I'm attempting to authenticate to a website to automate some device configuration.
There is no official API so I'm using "WebSpy" in my browser to watch what URLs are targeted and the payloads being sent.
I'm unable to get initial authentication working with a python post request.
The target url is https://xxxxxx.xxx/authenticate.
The payload I see when logging in from a web browser is.
{ "client_id": xxxxxx,
"username": <plainText username>,
"password": <plainText password>,
"realm": "xxxxx",
"credential_type": "http://auth0.com/oauth/grant-type/password-realm"}
If I replicate all this in a python requests.POST I get back
{ "error": "invalid request",
"error_description": "Unknown client."}
I should mention the "client_id" I'm sending in my python post is just copied from what I see coming from the browser.
I imagine that client ID should be dynamically generated somehow but I don't see where it's coming from.
I should also mention I see some reference to a \callback URL happening after login within the web browser so I'm guessing that is how/when the auth token is being offered.
Can anyone point me in the right direction on all this?
Thank you in advance.
Related
This is a bit of a newbie Q.
I'm using Python 3.6
I am trying to use the domain realestate api to write a scraper that collects data of houses/apartments for sale in my area, but i am having trouble getting the post request to work. I have registered and retrieved my client_id and secret_id for the authentication. The post request returns a status_code of 400
response = requests.post('https://auth.domain.com.au/v1/connect/token',
data = {'client_id':client_id,
"client_secret":client_secret,
"grant_type":"client_credentials",
"scope":"api_agencies_read api_listings_read",
"Content-Type":"application/json"})
token=response.json()
access_token=token["access_token"]
search_parameters = {
"listingType": "Sale",
"locations": [
{
"state": "NSW",
"suburb": "Balgowlah",
"postcode": 2093,
"includeSurroundingSuburbs": True
}
]
}
url = "https://api.domain.com.au/v1/listings/residential/_search"
auth = {"Authorization":"Bearer "+access_token}
request = requests.post(url, data=search_parameters, headers=auth)
details=request.json()
I know my authentication is correct, because i can use the Live API on the website to test the same request (i had to select the client, secret id and the project to allow direct access), and i get a valid access token from the code above.
access_token:
{'access_token': 'XXXXXXXXXXXXXXXXXXXXXXXXXXXXXX',
'expires_in': 43200,
'token_type': 'Bearer'}
request.json():
{'errors': {'parameters': ['Undefined error.']},
'message': 'The request is invalid.'}
I've been able to implement the notebook from this post. So i can be sure my client and secret ids are connected to the domain project.
#furas had the solution:
look at the example closer :)
The example uses "Content-Type":"text/json" but you use "application/json" instead of "text/json"
I am trying to upload a video to Youtube using Youtube API v3 and python and I got the following error.
An HTTP error 401 occurred:
{ "error": { "errors": [ {
"domain": "youtube.header",
"reason": "youtubeSignupRequired",
"message": "Unauthorized",
"locationType": "header",
"location": "Authorization" } ], "code": 401, "message": "Unauthorized" } }
I have created my project, created my Key and Client AOuth 2.0 and google console and downloaded the client_secrets.json.
The code I run is the one provided by Youtube API sample_code to download (here) for python.
If for example I try to do a search using the corresponding sample code and my credentials it works perfectly and I don't know why it doesn't work when I want to upload a vide.
Could you please letting me know what I am doing wrong, please?
Thanks in advance
YouTube Data API - Errors
unauthorized (401) youtubeSignupRequired This error indicates that the
user has an unlinked Google Account, which means that the user has a
Google Account but does not have a YouTube channel. Such users can
access many features that are dependent on user authorization, such as
rating videos or adding videos to a watch_later playlist. However, as
an example, the user would need a YouTube channel to be able to upload
a video. A user who has a Gmail account or an Android device is
certain to have a Google Account but may not have already linked that
Google Account to a YouTube channel.
This error is commonly seen if you try to use the OAuth 2.0 Service
Account flow. YouTube does not support Service Accounts, and if you
attempt to authenticate using a Service Account, you will get this
error.
The YouTube API blog post introducing Google Account support also
discusses the youtubeSignupRequired error in more detail. Although the
blog post explains the error for API version 2.1, the meaning of the
error is still applicable.
It seems that the Facebook graph API can not always pull down the data for public albums, even when you provide a valid access token, but you can see these albums through a standard http GET request to facebook.com.
Using the following python code, I am able to GET data from the public album "303027476429477":
>>> r = requests.get('https://graph.facebook.com/303027476429477?access_token=MY_SECRET_ACCESS_TOKEN',headers=headers)
>>> r.text
u'{\n "created_time": "2012-03-11T23:01:28+0000",\n "name": "Kid Gaga",\n "id": "303027476429477"\n}'
However, for another public album "377622310155", I cannot:
>>> r = requests.get('https://graph.facebook.com/377622310155?access_token=MY_SECRET_ACCESS_TOKEN',headers=headers)
>>> r.text
u'{\n "error": {\n "message": "Unsupported get request. Object with ID \'377622310155\' does not exist, cannot be loaded due to missing permissions, or does not support this operation. Please read the Graph API documentation at https://developers.facebook.com/docs/graph-api",\n "type": "GraphMethodException",\n "code": 100,\n "fbtrace_id": "HK87oTbeTs0"\n }\n}'
This seems to be a permissions issue, since if one simply visits http://facebook.com/377622310155 in their browser, they can see the album does exist (and they didnt need to do any authentication to see it either).
So my question is - what am I doing wrong, and since all i want to do is know if an albumn exists or not, should I just scrape facebook.com's http response?
I am a little confuse! I am trying to develop a script that can pull youtube video id in python. So I went ahead and set up my youtube API key.I use this page to generate the URL.
https://developers.google.com/youtube/v3/docs/search/list
This page generated a sample JSON table with the video ID. But when I put this url in my browser
https://www.googleapis.com/youtube/v3/search?part=id&q=gullybop&key={YOUR_API_KEY}
and yes I filled in my api. I expected to get back a JSON table with the vid ids but I get this instead
"error": {
"errors": [
{
"domain": "usageLimits",
"reason": "keyInvalid",
"message": "Bad Request"
}
],
"code": 400,
"message": "Bad Request"
}
}
I don't think my API key is invalid
I expected when I put the URL in the browser it would return a JSON table with vid ids but instead I got that error above.
Why am I getting this error ?
Thank you Sean
I got JSON results when I accessed this URL with my API Key. So your API key will be invalid nothing else. Try to create another project in API console and create a key without any referrer no server IP. Only generate 1 key in a project. Dont forget to enable YouTube Data API v3 in API manager.
I am trying to use the mirror-api-python-cli command line interface to send timeline cards from Raspberry Pi to Google Glass. I am able to complete the first step which uses the code in get-credentials.py to connect to Google with my application client-id and secret. This code prompts to go to an authorisation URL to obtain a code and upon entering the code it does go on to correctly populate a credentials file with authentication information including access_token and refresh_token.
I am then running the code in the second file, send-to-glass.py, to pass a 'hello world' message to the Google Glass timeline. I am receiving no error message and yet nothing is received by the Glass.
I have created a separate web client for the application using the Google playground and that is able to send cards to the timeline so I know there is no problem on the Google application side.
I have also done a print of the insert_timeline_item call and I think that might be giving a clue as to where the issue lies. The last name value pair in the json response is selfLink which has a url of https://www.googleapis.com/mirror/v1/timeline/xxxxxx where xxxxxx is the id value. If I follow this URL then I get the following:
{ "error": { "errors": [{ "domain": "global", "reason": "required", "message": "Login Required", "locationType": "header", "location": "Authorization" }], "code": 401, "message": "Login Required" }}
---------- UPDATE ----------
I used CURL with a fresh access token, as suggested by Jenny. I must admit I am not familiar with CURL and so it took a few tries to get it to work. First the address was not resolving, so I added www in front of googleapis, then it was complaining that SSL was required so I added https in front, then it complained about the certificate so I added the -k parameter and finally it was trying to resolve Bearer and my access tokens as addresses so I used double quotes instead of single quotes. Please feel free to chuckle at the noob here but possibly this may help someone in the future!
My final curl command looked like this:
{ curl -H "Authorization: Bearer MY-ACCESS-TOKEN" https://www.googleapis.com/mirror/v1/timeline -k }
The result came back with a whole load of json, with what looked like all of the timeline cards I tried to send from the Raspberry Pi. I won't list all the entries, but the top of the json looks like this:
{"kind": "mirror#timeline", "nextPageToken": "LONG-STRING-OF-CHARACTERS",
"items": [
{
"kind": "mirror#timelineItem",
"id": "ITEM-ID",
"selfLink": "https://www.googleapis.com/mirror/v1/timeline/ITEM-ID",
"created": "2014-04-19T01:40:40.597Z",
"updated": "2014-04-19T01:40:40.597Z",
"etag": "1397871640597",
"text": "Hello World",
"notification": {
"level": "DEFAULT"
}
},
{ ... }
So it would appear that somehow the cards are getting to my timeline and yet they are not being delivered to the Glass. As a reminder, using a web client in the playground against the same project I was able to see cards come through to Glass.
So this is a little embarrassing, I have discovered exactly what the problem was. This whole exercise is related to a science fair project my son is doing. He had been programming the Raspberry Pi through WebIDE logged on through his Google Account. I had set up the project to access Glass through my Google account in a separate Chrome browser. Each time I ran get-credentials.py on the Raspberry Pi and it directed me to copy the URL into the browser for approval, I was doing so in my son's browser with his Google account. The credentials were being saved correctly and cards were populating a timeline correctly, but all against my son's Google account and he has no Glass!
I re-ran get-credentials.py, ran the URL in a browser session associated with my own account. Copied the code back to the Pi and now send-to-glass.py works perfectly. My son thinks I'm an idiot and is getting plenty of laughs out of it, but I am pleased to report everything is now working.