I am trying to get the birthday from the Google API, but the retrieved data in HWIOAuthBundle do not contain it.
I am wondering if the specified scope for google plus api in config.yml is correct or not!
If not, please give a link or the corrected scope.
google:
type: google
client_id: %client_id%
client_secret: %secret_id%
scope: "https://www.googleapis.com/auth/userinfo.email https://www.googleapis.com/auth/userinfo.profile"
paths:
email: email
profilepicture: picture
I just used and tested it using Try It. I tested it with all of the different scopes.
https://www.googleapis.com/auth/plus.login Know your basic profile
info and list of people in your circles.
https://www.googleapis.com/auth/plus.me Know who you are on Google
https://www.googleapis.com/auth/userinfo.email View your email address
https://www.googleapis.com/auth/userinfo.profile View basic
information about your account
It doesn't appear to matter you get back the birthday in all of the scopes. But what does matter is that the Users Birthday must be set to public in the Account. If it's set to anything else, your circles, only you, it's not listed. This appears to be true even when you are trying to see your own information. (Sending Me.)
Update and the year is 2018
The People api now returns the birthday of the current user
People.get However i suspect its linked to google+ so if the user hasn't filled it out you probably wont get info.
GET https://people.googleapis.com/v1/{resourceName=people/*}
Send Resournce name of people/me and birthdays personFields
{
"resourceName": "people/117200475532672775346",
"etag": "%EgQBBzcuGgwBAgMEBQYHCAkKCwwiDDQwaGhWYzc3cXJBPQ==",
"birthdays": [
{
"metadata": {
"primary": true,
"source": {
"type": "PROFILE",
"id": "117200475532672775346"
}
},
"date": {
"month": 1,
"day": 6
}
},
{
"metadata": {
"source": {
"type": "ACCOUNT",
"id": "117200475532672775346"
}
},
"date": {
"year": 1971,
"month": 1,
"day": 6
}
}
]
Normally you will only get birthdays that have public visibility. To get private birthdays you need to use the https://www.googleapis.com/auth/user.birthday.read scope. See documentation for which scopes give you which data https://developers.google.com/people/v1/how-tos/authorizing#profile-scopes.
Related
My goal is to pull in purchase transaction count and transaction revenue from a client, segmented by Google Ads campaign ID. My current query looks like the following:
{
"propertyId": "*********",
"query": {
"dateRanges": [
{
"startDate": "2022-09-30",
"endDate": "2022-10-06"
}
],
"dimensions": [
{
"name": "googleAdsCampaignId"
},
{
"name": "googleAdsCampaignName"
}
],
"metrics": [
{
"name": "advertiserAdClicks"
},
{
"name": "advertiserAdCost"
},
{
"name": "transactions"
},
{
"name": "purchaseRevenue"
}
],
"dimensionFilter": {
"andGroup": {
"expressions": [
{
"filter": {
"fieldName": "googleAdsCustomerId",
"stringFilter": {
"matchType": "EXACT",
"value": "*********",
"caseSesnsitive": false
}
}
}
]
}
}
}
}
What I expect when querying the 'transactions' dimension is, as the API schema describes, "The count of transaction events with purchase revenue. Transaction events are in_app_purchase, ecommerce_purchase, purchase, app_store_subscription_renew, app_store_subscription_convert, and refund."
The response from my query comes back with these numbers, for an example campaign:
{
"dimensionValues": [
{
"value": "***********",
"oneValue": "value"
},
{
"value": "Example Campaign",
"oneValue": "value"
}
],
"metricValues": [
{
"value": "2482480",
"oneValue": "value"
},
{
"value": "6492393600000",
"oneValue": "value"
},
{
"value": "331",
"oneValue": "value"
},
{
"value": "31374.205645000002",
"oneValue": "value"
}
]
}
However, if, in the GA4 dashboard, I attempt to view a report of purchase conversions by campaign over the same date range, this is what is displayed for the 'example campaign':
6 Example Campaign 239.47 31,981.63
Where 239.47 is the number of transactions, and 31,981.63 is the event value (transaction revenue). Notably, the transactions are off by over 25%. The revenue/event value is similar but also off by a slight amount. This is consistent for all campaigns under the client, with the API response being significantly (but by varying percentages) higher. The dashboard value is always lower. These numbers don't change if the report is run on different dates.
Additionally, I suspected that there may be some additional event being tracked under the transactions api field that was not displaying in the dashboard, so I also tried adding this filter to my query:
{
"filter": {
"fieldName": "eventName",
"stringFilter": {
"matchType": "EXACT",
"value": "purchase",
"caseSesnsitive": false
}
}
}
the transactions field still came back as 331.
What I want to figure out is if I'm querying the wrong field, the frontend is under reporting data, or the API is over reporting data. I found that I was not able to post on the official GA4 Issue tracker so I've come here.
Someone better versed in GA4 at my company explained that the issue here had to do with dimension scopes. The transactions field is session scoped, but the dimensions I was pulling in were event scoped. This means that the numbers being output were basically meaningless. As a matter of fact through the dashboard, it won't let you create a free-form explore report using the combination of fields that I did in my query, explaining that the metrics are incompatible. It appears to just be a bug that the API would allow that to happen.
As an alternative, I'm now pulling the conversions field, with a filter on eventName as listed above, including only purchase events.
Using postman I query:
query MyQuery {
users {
nodes {
id
email
}
}
With an authenticated request (and admin rights), I get:
{
"data": {
"users": {
"nodes": [
{
"id": "dXNlcjox",
"email": "..."
},
{
"id": "dXNlcjoz",
"email": ".........."
},
{
"id": "dXNlcjoy",
"email": "................."
}
]
}
},
"extensions": {
"debug": []
}
}
which returns all users and that's ok
BUT !!!
with a public request I get:
{
"data": {
"users": {
"nodes": [
{
"id": "dXNlcjox",
"email": null
}
]
}
},
"extensions": {
"debug": []
}
}
Why is the node with: "id": "dXNlcjox" exposed to a public request ?
Is this a security concern ?
Actually, this is ok.
Quoting from WP GraphQL page:
WPGraphQL follows WordPress access control rights, and only exposes data publicly that WordPress already exposes publicly. Users that have published posts are considered public entities in WordPress. Users that have not published posts are considered private and will not be included in public GraphQL requests, but will be included in GraphQL requests made by authenticated users with proper capabilities to see the users.
Fields, such as user email addresses, are also protected by WPGraphQL and only exposed to authenticated requests by users with proper capabilities to see the data.
This certain node: "id": "dXNlcjox" happens to be the admin which for wordpress, his existence is a public information (even if his email is not).
I have a user's refresh token with these scopes:
'https://www.googleapis.com/auth/analytics https://www.googleapis.com/auth/analytics.edit https://www.googleapis.com/auth/analytics.readonly https://www.googleapis.com/auth/analytics.manage.users’’
The user has a few accounts and a forbidden error occurs for XXXX2 account when I try to give access to an account to another user(you can see at the below code and account list json). I checked this account's effective permission field, I see that it is an empty array as you can see below as well.
In my opinion, this error reason is that this user does not have ‘manage_users’ permissions for this account(XXXX2), so this is an expected error, isn't it?
PS: I can link XXXX1 properly with the below code.
My code :
linkAccount = self.service.management().accountUserLinks().insert(
accountId=accountId,
body={
'permissions': {
'local': [
'EDIT',
'MANAGE_USERS'
]
},
'userRef': {
'email': email}}).execute()
User Account list :
{
"id": "XXXX1",
"kind": "analytics#account",
"selfLink": "https://www.googleapis.com/analytics/v3/management/accounts/XXXX1”,
"name": "XXXX1",
"permissions": {
"effective": [
"COLLABORATE",
"EDIT",
"MANAGE_USERS",
"READ_AND_ANALYZE"
]
},
"created": "2014-02-17T17:52:10.911Z",
"updated": "2019-06-04T16:06:12.717Z",
"childLink": {
"type": "analytics#webproperties",
"href": "https://www.googleapis.com/analytics/v3/management/accounts/XXXX1/webproperties"
}
},
{
"id": "XXXX2”,
"kind": "analytics#account",
"selfLink": "https://www.googleapis.com/analytics/v3/management/accounts/XXXX2”,
"name": "XXXX2",
"permissions": {
"effective": []
},
"created": "2015-07-02T19:11:16.307Z",
"updated": "2019-03-05T21:16:19.552Z",
"childLink": {
"type": "analytics#webproperties",
"href": "https://www.googleapis.com/analytics/v3/management/accounts/XXXX2/webproperties"
}
}
Error Code :
<HttpError 403 when requesting https://analytics.googleapis.com/analytics/v3/management/accounts/XXXXX/entityUserLinks?alt=json returned "User does not have permission to perform this operation.". Details: "User does not have permission to perform this operation."
I would check what access the currently authenticated user has to the account in question.
If the user you are authenticated with only has read access. To the Analytica account there not going to be able to give your application the ability to add another user.
So I'm trying to publish a post on a company page using the ugcPosts API.
When I'm doing in to a personal account it works great but when I'm doing it for a company page I get status "201 Created" but it doesnt appear on the company page.
I'm using the test company page https://www.linkedin.com/company/devtestco/
The user I'm authenticated with has permissions:
- r_liteprofile
- r_emailaddress
- w_member_social
- w_organization_social
- r_organization_social
I make the call to:
https://api.linkedin.com/v2/ugcPosts
with the body
{
"author": "urn:li:organization:2414183",
"lifecycleState": "PUBLISHED",
"specificContent": {
"com.linkedin.ugc.ShareContent": {
"shareCommentary": {
"text": "A share comment"
},
"shareMediaCategory": "ARTICLE",
"media": [
{
"status": "READY",
"description": {
"text": "A description"
},
"originalUrl": "https://linkedin.com/",
"title": {
"text": "A title"
}
}
]
}
},
"visibility": {
"com.linkedin.ugc.MemberNetworkVisibility": "PUBLIC"
}
}
Am I doing something wrong? Is there any problems with https://www.linkedin.com/company/devtestco/ test company page? Is there another company page used for testing?
Like I said, I recieve "Created" response but where is it then? The devtestco page doesnt have any posts at all which I find weird since I cant be the only one using it.
So I tested with a "real" company page instead and it worked, so there seems to be something weird with the page https://www.linkedin.com/company/devtestco/
I may not properly understand how to properly implement IdentityServer4 with Xamarin.Auth.
Basically I'm using Xamarin.Auth for multiple cases
logging in with OAuth2 Vendors (MS/Google/FB)
logging in with self implemented OAuth2 (not used yet)
Speaking of case 1, I after committing login from the mobile app to Google/MS/FB I decide what to do further : go to the app's main page or register the user, by register storing the email as username and userId (the one that comes from the vendor) as password.
I've implemented IdentityServer4 with AspNetIdentity
From what I've read I need to implement Hybrid Authentication, but the issue here is that it features the need to use a WebView, in case 1 it isn't required anymore.
So basically I think I need to use Authorization Flow but trying to do any of them failed.
https://localhost:44348/connect/authorize?
client_id=XamClient&
client_secret=secret&response_type=code+id_token&
scope=openid&
redirect_uri=https%3A%2F%2Flocalhost%3A44348%2Fxamarincallback&
nonce=7a8ff1c107e345a8b055a8232ec15545&
code_challenge=8Kk9RQ8NX6w3YzL0eU7AWQurWnikb9NS9bVwa5lxhhE&
code_challenge_method=S256&state=d3a7b6a511da413395b2552fb194af2f
My issue here is that most of the examples feature an MVC view that gets this this url as redirectURL and then after the client commits a POST with his username and password then I'll get the AuthorizationCode, RefreshToken and IdentityToken.
I am really uncertain how to properly commit authentication in my case, what to use ?
I can only use
- Implicit
- Authorization Code - this is the only reasonable option for my first scenario ?
- Hybrid mode - tried all day to implement this realizing It's not possible ..
Anyways, after looking at the logs I've seen a sudden dubious redirect to the Account controller (asp login controller)
{
"name": "Microsoft.ApplicationInsights.Dev.Request",
"time": "2017-09-12T11:26:56.5388249Z",
"tags": {
"ai.location.ip": "127.0.0.1",
"ai.internal.nodeName": "EDWARD",
"ai.operation.id": "152eb716-4ff8951dec6a1ed1",
"ai.internal.sdkVersion": "aspnet5c:2.1.1",
"ai.application.ver": "1.0.0.0",
"ai.operation.name": "GET /connect/authorize",
"ai.cloud.roleInstance": "EDWARD"
},
"data": {
"baseType": "RequestData",
"baseData": {
"ver": 2,
"id": "|152eb716-4ff8951dec6a1ed1.",
"name": "GET /connect/authorize",
"duration": "00:00:00.1530713",
"success": true,
"responseCode": "302",
"url": "https://localhost:44348/connect/authorize?client_id=AnonymousCheckerClient&client_secret=secret&response_type=code+id_token&scope=openid&redirect_uri=https:%2F%2Flocalhost:44348%2Fxamarincallback&nonce=af1427d39dc2463697047a834169fdcf&code_challenge=UUi0a9cfhrcGvzddV9eh0Lc8cdr5WE-ZwSzwbY7ReNQ&code_challenge_method=S256&state=aafde38b65044c35b83a1fcb8771de2e",
"properties": {
"httpMethod": "GET",
"AspNetCoreEnvironment": "Development",
"DeveloperMode": "true"
}
}
}
},
{
"name": "Microsoft.ApplicationInsights.Dev.Message",
"time": "2017-09-12T11:26:56.6993438Z",
"tags": {
"ai.location.ip": "127.0.0.1",
"ai.operation.parentId": "|152eb717-4ff8951dec6a1ed1.",
"ai.internal.nodeName": "EDWARD",
"ai.operation.id": "152eb717-4ff8951dec6a1ed1",
"ai.internal.sdkVersion": "aspnet5c:2.1.1",
"ai.application.ver": "1.0.0.0",
"ai.operation.name": "GET /account/login",
"ai.cloud.roleInstance": "EDWARD"
},
"data": {
"baseType": "MessageData",
"baseData": {
"ver": 2,
"message": "Request starting HTTP/1.1 GET http://localhost:44348/account/login?returnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3DAnonymousCheckerClient%26client_secret%3Dsecret%26response_type%3Dcode%2520id_token%26scope%3Dopenid%26redirect_uri%3Dhttps%253A%252F%252Flocalhost%253A44348%252Fxamarincallback%26nonce%3Daf1427d39dc2463697047a834169fdcf%26code_challenge%3DUUi0a9cfhrcGvzddV9eh0Lc8cdr5WE-ZwSzwbY7ReNQ%26code_challenge_method%3DS256%26state%3Daafde38b65044c35b83a1fcb8771de2e",
"severityLevel": "Information",
"properties": {
"AspNetCoreEnvironment": "Development",
"Protocol": "HTTP/1.1",
"Host": "localhost:44348",
"QueryString": "?returnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3DAnonymousCheckerClient%26client_secret%3Dsecret%26response_type%3Dcode%2520id_token%26scope%3Dopenid%26redirect_uri%3Dhttps%253A%252F%252Flocalhost%253A44348%252Fxamarincallback%26nonce%3Daf1427d39dc2463697047a834169fdcf%26code_challenge%3DUUi0a9cfhrcGvzddV9eh0Lc8cdr5WE-ZwSzwbY7ReNQ%26code_challenge_method%3DS256%26state%3Daafde38b65044c35b83a1fcb8771de2e",
"Scheme": "http",
"Path": "/account/login",
"DeveloperMode": "true",
"CategoryName": "Microsoft.AspNetCore.Hosting.Internal.WebHost",
"Method": "GET"
}
}
}
}
Having analyzing the IdentityServer4 from Git this /authorize endpoint only accepts GET's and no user/pw.
Edit 01:
I've checked this resource and it confuses me with my scenario (1)...
https://developer.xamarin.com/guides/xamarin-forms/enterprise-application-patterns/authentication-and-authorization/