I am trying to watch events resource based on given example using API explorer and Chrome Advanced Rest Client.
https://developers.google.com/google-apps/calendar/v3/push#watch_request_examples
Requst
POST https://www.googleapis.com/calendar/v3/calendars/XXX%40gmail.com/events/watch?key={YOUR_API_KEY}
Content-Type: application/json
Authorization: Bearer ya29.AHES6ZSNBYiHYPu6Y1_5P08hdb-EX5pdF4Ygj5ou_RKp_jOCS5beiDDH
X-JavaScript-User-Agent: Google APIs Explorer
{
"id": "01234567-89ab-cdef-0123456789ab",
"type": "web_hook",
"address": "https://www.example.com/WebHook/Index",
"token": "token=123546"
}
Response
401 Unauthorized
cache-control: private, max-age=0
content-encoding: gzip
content-length: 188
content-type: application/json; charset=UTF-8
date: Thu, 17 Oct 2013 12:49:00 GMT
expires: Thu, 17 Oct 2013 12:49:00 GMT
server: GSE
www-authenticate: Bearer realm="https://www.google.com/accounts/AuthSubRequest", error=invalid_token
{
"error": {
"errors": [
{
"domain": "global",
"reason": "push.webhookUrlUnauthorized",
"message": "Unauthorized WebHook callback channel: https://www.example.com/WebHook/Index"
}
],
"code": 401,
"message": "Unauthorized WebHook callback channel: https://www.example.com/WebHook/Index"
}
}
I have already whitelisted my domain www.example.com
I have already got ssl certificate which is mandatory to receive push
notifications
I googled about this issue , but could not find much help.
Posted same question on google group of calender api, but no response yet. https://groups.google.com/forum/#!topic/google-calendar-api/ZHKwm2xWuNE
can anybody guide, whats wrong with request ?
when you try with API Explorer,it will not use your OAuth2.0 project keys where you have registerd whitelisted domains, maybe it would use another keys
try to use client/lib
Your auth token may be incorrect. Please make sure you are using correct auth token for the calendar you are trying to set watch for
The one step I was missing to get this working was to actually enable the Calendar API in the console. The 401 push.webhookUrlUnauthorized error is really not helpful here.
Finally It worked for me , cause of error "Unauthorized WebHook callback channel" was in Configuration of Project in
Go to Google Developers Console.
Click your project name
Click "API & Auth" Menu on left
then click on sub menu "Push"
Click on Add Domains button which Allows webhook notifications to be
sent to the entered domains
Happy coding :)
Related
I'm trying to do a batch call to get Calendars from Google.
I've tried following several answers here on StackOverflow:
What is the endpoint to make batch request for Google Calendar v3 API
Batch request in Google Calendar V3 REST API
and also followed the Google Documentation:
https://developers.google.com/calendar/api/guides/batch#format-of-a-batch-request
Since the general endpoint (https://www.googleapis.com/batch) is deprecated, I'm using https://www.googleapis.com/batch/calendar/v3 to post to.
I'm posting a plain text body:
POST /batch/calendar/v3 HTTP/1.1
Content-Type: multipart/mixed; boundary="batch_foobarbaz"
--batch_foobarbaz
Content-Type: application/http
GET /calendar/v3/calendars/*calendarId1*
--batch_foobarbaz
Content-Type: application/http
GET /calendar/v3/calendars/*calendarId2*
--batch_foobarbaz--
The result I keep getting is:
{
"error": {
"code": 400,
"message": "Failed to get multipart boundary.",
"status": "INVALID_ARGUMENT"
}
}
Can anyone tell me what I'm doing wrong here?
Thanks!
I have an application that has been successfully using HTTP batch requests to insert, edit, and delete events via the Google Calendar API. In the last couple of days, the individual requests within the batches have started returning 404 errors (although the batch itself gets a 200 success response). Making those same requests as individual requests using the same authorization header is still working.
I'm pretty sure that this isn't related to the forthcoming shutdown of Google's global HTTP batch endpoints because we're using https://www.googleapis.com/batch/calendar/v3 as our endpoint.
Here's an example of what I'm trying to do:
https://www.googleapis.com/batch/calendar/v3
Authorization: Bearer your_auth_token
Content-Type: multipart/mixed; boundary=batch_google_calendar
--batch_google_calendar
Content-Type: application/http
Content-ID: <item-0-batchevent#example.com>
POST calendar/v3/calendars/your_calendar_id#group.calendar.google.com/events
Content-Type: application/json
{"summary":"batch API test","start":{"date":"2020-07-31"},"end":{"date":"2020-07-31"}}
--batch_google_calendar--
And the response is:
--batch_3J6sfuPtVQbjZLcpUe06245gKlO31YnC
Content-Type: application/http
Content-ID: <response-item-0-batchevent#example.com>
HTTP/1.1 404 Not Found
Vary: Origin
Vary: X-Origin
Vary: Referer
Content-Type: application/json; charset=UTF-8
[{
"error": {
"code": 404,
"message": "URL path: /v3/calendars/your_calendar_id#group.calendar.google.com/events could not be resolved. Maybe there is an error parsing the batch item.",
"status": "NOT_FOUND"
}
}
]
--batch_3J6sfuPtVQbjZLcpUe06245gKlO31YnC--
And here's an example of an individual request that's working:
https://www.googleapis.com/calendar/v3/calendars/your_calendar_id#group.calendar.google.com/events
Authorization: Bearer your_auth_token
Content-Type: application/json
{"summary":"API test","start":{"date":"2020-07-31"},"end":{"date":"2020-07-31"}}
Why might the individual request be succeeding but the batch request fail?
Google gave a helpful reply via their issue tracker: there was an error in the way that batch entry paths were specific in my application. This had worked without errors until last week, so I think something must have changed at their end to make it less tolerant of mistakes.
The error we had made was omitting the leading slash in the path in each batch entry. Here's what we were doing:
POST calendar/v3/calendars/your_calendar_id#group.calendar.google.com/events
And here's what we should have been doing:
POST /calendar/v3/calendars/your_calendar_id#group.calendar.google.com/events
I hope that this might be helpful to anyone else who ever finds themselves in a similar situation!
This question already has an answer here:
How to send an HTTP 4xx-5xx response with CORS headers in an ASPNET.Core web app?
(1 answer)
Closed 3 years ago.
I am migrating and existing angular js app to angular while sticking to an existing api.
I tried to implement a logon (ASP NET / OWIN) and encountered following situation after making a http request to logon endpoint:
All possible server responses (2xx,4xx,5xx) could not be fetched in javascript code.
After researching I found the cause: CORS
This is because new angular app runs on different port than the locally hosted api while the old angular js ab is being hosted on the same port.
So I added following to ValidateClientAuthentication in API:
context.Response.Headers.Append("Access-Control-Allow-Origin", "http://localhost:4200");
context.Response.Headers.Append("Access-Control-Allow-Methods", "GET, POST, PUT, DELETE, OPTIONS");
Now I am finally able to fetch 2xx responsed but still do not get 4xx and 5xx results.
Why is that?
And how is it possible that API calls to other endpoints of same API do not require setting those headers?
UPDATE:
I receive this error message for all 4xx responses even if I have added those headers in API:
:63323/api/logon:1 Failed to load resource: the server responded with a status of 400 (Bad Request)
vendor.js:68504 ERROR TypeError: You provided an invalid object where a stream was expected. You can provide an Observable, Promise, Array, or Iterable.
at subscribeTo (vendor.js:158625)
at subscribeToResult (vendor.js:158782)
at CatchSubscriber.error (vendor.js:151269)
at MapSubscriber.Subscriber._error (vendor.js:147999)
at MapSubscriber.Subscriber.error (vendor.js:147979)
at XMLHttpRequest.onLoad (vendor.js:24621)
at ZoneDelegate.push../node_modules/zone.js/dist/zone.js.ZoneDelegate.invokeTask (polyfills.js:2785)
at Object.onInvokeTask (vendor.js:70070)
at ZoneDelegate.push../node_modules/zone.js/dist/zone.js.ZoneDelegate.invokeTask (polyfills.js:2784)
at Zone.push../node_modules/zone.js/dist/zone.js.Zone.runTask (polyfills.js:2557)
UPDATE 2:
this is the code that handles http request:
return this.httpClient
.post(this.appConfigService.buildAuthorizationUrl('/logon'), data, {
headers: { 'Content-Type': 'application/x-www-form-urlencoded' },
})
.toPromise()
.then(
(response: any) => {
// hit when 2xx and cors headers present
},
(error: any) => {
// never hit
}
)
.catch(error => {
// never hit
});
UPDATE 3:
As I understood CORS middleware might(?) drop all heades in case 4xx or 5xx responses which will prevent browsers from fetching responses. But like you can see my 400 response from a different endpoint on my api seems to be valid:
HTTP/1.1 400 Bad Request
Cache-Control: private,no-cache, no-store, must-revalidate
Pragma: no-cache
Content-Length: 112
Content-Type: application/json; charset=utf-8
Expires: 0
Server: Microsoft-IIS/10.0
Access-Control-Allow-Origin: http://localhost:4200
X-AspNet-Version: 4.0.30319
X-SourceFiles: =?UTF-8?B?QzpcVXNlcnNcS2F5IFphbmRlclxEb2N1bWVudHNcZXZlXFNvdXJjZVxJbmZvcnNIVC5HZW5lc2lzQXBpXGF1ZGl0dHJhaWw=?=
X-Powered-By: ASP.NET
X-UA-Compatible: IE=edge
Date: Wed, 06 Nov 2019 16:01:08 GMT
[{"ErrorMessage":"Der Objektverweis wurde nicht auf eine Objektinstanz festgelegt.","PropertyName":"Exception"}]
still I encounter the mentioned error message.
Most likely your ASP.NET backend doesn't have CORS enabled, according to the fact that if you set it manually you're able to make a request. If you set a header (e.g. Content-Type) to your request, whether it was manually set or automatically, Angular sends a preflight request for the backend to determine if the resource can be accessed with the specific request headers or not.
There's a built-in support for preflight request handling, which you can enable using attributes to your controllers, and a little configuration in the initial startup class.
For ASP.NET (.NET Framework based) check this guide: https://learn.microsoft.com/en-us/aspnet/web-api/overview/security/enabling-cross-origin-requests-in-web-api
For ASP.NET Core check this one: https://learn.microsoft.com/en-us/aspnet/core/security/cors?view=aspnetcore-3.0
We are using Apigee Platform to host our api's. Our Api Proxy in Apigee is configured to use Oauth 2.0 client_credentials and implicit grant types.
We are creating Console To Go to provide testing console for our API's to developers and Configured the console to use Oauth 2.0 Implicit Grant Flow.
When we test the actual calls, we always get 401 from Apigee. Here is the response
HTTP/1.1 401 API is secure. Needs security Credentials
WWW-Authenticate:
Bearer realm="null",error='invalid_token",error_description='oauth.v2.InvalidAccessToken: Invalid access token"
Content-Length:101
Content-Type:application/json
{
"fault": {
"faultstring": "Invalid access token",
"detail": {
"errorcode": "oauth.v2.InvalidAccessToken"
}
}
}
Actual Request that was sent to our API was:
GET /whodini/v1/discovery?email=puneet%40whodini.com HTTP/1.1
Authorization: OAuth M********N (Masked for security)
Host: whodiniinc-test.apigee.net
X-Target-URI: http://whodiniinc-test.apigee.net
Connection:
Keep-Alive
ValidateAccessToken policy of Apigee looks for token value in Authorization: Bearer {token} header and my suspicion is it fails with 401 because actual request made by Console to go contains Authorization: Oauth {token}.
Is there any way to
1. Control Authorization header value while using Oauth Implicit Grant Flow so that while making API calls Console to go uses Authorization: Bearer M********N instead of Authorization: OAuth M********N
Add a rule in the ValidateAccessToken policy of Apigee Proxy to that it interprets Authorization: OAuth M********N (Masked for security)
Please follow the below steps to resolve your issue:
Go to https://apigee.com/togo
Login
Select OAuth 2.0 Implicit Grant Flow (User Agent)
Select 'Draft Version' as '14 or later'
Click 'Save Credentials' button
Hope this helps. Please let me know if you have any further questions.
Thanks,
Archendra
I try sending a notification using Tizen push messaging service.
I get this error
statusCode : 3052
StatusMsg : "error of application authentication failed - header: APPID, regId: 0000000000000000"
I can't figure out why, and I can't find this error in the documentation.
I get this error only when the regId is generated by the Tizen Developer Device (os version 2.1). It works fine with the emulator.
On client-side, we used a native application based on the example 'PushClient'.
cf : https://developer.tizen.org/help/index.jsp?topic=%2Forg.tizen.native.appprogramming%2Fhtml%2Ftutorials%2Fmessaging_tutorial%2Ftask_pushclient.htm
Here's the Request details
URL :
https://apnortheast.push.samsungosp.com:8088/spp/pns/api/push
Request Header :
Content-Type: application/json
Content-Length: 302
appID: APPID
appSecret: APPSECRET
Request Body :
{"regID":["04REGID"],"requestID":"REQUESTID","message":"badgeOption=INCREASE&badgeNumber=1&action=ALERT&alertMessage=1","appData":"{\"title\":\"\",\"description\":\"test\"}"}
Response :
HTTP/1.1 200 OK
Content-Type: application/json; charset=UTF-8
Content-Length: 162
Connection: keep-alive
{"results":[{"regID":"","requestID":"","statusCode":3052,"statusMsg":"error of application authentication failed - header: APPID, regId: 0000000000000000"}]}
Any Ideas ?
Finally, We just remove the application on our device.
A new regId has been generated and this one works.
It's still a little bit weird cause it seems that sometimes the generated token doesn't work and I really don't know why.