I'm actually implementing Social sharing in my project, so i am doing google+ sharing. While posting message to Google+ using nodejs,I'm getting 403 forbidden error do i need to configure anything on google+ account so that posted message is seen at google+
var params = { "object": {
"originalContent": "hello"
},
"access": {
"items": [
{
"type": "mycircle"
}
],
"domainRestricted": true
}
};
var headers = {
Authorization: 'Bearer ' + google_access_token
};
request.post(shareApiUrl, {
url: 'https://www.googleapis.com/plusDomains/v1/people/{{userid}}/activities',
headers: headers,
body: params,
json: true
}, function (err, response, body) {
console.log(body)
)}
Error Description:
{
"error": {
"errors": [
{
"domain": "global",
"reason": "forbidden",
"message": "Forbidden"
}
],
"code": 403,
"message": "Forbidden"
}
}
For Posting a feed/or message we should have Google Apps account, but it is impossible with regular GMail account, or your Apps admin hasn't enabled Google+ for the Apps domain.
Related
I'm trying to get the userId during the Alexa Discovery.
This param is not provided by Alexa SmartHome skill (unlike how an Alexa Custom Skill does), so I'm trying to get it using the access token.
This is an example of Alexa.Discovery request:
{
"directive": {
"header": {
"namespace": "Alexa.Discovery",
"name": "Discover",
"payloadVersion": "3",
"messageId": "1bd5d003-31b9-476f-ad03-xxxx"
},
"payload": {
"scope": {
"type": "BearerToken",
"token": "eyJraWQiOiJGcSt4RDQyZDdxxxx..."
}
}
}
}
In other answers ( such as this Logon with Amazon for Alexa Skills (LWA) ) the token in the payload is used to retrieve user profile through the https://api.amazon.com/user/profile endpoint.
My request is like:
var config = {
method: 'get',
url: 'https://api.amazon.com/user/profile',
headers: {
'Authorization': 'Bearer eyJraWQiOiJGcSt4RDQyZDdxxxx...'
}
};
Every time I get an error 400
{
"error_description": "The request has an invalid parameter : access_token",
"error": "invalid_token"
}
I'm sure that the token is still valid when I execute the request.
My skill uses account linking and my oauth provider is Amazon Cognito.
Any idea?
I am running into an issue with posting a json doc via request from my nodeJs app.
The problem is for me how to pass the json doc to post. Here is what works for me
const options = {
url: 'http://localhost/message/send/981f1507-2df2-4011-8f55-5460897fcde6',
method: 'POST',
json: true,
body: { "message": {
"subject": "Meet for lunch?",
"body": {
"contentType": "html",
"content": "</p>\r\n\r\n<ul type=\"disc\">\r\n\t<li><strong>Ready to Use Experiences</strong> – Get instant access to our fully configured and integrated environments allowing you to use and experience the products as a customer would in their own deployment. We’ve set up the products alongside partner solutions so you can experience the entire ecosystem including Office 365, Salesforce, and more. </li>\r\n</ul>"
},
"toRecipients": [
{
"emailAddress": {
"address": "test#ueser.com"
}} ]}}}
request(options, function(err, res, body) {
console.log(res.statusCode)
})
the problem i have is if i want to pass the body from a string like this
var mybody = `{ "message": {
"subject": "Meet for lunch?",
"body": {
"contentType": "html",
"content": "This is a test"
},
"toRecipients": [
{
"emailAddress": {
"address": "test#user.com"
}
}]}}`
and then call it like this
const options = {
url: 'http://localhost/message/send/981f1507-2df2-4011-8f55-5460897fcde6',
method: 'POST',
json: true,
body: mybody
}
request(options, function(err, res, body) {
console.log(res.statusCode)
})
which throws errors like
SyntaxError: Unexpected token " in JSON at position 0
Have you tried using stringify? Node.js has a a built in module called querystring.
const querystring = require("querystring");
const myStringBody = querystring.stringify(myBody);
Then write it to your request.
req.write(myStringBody);
I have successful setup the elasticsearch x-pack security. And I am planning to use the generated token to limit requests.
I generated token following this page:
https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-tokens.html
And tested it in curl:
curl -H "Authorization: Bearer k7vvAiCHUtrYVNNuLFPv***************EOIXQi+L7FevycU=" http://localhost:9200/plugin/database/_search?q=*:*
It is working well. But when I try to use the same token in my node.js controller (using elasticsearch.js), I do not know where I should put it, for instance in "client.index":
return client.index({
index: indexName,
type: typeName,
body: {
authorization: "Bearer k7vvAiCHUtrYV*****XQi+L7FevycU=",
workspace: content
}
});
It does not work, and returning error msg:
<- 401
{
"error": {
"root_cause": [
{
"type": "security_exception",
"reason": "missing authentication token for REST request [/plugin/database]",
"header": {
"WWW-Authenticate": "Basic realm=\"security\" charset=\"UTF-8\""
}
}
],
"type": "security_exception",
"reason": "missing authentication token for REST request [/plugin/database]",
"header": {
"WWW-Authenticate": "Basic realm=\"security\" charset=\"UTF-8\""
}
},
"status": 401
}
So how should I pass this generated token in my node.js request to elasticsearch?
i am using the atlassian-connect-express toolkit for creating Atlassian Connect based Add-ons with Node.js.
It provides Automatic JWT authentication of inbound requests as well as JWT signing for outbound requests back to the host.
The add-on is authenticated when i install it in the JIRA dashboard and return the following pay-load:
{ key: 'my-add-on',
clientKey: '*****',
publicKey: '********'
sharedSecret: '*****'
serverVersion: '100082',
pluginsVersion: '1.3.491',
baseUrl: 'https://myaccount.atlassian.net',
productType: 'jira',
description: 'Atlassian JIRA at https://myaccount.atlassian.net ',
eventType: 'installed' }
But i am not able to authenticate the JIRA Rest Api with the JWT token generated by the framework. It throws below error message.
404 '{"errorMessages":["Issue does not exist or you do not have permission to see it."],"errors":{}}'
below is the code when i send a GET request:
app.get('/getissue', addon.authenticate(), function(req, res){
var request = require('request');
request({
url: 'https://myaccount.atlassian.net/rest/api/2/issue/ABC-1',
method: 'GET',
}, function(error, response, body){
if(error){
console.log("error!");
}else{
console.log(response.statusCode, body);
}
});
res.render('getissue');
});
Below is the code for my app descriptor file:
{
"key": "my-add-on",
"name": "Ping Pong",
"description": "My very first add-on",
"vendor": {
"name": "Ping Pong",
"url": "https://www.example.com"
},
"baseUrl": "{{localBaseUrl}}",
"links": {
"self": "{{localBaseUrl}}/atlassian-connect.json",
"homepage": "{{localBaseUrl}}/atlassian-connect.json"
},
"authentication": {
"type": "jwt"
},
"lifecycle": {
"installed": "/installed"
},
"scopes": [
"READ",
"WRITE"
],
"modules": {
"generalPages": [
{
"key": "hello-world-page-jira",
"location": "system.top.navigation.bar",
"name": {
"value": "Hello World"
},
"url": "/hello-world",
"conditions": [{
"condition": "user_is_logged_in"
}]
},
{
"key": "getissue-jira",
"location": "system.top.navigation.bar",
"name": {
"value": "Get Issue"
},
"url": "/getissue",
"conditions": [{
"condition": "user_is_logged_in"
}]
}
]
}
}
I am pretty sure this is not the correct way i am doing, Either i should use OAuth. But i want to make the JWT method for authentication work here.
Got it working by checking in here Atlassian Connect for Node.js Express Docs
Within JIRA ADD-On Signed HTTP Requests works like below. GET and POST both.
GET:
app.get('/getissue', addon.authenticate(), function(req, res){
var httpClient = addon.httpClient(req);
httpClient.get('rest/api/2/issue/ABC-1',
function(err, resp, body) {
Response = JSON.parse(body);
if(err){
console.log(err);
}else {
console.log('Sucessful')
}
});
res.send(response);
});
POST:
var httpClient = addon.httpClient(req);
var postdata = {
"fields": {
"project":
{
"key": "MYW"
},
"summary": "My Story Name",
"description":"My Story Description",
"issuetype": {
"name": "Story"
}
}
}
httpClient.post({
url: '/rest/api/2/issue/' ,
headers: {
'X-Atlassian-Token': 'nocheck'
},
json: postdata
},function (err, httpResponse, body) {
if (err) {
return console.error('Error', err);
}
console.log('Response',+httpResponse)
});
You should be using global variable 'AP' that's initialized by JIRA along with your add-on execution. You may explore it with Chrome/Firefox Debug.
Have you tried calling ?
AP.request(..,...);
instead of "var request = require('request');"
You may set at the top of the script follwing to pass JS hinters and IDE validations:
/* global AP */
And when using AP the URL should look like:
url: /rest/api/2/issue/ABC-1
instead of:
url: https://myaccount.atlassian.net/rest/api/2/issue/ABC-1
My assumption is that ABC-1 issue and user credentials are verified and the user is able to access ABC-1 through JIRA UI.
Here is doc for ref.: https://developer.atlassian.com/cloud/jira/software/jsapi/request/
Using google API
function googleLogin(req, res, next) {
var google = require('googleapis');
var plus = google.plus('v1');
SCOPES = 'https://mail.google.com';
var OAuth2 = google.auth.OAuth2;
var oauth2Client = new OAuth2(
'215995260545-6rp2pg69olionsiugudcl4fni3o36ap9.apps.googleusercontent.com',
'xxxxxxxxxxxxxxxxxxxxxxxx',
'https://developers.google.com/oauthplayground'
);
oauth2Client.setCredentials({
access_token: req.query.ac_token,
refresh_token: req.query.rf_token
});
plus.people.get({
userId: 'me',
auth: oauth2Client
}, function(err, response) {
if (err) console.log(err);
console.log(response);
});
}
When I run this code, I am getting the error like **insufficient permission**. Am I wrong anywhere??
"code": 403,
"errors": [
{
"domain": "global",
"reason": "insufficientPermissions",
"message": "Insufficient Permission"
}
]
How can I solve this problem?? I have also referred the Gmail API scopes.
The main part of your problem is that you are using the wrong endpoint https://developers.google.com/oauthplayground is not something you can use to my knowlage
How you should be doing it
try adding the following scope
profile - View your basic profile info
You also shouldnt have to go though the google+ api you may be able to request the info from the userinfo endpoint but it depends on what info you are after
https://www.googleapis.com/oauth2/v3/userinfo?access_token=XXX
UserInfo Response
{
"family_name": "Lawton",
"name": "Linda Lawton",
"picture": "https://lh5.googleusercontent.com/-a1CWlFnA5xE/AAAAAAAAAAI/AAAAAAAAl1I/UcwPajZOuN4/photo.jpg",
"locale": "en",
"gender": "female",
"link": "https://plus.google.com/+LindaLawton",
"given_name": "Linda",
"id": "117200475532672775346"
}
People api request
https://www.googleapis.com/plus/v1/people/me
Response
{
"braggingRights": "Extreme Beekeeper first to recorded an Hive inspection using Google Glass with out a veil on.",
"image": {
"url": "https://lh5.googleusercontent.com/-a1CWlFnA5xE/AAAAAAAAAAI/AAAAAAAAl1I/UcwPajZOuN4/photo.jpg?sz=50",
"isDefault": false
},
"id": "117200475532672775346",
"objectType": "person",
"verified": false,
"tagline": "Google Developer Expert 2014 - 2017",
"etag": "\"ucaTEV-ZanNH5M3SCxYRM0QRw2Y/0gZZ-LRb-PWLjbw12lr-IOAearE\"",
"circledByCount": 2514,
"occupation": "Google Developer Expert, BIA Developer at Targit",
..... Lots of stuff here ...
}
You should try testing using the Oauth playground