The share was created on an organization profile with the same access token that now I'm trying to use to delete it. Accessing the share post is possible (GET method) but when trying to delete it (via DELETE method) it returns error 403 (Not enough permissions)
Method is documented at https://developer.linkedin.com/docs/guide/v2/shares/share-update-and-delete-api#delete
In case anyone gets here, the delete method was later enabled: https://developer.linkedin.com/docs/guide/v2/shares/share-api#delete
Now it works as expected
Related
Good afternoon. I am trying to write a function that will read the comments on a jpg file in google drive. However, when I try to run it it gives me the following error:
An error occurred:
<HttpError 403 when requesting https://www.googleapis.com/drive/v2/files/1SbB4VwCIhaS9mdJ_xqcyjenZfxxrpTsY/comments?alt=json returned "Insufficient Permission: Request had insufficient authentication scopes.". Details: "[{'domain': 'global', 'reason': 'insufficientPermissions', 'message': 'Insufficient Permission: Request had insufficient authentication scopes.'}]">
def retrieve_comments(service, file_id):
"""Retrieve a list of comments.
Args:
service: Drive API service instance.
file_id: ID of the file to retrieve comments for.
Returns:
List of comments.
"""
try:
comments = service.comments().list(fileId=file_id).execute()
return comments.get('items', [])
except errors.HttpError as error:
print('An error occurred: %s' % error)
return None
SCOPES = ['https://www.googleapis.com/auth/drive.file', 'https://www.googleapis.com/auth/drive', 'https://www.googleapis.com/auth/drive.file', ]
credentials = Credentials.from_authorized_user_file('token.json', SCOPES)
service = build('drive', 'v2', credentials=credentials)
print(retrieve_comments(service, '1SbB4VwCIhaS9mdJ_xqcyjenZfxxrpTsY'))
Update: this is what my token.json file looks like:
{"token": "ya29.a0ARrdaM-lbQRcrOHcWXHXVCZ--FHEBFmhetZy5mtKyE-KYg7kkqc7DCB3ELoGWm7DSFFqZ5n7MZ2qtpomhhhh3YjyPlDmFNiBFqW8jfzQcq2bUboJVHWly7w5KajgYBW6vXfpUG7XB-NiSRIGbgGXg7pADS9E", "refresh_token": "1//03RuSdM4_a83LCgYIARAAGAMSNwF-L9Ir99uSssRC7-EDBGOchESXQuY8uQh3BIAUSnUFmT60dipjtvqGslz9wyAl_OnLkoLWdko", "token_uri": "https://oauth2.googleapis.com/token", "client_id": "936594993582-hm55manlg9g4hkdeeisq6i4ogqk6are2.apps.googleusercontent.com", "client_secret": "irvWegrf57dztuP6_OigoGIT", "scopes": ["https://www.googleapis.com/auth/drive.metadata.readonly", "https://www.googleapis.com/auth/drive.file"], "expiry": "2021-08-19T12:26:14.658525Z"}
This is how my code looks like. any ideas why this might be happening and what I can do to solve it?
Edit: For anyone who runs into the same problem, remember the scopes in the quickstart must be the same as the ones in your python file.
Insufficient Permission
Means that the user you are authenticated with does not have permission to do what you are trying to do, or that user has not granted your application permission.
You are trying to use comments.list this method requires that you have been authorized with one of the following scopes
Now you appear to be using the following scopes
'https://www.googleapis.com/auth/drive.file', 'https://www.googleapis.com/auth/drive', 'https://www.googleapis.com/auth/drive.file',
Im not sure why you have drive.file twice, but lets ignore that for now.
As you can see you appear to be using the proper scopes needed by this endpoint. What i suspect has happened is that you have already authorized the user using a different set of scopes and you then changed the scopes in your application. When you change the scopes you need to be sure that you have revoked the users access in your application and prompt the user to authorize your application again. You are probably running on a stored access token and or refresh token which have the old scopes.
The solution will be to simply force your application to authorize your user again, make sure the consent screen popsup.
In my React app I have an axios.get request looks like the following:
axios.get('https://[app name here].firebaseio.com/shoppingCart.json')
And it returns everything from my 'shoppingCart' endpoint in Firebase Realtime Database:
If I wanted to only return records with an 'uid' of "asdf1" for example, how would I go about adding the appropriate query to my GET request, if possible?
I also tried following the documentation here https://firebase.google.com/docs/database/rest/retrieve-data (regarding filtering by a specified child key) and constructed the following request, but I'm getting a 400 bad request error.
axios.get('https://[app name here].firebaseio.com/shoppingCart.json?orderBy="uid"&equalTo="asdf1"')
Many thanks to user Frank van Puffelen for guiding me to the solution.
I made the URL call in question to the browser, and the error message I received told me that I needed to define 'uid' as my index in my Realtime Database rules for 'shoppingCart'.
After doing so, I was able to successfully receive a response from my URL call that was properly filtered by the 'uid' I passed in.
I write a code to access Firebase.
I use HTTPRequest to login, register, delete account etc.
All work well but one method - logout = SignOutUser - always returns with 404 Error, unknown URL.
Links that work with HTTPRequest:
https://www.googleapis.com/identitytoolkit/v3/relyingparty/verifyPassword?key=%s
https://www.googleapis.com/identitytoolkit/v3/relyingparty/signupNewUser?key=%s
https://www.googleapis.com/identitytoolkit/v3/relyingparty/deleteAccount?key=%s
(with proper API key added to the string, of course)
And the one that doesn't work:
https://www.googleapis.com/identitytoolkit/v3/relyingparty/signOutUser?key=%s
What can be the problem? Can it be fixed?
Is there any other way to logout a user?
I write the code in gdscript, but I tried it via web code too, same result.
Thank you in advance!
How can I remotely trigger a Jenkins job with the help of an R code?
When I post this URL in my browser it works-
https://JENKINSURL/job/PROJECT/buildWithParameters?token=TOKEN&day=20171001
Not sure how to replicate this with my R code. I used the POST function in HTTR call but I always get an HTTP 403 error.
res <- POST("https://JENKINSURL/job/PROJECT/buildWithParameters?token=TOKEN&day=20171001",verbose())
Authentication required
Permission you need to have (but didn't): hudson.model.Hudson.Read
... which is implied by: hudson.security.Permission.GenericRead
...
Any thoughts on what I may be doing wrong?
You aren't specifying a user ID in your request, so it is going to be using the anonymous user. Your anonymous user has to have read access to the job (or job->read in global perms) you are trying to trigger, or it won't be authorized to access the job/PROJECT uri to trigger the build.
So you have to either specify a user ID with the proper read access in the url, give the anonymous user read access, use project-based matrix auth, or you can use the Build Token Root plugin to provide a different URL that doesn't require read access to the job. Then you only need the token.
I have been trying to create a web api 2 that is secure with individual account.
So I can easily create WebApi2 with individual account, see link below
http://www.asp.net/vnext/overview/authentication/individual-accounts-in-aspnet-web-api
And Self hosting is easy to do.
http://www.asp.net/web-api/overview/hosting-aspnet-web-api/use-owin-to-self-host-web-api
But I cannot figure out how to combine the solutions.
Far as I got was adding a console app to a webapi2. Which seems to run. But whenever I try and get the access token it returns
An unhandled exception of type 'System.Net.WebException' occurred in System.dll
Additional information: The remote server returned an error: (500) Internal Server Error.
If anyone knows of a solution that would be great. Thanks
This post is way old, but to anyone else who is having this issue and finds this question, I was able to get past the 500 Error by adding app.UseWebApi(config); after setting up config, as mentioned in this post:
http://odetocode.com/blogs/scott/archive/2013/07/24/self-hosting-webapi-with-katana.aspx
HOWEVER, I'm now getting a 401, unauthorized request for all of my requests, even though I have a valid token and I'm sending it the same way I did that worked in the non-self-hosted WebApi2 app. but I'm one step closer anyways.