I am using the mediawiki api to upload a file. I am sending a mutlipart POST request to
https://commons.wikimedia.org/w/api.php?format=json&action=upload&filename=xxx
In the header I include my Autherzation: Bearer accessToken123 and in the body I include my CSRF token, as well as my multipart file, all as per documentation.
However, the response I get from the server is the following:
{
"error": {
"code": "permissiondenied",
"info": "The action you have requested is limited to users in one of the groups: *, [[Commons:Users|Users]].",
"*": "See https://commons.wikimedia.org/w/api.php for API usage. Subscribe to the mediawiki-api-announce mailing list at <https://lists.wikimedia.org/postorius/lists/mediawiki-api-announce.lists.wikimedia.org/> for notice of API deprecations and breaking changes."
},
"servedby": "mw1448"
}
This would be quite self-explainatory by itself, however when I check my rights/groups with
https://commons.wikimedia.org/w/rest.php/oauth2/resource/profile
I get the following:
{"sub":xxxx,"username":"xxxxx","editcount":7,"confirmed_email":true,"blocked":false,"registered":"xxxx",
"groups":["*","user","autoconfirmed"],
"rights":["read","writeapi","viewmyprivateinfo","abusefilter-view","abusefilter-log","upload","upload_by_url","reupload-own","purge","reupload","autoconfirmed","editsemiprotected","skipcaptcha","abusefilter-log-detail","transcode-reset"],
"grants":["basic","uploadfile","uploadeditmovefile","privateinfo"],"realname":"","email":"xxxx"}
As you can see I am both a part of the required groups and also have the neccessairy upload right. The error message is quite clear, so I don't know what I am missing. It is not the CSRF token or access token, supplying these wrong results in a different error message. Any help is appreciated.
Well I finally figured it out: When requesting the app keys from mediawiki, you can select rights which the app has on behalf of the users. If you want to upload pictures to wikimedia commons, you do not only need the `
Interact with media: Upload new files; Upload, replace, and move
files
right, but also the
Create, edit, and move pages
right, since you are creating a new page with each upload. I hope this helps someone else in the future :`)
Related
I am trying to make a simple python script that posts a text message to a facebook page using requests.
I actually managed to succeed this feat, however, when I add the same logic to a bigger project of mine, a certain request returns a different json.
According to this page https://developers.facebook.com/docs/pages/access-tokens I can exchange the short lived user token I generate in the graph explorer tool for a long lived one that lasts 60 days. This worked for me until now. When I run the same functions, same variables on another .py file that includes other logic as well the request does not return this line:
"expires_in": SECONDS-UNTIL-TOKEN-EXPIRES
And of course later on if I continue the logic and use the token it returns (which is the same) for, let's say, a make_post function the request prints
{'error': {'message': '(#200) If posting to a group, requires app being installed in the group, and \\\n either publish_to_groups permission with user token, or both manage_pages \\\n and publish_pages permission with page token; If posting to a page, \\\n requires both manage_pages and publish_pages as an admin with \\\n sufficient administrative permission', 'type': 'OAuthException', 'code': 200, 'fbtrace_id': 'AqYMMeOcOniWAGgEEtsEURs'}
Why does it not successfully return, the user token had not expired and it has the requires rights. Furthermore I tested this in a smaller .py file and it worked.
Another thing I found out here https://developers.facebook.com/support/bugs/523165725596520/?join_id=f1ff8392b49675c here is that other people have actually reported the same issue but it has been closed as 'intended by design' however there is no information of a solution.
Running the request in my browser also does not work correctly.
Do you have any ideas? I am completely clueless.
Thank you very much in advance
As #CBroe in a comment said, the expires_in didn't have anything to do with my error. The token it returns if valid. The issue I had later on had to do with the url I was parsing
I am reading around here and I am seeing multiple messages about the /pages endpoint that is not working a expected
It seems that the OneNote APIs (MS Graph or Office365) are not returning all the pages that the user can see. In particular recent pages are not shown as available.
This message is for those of you who work for Microsoft and who keep an eye on this forum. Please if you have any explanation or workaround for this we would like to hear about it.
If this is work in progress we would also like to know when the APIs can be considered stable and reliable enough to consider them OK for production use
Update:
Permissions or scopes
scopes=[
"Notes.Read",
"Notes.Read.All",
"Notes.ReadWrite",
]
This is for a device authorization flow, the device is acting as a Microsoft Online account. The app is registered to Azure as personal app but the enterprise one does the same
The authorization process is described here
What type of app/authentication flow should I select to read my cloud OneNote content using a Python script and a personal Microsoft account?
After that I am using this endpoint to get the notebooks
https://graph.microsoft.com/v1.0/users/user-id/onenote/notebooks
from the returned json I pick the endpoint for the notebook I want to read and I access the endpoint the link stored in notebook['sectionsUrl']. This call returns a sections json
From this I pick the section I want and I access the link stored in section['pagesUrl']
Each call returns the expected info excepting the last one, when I get an arbitrary low number of pages in the section I want to explore. There is nothing wrong with the format of the info, it is just incomplete or not up to date
Not sure if this is related but when I try to access the pages in a section from MS Graph Explored I am seeing the same behavior (not all the pages are reported). This is a shared notebook and I am using the owner account for all the above so it should not be a permission problem
from msal import PublicClientApplication
import requests
endpoint= "https://graph.microsoft.com/v1.0/me/onenote"
authority = "https://login.microsoftonline.com/consumers"
app=PublicClientApplication(client_id=client_id, authority=authority)
flow = app.initiate_device_flow(scopes=scopes)
# there is an interactive part here that I automated using selenium, you
# are supposed to ouse a link to enter a code and then autorize the
# device; code not shown
result = app.acquire_token_by_device_flow(flow)
token= result['access_token']
headers={'Authorization': 'Bearer ' + token}
endpoint= "https://graph.microsoft.com/v1.0/users/c5af8759-4785-4abf-9434-xxxxxxxxx/onenote/notebooks"
notebooks = requests.get(endpoint,headers=headers).json()
for notebook in notebooks['value']:
print(notebook['displayName'])
print(notebook['sectionsUrl'])
print(notebook['sectionGroupsUrl'])
# I pick a certain notebook
section=[section for section in sections if section['displayName']=="Test"][0]
endpoint=notebook['sectionsUrl']
pages=requests.get(endpoint,headers=headers).json()
for page in pages['value']:
print(page['title'])
Update2
If I use this endpoint
https://graph.microsoft.com/v1.0/users/user-id/onenote/sections/section-id/pages
I would expect to get the complete list of pages for that section.
That is not working
After reading again and again the docs I my understanding is that the approach is to
call https://graph.microsoft.com/v1.0/users/user-id/onenote/pages$fiter or search etc etc
I this correct?
Also I vaguely remember there is a way to search for a section and have it expanded so that the search returs the children too.
Am I close to understanding this?
Thank you
MM
I'm trying to test the pass_thread_control function on Facebook Messenger, to have my Dialogflow bot direct ongoing conversation to a human operator. So far I'm stuck at even trying to get a "success" code in Graph API Explorer. I have reviewed Facebook's documentation ( https://developers.facebook.com/docs/messenger-platform/reference/handover-protocol/pass-thread-control/ ), carefully looked through different threads here or elsewhere. I have:
Subscribed my Facebook Page to receive messaging_handovers.
Set the Dialogflow chatbot app as the Primary Receiver.
Set the Page Inbox as Secondary Receiver.
...And I keep on getting various errors. For example, I try this request in Graph API explorer:
POST to https://graph.facebook.com/v5.0/me/pass_thread_control
with params:
{
"recipient": {
"id": "myPageID"
},
"target_app_id": "263902037430900"
}
{
"error": {
"message": "Unsupported post request. Object with ID 'me' does not exist, cannot be loaded due to missing permissions, or does not support this operation. Please read the Graph API documentation at https://developers.facebook.com/docs/graph-api",
"type": "GraphMethodException",
"code": 100,
"error_subcode": 33,
"fbtrace_id": "AipGijCLKQOwOl6L792ZEgG"
}
}
Maybe the issue is the recipient PSID? This is the only parameter I have no idea where to get. What is the page scoped app-id? How do I get it?
Or maybe I missed some permissions...?
Any help getting me unstuck much appreciated...
Okay, I actually managed to figure it out.
First and foremost - I discovered the Page I was trying to pass the thread control to wasn't linked to my Facebook Business account and the chatbot app was. I added the page in Facebook Business Manager so that it's linked to the same business account as the chatbot app. NOTE: I am not sure that this is a prereq for everyone, so take caution. It might not be required in all scenarios.
To retrieve the Page PSID, which can then be used in the 'recipient' param of the POST request to pass_thread_control, Sent a GET request using Graph API Explorer as shown here: https://developers.facebook.com/docs/facebook-login/connecting-accounts#examples
Even though the example request does not contain the appsecret_proof param, I used it and haven't tested the request without it. A very simple way of generating appsecret_proof using PHP is shown here: https://developers.facebook.com/docs/graph-api/securing-requests#generate-proof
Then when providing the PSID obtained using method shown in point 2., I got "success:true" while testing the pass_thread_control, which did pass the thread control to Secondary Receiver = Page Inbox. Yaaay! 😊
All of the above is described also in this thread, which helped me figure it out, so credit to Sunil: Is Facebook Messenger PSID PageScope constant for User
I have two projects linked to one clientID. Project "A" is in sandbox, the "B" one is confirmed. I was calling feed with this type of URL
https://api.instagram.com/v1/users/[userID]/media/recent/?client_id=[clientID]&count=20&access_token=[mySecretToken]
The problem is, that with this type of URL I can retrieve data only for project A. For confirmed project B I always get an error
{"meta": {"error_type": "APINotFoundError", "code": 400, "error_message": "this user does not exist"}}
I'm following the documentation ( https://www.instagram.com/developer/endpoints/users/#get_users_media_recent ) but this absolutely doesn't work outside the sandbox!
In another part of documentation I have found this:
For example, if you query the /users/{user-id}/ endpoint and the {user-id} is a sandbox user, then you will get the normal API response; but if the {user-id} is not a sandbox user, you will get a APINotFound error.
That's really useful information, but I really can' find a way, how can I retrieve data from confirmed (live, reviewed) project.
Can plz anyone help how can I do it?
I really need help with this... is it doable? Is it possible to add a Tab to a Company's Page programatically (like FBML, where the users writes their own HTML code)? Such as the C# SDK or through some other SDK? How would I do it?
Facebook Graph API allows it with permission "manage_pages".
http://developers.facebook.com/docs/reference/api/page/#tabs
You can install a profile_tab at the end of the current list of
installed tabs for a page by issuing an HTTP POST request to
PAGE_ID/tabs with a Page Access Token.
Javascript SDK:
FB.api('/' + PAGE_ID + '/tabs','post',
{ app_id: APP_ID, access_token: PAGE_TOKEN }, function (response) { });
Otherwise you could POST the same data via C# and a valid page access token. You get the page access token from /user/accounts: http://developers.facebook.com/docs/reference/api/user/
From the research I've done, I don't think there's a way to do it programmatically directly. However, you can use the following link:
http://facebook.com/add.php?pi_key=YOUR_APP_KEY&pages=1&page=YOUR_PAGE_ID