatically retrieved the web hook... I was expecting a Json payload, not a link to the payload itself...
Related
I have a service account that has successfully made calls to both firebase API and google analytics v4 admin API.
It can create analytics v4 properties through the analytics admin API, but from firebase for some reason it fails.
The reason I'm doing this through firebase is that I need to add app data streams, and that's not possible through the analytics admin API (gotta love google...)
Making the call below as in the docs fails with:
// the response
code: 403,
errors: [
{
message: 'The caller does not have permission',
domain: 'global',
reason: 'forbidden'
}
]
// the call
apiClient.request({
method: 'POST',
url: `https://firebase.googleapis.com/v1beta1/projects/${projectNumber}:addGoogleAnalytics`,
data: JSON.stringify({
analyticsAccountId,
}),
}),
403 errors appears when the email account you are using doesn't have enough permission to process the action you're doing. You must be an Owner for the existing Firebase Project and have the Edit permission for the Google Analytics account, to be able to add Analytics in your project using the API.
I am using firebase to store and see images from my website.
but not able to open files from my firebase storage bucket even it has storage admin role on cloud google.
I am able to see images on directly cloud google console but not from firebase console.
I am getting this response below.
{
"error": {
"code": 401,
"message": "API keys are not supported by this API. Expected OAuth2 access token or other authentication credentials that assert a principal. See https://cloud.google.com/docs/authentication",
"status": "UNAUTHENTICATED",
"details": [
{
"#type": "type.googleapis.com/google.rpc.ErrorInfo",
"reason": "CREDENTIALS_MISSING",
"domain": "googleapis.com",
"metadata": {
"method": "google.internal.cloud.usersettings.v1alpha1.BasicTypesService.GetUserSetting",
"service": "cloudusersettings-pa.googleapis.com"
}
}
]
}
}
note: even link over firebase is not opening with token. It was working 24 hours before. https://firebasestorage.googleapis.com/v0/b/news-26417.appspot.com/o/--4720109.jpeg?alt=media&token=a7475fec-3fe5-48e7-8f99-6e9c57e462b9
firebaser here
Update: from what I understand from our support team and other channels this problem has been solved by the providers now. If it still happens for you, reach out to your provider/ISP and to the support team I linked below.
Old answer 👇
Since yesterday we've had reports from some developers (mostly in Turkey) being unable to access Cloud Storage.
I recommend testing with another connection to verify if you're in the same situation. If it works on another connection, you should probably reach out to your ISP to see if they can explain the problem.
I'd also reach out to Firebase support who are tracking the issue.
I'm looking for some confirmation of expected behaviour for the way the Firestore Emulator REST API handles unauthenticated requests as I think I may have found some possible inconsistencies.
I've been playing around with the Firestore Emulator REST API using Postman for a personal project. If I run the Emulator (firebase emulators:start --only=firestore), I'm able to make the following requests successfully WITHOUT needing to pass any Bearer token in the Authorization header with the request:
GET http://localhost:8080/v1/projects/<MY_PROJECT_ID>/databases/(default)/documents/ (Returns all documents)
DELETE http://localhost:8080/v1/projects/<MY_PROJECT_ID>/databases/(default)/documents/<COLLECTION_ID>/<DOCUMENT_ID> (Deletes an individual document)
POST http://localhost:8080/v1/projects/<MY_PROJECT_ID>/databases/(default)/documents/<COLLECTION_ID> (Creates a new document in a collection)
PATCH http://localhost:8080/v1/projects/<MY_PROJECT_ID>/databases/(default)/documents/<COLLECTION_ID>/<DOCUMENT_ID> (Updates a document)
However, when I try and get a list of collection IDs as described here using the following request, I get the following error:
POST http://localhost:8080/v1/projects/<MY_PROJECT_ID>/databases/(default)/documents:listCollectionIds
Response is:
{
"error": {
"code": 403,
"message": "Metadata operations require admin authentication.",
"status": "PERMISSION_DENIED"
}
}
If I pass a Bearer token, this request will then run successfully. I generated the token using gcloud auth application-default print-access-token (as described here).
Please note, I've set my Firestore Rules to allow all reads and writes for all documents to make things simpler for now:
service cloud.firestore {
match /databases/{database}/documents {
match /{document=**} {
allow read, write: if true
}
}
}
The docs give details for authentication, however, the context they describe this in is for making requests against https://firestore.googleapis.com/v1/ rather than when using the Emulator.
I'd expect all requests to the Emulator API to not require any authentication, but it seems that some do and some do not and I haven't been able to find any other details in the documentation around how the Emulator should work.
At the moment, I'm not sure if this is a bug and I should file an issue on GitHub, or whether it is expected behaviour and I should just pass a Bearer token with every request to be safe.
Any help would be appreciated. Thanks.
This matches the behavior of the real API. When you send a request without an auth token, you're attempting to authenticate through the security rules system. Certain methods do not support authentication through security rules, because you would probably not want end-users calling them. These are mostly database administration methods, hence the error description. For example, you would not want end-users calling any indexing methods.
listCollectionIds is one of these administrative methods. This is also why this feature is not supported by the web, iOS, and Android SDKs.
Maybe a duplicated question, but this time I have tried my best in my explanation.
Being on my Firebase console, when I click on "Database" option on the left side of the screen, it is presented to me that we have two different databases, the "Realtime Database" and the "Cloud Firestore".
This is the current look of my Realtime Database:
This is the current look of my Cloud Firestore:
REALTIME DATABASE TEST
On Postman, I do select PATCH option, and to define what I will put on the address bar, I follow the synthax:
https://PROJECT-NAME.firebaseio.com/PATH.json?auth=YOUR-DATABASE-SECRET-CODE
For me, it becomes:
https://eletronica-ab6b1.firebaseio.com/database333.json?auth=DZSQwLoNWAneWA9BcEfAgnelmY965pq98HF4pIT0
That's not my real secret key, don't worry.
And as content of my request, I go to Body, select 'raw' and 'JSON' on the list, and below is the content:
{"name": "PAUL"}
Exactly as you can see here:
After click SEND on Postman, the write to the REALTIME DATABASE occurs in fact:
So the write to REALTIME DATABASE is working via Postman.
CLOUD FIRESTORE TEST
Here is my problem, I'm not having sucess with Cloud Firestore.
On Postman, I do select GET option, and to define what I will put on the address bar, I follow the synthax:
https://firestore.googleapis.com/v1/projects/YOUR_PROJECT_ID/databases/(default)/documents/COLLECTION/DOCUMENT
For me, it becomes:
https://firestore.googleapis.com/v1/projects/eletronica-ab6b1/databases/(default)/documents/colA/docA.json?auth=DZSQwLoNWAneWA9BcEfAgnelmY965pq98HF4pIT0
Exactly as you can see here:
And I do receive this message as response:
{
"error": {
"code": 400,
"message": "Invalid JSON payload received. Unknown name \"auth\": Cannot bind query parameter. Field 'auth' could not be found in request message.",
"status": "INVALID_ARGUMENT",
"details": [
{
"#type": "type.googleapis.com/google.rpc.BadRequest",
"fieldViolations": [
{
"description": "Invalid JSON payload received. Unknown name \"auth\": Cannot bind query parameter. Field 'auth' could not be found in request message."
}
]
}
]
}
}
It is strange that if I try to change the project name on the request, for example, from original "eletronica-ab6b1" to "eletronica-999zzz", shomething that should not exist, the response is the same as above, exactly the same.
Why it is so easy to write to REALTIME DATABASE and seems to be not easy to write to CLOUD FIRESTORE DATABASE? Is it not possible to write to Cloud Firestore in a simple way like is done with Realtime Database? Is Cloud Firestore based on tokens? If yes, how do I get a token via Postman, and then use that token to write to Cloud Firestore database?
Regards.
Cloud Firestore does not support access via secret key. To use the REST API you will need a Google OAuth access token (for administrative access) or a Firebase Auth ID Token (normal user access). It will then need to be passed to the server in an Authorization header of the form:
Authorization: Bearer ${insert_token_here}
I'd recommend reading the docs for additional information about how to obtain the appropriate tokens.
I am building a chat and I want to send message in FCM to 1000 clients in a group. The message would sent from client to group of 1000 clients (the message not pass through server). I can use the topic method, but if I want to remove a client by the group admin it's not possible. Anyone can propose a solution?
Help me please.
Topics are indeed public: you (as the developer/administrator of the app) cannot prevent your app's users from subscribing to a topic.
If you want to control the devices that do (and don't) receive your messages, you'll have to send the message to those specific devices. You do this by tracking the instance ID tokens for those devices in a database and then targeting the list of tokens when you send the downstream message.
There is an example of how to manage device tokens and send messages in the Cloud Messaging for Firebase documentation.
If you simply want to remove (unsubscribe) some specific members, you can make use of the InstanceID API, specifically batchRemove.
Manage relationship maps for multiple app instances
Using the Instance ID service's batch methods, you can perform batch management of app instances. For example, you can perform bulk addition or removal of app instances to an FCM or GCM topic. To manage app instances, call the Instance ID service at this endpoint, providing the app instance tokens in the JSON body:
https://iid.googleapis.com/iid/v1:batchAdd
https://iid.googleapis.com/iid/v1:batchRemove
Parameters
Authorization: key=YOUR_API_KEY. Set this parameter in the header.
to : The topic name.
registration_tokens : The array of IID tokens for the app instances you want to add or remove.
Results
On success the call returns HTTP status 200. Empty results indicate successful subscription for the token. For failed subscriptions, the result contains one of these error codes:
NOT_FOUND — The registration token has been deleted or the app has been uninstalled.
INVALID_ARGUMENT — The registration token provided is not valid for the Sender ID.
INTERNAL — The backend server failed for unknown reasons. Retry the request.
TOO_MANY_TOPICS — Excessive number of topics per app instance.
Example POST request
https://iid.googleapis.com/iid/v1:batchAdd
Content-Type:application/json
Authorization:key=API_KEY
{
"to": "/topics/movies",
"registration_tokens": ["nKctODamlM4:CKrh_PC8kIb7O...", "1uoasi24:9jsjwuw...", "798aywu:cba420..."],
}
Example result
HTTP 200 OK
{
"results":[
{},
{"error":"NOT_FOUND"},
{},
]
}