jwt token is throwing exception while decoding in yii2. I have checked Token Value and it becomes
Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJodHRwOlwvXC9jbWMtc2VydmVyLmFwaSIsImF1ZCI6Imh0dHA6XC9cL2NtYy1zZXJ2ZXIuYXBpIiwiaWF0IjoxNTM1MDE1NzY3LCJuYmYiOjE1MzUwMTU3NjcsImp0aSI6NjIzLCJlbWFpbCI6InJvY2NvLmNhcHBhbGxhQGdtYWlsLmNvbSIsImRldmljZV9pZCI6ODUxfQ.5PDyFA_YtzKEvkFMhnmiwucVBf47IU3z9ejcmXUojIU
Once I removed the Bearer from the token then it is working fine.otherwise it is throwing an exception
"name": "Exception",
"message": "Unknown JSON error: 5",
"code": 0,
"type": "DomainException",
"file": "/Users/mds/Sites/cmc-server/vendor/firebase/php-jwt/src/JWT.php",
"line": 336,
What will be the problem please let me know.
You can use following method, pass your complete token to it, it will return you token part except Bearer and then decode that token
function getBearerToken() {
$headers = $this->getAuthorizationHeader();
// HEADER: Get the access token from the header
if (!empty($headers)) {
if (preg_match('/Bearer\s(\S+)/', $headers, $matches)) {
return $matches[1];
}
}
return null;
}
Note : You may need to modify it as per your needs
Related
I'm trying to get to grips with the Places API and I am getting an invalid request when I enter the address_component as a field. The formatted_address works though I understand that should not be used if we want to parse it programatically.
Sample request:
https://maps.googleapis.com/maps/api/place/findplacefromtext/json?fields=address_components%2Cname%2Ctype&input=George%20Street&inputtype=textquery&key=MY_API_KEY
Response:
{
"candidates": [],
"error_message": "Error while parsing 'fields' parameter: Unsupported field name 'address_components'. ",
"status": "INVALID_REQUEST"
}
following post request give an error when creating a subscription for the Sent Items folder using Microsoft Graph
var apiUrl = "https://graph.microsoft.com/v1.0/subscriptions";
Request
{
"resource": "me/mailFolders('Sent Items')/messages",
"changeType": "created,updated,deleted",
"clientState": "320a6f10-9c62-4e59-a395-8cd27941b597",
"notificationUrl": "https://webhook.site/aaaa-6f49-4906-aaaa-e911f9391695",
"expirationDateTime": "2018-08-28T12:53:41.4830081+00:00"
}
Error Response
{
"error": {
"code": "ExtensionError",
"message": "Operation: Create; Exception: [Status Code: BadRequest; Reason: Bad Request]",
"innerError": {
"request-id": "359f51a6-5b12-41f6-8a02-a68ba4c10585",
"date": "2018-08-27T06:42:18"
}
}
}
Unfortunately the webhook.site test site that you are using does not implement the validation token protocol that is required to setup a subscription. The webhook must return the value of the validationToken query parameter in the response body for the subscription to be created correctly.
i changed the resource property value for folder name 'Sent Items' to 'SentItems' . here is the working request
{
"resource": "me/mailFolders('SentItems')/messages",
"changeType": "created,updated,deleted",
"clientState": "320a6f10-9c62-4e59-a395-8cd27941b597",
"notificationUrl": "https://webhook.site/aaaa-6f49-4906-aaaa-e911f9391695",
"expirationDateTime": "2018-08-29T12:53:41.4830081+00:00"
}
I have read many RESTful API design pattern resources.
But I'm not confident for deciding API.
It seems there does not not exist a standard JSON response format.
I need advice for my Json error response as below.
401
jwt token related fail
{
code:1,
message: "no access token"
}
{
code:2,
message: "invalid access token"
}
{
code:3,
message: "expired access token"
}
400
client's insufficient input parameter
{
code:20,
message: "input paramter 'search' is missing"
}
client's invalid value request
{
code:21,
message: "invalid serial no"
}
client's invalid request format
{
code:22,
message: "input parameter indate is invalid date format"
}
500
another mesh-up server's problem
{
code:30,
message: "no reply from external server API"
}
program logic error (ex. exception)
{
code:31,
message: "internal server error"
}
For 500 cases, I think client also needs more information.
And another concern is "Is error code needed?"
You could use Problem Details for HTTP APIs.
It's a nice format that can be extended easily to provide the client a good way to react on each error/problem appropriately.
https://www.rfc-editor.org/rfc/rfc7807
Here is an example taken from the RFC:
{
"type": "https://example.com/probs/out-of-credit",
"title": "You do not have enough credit.",
"detail": "Your current balance is 30, but that costs 50.",
"instance": "/account/12345/msgs/abc",
"balance": 30,
"accounts": ["/account/12345", "/account/67890"]
}
So, Here are 3 steps.
I called oAuth2 with following url:
https://accounts.google.com/o/oauth2/v2/auth
?scope=https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fwebmasters%20https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fwebmasters.readonly
&client_id=___.apps.googleusercontent.com
&redirect_uri=urn:ietf:wg:oauth:2.0:oob
&response_type=code
&approval_prompt=force
&access_type=offline
I get the code, suppose: 4/QVgPaCMqp94____qBC4NY_d54IcRj7U9mJc
Then I'm making a request for access_token, by making a POST request to https://accounts.google.com/o/oauth2/token with client_id, client_secret, redirect_uri, grant_type, and I get a JSON like:
'access_token' => ya29.CjHzAgC4js6Guv-1pt_rE____q8XIxiXOXOaSZW9NLRjKCTI3izBi,
'expires_in' => 3600,
'refresh_token' => 1/dL3ENA-EVI0rEb6D-OGqw_____iFe2ZNdEq4,
Now, I am making a request with that access_token or in cases of expiry with a renewed access_token to Google Search Console, which I have added in scopes.
My request is similar to this: https://developers.google.com/webmaster-tools/v3/urlcrawlerrorssamples/list#try-it
But I get an 401 unauthorized error, with a json like following:
{
"error": {
"errors": [
{
"domain": "global",
"reason": "required",
"message": "Login Required",
"locationType": "header",
"location": "Authorization"
}
],
"code": 401,
"message": "Login Required"
}
}
Considering I have done the process correctly, I think I have missing some parameters or providing some wrong value.
I have not used Google Client Library, instead used the REST API framework directly.
Can anybody give some clue please? Thank you.
The reason is, URL query parameter must be ?access_token= and not ?key= The later can be used only in case of direct API access and not oAuth.
We are working on an interesting project with Asana API. We used the example in this link https://github.com/Asana/oauth-examples
Things work fine up to refresh token process. When we post refresh request, we get the below json. This json does not include refresh_token to reuse one hour later. Can you please let me know what to do?
response = RestClient.post "https://app.asana.com/-/oauth_token",
:grant_type => 'refresh_token',
:refresh_token => '0/61d875c01bbd97b0a0bd7b48ebc7a29b',
:client_id => '11111111111',
:client_secret => 'xxxxxxxxxxxxxx'
puts response.body
returns below
{
"access_token": "0/672d061b4b1357de257d7e598f571140",
"token_type": "bearer",
"expires_in": 3600,
"data": {
"id": 5165131262780,
"name": "xxxx",
"email": "xxx#xxx.com"
}
}
This confused me as well.
You continue to use the same refresh token to obtain your next access token. No new refresh token is issued.
As the docs state, refresh_token is there "If exchanging a code" - the token exchange endpoint only includes a refresh token when exchanging code for tokens, not when exchanging refresh token for new bearer token.
You only get back a new bearer token when making the request with a refresh token. The refresh token is long-lived - if it expires, you go back through the code exchange.