I keep getting this error every time I try to make an STK push
"requestId" => "6255-20728117-1"
"errorCode" => "400.008.02"
"errorMessage" => "Invalid grant type passed"
Check the url you are using and add the grant_type and ensure that the grant_type is associated with a customer_key as well as a customer_secret in the final post request
e.g
curl -X GET https://sandbox.safaricom.co.ke/oaut/v1/generate?grant_type=client_credentials
As opposed to:
curl -X GET https://sandbox.safaricom.co.ke/oauth/v1/generate
sample code snippet is as follows
consumer_key = keys.consumer_key
consumer_secret =keys.consumer_secret
api_URL = (
"https://sandbox.safaricom.co.ke/oauth/v1/generate?grant_type=client_credentials"
)
r = requests.get(api_URL, auth=HTTPBasicAuth(consumer_key, consumer_secret))
print(r.text)
You have to provide a grant_type in your request. Check the Mpesa Api Documentation.
Related
I'm trying to use the Quip admin and automation APIs to add members to a document from a Salesforce trigger.
I've successfully used the GET methods for verify token and get user from the automation API, but I'm getting an error when I call add members from the Admin API. The error I'm getting is 'Missing argument thread_id', despite passing in a valid thread id. If I copy the body from the request into Postman it works fine. The Salesforce org is a developer sandbox.
These are the debug lines from Salesforce:
USER_DEBUG [332]|DEBUG|System.HttpRequest[Endpoint=https://platform.quip.com/1/admin/threads/add-members?company_id=JKNAcB0VIMy, Method=POST]
USER_DEBUG [336]|DEBUG|Body req = {"thread_id":"eNiVAcaDICco","member_ids":"KPDAFRZtNRW"}
USER_DEBUG [337]|DEBUG|Body response = {"error":"application_error","error_code":400,"error_description":"Missing argument 'thread_id'"}
USER_DEBUG [339]|DEBUG|Method = POST
USER_DEBUG [340]|DEBUG|Scope = USER_READ ADMIN_MANAGE
USER_DEBUG [341]|DEBUG|Authorisation = Bearer UkRQQU1AcXymZ1M=|1692717157|N4CCVoKA8MY4sNF/+mBeWzX5lXAeI/q/YKxSMhC9PJc=
Any help would be much appreciated
I found the issue, it was the content-type in the header, it needed to be set to set to application/json
As part of ECR, I'm changing our code to get token by using subject name instead of the thumbprint of our aad 1st party application.
I made a few changes:
1. I added the subject name to the "subject name + issuer" in the aad portal.
2. added the "sendX5c: true" parameter to the AcquireTokenAsync function call.
I'm getting the certificate from my machine but when trying to acquire the token I'm getting this exception: AADSTS7000213: Invalid certificate chain. with the inner exception of "Response status code does not indicate success: 401 (Unauthorized)".
Any idea what am I doing wrong or what is missing?
I followed this link: https://aadwiki.windows-int.net/index.php?title=Subject_Name_and_Issuer_Authentication
If you want to request Azure AD access token with client certificate, please refer to the following steps
Upload the information of the cert to Azure
a. get the information
$Thumbprint="930CFA423637129DB45921320B0BB451BD58A813"
$cert=Get-ChildItem -Path Cert:\LocalMachine\My\$Thumbprint
$rawCert = $cert.GetRawCertData()
$base64Cert = [System.Convert]::ToBase64String($rawCert)
$rawCertHash = $cert.GetCertHash()
$base64CertHash = [System.Convert]::ToBase64String($rawCertHash)
$KeyId = [System.Guid]::NewGuid().ToString()
b. upload the above information to Azure
Connect-AzureAD
$clientAadApplication=Get-AzureADApplication -Filter "AppId eq '<you client id>'"
New-AzureADApplicationKeyCredential -ObjectId $clientAadApplication.ObjectId -CustomKeyIdentifier "$base64CertHash" -Type AsymmetricX509Cert -Usage Verify -Value $base64Cert
Get access token(I use the sdk Microsoft.Identity.Client)
String subjectname="";
X509Store store = new X509Store(StoreName.My,StoreLocation.LocalMachine);
store.Open(OpenFlags.ReadOnly);
X509Certificate2Collection certCollection = store.Certificates;
X509Certificate2Collection currentCerts = certCollection.Find(X509FindType.FindByTimeValid, DateTime.Now, false);
X509Certificate2Collection signingCert = currentCerts.Find(X509FindType.FindBySubjectName, subjectname, false);
X509Certificate2 cer = signingCert.OfType<X509Certificate2>().OrderByDescending(c => c.NotBefore).FirstOrDefault();
var app = ConfidentialClientApplicationBuilder.Create("<client id>")
.WithAuthority(AzureCloudInstance.AzurePublic, "<tenant id>")
.WithCertificate(cer)
.Build();
var result = await app.AcquireTokenForClient(new[] { "https://graph.microsoft.com/.default" }).ExecuteAsync();
Console.WriteLine(result.AccessToken);
Console.Read();
For more details, please refer to the document and the sample
I am trying to Fetch the dataset from Einstein Analytics through Analytics REST API SAQL Query Resource. I have followed the document given at https://developer.salesforce.com/docs/atlas.en-us.bi_dev_guide_rest.meta/bi_dev_guide_rest/bi_resources_query.htm.
However, when I am calling the Salesforce Einstein Analytics through REST API from PostMan, I am getting below Response:
[
{
"errorCode": "118",
"message": "Expected query or query name in body."
}
]
The URL in the Postman POST request is
https://ap4.salesforce.com/services/data/v42.0/wave/query
My Request body contains:
{
"query":"q = load \"0Fb6F0000004eD4SAI/0Fc6F000001t5hWSAQ\";q = foreach q generate 'Account_Owner' as 'Account_Owner', 'Account_Type' as 'Account_Type', 'Amount' as 'Amount', 'Billing_State_Province' as 'Billing_State_Province', 'Close_Date_day_epoch' as 'Close_Date_day_epoch', 'Close_Date_sec_epoch' as 'Close_Date_sec_epoch', 'Column1' as 'Column1', 'Created_Date_day_epoch' as 'Created_Date_day_epoch', 'Opportunity_Name' as 'Opportunity_Name', 'Product_Name' as 'Product_Name';q = foreach q generate 'FirstName' as 'FirstName', count() as 'count';q = limit q 2000;"
}
Here while calling REST API I have made proper use of oAuth2.0 token.
Please let me know - what could be the problem in my Request, is the format of my request is correct.
Looks like you forgot the " at the very end right after the semicolon...
...
q = limit q 100;" <-
I have got the solution to it, I had not set the content-type of my request as application/json.
After setting it as a parameter in the header of the request in Postman, I am able to get the proper response.
So basically the script running perfectly, I get the feedback that my Captcha has been solved. But the problem lies when the script enters the rest of the form's input.
Any idea where it is coming from?
import requests
from random import randint
from time import sleep
# Add these values
API_KEY = 'ApiKey' # Your 2captcha API KEY
site_key = 'SiteKey' # site-key, read the 2captcha docs on how to get this
url = 'https://site' # example url
proxy = 'proxy' # example proxy
proxy = {'http': 'http://' + proxy, 'https': 'https://' + proxy}
s = requests.Session()
# here we post site key to 2captcha to get captcha ID (and we parse it here too)
captcha_id = s.post("http://2captcha.com/in.php?key={}&method=userrecaptcha&googlekey={}&pageurl={}".format(API_KEY, site_key, url), proxies=proxy).text.split('|')[1]
# then we parse gresponse from 2captcha response
recaptcha_answer = s.get("http://2captcha.com/res.php?key={}&action=get&id={}".format(API_KEY, captcha_id), proxies=proxy).text
print("solving ref captcha...")
while 'CAPCHA_NOT_READY' in recaptcha_answer:
sleep(5)
recaptcha_answer = s.get("http://2captcha.com/res.php?key={}&action=get&id={}".format(API_KEY, captcha_id), proxies=proxy).text
recaptcha_answer = recaptcha_answer.split('|')[1]
# we make the payload for the post data here, use something like mitmproxy or fiddler to see what is needed
payload = {
'username' : 'username',
'password' : 'password' ,
'password_again' : 'password' ,
'email' : 'email#gmail.com' ,
'key': 'value',
'gresponse': recaptcha_answer # This is the response from 2captcha, which is needed for the post request to go through.
}
# then send the post request to the url
response = s.post('https://site',payload, proxies=proxy)
You only need to change 'gresponse' to 'g-recaptcha-response' and it's working perfectly
I am able to upload a document and download the document from google cloud storage for signed url using httpclient in java.But,when i put the same signed url in browser i am unable to download document for the link.I am getting following error
The request signature we calculated does not match the signature you
provided. Check your Google secret key and signing method.`
But when i mark check shared publicly check box in storage browser i am able to download from the generated signed url.But i want to allow a user to download a document from the browser without marking it as shared publicly.
.
I want to get confirm on some confusing part like
For document to get accessible by user who does not have google account after creating a signed url also i have to check shared publicly check box in storage browser?
But i think if the url is signed then it should not be check for shared publicly checkbox and user who does not have google account can access the document?But in my case it is not happening .According to link
https://developers.google.com/storage/docs/accesscontrol#About-CanonicalExtensionHeaders
it talks about Canonicalized_Extension_Headers .So i put in my request header
request.addHeader("x-goog-acl","public-read");
This is my code
// construct URL
String url = "https://storage.googleapis.com/" + bucket + filename +
"?GoogleAccessId=" + GOOGLE_ACCESS_ID +
"&Expires=" + expiration +
"&Signature=" + URLEncoder.encode(signature, "UTF-8");
System.out.println(url);
HttpClient client = new DefaultHttpClient();
HttpPut request = new HttpPut(url);
request.addHeader("Content-Type", contentType);
request.addHeader("x-goog-acl","public-read");// when i put this i get error
request.addHeader("Authorization","OAuth 1/zVNpoQNsOSxZKqOZgckhpQ");
request.setEntity(new ByteArrayEntity(data));
HttpResponse response = client.execute(request);
When i put request.addHeader("x-goog-acl","public-read");i get error
HTTP/1.1 403 Forbidden error .
.But when i remove this line it is uploaded successfully .It seems like i need to set
request.addHeader("x-goog-acl","public-read") to make it publicly accessible but on putting this on my code i am getting error.
.Any suggestion Please?
Finally Solved it.
To run singed url from browser you have to set HTTP header . In https://developers.google.com/storage/docs/accesscontrol#Construct-the-String
Content_Type Optional. If you provide this value the client (browser) must provide this HTTP header set to the same value.There is a word most.
So if you are providing Content_Type for sign string you must provide same Content_Type in browser http header.When i set Content_Type in browser header this error finally solved
this works for me:
set_include_path("../src/" . PATH_SEPARATOR . get_include_path());
require_once 'Google/Client.php';
function signed_storageURL($filename, $bucket, $p12_certificate_path, $access_id, $method = 'GET', $duration = 3600 )
{
$expires = time( ) + $duration*60;
$content_type = ($method == 'PUT') ? 'application/x-www-form-urlencoded' : '';
$to_sign = ($method."\n"."\n".$content_type."\n".$expires."\n".'/'.$bucket.'/'.$filename);
$signature = '';
$signer = new Google_Signer_P12(file_get_contents($p12_certificate_path), 'notasecret');
$signature = $signer->sign($to_sign);
$signature = urlencode( base64_encode( $signature ) );
return ('https://'.$bucket.'.commondatastorage.googleapis.com/'.$filename.'?GoogleAccessId='.$access_id.'&Expires='.$expires.'&Signature='.$signature);
}
$url = signed_storageURL(rawurlencode("áéíóú espaço & test - =.jpg"),'mybucket', 'mykey.p12','myaccount#developer.gserviceaccount.com');
echo ''.$url.'';