I am trying to implement Plaid using the sample code provided on the Java Quickstart [sandbox] and am getting issues when I show the Plaid Dialog (javascript). I am able to successfully get a link_token, but I'm never able to show the dialog. It spins for a brief second, then shows me:
oauth uri does not contain a valid oauth_state_id query parameter. Request ID: DBoT92FCo8AORay
I have tried this with an empty redirectUri, as well as "http://localhost:8080/plaid_test.html", which is registered in my developer account.
I am a bit stuck and hoping someone can direct me in the right direction. I've tested with both versions 9.10.0 and the latest (11.9.0).
Curiously, I am able to get the Java Quickstart working directly, but ONLY if I leave the .env PLAID_REDIRECT_URI blank. If I put localhost in there, it fails when trying to get the link token.
Does anyone have any suggestions on how to overcome this setup issue?
Thank you!
I got this error (oauth uri does not contain a valid oauth_state_id query parameter) while creating a new test application in Plaid's Sandbox environment.
Important note: My application does not use OAuth.
The problem turned out to be, in my configuration parameters being passed to usePlaidLink, I was including a receivedRedirectUri key-value pair. Removing that key-value pair entirely resolved the issue for me.
In other words, my React component looked something like:
import { usePlaidLink } from 'react-plaid-link';
function PlaidLink(props) {
const onSuccess = React.useCallback((public_token, metadata) => {
// ...
});
const config = {
token: props.linkToken,
receivedRedirectUri: window.location.href,
onSuccess,
};
const { open, ready } = usePlaidLink(config);
// ...
}
Removing the line with the receivedRedirectUri was the solution for me, getting me past the oauth uri does not contain a valid oauth_state_id query parameter error, and getting the Plaid Link UI to appear in my app successfully.
This Plaid article, which has a number of mentions of "OAuth state ID" (as mentioned in the error message), helped point me toward this solution.
The issue may be the location you are trying to use -- unless you have manually modified the ports or other code used by the Quickstart, you should use http://localhost:3000/ as the PLAID_REDIRECT_URI (make sure to add this to your Dashboard as an allowed redirect URI). When I tried this just now on the Java quickstart (non-Docker version) it worked fine.
Related
I am writing an application in Java that works with the Spotify Web API to get the album artwork of the currently playing album (and maybe other stuff in the future, hence the long list of scopes). Per Spotify's guide, I have to use callbacks in order to get the access token. However, when using the authorization link, Spotify gives me the following intensely helpful and insightful error message.
Spotify Error Message
The code I am using to call open a window is
if(Desktop.isDesktopSupported())
{
String url = "https://accounts.spotify.com/authorize/";
url += "client_id="+SpotifyClientID;
url += "&response_type=code";
url += "&redirect_uri=http%3A%2F%2Flocalhost%3A8888%2Fcallback%2F";
url += "&state="+state;
url += "&scope=playlist-read-private%20playlist-read-collaborative%20user-library-read%20user-read-private%20user-read-playback-state%20user-modify-playback-state%20user-read-currently-playing";
Desktop.getDesktop().browse(new URI(url));
}
Similar questions have been asked, and their issue was their callback URL was not whitelisted; however, I went to the Spotify Dashboard and made SURE http://localhost:8888/callback/ was whitelisted. I've tried using 'http://localhost:8888/callback/' directly in the URL, and I've also tried HTML escaping it, so that it becomes 'http%3A%2F%2Flocalhost%3A8888%2Fcallback%2F' as shown in the code above. Can anyone give me an insight as to why the error message appears instead of the login page?
Figured it out myself. Turns out, I am awesome at links. /s Changed the last '/' in "https://accounts.spotify.com/authorize/" into a '?' so that it would actually receive the parameters I was passing it and it worked perfectly.
As the title states it, I want to access the bitbucket API from a native Java Desktop Application. Bitbucket requires Applications to use OAuth2, and for that I found that Oltu should do the job.
However, my knowledge of OAuth is very limited and so I am stuck at a very early point. Here is what I did so far:
Step 1: I registered an OAuth Consumer with my Bitbucket Account with the following details:
Name: jerseytestapp
Description:
CallbackURL: http://localhost:8080/
URL:
Question 1: Could I automate this step?
Step 2: I ran the following Java code:
package jerseytest;
import org.apache.oltu.oauth2.client.request.OAuthClientRequest;
import org.apache.oltu.oauth2.common.exception.OAuthSystemException;
public class BitbucketJersey {
public static void main(String[] args) {
OAuthClientRequest request;
try {
request = OAuthClientRequest
.authorizationLocation("https://bitbucket.org/site/oauth2/authorize")
.setClientId("jerseytestapp")
.setRedirectURI("http://localhost:8080")
.buildQueryMessage();
System.out.println(request.getLocationUri());
} catch (OAuthSystemException e) {
e.printStackTrace();
}
}
}
Step 3: I received the following locationURI and opened in Firefox
https://bitbucket.org/site/oauth2/authorize?redirect_uri=http%3A%2F%2Flocalhost%3A8080&client_id=jerseytestapp
Question 2: Do I need to use the browser or can I do this from the java application?
I receive the following answer message in Firefox:
Invalid client_id
This integration is misconfigured. Contact the vendor for assistance.
Question 3: What would be the correct next steps, and what is wrong with my approach?
Answer 1: You can automate the creation of OAuth Consumers, but you probably don’t want to.
Bitbucket provides documentation on how to create a consumer through their APIs, although the documentation is lacking many pertinent fields. Even so, you could still craft an HTTP request programmatically which mimics whatever Bitbucket's web interface is doing to create consumers. So yes, it could be automated.
Here's why you probably don't want to. In your case, you have three things that need to work together: your application, the end user, and Bitbucket. (Or in terms of OAuth jargon for this flow, those would be the client, resource owner, and authorization server, respectively.) The normal way of doing things is that your application is uniquely identified by the OAuth Consumer that you’ve created in your account, and all usages of Bitbucket by your application will use that single OAuth Consumer to identify your application. So unless you’re doing something like developing a Bitbucket application that generates other Bitbucket applications, you have no need to automate the creation of other OAuth Consumers.
Answer 2: You can authorize directly from your Java application.
Bitbucket states that it supports all four grant flows/types defined in RFC-6749. Your code is currently trying to use the Authorization Code Grant type. Using this grant type WILL force you to use a browser. But that’s not the only problem with this grant type for a desktop application. Without a public webserver to point at, you will have to use localhost in your callback URL, as you are already doing. That is a big security hole because malicious software could intercept traffic to your callback URL to gain access to tokens that the end user is granting to your application only. (See the comments on this stackoverflow question for more discussion on that topic.) Instead, you should be using the Resource Owner Password Credentials Grant type which will allow you to authenticate a Bitbucket’s username and password directly in your application, without the need of an external browser or a callback URL. Bitbucket provides a sample curl command on how to use that grant type here.
Answer 3: The correct next steps would be to model your code after the following sample. What is wrong with your approach is that you are trying to use a grant type that is ill-suited to your needs, and you are attempting to use your OAuth Consumer's name to identify your application instead of your Consumer's key and secret.
The following code sample successfully retrieved an access token with my own username/password/key/secret combination, whose values have been substituted out. Code was tested using JDK 1.8.0_45 and org.apache.oltu.oauth2:org.apache.oltu.oauth2.client:1.0.0.
OAuthClientRequest request = OAuthClientRequest
.tokenLocation("https://bitbucket.org/site/oauth2/access_token")
.setGrantType(GrantType.PASSWORD)
.setUsername("someUsernameEnteredByEndUser")
.setPassword("somePasswordEnteredByEndUser")
.buildBodyMessage();
String key = "yourConsumerKey";
String secret = "yourConsumerSecret";
byte[] unencodedConsumerAuth = (key + ":" + secret).getBytes(StandardCharsets.UTF_8);
byte[] encodedConsumerAuth = Base64.getEncoder().encode(unencodedConsumerAuth);
request.setHeader("Authorization", "Basic " + new String(encodedConsumerAuth, StandardCharsets.UTF_8));
OAuthClient oAuthClient = new OAuthClient(new URLConnectionClient());
OAuthResourceResponse response = oAuthClient.resource(request, OAuth.HttpMethod.POST, OAuthResourceResponse.class);
System.out.println("response body: " + response.getBody());
Your main problem was that you were giving the customer name instead of the client id:
.setClientId("jerseytestapp")
The only way to get the client id that I know of is to query:
https://bitbucket.org/api/1.0/users/your_account_name/consumers
However, even then it was still not working so I contacted bitbucket support. It turned out that the documentation is misleading. You actually need to use the client key instead.
.setClientId("ydrqABCD123QWER4567") // or whatever your case might be
https://bitbucket.org/site/oauth2/authorize?client_id=client_key&response_type=token
I have been trying for months to get access to a certain api (which has almost no documentation) to work using signpost. The api has oauth 2.0 authentication. The problem is that I have never used oauth before. But I have spent a long time reseaching so I think I have a functional understanding of how it works. I thought that using the handy singpost api it wouldn't be too much trouble to hack through it, but alas I have encountered a wall. The api docs are here:
https://btcjam.com/faq/api
It gives three URLs that are needed for the oauth authentication, which I am writing as java here for consistency with some code below:
String Authorization= "https://btcjam.com/oauth/authorize";
String Token ="https://btcjam.com/oauth/token";
String Applications = "https://btcjam.com/oauth/applications";
I have an application with a name, key, and secret. I also have set my callback URL to be the localhost, i.e.
http://localhost:3000/users/auth/btcjam/callback.
Now, as I am reading the signpost docs, it tells me that in order to request an access token, I need to do something like the following:
OAuthProvider provider = new DefaultOAuthProvider(
REQUEST_TOKEN_ENDPOINT_URL, ACCESS_TOKEN_ENDPOINT_URL,
AUTHORIZE_WEBSITE_URL);
String url = provider.retrieveRequestToken(consumer, CALLBACK_URL);
However, I am unsure exactly what to put for the URL's in these various spots, and I am getting errors. The problem is that The names of the URLs required above do not correspond to the URLs given. The "authorization" and "callback" URLs seem to match up nicely, but I am not sure how the URLs "REQUEST_TOKEN_ENDPOINT_URL" and "ACCESS_TOKEN_ENDPOINT_URL" required in the signpost docs correspond to the URLs given by the api docs on the serverI am trying to access. Of course, there are only two possible permutations, but when I try them both I get two different errors:
"Authorization failed (server replied with a 401). This can happen if the consumer key was not correct or the signatures did not match."
"Communication with the service provider failed: URLDecoder: Illegal hex characters in escape (%) pattern - For input string: " 1""
Could someone please help explain what might be going on here? Am I very close to getting this to work or do I have to take a bunch of steps back?
Any help is much appreciated.
Thanks,
Paul
I am trying to post to Facebook using Graph API and one of the parameters on that is link.
Example URL:
https://graph.facebook.com/me/feed?access_token=Xxxx&message=&link=http://something/token/123456B&description=test
Every time the link changes the posting fails the first time. If I retry twice or thrice the call works.
Here is the error I am getting :
{"error":{"message":"Call to a member function getImageInfo() on a non-object","type":"BadMethodCallException"}}
This used to work just fine but suddenly stopped working 2 days ago.
The link always changes for us and such its breaking all the posts.
Did anything change with the API recently with Facebook ? Any help will be highly appreciated
well i fixed...i think...
in the url link, the meta og:image it can't be empty as '' and the link must be absolute. if the link don't have an image, don't put the meta. by the way i update the app at the fb app panel to February 2013 Breaking Changes to activate.
I have the same problem in iOS development, response from server:
"com.facebook.sdk:HTTPStatusCode" = 500;
"com.facebook.sdk:ParsedJSONResponseKey" = {
body = {
error = {
message = "Call to a member function getImageInfo() on a non-object";
type = BadMethodCallException;
};
};
code = 500;
};
How can help? :)
I had the same issue and just managed to fix it.
Was an issue with the og:image element in the page header of the URL.
My image link was relative to the website but I changed it to absolute and all seems to work now.
<meta property="og:image" content="{should be absolute url here}" />
It seems to be up and down today. It is fine sometimes, but most of the time it doesn't work.
This seems to be a Facebook backend error message issue. You should consider reporting this error message and behavior at Facebook Developers Bug Reporting System
My problem is I get error while trying to get request token from Yahoo. The error says Im missing oauth_callback parameter and yes I miss it because I dont need it. Ive read I need to set it to "oob" value if I dont want to use it(desktop app). And I did that but to no avail. If I set it to null the same happens. Im using OAuth for java: http://oauth.googlecode.com/svn/code/java/core/
OAuthServiceProvider serviceProvider = new OAuthServiceProvider("https://api.login.yahoo.com/oauth/v2/get_request_token",
"https://api.login.yahoo.com/oauth/v2/request_auth",
"https://api.login.yahoo.com/oauth/v2/get_token");
OAuthConsumer consumer = new OAuthConsumer("oob", consumerKey, consumerSecret, serviceProvider);
OAuthAccessor accessor = new OAuthAccessor(consumer);
OAuthClient client = new OAuthClient(new HttpClient4());
OAuthMessage response = client.getRequestTokenResponse(accessor, OAuthMessage.POST, null);
System.out.println(response.getBodyAsStream());
Have you tried using Scribe?
I also had problems with OAuth java libs so I developed that one. It's pretty much cross provider and better documented than the one you're using.
If it does not work with Yahoo you can easily extend it creating your own Provider
Hope that helps!
there is a problem in the java OAuthMassage class, I resolved it by adding to addRequiredParameters method thie line
if (pMap.get(OAuth.OAUTH_CALLBACK) == null) {
addParameter(OAuth.OAUTH_CALLBACK, consumer.callbackURL);
}
if you still have this problem I can help you: rbouadjenek#gmail.com
I haven't used that library, but it looks like it isn't properly handling the callback URL. Since OAuth 1.0a (http://oauth.net/advisories/2009-1/ and http://oauth.net/core/1.0a/), the callback URL needs to be sent in the first call to get the request token (not in the client-side call to authorise it), and it seems that this library hasn't been updated to do this (at least from looking at the code). I assume that Yahoo requires the parameter to be there.
Not sure if the original problem was ever solved, but wanted to point to a new Java OAuth SDK that Yahoo released last week:
http://developer.yahoo.net/blog/archives/2010/07/yos_sdk_for_java.html
Developers trying to access Yahoo's services via OAuth with Java may find parts of this SDK helpful.