I'm looking at the Logic Apps Yammer connector.
When we put a message on Yammer we want to find out who has read it. Is there a way to find a list of people in a Yammer group who have not read a Yammer message?
If it can't be done in Logic Apps, is there another way to do it?
As a workaround, I'm trying to do this on the basis of who has liked a message and have done this in Logic apps. It gives a message that the response is not in JSON format. Also, it gives me the number of likes rather than a list of people who have liked it.
This is what I put into the HTTP request
After our chat I tried this
and this
and got this error message.
"error": "invalid_request",
"error_description": "AADSTS900144: The request body must contain the following parameter: 'grant_type'.\r\nTrace ID: d41c78c7-afa5-405f-8f52-8b587ecf1a00\r\nCorrelation ID: 9ffd2247-78ca-4be2-8111-c17a95a830d6\r\nTimestamp: 2020-01-23 10:09:55Z",
"error_codes": [
900144
]
I also tried putting in my Azure directory id in place of tenant id. It failed with and without the directory id.
It seems there isn't an action in logic app Yammer connector which can get the list of users in a group who haven't read a message. And I checked all of the rest api in Yammer api document. Just find a rest api which can get the users in a group:
https://www.yammer.com/api/v1/users/in_group/:Group_Id.json
So I think neither yammer rest api nor logic app can not implement this requirement of get the list of users in a group who haven't read a message.
Update:
For your question about how to implement the workaround in logic app, as I don't have yammer app and account, so I can just provide some suggestions for your reference.
Since the yammer actions in logic app are very limited, so we can just use yammer Apis in logic according to HTTP action.
First we need to get access token from yammer, you can refer to this tutorial and refer to the C. App Authentication title in it. Put this post url in HTTP action in logic app and get the response body. Parse the response body and get the token property under the access_token property. Then we can use this token in the apis which we will call in the next HTTP actions.
Then, call this api in HTTP action(choose "Get" as the method) with the token which we got above to get the users who like the message, the url should be like this:
https://www.yammer.com/api/v1/users/liked_message/:Message_id.json?access_token=<<ACCESSTOKEN>>
Get the response body(and parse it in json type in array) from the api above and then call the other api in HTTP action(with access token) to get the users in one group. Also get the response body from it and parse it in json type and store in array.
After that, use two nested "For each" actions in logic app to loop the two array and compare them. Then we can get the result which you want.
Update 2:
I'm looking to proxy requests to https://directline.botframework.com for specific consumers but only allow them to use the proxy for a specific bot:
consumers -> my.proxy.com -> directline.botframework.com
I read in another post "the Direct Line secret or token that you specify in the Authorization header of the request is used to identify the bot that the request should be directed to"
I'm unable to find any documentation on the syntax of tokens but examples appear to follow a certain pattern of 11 chars followed by period...:
Authorization: Bearer RCurR_XV9ZA.cwA.BKA.iaJrC8xpy8qbOF5xnR2vtCX7CZj0LdjAPGfiCpg4Fv0y8qbOF5xPGfiCpg4Fv0y8qqbOF5x8qbOF5xn
Are any of these fields(?), e.g. first 11 characters before first period, a unique identifier for a bot that I could use to filter requests on?
If you decode the bearer token you can get the app id. I just tested this with jwt.io and was able to see my correct app id.
You can probably find a library that you can use to do this for you to get the app id, but I do not know one off hand. If you have access to the whole request another option would be to parse the activity for the bot id ( in c# activity.recipient.id or activity.from.id depending on direction) and use this data to whitelist somehow. This is a fairly unique case so I do not have any examples of this.
Update: Having my own OAuth server:
Thanks for sharing the step-by-step instructions link. Also, I don't have firebase hosting.
Following is my understanding, please correct me wherever I am wrong:
Approach 1
I will need to activate firebase hosting and build 2 endpoints. One for authorization exchange and another for token exchange.
I will need to use an OAuth server. Let say: ory-hydra and configure it with the endpoints I created in firebase. Or AWS Lambda.
Host the OAuth (ory-hydra) server somewhere on the internet.
Use these endpoints on actions on google and make a simple webpage where users will be redirected to authenticate.
Approach 2
I will need to activate firebase hosting and build 2 endpoints. One for authorization exchange and another for token exchange.
Use the firebase functions to implement OAuth and token endpoints. (I am not sure how to do this and if its possible)
Use these endpoints on actions on google and make a simple webpage where users will be redirected to authenticate.
Please correct me if I am wrong.
Update: After making the following changes:
Changed the authorization URL to:
https://accounts.google.com/o/oauth2/v2/auth
Changed the authorization type to Implicit.
Now, I am getting the authorization URL in the debug section, and I am able to authorize by pasting that URL in another tab.
However, I am still facing issues in getting user information. I have following code in the input.welcome intent:
'input.welcome': () => {
// Use the Actions on Google lib to respond to Google requests; for other requests use JSON
if (requestSource === googleAssistantRequest) {
sendGoogleResponse('Hello, Welcome to my First Fulfillment agent!'); // Send simple response to user
app.askForSignIn();
let displayName = app.getUserName().displayName;
console.log(displayName)
}
All I am getting is Null in the debug logs.
Previous Question I am trying to get user's information in the google action intent. Following is what I did:
1.) Created an OAUTH key for my project from google developer console. https://console.developers.google.com/apis/dashboard?project=.
2.) Logged into console.actions.google.com and clicked on Account Linking.
3.) Entered the information. Please refer the screenshot to see the information I entered.
4.) In my 'input.welcome' intent added following code:
app.askForSignIn();
Now in the simulator, I am getting: "It looks like your my test app account is not linked yet." I have also checked sign-in required for my intent from the dialog flow UI.
Previous question
I am trying to send an email from my google assistant conversational bot. I am able to send emails to using nodemailer. However, I am not able to get the user email address.
Following is my code to send email:
var transporter = nodemailer.createTransport({
service: 'gmail',
auth: {
user: 'My-Email',
pass: 'My-Pass',
}
});
var mailOptions = {
from: 'Sender-Email',
to: 'Receiver-Email',
subject: 'Requested Information',
text: 'Your information is here'
};
function sendEmail(){
transporter.sendMail(mailOptions, function(error, info){
if (error) {
console.log(error);
} else {
console.log('Email sent: ' + info.response);
}
});
}
And finally, I am calling it in the action intent:
'input.sendmail': () => {
sendEmail();
},
Till this point I am able to send emails when someone says, send email to my google assistant action.
After this, I tried to get the user's email address using the following methods:
const app = new DialogflowApp({request: request, response: response});
console.log(app.getUserName())
console.log(app.getUser().userName)
console.log(app.getUser().userId)
But none of them gave me user's information. Instead, I am getting following information in the dialogflow console log:
{
userStorage: '{"data":{}}',
lastSeen: '2018-03-05T10:18:17Z',
locale: 'en-US',
userId: 'ABadfdfrffsdffNa0H4hlCy_eyZmVNa8LweMJMCyirUg-
qAx8FHwvSI49QurUhxhgLsT6IUU4nGfF1',
user_id: 'ABerysteui4hlCy_eyZmVNa8LweMJMCyirUg-
qAx8FHwvSI49QurUhxhgLsT6IUU4nGfF1',
access_token: undefined,
userName: null
}
I tried to google this issue and it seems I will need to follow [1], not sure though.
I will appreciate if someone can tell me if [1] is the correct guide to follow, or I will need to something else?
Thanks!
[1] https://developers.google.com/actions/identity/account-linking
That is correct. For security and privacy purposes, there is no way to get the email address associated with the account used to setup the Assistant account.
The correct way to go about this would be to implement account linking. With this, you would create an account on your system and, as part of that account, get the user's email address (typically via an app or webapp). The account linking would then connect your account to the Assistant's account and, when they use that account to access your Action, you'd be sent an access token which you can use to identify which of your accounts this is. You can then get the user's information from your account info.
When the user is prompted to link their account for the first time, Google Home users will get an activity card on the Google Home app on their phone which will direct them to your auth page. From a mobile device, it should open in the Assistant directly.
If you do not already have accounts or a login page, you should be able to build this with Firebase Authentication and the Google auth provider.
Update for clarity: To be clear - just linking your account to their Assistant account won't automatically give you the information about their Assistant account. You can get their email address (your original request) when they setup the account with you by requesting the profile scope as part of the OAuth. You can then use the information you've collected about them when you know they have connected to you via the Assistant.
In your updated question, you're trying to get their name after they have logged in through the Assistant. If all you wanted was their name, you could have asked for permission to get this without requiring Account Linking or login. (Or, as noted above, you could have asked for this when they created the account with you.)
Update (Based on your question about OAuth)
Two things to your update.
Being prompted "It looks like your account isn't linked yet" is normal. You'll need to use the URL provided in the response tab to continue the account linking.
More significantly, however, it doesn't sound like you've setup an OAuth server - just that you're trying to configure things. The screen shot make it look like you're just using the URL that is supposed to be to respond with auth tokens - not where the system will go to request them. Make sure you have read the documentation at https://developers.google.com/actions/identity/account-linking to see what values should be in the configuration and what other tasks you need to do.
Update based on your comment that you need an OAuth server.
Yes, you need an OAuth server. You cannot just use Google's, even if you just want your users to log into their Google account.
There are quite a few OAuth servers available, however a google search for "open source openid connect server" or "open source oauth server" shows some promising results.
Additionally, Google gives you step-by-step instructions on what it is expecting for an OAuth server it connects to. So you would need to
Implement a way for a user to create and log into an account on your service and
Implement the OAuth exchange protocols as Google has described (I suggest the Auth Code Flow method).
You do not need your own domain - you can implement both of these through Firebase Functions and Firebase Hosting which includes a SSL certificate for a hostname for your project.
Update addressing your possible approaches to implementing an OAuth2 server.
First of all - you don't need to use Firebase Hosting and/or Firebase Functions for anything. They're just an option that provide you a valid HTTPS endpoint.
Approach 1 - use an external package such as ory-hydra
I'm not sure what the point of the Firebase Hosting would be in your example. The auth exchange endpoint and token exchange endpoint are exactly what the OAuth2 server is there to do.
I don't know much about ory-hydra, but it certainly seems a reasonable solution. You would need to host it somewhere (AWS, Google Compute Engine, or other hosting provider that would work with it), but it should provide the endpoints you need. From a quick reading of ora-hydra, you will need to provide an account backend of some sort and a way for your users to login to that account.
Approach 2 - implement using Firebase
You have this completely correct. It is fairly straightforward (not necessarily easy - but straightforward) to do a simple OAuth2 implementation with Firebase Cloud Functions combined with a login page hosted on Firebase Hosting that uses Firebase Authentication for the login.
Which approach you take is up to you. Using an existing solution is certainly easier, hopefully more reliable and secure, and will let you focus on the Action more itself, but may still require a lot of integration work. Implementing an OAuth2 server will give you a better understanding of OAuth2, but runs a higher risk of problems.
I am able to make it work after a long time. We have to enable the webhook first and we can see how to enable the webhook in the dialog flow fulfillment docs If we are going to use Google Assistant, then we have to enable the Google Assistant Integration in the integrations first. Then follow the steps mentioned below for the Account Linking in actions on google:-
Go to google cloud console -> APIsand Services -> Credentials -> OAuth 2.0 client IDs -> Web client -> Note the client ID, client secret from there -> Download JSON - from json note down the project id, auth_uri, token_uri -> Authorised Redirect URIs -> White list our app's URL -> in this URL fixed part is https://oauth-redirect.googleusercontent.com/r/ and append the project id in the URL -> Save the changes
Actions on Google -> Account linking setup 1. Grant type = Authorisation code 2. Client info 1. Fill up client id,client secrtet, auth_uri, token_uri 2. Enter the auth uri as https://www.googleapis.com/auth and token_uri as https://www.googleapis.com/token 3. Save and run 4. It will show an error while running on the google assistant, but dont worry 5. Come back to the account linking section in the assistant settings and enter auth_uri as https://accounts.google.com/o/oauth2/auth and token_uri as https://accounts.google.com/o/oauth2/token 6. Put the scopes as https://www.googleapis.com/auth/userinfo.profile and https://www.googleapis.com/auth/userinfo.email and weare good to go. 7. Save the changes.
In the hosting server(heroku)logs, we can see the access token value and through access token, we can get the details regarding the email address.
Append the access token to this link "https://www.googleapis.com/oauth2/v1/userinfo?access_token=" and we can get the required details in the resulting json page.
`accessToken = req.get("originalRequest").get("data").get("user").get("accessToken")
r = requests.get(link)
print("Email Id= " + r.json()["email"])
print("Name= " + r.json()["name"])`
I have user id's of very few instagram public accounts . All I need to do is to get the follower count information of those accounts . In the developer page they are talking about building an app and authorizing it with the users and getting some tokens and then getting the permitted information from that account . How can I get the follower count of those accounts ? Is it possible to get it without authorization from that account? What if I want to get more information like the media and likes etc?( I couldn't find many pointers in this direction)
In my practice I have not seen any api, that will provide you user personal info without token, instagram too. So you must to create login via instagram, where you will ask about some permissions from user, then if user will provide them you will be able to make requests with token and simply get media information, likes and followers. The only question is to ask user about this all permissions. It's no so hard, you need to do something like this
1.Get user token https://www.instagram.com/oauth/authorize/?client_id=377e67cfbfe840e19a903aa5ea8dbe10&redirect_uri=http://127.0.0.1/&response_type=token&scope=likes+comments+relationships+public_content+follower_list
2. then do requests, for example '/users/self/media/liked', to request this you need to provide access_token which you received in first step and signature.
Like a little example, you can try to look at this code https://github.com/zhorzhz/instagram_api.git. There you will find steps which I said and also some more request examples.
Hope it will help you
I want to retrieve a list of recent photos with a given tag to display on a website in a very simple gallery.
For that, the doc says I need an access token. However, it seems that the only way to authenticate against Instagram is through OAuth; which involves sending the user to instagram and allowing my application access to their basic data. However, I don't want my users to do anything; I'd like my application to authenticate against Instagram for me and then retrieve the data I want.
Sounds simple, but all online documentation seems to end up in "Redirect your user to...". And I find no sensible ways to do this programatically; it's all about sending users away, letting them authenticate, and then receiving the access token afterwards. I could of course scrape the HTML, parse the forms (for example, the unique-per-session csrfmiddlewaretoken field which needs to be posted along with login requests etc) and let my server side application pretend to be my own user and login/authorize the app, but that doesn't seem like the way to go.
I could also just authenticate manually in the browser, pick up the auth token and paste into my application; but as the doc says: "do not assume your access_token is valid forever." - so I'd like this to be fully automated.
If I try to create a WebClient and POST to https://www.instagram.com/oauth/authorize/?client_id={clientId}&redirect_uri={redirectUri}&response_type=code&scope=basic it just returns a 403 Forbidden which is of no use. (For what it's worth, I'm using C# and have found instasharp, but this problem is not tied to any given platform...)
Am I completely overlooking something, or am I right that server side authentication against Instagram has become really complicated? Most other social media platform API's I've touched lets me get some form of authentication token just by posting a combination of the application id and secret.