I just manually implemented a facebook oauth2 flow into my webapp. After receiving the correct access_token and trying to call the graph api for user data I got a 400 BAD REQUEST as response.
GET https://graph.facebook.com/me?accessToken=MY_CORRECT_TOKEN&fields=id,name,email
When I use exactly the same call within the dev tools provided on facebook it succeeds, but when I try using any other http client it doesnt work.
I already tried it with curl, apache commons and some other http clients.
Is there someone able to help me with this?
Thanks in advance
The format of your API call is incorrect. Try the following instead:
GET https://graph.facebook.com/me?access_token=MY_CORRECT_TOKEN&fields=id,name,email
The accessToken in your URL should actually be access_token.
For people landing here with the same error message but different problem, you can also check, if you have both IPv4 and IPv6 connections, that both IPs (v4 and v6) are authorized in Facebook OAuth parameters (on developer.facebook.com). That solved my problem.
In my case, my "permanent" access token expired.
Related
I'm trying to use an endpoint that is authenticated with what I think is a MSAL token. I am an authorized user of this endpoint and have authorized credentials but cannot seem to get a token to use the endpoint.
I have tried using the documented workflow in python of requesting a MSAL token for use but I ran into an issue where I think my endpoint is set not to allow public clients How would I go around that if possible. The python library I used was the PublicClientApplication from msal.
I have several means of authentication including the Tenant-Id, Client-Id, authority, username, and password but I can't seem to get an authorized token I'm unsure of what I'm doing wrong.
I willing to change languages if it would make it easier on me I just trying to access this endpoint without making any changes to Azure AD. If you have any questions leave a comment and I will get back to it in at most 48 hours.
Concluding I'm trying to access an endpoint that requires a .AspNet.ApplicationCookie if you have any ideas or work arounds PLEASE give me a heads up.
Thanks
I am trying to use Microsoft flow to retrieve Microsoft Bookings data. Im doing this by using the HTTP with azure AD connector. I have set up all permissions. it was working perfectly fine before till yesterday the connector said i'm unauthorized to retrieve the data. i can't even hit https://graph.microsoft.com/beta/bookingBusinesses/page_id/appointments anymore. Is there some issue with Microsoft ??? or is there an issue on my side.i’ve used graph explorer and im able to successfully retrieve the bookings api. could someone provide some feedback as this is becoming business critical as i need to obtain the data for reporting. Or maybe guide me on how i can retrieve an access token that never expires. It would be much appreciated if someone can really help me out. I've attached a screenshot of my flow failing.
Screenshot of HTTP with Azure AD failing . I've just also found out that i can query https://graph.microsoft.com/beta but i cant hit the BookingBusinesses api
Screen shot of https://graph.microsoft.com/beta working using connector
What i have already tried:
Deleted the connection and created it again
Created a connection using another account
Created App registrations and used the Client_id, tenant_id and client_secret to Created a connection using the HTTP request. but still doesn't work
Screenshot of HTTP Request Connector, but this still failed
App registration Permissions
For this problem, I test it by "Invoke an HTTP request" first but as I'm not familiar with this action, I didn't request it success. But we can also use "HTTP" action in microsoft flow to get the access token and use the access token to do the request as you mentioned in comments.
The reason for you failed to use the access token to request the graph api is you set the grant_type as client_credentials when you request for the access token. Since the permissions you added are "delegated" type but not "application" type, so we can not use "client_credentials" grant to get the access token. We need to use "password" as the grant_type (shown as below screenshot).
Then use "Parse JSON" action to parse the response of the "HTTP" request above to get the access token. And use the access token to request the graph api.
My guess is the flow connector lost its refresh token or something to that effect. you may need to just refresh your flow connector. either by switching accounts or smoething or deleting the azure ad connector and reconnecting it.
give that a try
I'm implementing Here API geocoder, and my application works almost always behind firewalls. How can I know if the application has access to geocoder api without using credentials? Is there same url that I can call to check if I have access to it?
If your firewall allows HTTPS traffic from your application, then you should have access to HERE APIs.
In practice, you can try to send the following GET request:
https://geocoder.api.here.com/6.2/geocode.json?city=Chicago&app_id=123&app_code=123
Since app_id and app_code are filled with the dummy 123 value, the expected behaviour, in case the request is not blocked by the firewall, would be to receive an HTTP response code of 401 (Unauthorized).
If someone tries to visit an internal page which is only accessible once they have logged in, what error code should be returned? 403 doesn't seem right, because they have not authenticated. However, 401 doesn't work either, because that implies they can log in using basic auth, which we are not using.
Is it correct, when authentication is done via a method other than WWW-Authenticate headers, to use 403 in place of 401? If not, what code should be used?
Note: I have found some similar questions to this, but they all seem to be asking about sites using http basic auth, rather than any other authentication method.
The status code 401 does not imply you support basic authentication. It means that the server would not serve the request because appropriate credentials were missing.
The server can send back a WWW-Authenticate header to indicate what types of credentials it supports. If you only support JWT tokens for example, you would send back 'bearer'.
I added an HTTP Authorization Manager to JMeter, an HTTP Request Default and an HTTP Proxy Server.
I configured my HTTP Authorization Manager control Panel as:
Base URL: http://www.gmail.com
Username: abc
Password: xxxxxxx
But I am getting error in internet explorer when I open http://gmail.com
Error:
There is a problem with this website's security certificate.
The security certificate presented by this website was not issued by a trusted certificate authority. The security certificate presented by this website was issued for a different website's address.
Security certificate problems may indicate an attempt to fool you or
intercept any data you send to the server.
Can anybody tell me what I am missing or doing wrong?
Thanks in advance.
What are you trying to achieve? Are you trying to log in to gmail to read emails via Jmeter?
If so, it's not as easy as pointing to the gmail URL and using BASIC authentication. You could get an idea of what's involved by using BadBoy to record the actions you want to do and then export it to Jmeter.
That said, this is not a good approach.
I'd be looking at using the POP3 interface - trying to simulate a browser with Jmeter for a site like gmail which changes every day could be very difficult. It should be possible to write a Java POP3 client (or better yet, find an open source one) and call it from your Jmeter script.