User signup feathers-authentication with passport-facebook-token - node.js

I am trying to allow users to sign up for my service via "login with facebook".
I have already done arrow 1-2. I need to do arrows 3-6. I have made a minimal Feathersjs example at https://github.com/morenoh149/feathers-chat-facebook-signup-api
I seem to be having trouble getting feathers-authentication and passport-facebook-token to generate the User object and sign them up. I've reviewed passport-facebook-token carefully. This answer explains that in the callback to passport-facebook-token you should create the User object. How do I do this with feathers-authentication?
When I provide the token in the body
curl localhost:3030/authentication \
--data-binary '{\
"strategy": "facebook-token", \
"access_token": "<phone token>" \
}'
I get
{"name":"NotAuthenticated",
"message":"You should provide access_token","code":401,
"className":"not-authenticated",
"data":{"message":"You should provide access_token"}
when I pass the token as a header
curl localhost:3030/authentication \
-X POST \
-H "Authorization: Bearer <access token>"
I get error
{"name":"GeneralError",
"message":"Cannot read property 'toLowerCase' of undefined",
"code":500,"className":"general-error","data":{},"errors":{}}

So I downloaded and ran the repo, I used VSCode to run the app and set break points. I created a breakpoint in the before create hooks on users.
The issue here is that the gravatar hook is expected the email to be context.data but it is in fact embedded within the facebook response. You will need to look at extracting the email from that data so that you can create a gravatar or just remove the gravatar hook altogether.

Related

Retrieve Access Token for Quire API - unsupported_grant_type

I am attempting to Retrieve Access Token following the directions in the api docs (https://quire.io/dev/api/)
Example curl request
curl -H "Content-Type: application/json" -X POST -d '{"grant_type":"authorization_code","code":"my_code","client_id":"my_client_id","client_secret":"my_client_secret"}' https://quire.io/oauth/token
I only receive this response:
{"error":"unsupported_grant_type","error_description":"The supported grant types are 'authorization_code', 'refresh_token'."}
Can you see anything wrong with my curl request?
by Anderson Reinkordt
sounds like a duplicate of: Exchange Quire authorization code for access token with GM_xmlhttpRequest
Explained/accepted in this response: https://stackoverflow.com/a/58370352/4740707
Since the error message is a bit misleading please vote for:
https://github.com/quire-api/quire-api/issues/9

Line messaging API get bot profile issue

As per the LINE messaging API docs,there is API for getting user profile information. When I using that API,
curl -X GET \
-H 'Authorization: Bearer cEet0ordwd4VsUHi9jnbQuWIY+fL5RKeSGP65HEbGtGznHQ4XOaOwaTDQqwLT0bI24oFKLtMvspYvPgi4qR3Bv1oMQp+Wak2x7TRSxsL/oqQN1kIzGTk9aK4ICxU6qK4tM0KHoAkjA1ahEJSswdB04t89/1O/w1cDnyilFU=' \
https://api.line.me/v2/profile
I'm getting the following response:
{"message":null}. How can I get the bot profile information?
You will need to fulfill this conditions:
1. They have to use the latest LINE version.
2. They have to add the bot as their friend.

401 Unauthorized when trying to grab playlists using Spotify API

I've pulled a client_credentials token and while I can access other parts of the API, I can't seem to pull playlist information. It's definitely a public playlist, yet I'm getting 401 Unauthorized. Am I just misunderstanding something?
Edit
For example, this works:
puts curl -I -s -X GET "https://api.spotify.com/v1/users/#{testUser}" -H "Authorization: Bearer {#{#accessToken}}"
This does not:
puts curl -I -s -X GET "https://api.spotify.com/v1/users/#{testUser}/playlists/#{testPlaylist}?fields=href,name,owner(!href,external_urls),tracks.items(added_by.id,track(name,href,album(name,href)))" -H "Authorization: Bearer {#{#accessToken}}"
Are you sure you are sending the credentials cookie as part of your request? If you're not sure, you can use Wireshark or a similar tool to see the details of your request.
Edit: Relevant doc, but you've probably already seen this:
https://developer.spotify.com/web-api/get-playlist/

Instagram API: The access_token provided is invalid

I have registred a sandbox user. Now I am trying to use it, but I recieve "The access_token provided is invalid".
Sample request:
https://api.instagram.com/v1/users/searchq=abc&count=2&client_id=7b67cff1a7ab462881298434c08b5ab8
It was working in live mode, but I can't find why it isn't working in sandbox.
You need to check for requirements Scope for API you are using and if it's need and Authentications "Valid access Token". where also had some changes.
basic - to read a user’s profile info and media
public_content to read any public profile info and media on a user’s behalf
follower_list to read the list of followers and followed-by users
comments - to post and delete comments on a user’s behalf
relationships - to follow and unfollow accounts on a user’s behalf
likes - to like and unlike media on a user’s behalf
And take look about **Sandbox API behavior of your application not life yet :**
API Behavior
The behavior of the API when you are in sandbox mode is the same as when your app is live, but comes with the following restrictions:
Data is restricted to sandbox users and the 20 most recent media from each sandbox user
Reduced API rate limits
The first point is important and it means that the API behaves as if the only users on Instagram were your sandbox users, and the only media ever posted were the last 20 for each of these users.
For example, if you query the /users/{user-id}/ endpoint and the {user-id} is a sandbox user, then you will get the normal API response; but if the {user-id} is not a sandbox user, you will get a APINotFound error.
Good luck
For me the access token Instagram generate is too short: they gave me something like this:
d2c387d768ec4d619306807c53bbf92b
it should be:
2940736713.1677ed0.31bb22b2b0f84befacc79c6afd025134
I used this site to generate it:
http://instagram.pixelunion.net
I found it when solving the same problem with access by access_token
Here is official faq how to get access_token
You just should go through following steps (link to Instagram API documentation https://www.instagram.com/developer/authentication/):
1.Request the CODE
https://api.instagram.com/oauth/authorize/?client_id=CLIENT-ID&redirect_uri=REDIRECT-URI&response_type=code
change CLIENT_ID to you client id (you could get it here https://www.instagram.com/developer/clients/manage/ )
change REDIRECT-URI to your redirect_uri from tab security in client settings(open link above and tap to 'manage' button). I Used this one https://meyerweb.com/eric/tools/dencoder/ Encode url here and paste te result instead REDIRECT-URI
After you prepared it cope ready link to adress bar in your browser and run
2. Get the CODE
Browser ask you a premissons and redirect you to callback url with the code in the end. It will be look like this in adress bar:
http://yoursite.some/?code=d8af5619af6853d4ad11b4dd5f1ef17e
In this example your code is d8af5619af6853d4ad11b4dd5f1ef17e
Save it. You should use it in access_token request below
3. Make an access_token request
Open terminal and use curl:
curl -F 'client_id=CLIENT_ID' \
-F 'client_secret=CLIENT_SECRET' \
-F 'grant_type=authorization_code' \
-F 'redirect_uri=AUTHORIZATION_REDIRECT_URI' \
-F 'code=CODE' \
https://api.instagram.com/oauth/access_token
Change CLIENT_ID, CLIENT_SECRET, AUTHORIZATION_REDIRECT_URI and CODE to your own data and run it.
Curl return you JSON with access_token like this:
{
"access_token": "fb2e77d.47a0473320504cb3ab4a1f626d174d2d",
"user": {
"id": "1576583",
"username": "some",
"full_name": "Some",
"profile_picture": "..."
}
}
Well done! In this example fb2e77d.47a0473320504cb3ab4a1f626d174d2d is your access_token. Copy access_token value, use it in your app and enjoy you coding! :)
My issue was using v1 of Instafeed.js, rather than v2.
Once I switched to v2, everything started working.
<script src="/instafeed/dist/instafeed.min.js"></script>
<script src="https://ig.instant-tokens.com/users/.../instagram/.../token.js?userSecret=..."></script>
<div id="instafeed" class="instagram-feed">
</div>
<script>
(function(){
console.log(InstagramToken);
window.addEventListener('load', function () {
var feed = new Instafeed({
accessToken: InstagramToken,
});
feed.run();
});
})();
</script>
You haven't specified an access_token for your request.

Square Connect can't subscribe to webhook notifications

I am following the instructions here on setting up webhook notifications for Square payments. But when I execute the curl statement in step 5 to subscribe to my own merchant's payment notifications, I get the response:
{"type":"bad_request","message":"Request body is not an array of event types"}
The curl statement is
curl -X PUT -H "Authorization: Bearer MY_ACCESS_TOKEN" -d '{"event_types": ["PAYMENT_UPDATED"]}' https://connect.squareup.com/v1/me/webhooks
Did they update the event type names? I can't find any other documentation on webhooks.
Whoops! Thanks for catching this error in the blog post, which I have now corrected. The format of the curl previously shown in step 5 had two errors:
The request body should simply have been the array of desired event types, such as:
["PAYMENT_UPDATED"]
With no JSON object surrounding it. The correct format is also shown in the API documentation.
The request was missing a Content-Type: application/json header. All requests to Connect API endpoints require this header.
The correct request looks like this, with your personal access token substituted where indicated:
curl -X PUT -H "Authorization: Bearer PERSONAL_ACCESS_TOKEN" -H "Content-Type: application/json" -d "[\"PAYMENT_UPDATED\"]" https://connect.squareup.com/v1/me/webhooks

Resources