I am trying to access the office 365 calendar api to create an event. The steps i followed are
Created app and registered it in azure
Gave permisissions to the app
Hitting https://login.microsoftonline.com/{{tenantid}}/oauth2/token to get the access token
body :
{
"grant_type":"client_credentials",
"client_id": "*****",
"client_secret": "****",
"resource":"https://outlook.office.com"
}
Response :
{
"token_type": "Bearer",
"expires_in": "3600",
"ext_expires_in": "262800",
"expires_on": "1532026206",
"not_before": "1532022306",
"resource": "https://outlook.office.com",
"access_token":"******"
}
When i pass this access token to https://outlook.office.com/api/v2.0/me/events which creates events. it gives me 401 unauthorised. Body of the request is as shown below. Someone please assist.
{
"Subject": "Discuss the Calendar REST API",
"Body": {
"ContentType": "HTML",
"Content": "I think it will meet our requirements!"
},
"Start": {
"DateTime": "2019-02-02T18:00:00",
"TimeZone": "Pacific Standard Time"
},
"End": {
"DateTime": "2019-02-02T19:00:00",
"TimeZone": "Pacific Standard Time"
},
"Attendees": [
{
"EmailAddress": {
"Address": "arulvelug#hexabot.onmicrosoft.com",
"Name": "Arulvelu G"
},
"Type": "Required"
}
]
}
To do authorization of office 365 and use REST API via Postman, here is a solution for your reference:
First: get security Token
Access [https://login.microsoftonline.com/extSTS.srf] via Http Post method. The content of the http request is as follows.
<s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope"
xmlns:a="http://www.w3.org/2005/08/addressing"
xmlns:u="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-
utility-1.0.xsd">
<s:Header>
<a:Action
s:mustUnderstand="1">http://schemas.xmlsoap.org/ws/2005/02/trust/RST/Issue</a:Action>
<a:ReplyTo>
<a:Address>http://www.w3.org/2005/08/addressing/anonymous</a:Address>
</a:ReplyTo>
<a:To s:mustUnderstand="1">https://login.microsoftonline.com/extSTS.srf</a:To>
<o:Security s:mustUnderstand="1"
xmlns:o="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<o:UsernameToken>
<o:Username>[username]</o:Username>
<o:Password>[password]</o:Password>
</o:UsernameToken>
</o:Security>
</s:Header>
<s:Body>
<t:RequestSecurityToken xmlns:t="http://schemas.xmlsoap.org/ws/2005/02/trust">
<wsp:AppliesTo xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy">
<a:EndpointReference>
<a:Address>[endpoint]</a:Address>
</a:EndpointReference>
</wsp:AppliesTo>
<t:KeyType>http://schemas.xmlsoap.org/ws/2005/05/identity/NoProofKey</t:KeyType>
<t:RequestType>http://schemas.xmlsoap.org/ws/2005/02/trust/Issue</t:RequestType>
<t:TokenType>urn:oasis:names:tc:SAML:1.0:assertion</t:TokenType>
</t:RequestSecurityToken>
</s:Body>
</s:Envelope>
The demonstration screenshot in Postman:
And the response content will include a security token as below, we can use this security token to get Access Token of office 365.
Second: get Access Token
Here i show you how to get access token, I get it of my SharePoint using the security token.
Access [https://yourdomain.sharepoint.com/_forms/default.aspx?wa=wsignin1.0] via http Post method. The content of the request is the security token that we have got above as below.
And the response as below:
We can see that there are two cookie, rtFa and FedAuth in response header, and these two cookie need to be added to the request in subsequent request.
Third: get Request Digest
Access [https://yourdomain.sharepoint.com/_api/contextinfo] via http Post method with that two cookies which we have got above.
And the response as below:
This is the final Token we want!
Then we can use REST API of our app in O365, like SharePoint , we only need to add this token and the previous two cookie, as shown in the following figure.
Related
I am trying to monitor my files in Google Drive.
By getting notifications to the delivery channel.
I've tried everything and tried hundreds of times but every time he tells me:
`
I am using Postman.
Post https://www.googleapis.com/drive/v2/changes/watch
Body:
{"id": "01234567-89ab-cdef-012345***789ab",
"kind":"drive#startPageToken",
"type": "webhook",
"address": "https://nwafith.com/api/notifications"
}
Response
{
"error": {
"errors": [
{
"domain": "global",
"reason": "push.webhookUrlUnauthorized",
"message": "Unauthorized WebHook callback channel: https://www.nwafith.com/api/notifications"
}
],
"code": 401,
"message": "Unauthorized WebHook callback channel: https://www.nwafith.com/api/notifications"
}
}
In the Domain verification
I added:
www.nwafith.com
nwafith.com
Everything looks right but I don’t know exactly where the problem is.
I hope for help
Unauthorized WebHook callback channel:
Means that you have not properly authorized your domain in Google developer console.
Solution:
Go to the Google Developers Console
Select your project
Under 'APIS & AUTH' select 'Push'
Click 'Add domains'
Enter the needed domains (Only the domain is needed: https://www.nwafith.com)
Click the 'Add domains' button
After that it should work.
Facing issue to send proactive message to the end user (msteams), via bot service,
I try using the bot framework python SDK, where I am getting the following error even for getting conversation id.
botbuilder.schema._models_py3.ErrorResponseException: Operation returned an invalid status code 'Unauthorized'
Hence I try to simulate calls via postman and rest API's, in here I am able to get conversation id successfully, but if I try to use that conversation id to further send a message via activities I am not able to do it. following is rest endpoint and payload. In here I am getting an error of incorrect payload.
https://smba.trafficmanager.net/apis/v3/conversations/8:orgid:949a3f72-b82c-4b89-b2de-9defbe6ae7cd/activities
{
"type": "message",
"recipient": {
"id": "29:1ZcsKdk0rsLmsywvI2SNQ2J7OIz"
},
"from": "bot",
"channelData": {
"notification": {
"alert": "true"
}
},
"text": "Hello world"
}
There was an issue with payload, I added BOT_ID along with name and able to successfully post message to end user. Following is working payload.
Payload:
{ "type":"message",
"recipient":{
"id":"29:1dUxQXVlH6QGByu1T9MR4p5g0c5URMaBtKqGU74C3zdowO78nPbuu2dg- qj9o02OkJ4MYXt2I-nxDgf9ga9EY5w"
},
"from":{
"id":"28:d7afe8c9-f0cd-434f-8906-be2b744229ac",
"name":"bot"
},
"channelData":{
"notification":{
"alert":"true"
}
},
"text":"Hello "
}
I have:
An JavaScript Azure Function in an HTTP webhook configuration; the Function provides a URL; the Function performs an action
A webhook configured in the software I hope to receive notifications from
An Azure Logic App with an HTTP/webhook step that provides a URL for the webhook notification to go to
My goal is that the Azure Function's URL receives notifications from the software's webhook and performs an action. The Azure Logic App is for testing only.
What works
When the the Azure Logic App's URL is used in the software's webhook configuration, the desired action is performed. All works as expected.
The Azure Logic App's logging shows the JSON output from the incoming webhook. I expect (but believe this may be where I am going wrong) that this is the JSON the webhook is sending to the Azure Logic App's URL. When this JSON is used in the Azure Function UI's "Test" tab > "Request body" field, the desired action is performed. All works as expected.
When the Azure Function's URL and the JSON is in a Postman request, the desired action is performed. All works as expected.
What doesn't work
When the Azure Function's URL is used in the software's webhook configuration, no action is performed. This is of course my goal. From everything I have read, I understand that this URL as a webhook endpoint should work.
Azure Function's URL
This is from Get function URL > default (Function key).
https://<app_name>.azurewebsites.net/api/content?code=<api_key>
Other Azure Function config settings
Allowed HTTP methods: GET, POST
Authorization level: Function
The JSON I believe to be coming over the webhook
{
"headers": {
"Expect": "100-continue",
"Host": "redacted",
"X-Telligent-Webhook-Sender": "redacted",
"Content-Length": "16908",
"Content-Type": "application/json; charset=utf-8"
},
"body": {
"events": [{
"TypeId": "ec9da4f4-0703-4029-b01e-7ca9c9ed6c85",
"DateOccurred": "2018-12-17T22:55:37.7846546Z",
"EventData": {
"ActorUserId": 9999,
"ContentId": "redacted",
"ContentTypeId": "redacted",
"ForumReplyId": 9999,
"ForumThreadId": 9999,
"ForumId": 9999
}
}]
}
}
I also tried with the following test code for the same results. It aligns more closely with the sample payload data provided by the software company:
What I tried
{
"events": [{
"TypeId": "ec9da4f4-0703-4029-b01e-7ca9c9ed6c85",
"DateOccurred": "2018-12-17T22:55:37.7846546Z",
"EventData": {
"ActorUserId": 9999,
"ContentId": "redacted",
"ContentTypeId": "redacted",
"ForumReplyId": 9999,
"ForumThreadId": 9999,
"ForumId": 9999
}
}]
}
Sample payload data
{
"events": [
{
"TypeId": "407ad3bc-8269-493e-ac56-9127656527df",
"DateOccurred": "2015-12-04T16:31:55.5383926Z",
"EventData": {
"ActorUserId": 2100,
"ContentId": "4c792b81-6f09-4a45-be8c-476198ba47be"
}
},
{
"TypeId": "3b75c5b9-4705-4a97-93f5-a4941dc69bc9",
"DateOccurred": "2015-12-04T16:48:03.7343926Z",
"EventData": {
"ActorUserId": 2100,
"ContentId": "4c792b81-6f09-4a45-be8c-476198ba47be"
}
}
]
}
I do not know how to determine why the Azure Function is not triggered by the webhook. The software's API documentation does not seem to provide a way to look at the JSON being sent over the webhook, although in my inexperience I may be wrong.
Is there a mechanism within Azure, or Postman, or another tool that lets me see what JSON is being sent over the webhook? Or perhaps is there another approach to determining the cause of the issue?
Thank you for any help.
This is how I got the JSON file from Azure alerts.
Install Ruby on the server
Install Sinatra with following command gem install sinatra
Create file webhook.rb and paste code bellow
require 'sinatra'
set :port, 80
set :bind, '0.0.0.0'
post '/event' do
status 204 #successful request with no body content
request.body.rewind
request_payload = JSON.parse(request.body.read)
#append the payload to a file
File.open("events.txt", "a") do |f|
f.puts(request_payload)
end
end
Run the web service with command ruby webhook.rb
JSON fill be written to file events.txt
I am trying to add a test case in Rally using Soap UI and the API exposed by Rally at https://rally1.rallydev.com/slm/doc/webservice/ . I am able to do that using java code though. As per the page, i need to make a POST/PUT to achieve the same but I get error
{"CreateResult": {
"_rallyAPIMajor": "2",
"_rallyAPIMinor": "0",
"Errors": ["Not authorized to perform action: Invalid key"],
"Warnings": []
}}
The payload I am passing is as below
{
"Name": "Ignore:Newly added testcase associated to a Story3",
"Description": "Test creation of Story3",
"Owner": "https://rally1.rallydev.com/slm/webservice/v2.0/user/3215613515",
"Objective": "Test objective of Story3",
"PreConditions": "1. Hi<br>2. Hello",
"Project": "1223451",
"Notes": "Adding a test case"
}
Please help me fix the issue.
Adding a sample request
POST https://rally1.rallydev.com/slm/webservice/v2.0/testcase/create?key=abc123..... HTTP/1.1
Accept-Encoding: gzip,deflate
Content-Type: application/json
Content-Length: 464
Host: rally1.rallydev.com
Connection: Keep-Alive
User-Agent: Apache-HttpClient/4.1.1 (java 1.5)
Cookie: JSESSIONID=qs-app-07fv4cswgptt7b1vc3o58hztndw.qs-app-07; SERVERID=c1acc7f401011b9881d1497a9ef30b27acc4a1c9; __cfduid=d392a0428b5fa74f473cb1712c3d64d7a1483502577
Cookie2: $Version=1
{
"testcase": {
"Name": "Ignore:Newly added testcase associated to a Story3",
"Description": "Test creation of Story3",
"Owner": "https://rally1.rallydev.com/slm/webservice/v2.0/user/28138408395",
"Objective": "Test objective of Story3",
"WorkProduct": "https://rally1.rallydev.com/slm/webservice/v2.0/hierarchicalrequirement/61375703434",
"PreConditions": "1. Hi<br>2. Hello",
"Project": "/project/17133096258",
"Notes": "Adding a test case"
}`enter code here`
}
Does the SOAP UI client manage cookies? You'll need to be sure you're still using the same session for all your requests. The auth token passed via the key query string parameter needs to match the active session. If your request is just re-passing the basic auth credentials again it will probably generate a new session, rendering that token invalid. Usually enabling cookies in the client is enough to fix this. This is the way the toolkits we provide manage it.
I was able to successfully add a test case to a user story in Rally. What we have to do is add a header as "ZSESSIONID" with a value as ApiKey created at "https://rally1.rallydev.com/login/accounts/index.html#/keys" in a POST request. Thanks everyone for the support
So, Here are 3 steps.
I called oAuth2 with following url:
https://accounts.google.com/o/oauth2/v2/auth
?scope=https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fwebmasters%20https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fwebmasters.readonly
&client_id=___.apps.googleusercontent.com
&redirect_uri=urn:ietf:wg:oauth:2.0:oob
&response_type=code
&approval_prompt=force
&access_type=offline
I get the code, suppose: 4/QVgPaCMqp94____qBC4NY_d54IcRj7U9mJc
Then I'm making a request for access_token, by making a POST request to https://accounts.google.com/o/oauth2/token with client_id, client_secret, redirect_uri, grant_type, and I get a JSON like:
'access_token' => ya29.CjHzAgC4js6Guv-1pt_rE____q8XIxiXOXOaSZW9NLRjKCTI3izBi,
'expires_in' => 3600,
'refresh_token' => 1/dL3ENA-EVI0rEb6D-OGqw_____iFe2ZNdEq4,
Now, I am making a request with that access_token or in cases of expiry with a renewed access_token to Google Search Console, which I have added in scopes.
My request is similar to this: https://developers.google.com/webmaster-tools/v3/urlcrawlerrorssamples/list#try-it
But I get an 401 unauthorized error, with a json like following:
{
"error": {
"errors": [
{
"domain": "global",
"reason": "required",
"message": "Login Required",
"locationType": "header",
"location": "Authorization"
}
],
"code": 401,
"message": "Login Required"
}
}
Considering I have done the process correctly, I think I have missing some parameters or providing some wrong value.
I have not used Google Client Library, instead used the REST API framework directly.
Can anybody give some clue please? Thank you.
The reason is, URL query parameter must be ?access_token= and not ?key= The later can be used only in case of direct API access and not oAuth.