I can't upload images to my imgur account for a 400 forbidden response.
I tried many times to upload images to my Imgur account in China, but failed all the time with a 400 response. Like,
{
"data": {
"error": "These actions are forbidden."
},
"success": false,
"status": 400
}
Here is my steps,
Register an application
(1) Request https://api.imgur.com/oauth2/addclient in browser, then add a callback redirect URL.
(2) Getting client id and secret.
Do authorization and get token
In "https://api.imgur.com/oauth2", it shows three response_type like code, token, and pin.
But I can and only can use token type to get access token and refresh token directly.If I use code or pin type to do authorization and then request token with postman, got a 400 error, "These actions are forbidden."
So Here is what I request an access code using response_type with token.
(1) Enter the following URL in the web browser and allow the application to connect with my account.
https://api.imgur.com/oauth2/authorize?response_type=token&client_id=xxxx&state=state
(2) Then get access token and refresh token in the redirect URL,
https://app.getpostman.com/oauth2/callback?state=state#access_token=xxx&expires_in=315360000&token_type=bearer&refresh_token=xxx&account_username=xxx&account_id=xxx
Upload image
(1) Until now, I can simply use postman to upload an image.
(2) The relative curl command generated by postman like.
curl --request POST \
--url https://api.imgur.com/3/image \
--header 'Authorization: Bearer xxxx' \
--header 'Postman-Token: 7edabb12-7f1f-4f30-9e9b-e87ad1cae0ee' \
--header 'cache-control: no-cache' \
--header 'content-type: multipart/form-data; boundary=----WebKitFormBoundary7MA4YWxkTrZu0gW' \
--form image=#/xxx/xxx/IMG_3310.JPG
I tried to upload images with different size, in different machines, using different IP addresses in China or the USA, but failed.
I also don't know why I cann't using code or pin to exchange token.
Maybe your images are too large.
I've been trying to upload a 12MB GIF on there and it always gave back 400. Then I tried cutting it and then uploading another under 5.7MB size, and it worked.
I'd suggest looking into the territory of what imgur supports and allows as content, not just authentication and stuff.
Related
We are using Sign In with Apple. The automated token renewal has failed in the past. I want to query the Graph API for the token expiration date so it can be tracked in our monitoring system.
EDIT: After contacting Azure support, the root cause for the token failing to auto renew is that we are using a custom user flow (IEF) policy
While generating the access token, you can see an attribute called expires_in along with access token.
You can make use of below CURL script to get the Apple JWT token:
curl -v POST "https://appleid.apple.com/auth/token" \
-H 'content-type: application/x-www-form-urlencoded' \
-d 'client_id=CLIENT_ID' \-d 'client_secret=CLIENT_SECRET' \
-d 'code=CODE' \-d 'grant_type=authorization_code' \
-d 'redirect_uri=REDIRECT_URI'
You will get response like below:
{ "access_token": "adg61...67Or9",
"token_type": "Bearer",
"expires_in": 3600,
"refresh_token": "rca7...lABoQ"
"id_token": "eyJra...96sZg"}
In the above response you can find expiration time in expires_in attribute.
Otherwise, you can decode the token by using JSON Web Tokens - jwt.io site like below:
Copy the access token and paste it in encoded field.
Under payload section, you can find expiration date in exp attribute.
For more information, please refer below link:
Generate and Validate Tokens | Apple Developer Documentation
I have a token with computer vision included in the scope and audience. But when a send an OCR request it always returns "Unauthorized. Access token is missing, invalid, audience is incorrect or have expired". What is wrong with my code?
curl --location --request POST 'https://westeurope.api.cognitive.microsoft.com/vision/v3.0/ocr'
--header 'Content-Type: application/json'
--header 'Authorization: Bearer myToken'
--data-raw '{"url":"imageUrl"}'
Pls just try the request below to get an access token from Azure AD for the vision OCR service:
I have created an instance of Azure API for FHIR with an Azure FHIR proxy following this tutorial:
https://github.com/microsoft/health-architectures/tree/master/FHIR/FHIRProxy##configuration
I am able to browse to the proxy URL through a browser after being prompted to log in to view the metadata as shown below:
FHIR Meta data image
However, when trying to access it through the Postman API tool I keep getting the same error:
You do not have permission to view this directory or page.
I have tried generating an authorization Bearer token using the following:
curl --location --request GET 'https://login.microsoftonline.com/{TENANT_ID}/oauth2/token' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--form 'grant_type="client_credentials"' \
--form 'client_id="{CLIENT_ID}"' \
--form 'client_secret="{CLIENT_SECRET}"' \
--form 'resource="{MY PROXY RESOURCE ID}"'
The authorization token looks fine, but when adding it to my API call it errors as shown below:
API error image
Does anyone have any idea how I can successfully call my API with a proper authorization token that works or know a tutorial that actually explains this part of the process?
The tutorial does not give much information.
EDIT:
WWW-authenticate-header:
Bearer realm="func-fhir-proxy-2.azurewebsites.net" authorization_uri="https://login.windows.net/000000/oauth2/authorize" resource_id="0000"
Thanks
I have a problem to generate the token, use the command you passed in tutorial
curl -X POST -H "Content-Type: application/json" \
-H "Authorization: Bearer access-token" \
-d '{"foo": "bar"}' \
"https://.cloudfunctions.net/get"
When enter in my link /get return " No authorization token found." IT necessary i inform token?
https://github.com/tnguyen14/functions-datastore/
Is your access token, access-token?
A proper jwt format is something like this.
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.XbPfbIHMI6arZ3Y922BhjWgQzWXcXNrz0ogtVhfEd2o
Your http request using curl looks ok. But I doubt that access-token is a valid token. Normally there's some form of /login route you need to obtain the token, which later on should be provided using the Authorization: Bearer $TOKEN.
You can get help from https://jwt.io/ where you can specify your payload and pass the secret under VERIFY SIGNATURE to get a valid jwt token. Then you can use this in your curl requests.
I needed to access resource room's events via the Microsoft Graph API in a server-to-server environment so I followed this guide a few months ago. I created the application, set the calendar-related Application Permissions required and used an admin account to consent to the permissions successfully. Everything has been working for a good 3-4 months now without issues.
However, after not changing anything, today I am getting this response back from the /v1.0/users/{resource room email}/events endpoint:
{
"error": {
"code": "ErrorAccessDenied",
"message": "Access is denied. Check credentials and try again.",
"innerError": {
"request-id": "952955b5-562e-4fa6-8b0f-e381c8294fcd",
"date": "2017-09-06T03:09:49"
}
}
}
This appears to be a permissions issue as the /v1.0/users/{resource room email}/messages endpoint returns the resource room's messages just fine (assuming permissions are set).
If I follow the previously linked guide using CURL I can replicate the issue.
Get a token:
curl -X POST -H "Content-Type: application/x-www-form-urlencoded" \
-d 'client_id=XXXXXX-XXXX-XXXX-XXXX-XXXXXXX&scope=https%3A%2F%2Fgraph.microsoft.com%2F.default&client_secret=XXXXXXXXX&grant_type=client_credentials' \
'https://login.microsoftonline.com/{my tennant URL}/oauth2/v2.0/token'
Try and get the events:
curl -X GET -H "Authorization: Bearer {token}" 'https://graph.microsoft.com/v1.0/users/{resource room email}/events'
And I receive the same error as above.
Has something changed that I am unaware of that would break this functionality?
Thanks for your help.