I use the AppEngine-OAuth-Library to get user information from LinkedIn, but how do I grant for more permissions than the default basic profile.
The LinkedInClient class has this constructer:
OAuthClient.__init__(self,
LINKEDIN,
consumer_key,
consumer_secret,
"https://api.linkedin.com/uas/oauth/requestToken",
"https://api.linkedin.com/uas/oauth/accessToken",
callback_url)
I have tried this instead:
https://api.linkedin.com/uas/oauth/requestToken?scope=r_basicprofile+r_emailaddress
But it gives an Internal Server Error, when I make a request. It works perfect with the default basicprofile request. Some ideas on what is wrong?
Thanks in advance :)
You have to give additional params in the oauth.py. Where you put a dictionary with the key 'Scope' and the value should be the permission you want. If you want more than 1 permission, make a space in the value like so 'r_basicprofile r_emailaddress'
Related
When I use graph API withinh POSTMAN in order to add a guest user to a group I process as follow :
Add the /invitations endpoint to add my user ( I do not use email invitation)
Then I can see from my AD users that it has been added properly
Next I user the /groups/{Group ID}/members/$ref to add the created users in step 1
Then I can see from my AD that users has been added to group right a way
Then this exact steps, I add it in a script that is executed at a dedicated time as follow: 1. use the /invitations endpoint to add my user and Send an invitation by email 2. The return userID by first call is then used to add right away the user to the group by using the /groups/{Group ID}/members/$ref endpoint with body set as
{ "#odata.id": "https://graph.microsoft.com/v1.0/directoryObjects/{userID}" }
Then response to add user to group is successfull
Then what is strange is that when I check in my AD , I can see the user which has been created BUT I do not see that user as a member of the group it has been added. It is not displayed while no error was return during the API call
Does it means it takes some time to get it visible ? Does it means that user need to validate the invitation before it is added to the group ?
Thanks for your help
regards
That was my mistake,
I get a scrip flag error which prevent the api to complete
I am using the python3.7.2 module simple-salesforce==0.74.2 and I am having trouble trying to establish a connection to my salesforce sandbox. I can login to the salesforce production with the same credentials just fine like so:
from simple_salesforce import Salesforce
sf = Salesforce(username='user#domain.com', password='pswd', security_token='mytoken')
Okay cool. Now I attempt to login to my sandbox with the following:
sf = Salesforce(username='user#domain.com.sandbox_name', password='pswd', security_token='mytoken', sandbox=True)
And I get the error:
simple_salesforce.exceptions.SalesforceAuthenticationFailed:
INVALID_LOGIN: Invalid username, password, security token; or user
locked out.
So I tried logging in with a different method:
sf = Salesforce(username='user#domain.com.sandbox_name', password='pswd', security_token='mytoken', domain='sandbox_name')
And this gave a different error:
requests.exceptions.ConnectionError:
HTTPSConnectionPool(host='sandbox_name.salesforce.com', port=443): Max
retries exceeded with url: /services/Soap/u/38.0 (Caused by
NewConnectionError(': Failed to establish a new connection: [Errno 8]
nodename nor servname provided, or not known'))
I am using a Developer sandbox, named sandbox_name, following salesforce's instructions. Can someone give some advice on what I am doing incorrectly?
Solved. Set domain='test' and generate a new token under your sandbox account
this didn't work for me, but what did was:
`sf = Salesforce(
username='my.email#test.com',
password='sadfd8d8d8',
security_token='d8d8asd8f8d8',
instance_url='https://my-dev-org-instance-dev-ed.my.salesforce.com')`
The advice here may be a bit deprecated. After a bit of tinkering, I was able to get the simple_salesforce library working with the Salesforce sandbox on a custom domain with the following code. Note the domain that I am passing to the api as well the sand_box name that needs to be appended to the username.
from simple_salesforce import Salesforce
USER = "user#domain.com.sandbox_name"
PASS = "pass"
SEC_TOKEN = "token"
DOMAIN = "<domain>--<sandbox_name>.<instance>.my"
sf = Salesforce(username=USER, password=PASS, security_token=SEC_TOKEN, domain=DOMAIN)
I'm trying to authenticate with spotipy using Authorization Code Flow like this:
token = util.prompt_for_user_token(username, scope, client_id=client_id,
client_secret=client_secret,redirect_uri=redirect_url)
When I assign any string to "username", I'm asked to authenticate the request in a browser which is popping up; everything works fine.
When I set a different string to "username" before running my code a second time, the authentication is done against the previously authenticated username (which is still authenticated in the browser session); just as if the value of "username" is not taken into account at all.
Also, I seem to be able to set any arbitrary value to "username" like "pipapo"; when I login to my Spotify account (which isn't "pipapo", obviously) this one is authenticated and methods like current_user_saved_tracks() do get the resources of the account authenticated instead of "pipapo".
Anyways: The access_token and refresh_token are saved to the cachefile .cache-pipapo; thus saving the credentials of the "who-ever-logged-into-the-browser" to the file named after the "wrong" account.
So: What is this parameter good for then, if ultimately the user's interactive selections are responsible for what the code is doing? And why is this even a required parameter if more or less not utilized in the auth process?
I just had a look at spotipy/util.py myself, how def prompt_for_user_token(...) is designed and what parameter "username" is used for; indeed, it is used for defining the caching file name only to hand it over to oauth2.SpotifyOAuth() like so:
cache_path=".cache-" + username
So, you can use any value here; it does not need to be the correct username, necessarily.
I'm trying to write some tests using the Django Test Client to check on my customisations of the wagtail admin. I've tried:
self.user = get_user_model().objects.create(
username='addy', is_staff=True
)
self.client.force_login(self.user)
response = self.client.get(f'/admin/pages/{self.thing.id}/edit/')
But I still end up seeing an HttpResponseRedirect status_code=302, "text/html; charset=utf-8", url="/admin/login/?next=/admin/pages/6/edit/">
Am I missing some crucial attribute to the user that Wagtail wants in ordet to let them view wagtail-admin pages?
Wagtail doesn't use the is_staff flag to determine access to the admin - you need to assign your user the wagtailadmin.access_admin permission instead.
See https://github.com/wagtail/wagtail/blob/c6666c6de5e83bf94d18324858c121e6584ba47d/wagtail/wagtailsites/tests.py#L258 for an example of setting up a test user with the right permissions.
Here's what worked for me in the end:
self.user = get_user_model().objects.create_superuser(
username='addy', email='admin#example.com', password='passwood321'
)
Just setting is_staff wasn't enough. With due thanks to #gasman above, users don't have an is_admin atttribute. they do have is_superuser, so this code works just as well (and is probably better since it doesn't need an irrelevant email or password):
self.user = get_user_model().objects.create(username='addy', is_superuser=True)
self.client.force_login(self.user)
i have got Access token from "https://oauth.intuit.com/oauth/v1/get_request_token" using rest api in apex. when i pass the response to the authorizaiton url as shown below
https://appcenter.intuit.com/Connect/Begin?oauth_token_secret=xEtlEPu7ljKAeWRYM6pZwY02e8ewZcZ2txR1xpix&oauth_callback_confirmed=true&oauth_token=qyprdc5t2G9j8TcR8AW1123BCD3iy4M0PSBwsk84Rl8WhmCa
i get this error
Oops! An error has occurred.
Please close this window and try again.
Error Code: no_such_database
Message: Application not found by appToken
Any kind of help will be much appriciable
I am not sure if you figured it out but the URL for authorization actually seems different from documentation :
https://appcenter.intuit.com/Account/DataSharing/Authorize?oauth_token=YYYY
I used this url for authorization and it worked.
Instead of old user authorization link (https://appcenter.intuit.com/Connect/Begin ) use the new link (https://appcenter.intuit.com/Account/DataSharing/Authorize)
After generating the request token and secret , redirect to the new link. This will lead to the user authorization pages. Once authorized it will redirect back to our callback url.
Code Example :
$userAuthUrl = "https://appcenter.intuit.com/Account/DataSharing/Authorize";
$signedUrl = "{$userAuthUrl}?oauth_callback={$callBackUrl}&oauth_consumer_key={$consumerKey}&oauth_nonce={$nonce_random}&oauth_signature_method=HMAC-SHA1&oauth_timestamp={$timestamp}&oauth_token={$reqToken}&oauth_version=1.0&oauth_signature={$signature}";
header("Location:$signedUrl");
Authorized URL is not correct.
It should be like -
https://appcenter.intuit.com/connect/begin?oauth_token=qyprdsGhfVztCxWPDIXbPYjVybkwxNAvUdNNaiaTabcde
Here oauth_token is actually request_token (not request_secret) which you get as part of the first call OAuth1.0a flow.
ie. https://oauth.intuit.com/oauth/v1/get_request_token
Please refer this sample Java code which shows all the 3 steps required to generate accessToken and accessSecret (OAuth1.0a).
https://gist.github.com/manas-mukh/b6450bb28506e1302463