First Question: So, I'm attempting to post an image to a specific slack channel using the files.upload API call in the Slack APIs. I have a client_id and a client_secret. I just want this to be used for my team using slack to communicate. Is this possible without getting an access token through OAuth 2?
Secondary question: In my attempt to go through OAuth 2, I have placed my client_id into a python dictionary and then json.dumps() it. I stored the id in the field 'client_id' yet the message returned is "OAuth message: please specify a 'client_id'" Why is this an error? Should I name it something other than 'client_id'?
EDIT: I found the answer to question 2. I don't receive what I expected, but simply sending the dictionary without turning into a JSON object solved the client_id issue.
You always need an access token to upload a file with the Slack API.
But you can install your Slack app to your own Slack workspace without going through the OAuth process yourself. Just create your Slack app and go to the "Install App" page your app. Which you find under Manage your apps.
Example screenshot:
Another option (although not recommended) is to us a legacy token. You can create it here:
https://api.slack.com/custom-integrations/legacy-tokens
Related
I am currently trying to create an application in Django that fetches emails from an Inbox using the gmail API. I was able to successfully perform this in Nodejs, but I wanted to switch to using Django. I used the Python Gmail API quickstart: https://developers.google.com/gmail/api/quickstart/python. I created a view for the function found in the tutorial and the first issue I encountered was "invalid redirect uri" which is an issue I encountered in the past, which I still don't understand. I tried editing the redirect uris in the Oauth Token to fix this issue, but it didn't work (I probably was doing it wrong). Eventually, I deleted the Oauth Token and tried creating a new GCP project but it said "Oauth Token deleted". I kept trying to create new ones (I updated the credentials.json everytime). I even tried starting a new Django project with a new GCP Project+ Oauth token, but I'm still getting the same "Oauth Token Deleted" error. I'm not sure whats going wrong and was wondering if someone with experience using the API would know what to do. Thanks!
I am trying to hit microsoft to do list api using python program.
Api : https://graph.microsoft.com/beta/me/todo/lists , which resulted in error : Access is denied due to invalid credentials. But when I tried the api : https://graph.microsoft.com/v1.0/users, I am getting the results properly. The documentation of the api (https://learn.microsoft.com/en-us/graph/api/resources/todo-overview?view=graph-rest-beta) says "Currently, the API supports only permissions delegated by the signed-in user". Currently I am trying to get auth code and then auth token and then hitting the API. To act as signed in user, what method should I follow in python? Please note I am not using a web frame work. When I tried using flask and then hitting the API , it works. Need to know how a browserless console python application can serve the purpose.
Thank youin advance for the help
You are getting an App only token using a client credential flow and it doesn't ask for user credentials. Please check these Authentication flows and according to your requirement you can choose one of these and implement it. In other ways you can test your HTTP call in Graph Explorer by adding permissions there itself. Your call works here because you will login as user.
I am looking into using the Google API to allow users to create/ edit calendar entries in a company calendar (Google calendar) from within iCal.
I'm following the instructions at: https://developers.google.com/api-client-library/python/auth/web-app
Step 2 says that I will need the application's client ID and client secret. I can see the client ID in the 'Credentials' page for my app, but I have no idea what the client secret is or where I get that from- anyone know what this is? How do I download it? Where can I get the value from to update the field?
Go to credentials tab. Client IDs will be listed there. In the right, there is an option to download it (.json file)
If you go to your Google developers console you should see a section titled OAuth 2.0 client IDs. Click on an entry in that list, and you will see a number of fields, including Client secret.
If you have not yet created credentials, click the Create credentials button, and follow the instructions to create new credentials, and then follow the steps outlined above to find the Client secret.
I am trying to create some Glassware with the Mirror API. I am new to using AppEngine and Jinja2. I have python experience but never with a web framework before. So basically I am very new at this.
I have modified the Python quickstart for the mirror API to include many of my endpoints and designs. Basically I want to be able to be able to POST data from a constrained device to Glass. I have an endpoint all setup which works to accept and parse out the data and send the timeline item.
My problem is that the device itself is acting all on it's own and cannot provide input, therefore when I call my app from it e.g. https://foo.appspot.com?operation=deviceData the app presents the auth page and then nothing happens. I can see in the logs that the auth page is being sent, but the device has no idea what to do with this.
Basically, I need a way where I can hardcode credentials and get around having to do oauth everytime. What is the recommended way to do this? Another app which doesn't require auth which passes the data along? This would be fine as I only need to set this up with one user right now, it is for an internal demo only.
Is it possible to set my credentials in a header and auth automatically without handling any return, more like how basic auth works?
There are also the "Simple API access" keys. Would these work in this situation, I tried creating browser and server keys and tried them on the device and in the browser by doinghttps://foo.appspot.com?operation=deviceData&key=KEY_HERE but in both cases I was still prompted to login. Is this what simple access keys are for? Do they not work with the mirror API?
Basically my question is, what's the easiest way to allow access to my apps endpoints without having to oAuth or having a hard coded user which auto-auths?
Here is the project that I started with: https://github.com/googleglass/mirror-quickstart-python
I'm working on converting a Python script using the Google gdata API client + user/pass authentication to something more suitable for production (an API key). I am pretty frustrated with the muddled state of their documentation on authentication. I admittedly don't have a great grasp of OAuth2, but it seems like it's way more complicated for my usage case, which is: Hit Google Analytics every 24 hours to get the X most popular articles on our site.
In this scenario, we're not dealing with modifying someone's personal data, and all activity is centered on one account. It doesn't seem like OAuth2 is worth the complexity for something so simple.
I see that on the Google API Console (https://code.google.com/apis/console/), I've registered there and notice that there's a "Simple API Access" section with one key beneath the "Client ID for web applications" (which appears to be OAuth2). There's also the Google domain update page, https://www.google.com/accounts/UpdateDomain, but that appears to be OAuth related.
Is there any way to use this Simple API Access key (not OAuth) for retrieving analytics data with the Python gdata client, and if so, does anyone have any authentication examples? I already have the data retrieval stuff working once authenticated, but I'm using the user/pass approach, which is not appropriate for production.
Greg,
If you are already using the library gdata-python-client, this is relatively easy to do if you are the only user that your application will be authorizing.
The general mechanisms were detailed in a blog post in September, 2011, but I'll describe them here for completeness.
Part 1: Go to the APIs console and start a new project.
Part 2: From the project, go to "Services" and enable "Analytics API"
Part 3: From the project, go to "API Access" and click "Create an OAuth 2.0 client ID..." (you'll need to provide a product name, though the value you provide won't matter). When asked for the application type, select "Installed Application" and then "Create client ID". Since you will be the only user, you will only need one refresh token, and you can get this by authorizing from a desktop application a single time.
Part 4: Get your client id and client secret from the APIs console and then create an empty token:
import gdata.gauth
CLIENT_ID = 'id-from-apis-console'
CLIENT_SECRET = 'secret-from-apis-console'
SCOPE = 'https://www.google.com/analytics/feeds/' # Default scope for analytics
token = gdata.gauth.OAuth2Token(
client_id=CLIENT_ID,
client_secret=CLIENT_SECRET,
scope=SCOPE,
user_agent='application-name-goes-here')
I got the scope from GData FAQ, though I'm not sure if it is correct.
Part 5: Use the token to create authorization URL for you to visit:
url = token.generate_authorize_url(redirect_uri='urn:ietf:wg:oauth:2.0:oob')
Since your application is an "Installed Application", your redirect URI is the default 'urn:ietf:wg:oauth:2.0:oob'. (Also note, the blog post had a typo and used the keyword argument redirect_url.)
Part 6: Visit the url and authorize your application to make requests on behalf of your account. After authorizing, you'll be redirected to a page with a code on it. This code will be used to exchange for an access token and a long-lived refresh token. The code has a life of 10 minutes and the access token has a life of an hour. The refresh token will allow you to get new access tokens for signing requests in perpetuity (or until you revoke the permission from your account).
Part 7: Use the code to get an access token:
code = 'random-string-from-redirected-page'
token.get_access_token(code) # This returns the token, but also changes the state
This again differs slightly from the blog post, because we are using an installed application.
Part 8: With the token you can now make all requests you want to make to the analytics client:
import gdata.analytics.client
client = gdata.analytics.client.AnalyticsClient()
token.authorize(client)
This is the big money right here. When an access token expires, the API requests signed with that token are rejected. However, by authorizing the client as above, when the said requests fail, the token attempts to use the refresh token to obtain a new access token. If it successfully obtains a new access token, the client resends the original API request, signed with the new access token.
I don't know anything about the Analytics API so I won't provide any more details there.
Future Use Note 1: Saving information for future use. You can re-use this from different places and after this use very easily. There are methods called token_to_blob and token_from_blob provided by the library that allow turning a token into a string and converting out of a string:
saved_blob_string = gdata.gauth.token_to_blob(token)
Once you have done this, you can store the string in a file and kill your running Python process. When you'd like to use it again:
saved_blob_string = retrieve_string_from_file() # You'll need to implement this
token = gdata.gauth.token_from_blob(saved_blob_string)
Future Use Note 2: This token will be able to be used to authorize a client and perform all your magic again and again, so long as you have the refresh token around. If for some reason you would like to get an access token again without calling token.generate_authorize_url, you'll need to manually set this on the object:
token.redirect_uri = 'urn:ietf:wg:oauth:2.0:oob'
Future Use Note 3: Also, if you lose your refresh token and would like to get another one without having to go to the browser to revoke the original, you can use the approval_prompt parameter to get a new refresh token by visiting the url generated by:
url = token.generate_authorize_url(
redirect_uri='urn:ietf:wg:oauth:2.0:oob',
approval_prompt='force')