I am using following PATCH request to update password:
{
"_links": {
"type": {
"href": "{url}/rest/type/user/user"
}
},
"pass": [
{
"existing":"admin",
"value":"123456789"
}]
}
If the existing password is wrong then drupal return the message like
Unprocessable Entity: validation failed.pass: Your current password is missing or incorrect; it's required to change the Password.
I want to remove this "Unprocessable Entity:" stuff and want show clear message to user like
Your current password is missing or incorrect; it's required to change the Password.
Any help is very appreciate.
Related
I'm trying to learn how to use this query; I created an API key and used Postman to
Post https://www.googleapis.com/calendar/v3/freeBusy?key="THE_API_KEY"
with this request body:
{
"timeMin": "2022-11-16T00:00:31-00:00",
"timeMax": "2022-11-16T14:00:00-00:00",
"groupExpansionMax": 100,
"calendarExpansionMax": 50,
"items": [
{
"id": "MY_OWN_GMAIL_ADDRESS"
},
{
"id": "OTHER_GMAIL_ADDRESS"
}
]
}
and got this response:
{
"kind": "calendar#freeBusy",
"timeMin": "2022-11-16T00:00:31.000Z",
"timeMax": "2022-11-16T14:00:00.000Z",
"calendars": {
"MY_OWN_GMAIL_ADDRESS": {
"errors": [
{
"domain": "global",
"reason": "notFound"
}
],
"busy": []
},
"OTHER_GMAIL_ADDRESS": {
"errors": [
{
"domain": "global",
"reason": "notFound"
}
],
"busy": []
}
}
}
What am I missing?
The Freebusy: query returns information about weither or not there is an event at the time of the request.
This method does not require authorization when being used against a public google calendar. There are a number of such calendars the holiday calendars are all public. You could also set your own calendar to public if you wish and then you would be able to use use an api key to access it.
API keys give you access to public methods only.
In order to access private user data. You need to be authorized using oauth2 with one of the following scopes.
If you do not have access to a calendar then it will return not found as you cant see it so your not going to be able to find it.
The solution i your case to fix your issue would be to either set the calendar to public and continue to use the api key. You will only be able to preform read actions against the calendar.
Or to switch to using oauth2 and send an authorization header with a bearer token.
Your post didnt include the Authorization header. Did you include it in your Postman Request?
Your need to send your Access Token as a Bearer Token in the Authorization Header
You can see an example for a request here:
https://developers.google.com/calendar/api/v3/reference/freebusy/query?apix=true#try-it
I'm working on a e-Commerce platform where sellers can sell their services. The only payment gateway I'm using is PayPal, I need to get information about the seller's PayPal account like the email address or account ID to store it and then forward payments to their account when a customer buys something from them, I plan to do this with Login With Paypal.
When I click on the button to sign in and get redirected to http://sandbox.paypal.com/signin, I type my email address and password to obtain a code using openid profile email scopes, everything goes as intended, when I add the https://uri.paypal.com/services/paypalattributes value to the scopes string to get access specifically to the account verification status and PayPal account ID though, I receive an error saying the request couldn't be processed and to try again, therefore never hitting the callback URL containing the code that I need, no matter how many times I try again I get the same error.
Just in case, I'm using a Sandbox environment. This is my Next.js Login With PayPal button code.
<Script src="https://www.paypalobjects.com/js/external/api.js"
onReady={() => {
paypal.use( ['login'], function (login) {
login.render ({
"appid":"...",
"authend":"sandbox",
"scopes":"openid profile email
https://uri.paypal.com/services/paypalattributes",
"containerid":"lippButton",
"responseType":"code",
"locale":"en-us",
"buttonType":"LWP",
"buttonShape":"pill",
"buttonSize":"lg",
"fullPage":"true",
"returnurl":"http://127.0.0.1:3000/api/paypal/callback"
})
})
}}/>
I've also checked Account verification status and PayPal account ID (payer ID) scopes in my PayPal account settings.
DevTooling the request, this is what I receive:
"errors": [
{
"message": "Invalid request during get consent content",
"locations": [
{
"line": 3,
"column": 5
}
],
"path": [
"connect",
"getConsent"
],
"extensions": {
"name": "INVALID_REQUEST",
"details": []
}
}
],
"data": {
"connect": {
"getConsent": null,
"__typename": "ConnectQuery"
}
},
"extensions": {
"tracing": {
"version": 1,
"startTime": "2022-10-07T01:54:28.831Z",
"endTime": "2022-10-07T01:54:29.053Z",
"duration": 221889707,
"execution": {
"resolvers": [
{
"path": [
"connect"
],
"parentType": "Query",
"fieldName": "connect",
"returnType": "ConnectQuery",
"startOffset": 1755903,
"duration": 28116203
},
{
"path": [
"connect",
"getConsent"
],
"parentType": "ConnectQuery",
"fieldName": "getConsent",
"returnType": "ConsentEvaluationResponse",
"startOffset": 30085850,
"duration": 188656843
}
]
}
},
"correlationId": "..."
}
}
If an account or app in the PayPal Sandbox environment appears to be behaving in a way you can't find an explanation for, the simplest resolution is often to simply create a new sandbox account/app and verify whether the problem occurs there as well. If it doesn't, use the new one -- if it does, you have have ruled out the account/app itself as an issue and can focus on configuration/integration issues or a real potential problem to report.
I'm using GithubAuthProvider with the added scope repo to get the user's access token which is later used to access the GitHub GraphQL API (the GitHub App has the permissions for Contents and Metadata set to Read-only).
The problem is when I'm trying to list private repos. The API returns an empty array as if I don't have the required permissions. Moreover, when I try to list branches of a user's repo it returns an error of type FORBIDDEN.
Query:
query {
viewer {
repository(name: "some-repo") {
refs(refPrefix: "refs/heads/", first: 10) {
nodes {
name
}
}
}
}
}
Response:
{
"data": {
"viewer": {
"repository": {
"refs": null
}
}
},
"errors": [
{
"type": "FORBIDDEN",
"path": [
"viewer",
"repository",
"refs"
],
"extensions": {
"saml_failure": false
},
"locations": [
{
"line": 7,
"column": 7
}
],
"message": "Resource not accessible by integration"
}
]
}
What am I missing?
For GitHub GraphQL API, only scope repo may not be enough.
Following are scopes requested for reference. Authenticating with GraphQL
user
public_repo
repo
repo_deployment
repo:status
read:repo_hook
read:org
read:public_key
read:gpg_key
The API returns an empty array as if I don't have the required permissions.
I wonder whether you are query under the viewer. viewer can get the private repos he/she owned. For repos owned by other people, you can try
repository(name: "repo-name", owner: "login") {
name
}
It will return NOT_FOUND error if you don't have the required permissions.
Your query works fine for me :)
It turns out I read through the Firebase instructions too fast and created a Github App instead of an OAuth App.
It's now working as it should.
I found a strange error while I developing system using Firebase with service url contains user data.
User data is below.
{
"uid": "kt9Hcp2FbYbBvvIeSHHa1RbvHcv2",
"displayName": "Anonymous 901",
"photoURL": null,
"email": null,
"emailVerified": false,
"identifierNumber": null,
"isAnonymous": true,
"providerData": [
],
"apiKey": "MyApiKeyString",
"appName": "MyAppName",
"authDomain": "my.auth.domain",
"stsTokenManager": {
"apiKey": "MyApiKeyString",
"refreshToken": "refreshTokenString",
"accessToken": "accessTokenString",
"expirationTime": 1532451863076
},
"redirectEventId": null
}
I encode the above anonymous user data and include it in the service url.
( http://myserviceurl?userdata=encodedUserData )
Inside the system receives that url, firebase creates a user object with that user data contained in the url.
The purpose of this url is to use specific user's information in any browser.
However, when I call that service url, sometimes system creates user object well, sometimes got error -
400 Bad request errors with
https://www.googleapis.com/identitytoolkit/v3/relyingparty/setAccountInfo?key=MyApiKeyString
And error data is below,
{
"error": {
"code": 400,
"message": "TOKEN_EXPIRED",
"errors": [
{
"message": "TOKEN_EXPIRED",
"domain": "global",
"reason": "invalid"
}
]
}
}
Few hours later it works well, I changed nothing though.
I could not find the exact error point, but I suspect error occurs while observing authentication state or before this step.
Here is code snipets
#bind
private makeUserLoadingPromise(): Promise<void> {
let unSubscribe: () => void;
return new Promise<void>((resolve, _reject) => {
const onInitialized = this.makeOnInitializedAuthStateChanged(resolve);
unSubscribe = this.auth.onAuthStateChanged(onInitialized);
}).then(() => {
unSubscribe();
this.auth.onAuthStateChanged(this.onAuthStateChanged);
});
}
#bind
private makeOnInitializedAuthStateChanged(resolve: () => void) {
return (user: firebase.User | null) => {
this.user = user;
resolve();
};
}
#bind
private onAuthStateChanged(user: firebase.User | null) {
this.user = user;
}
Or maybe it relates with expirationTime?
I couldn't find any hints about this situation.
Any advice would be appreciated.
It is not clear what you are doing, but it appears that you are using the API incorrectly and insecurely. The plain user object contains a refresh token that is indefinite. Passing it around via URL is a really bad idea.
First don't rely on internal implementations, it is subject to change.
To get the user's information on your backend, the right way to do it, is to get the user's ID token using officially supported API, eg user.getIdToken(), then pass it to your server.
On your server, you verify it via the Firebase Admin SDK: admin.auth().verifyIdToken(idToken). Then you know this is a real authenticated user. If you need the full user info, you can then look it up using the decoded user id in the token: admin.auth().getUser(decodedIdToken.sub).
I'm currently building an iOS app that has its own database on Firebase to handle the app's basic functionality.
However I want to add more information to each user (aside from the uid, email and password) so I can validate some steps in my app. What's the best way to achieve this, hierarchy-wise?
I'm using the new Firebase btw.
There really isn't a schema. You write the values into a heirarcy you want. First you reference the UID.
In Swift it would be:
var usersRef = ref.childByAppendingPath("users")
Then you would create an object with all values you want to write. You could also write the values directly without making an object first.
let newUser = [
"provider": authData.provider,
"displayName": authData.providerData["displayName"] as? NSString as? String
]
Then write the values with:
ref.childByAppendingPath("users")
.childByAppendingPath(authData.uid).setValue(newUser)
The docs are tricky to follow. The reference for this example is https://www.firebase.com/docs/ios/guide/user-auth.html
This block of code will give you:
{
"users": {
"6d914336-d254-4fdb-8520-68b740e047e4": {
"displayName": "alanisawesome",
"provider": "password"
},
"002a448c-30c0-4b87-a16b-f70dfebe3386": {
"displayName": "gracehop",
"provider": "password"
}
}
}
Hope this helps!