Google Search Console 401 Bad Request issue without using Client Library - json

So, Here are 3 steps.
I called oAuth2 with following url:
https://accounts.google.com/o/oauth2/v2/auth
?scope=https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fwebmasters%20https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fwebmasters.readonly
&client_id=___.apps.googleusercontent.com
&redirect_uri=urn:ietf:wg:oauth:2.0:oob
&response_type=code
&approval_prompt=force
&access_type=offline
I get the code, suppose: 4/QVgPaCMqp94____qBC4NY_d54IcRj7U9mJc
Then I'm making a request for access_token, by making a POST request to https://accounts.google.com/o/oauth2/token with client_id, client_secret, redirect_uri, grant_type, and I get a JSON like:
'access_token' => ya29.CjHzAgC4js6Guv-1pt_rE____q8XIxiXOXOaSZW9NLRjKCTI3izBi,
'expires_in' => 3600,
'refresh_token' => 1/dL3ENA-EVI0rEb6D-OGqw_____iFe2ZNdEq4,
Now, I am making a request with that access_token or in cases of expiry with a renewed access_token to Google Search Console, which I have added in scopes.
My request is similar to this: https://developers.google.com/webmaster-tools/v3/urlcrawlerrorssamples/list#try-it
But I get an 401 unauthorized error, with a json like following:
{
"error": {
"errors": [
{
"domain": "global",
"reason": "required",
"message": "Login Required",
"locationType": "header",
"location": "Authorization"
}
],
"code": 401,
"message": "Login Required"
}
}
Considering I have done the process correctly, I think I have missing some parameters or providing some wrong value.
I have not used Google Client Library, instead used the REST API framework directly.
Can anybody give some clue please? Thank you.

The reason is, URL query parameter must be ?access_token= and not ?key= The later can be used only in case of direct API access and not oAuth.

Related

Unauthorized WebHook callback channel Google push notifications

I am trying to monitor my files in Google Drive.
By getting notifications to the delivery channel.
I've tried everything and tried hundreds of times but every time he tells me:
`
I am using Postman.
Post https://www.googleapis.com/drive/v2/changes/watch
Body:
{"id": "01234567-89ab-cdef-012345***789ab",
"kind":"drive#startPageToken",
"type": "webhook",
"address": "https://nwafith.com/api/notifications"
}
Response
{
"error": {
"errors": [
{
"domain": "global",
"reason": "push.webhookUrlUnauthorized",
"message": "Unauthorized WebHook callback channel: https://www.nwafith.com/api/notifications"
}
],
"code": 401,
"message": "Unauthorized WebHook callback channel: https://www.nwafith.com/api/notifications"
}
}
In the Domain verification
I added:
www.nwafith.com
nwafith.com
Everything looks right but I don’t know exactly where the problem is.
I hope for help
Unauthorized WebHook callback channel:
Means that you have not properly authorized your domain in Google developer console.
Solution:
Go to the Google Developers Console
Select your project
Under 'APIS & AUTH' select 'Push'
Click 'Add domains'
Enter the needed domains (Only the domain is needed: https://www.nwafith.com)
Click the 'Add domains' button
After that it should work.

"Recipient address required" even after encoding the raw message

I'm having an issue with sending emails via the Gmail API. I followed the instructions as specified by various sources:
400 error. Recipient address required. JavaScript
400 Error. Recipient address required. curl
Message:
From: 'John Doe' <john.doe#gmail.com>\n
To: 'Jane Doe' <jane.doe#gmail.com>\n
Subject: This is a subject\n
Did you receive this message?
(I tried both with and without ', including specifying the email address directly)
I encoded this as base64 (url safe) and add it to the "raw" field of the body. Note that I pass the full JSON as the body.
{
"raw":"RnJvbTogJ0pvaG4gRG9lJyA8am9obi5kb2VAZ21haWwuY29tPgpUbzogJ0phbmUgRG9lJyA8amFuZS5kb2VAZ21haWwuY29tPgpTdWJqZWN0OiBUaGlzIGlzIGEgc3ViamVjdApEaWQgeW91IHJlY2VpdmUgdGhpcyBtZXNzYWdlPw=="
}
(I tried both with and without padding)
I'm using the following HTTP headers:
"headers":{
"content-type":"message/rfc822",
"authorization":"Bearer ya..."
}
After doing a POST request to https://gmail.googleapis.com/upload/gmail/v1/users/john.doe#gmail.com/messages/send I get the following response:
{
"error": {
"code": 400,
"message": "Recipient address required",
"errors": [
{
"message": "Recipient address required",
"domain": "global",
"reason": "invalidArgument"
}
],
"status": "INVALID_ARGUMENT"
}
}
EDIT:
The official Google docs aren't really helpful regarding language neutrality.
https://developers.google.com/gmail/api/guides/sending
As it turns out, you cannot send email with a service account. The official Google support page literally tells you to use a third party service:
https://cloud.google.com/compute/docs/tutorials/sending-mail/
So I just went old-school and use SMTP. Works great.

Agument list files API call with createdTime attribute in Google Drive API

I'd like to retrieve all the resources (files and folder) via the Files: list
API call with the createdTime attribute included.
Standard response doesn't include the createdTime key described in the resource representation so I've added the fields query parameter with the value createdTime (there's an open issue related which says so but referring to API v2 while I'm using API v3).
API call I'm doing is the following:
https://www.googleapis.com/drive/v3/files?fields=createdTime
with proper authentication.
A 400 status code response is returned with the following body:
{
"error": {
"errors": [
{
"domain": "global",
"reason": "invalidParameter",
"message": "Invalid field selection createdTime",
"locationType": "parameter",
"location": "fields"
}
],
"code": 400,
"message": "Invalid field selection createdTime"
}
}
What's the correct way of using the fields query parameter?
If you want to see the full response you can do the following test here
https://www.googleapis.com/drive/v3/files?fields=*
If you just want the create date you can also do test here
https://www.googleapis.com/drive/v3/files?fields=files(createdTime)
You can read more about this in Partial response

Getting 401 unauthorised when calling calendar api of office 365

I am trying to access the office 365 calendar api to create an event. The steps i followed are
Created app and registered it in azure
Gave permisissions to the app
Hitting https://login.microsoftonline.com/{{tenantid}}/oauth2/token to get the access token
body :
{
"grant_type":"client_credentials",
"client_id": "*****",
"client_secret": "****",
"resource":"https://outlook.office.com"
}
Response :
{
"token_type": "Bearer",
"expires_in": "3600",
"ext_expires_in": "262800",
"expires_on": "1532026206",
"not_before": "1532022306",
"resource": "https://outlook.office.com",
"access_token":"******"
}
When i pass this access token to https://outlook.office.com/api/v2.0/me/events which creates events. it gives me 401 unauthorised. Body of the request is as shown below. Someone please assist.
{
"Subject": "Discuss the Calendar REST API",
"Body": {
"ContentType": "HTML",
"Content": "I think it will meet our requirements!"
},
"Start": {
"DateTime": "2019-02-02T18:00:00",
"TimeZone": "Pacific Standard Time"
},
"End": {
"DateTime": "2019-02-02T19:00:00",
"TimeZone": "Pacific Standard Time"
},
"Attendees": [
{
"EmailAddress": {
"Address": "arulvelug#hexabot.onmicrosoft.com",
"Name": "Arulvelu G"
},
"Type": "Required"
}
]
}
To do authorization of office 365 and use REST API via Postman, here is a solution for your reference:
First: get security Token
Access [https://login.microsoftonline.com/extSTS.srf] via Http Post method. The content of the http request is as follows.
<s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope"
xmlns:a="http://www.w3.org/2005/08/addressing"
xmlns:u="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-
utility-1.0.xsd">
<s:Header>
<a:Action
s:mustUnderstand="1">http://schemas.xmlsoap.org/ws/2005/02/trust/RST/Issue</a:Action>
<a:ReplyTo>
<a:Address>http://www.w3.org/2005/08/addressing/anonymous</a:Address>
</a:ReplyTo>
<a:To s:mustUnderstand="1">https://login.microsoftonline.com/extSTS.srf</a:To>
<o:Security s:mustUnderstand="1"
xmlns:o="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<o:UsernameToken>
<o:Username>[username]</o:Username>
<o:Password>[password]</o:Password>
</o:UsernameToken>
</o:Security>
</s:Header>
<s:Body>
<t:RequestSecurityToken xmlns:t="http://schemas.xmlsoap.org/ws/2005/02/trust">
<wsp:AppliesTo xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy">
<a:EndpointReference>
<a:Address>[endpoint]</a:Address>
</a:EndpointReference>
</wsp:AppliesTo>
<t:KeyType>http://schemas.xmlsoap.org/ws/2005/05/identity/NoProofKey</t:KeyType>
<t:RequestType>http://schemas.xmlsoap.org/ws/2005/02/trust/Issue</t:RequestType>
<t:TokenType>urn:oasis:names:tc:SAML:1.0:assertion</t:TokenType>
</t:RequestSecurityToken>
</s:Body>
</s:Envelope>
The demonstration screenshot in Postman:
And the response content will include a security token as below, we can use this security token to get Access Token of office 365.
Second: get Access Token
Here i show you how to get access token, I get it of my SharePoint using the security token.
Access [https://yourdomain.sharepoint.com/_forms/default.aspx?wa=wsignin1.0] via http Post method. The content of the request is the security token that we have got above as below.
And the response as below:
We can see that there are two cookie, rtFa and FedAuth in response header, and these two cookie need to be added to the request in subsequent request.
Third: get Request Digest
Access [https://yourdomain.sharepoint.com/_api/contextinfo] via http Post method with that two cookies which we have got above.
And the response as below:
This is the final Token we want!
Then we can use REST API of our app in O365, like SharePoint , we only need to add this token and the previous two cookie, as shown in the following figure.

How can I trigger a Google Apps Script function from the Google API PHP Client with the authentication I have set already?

I'm struggling to trigger a Google Apps Script Function which builds many dropdowns of a Google Spreadsheet.
I need this data to be updated daily on this Google Spreadsheet so I must call the function.
Seems like I'm required to have a client-side authentication which I'm reluctant to force it to happen.
I have set already the Google API PHP Client which does batch updates, get requests and control users and its roles.
Here's how the code looks like:
public function updateTemplate ()
{
$client = $this->getClient();
$service = new Google_Service_Script($client);
$scriptId = $this->gScriptId;
// Create an execution request object.
$request = new Google_Service_Script_ExecutionRequest();
$request->setFunction('SetUpNewSpreadsheet');
try {
// Make the API request.
$response = $service->scripts->run($scriptId, $request);
echo "here<pre>";
print_r($response);
exit;
I'm getting the following response error:
Caught exception: {
"error": {
"code": 401,
"message": "Request is missing required authentication credential. Expected OAuth 2 access token, login cookie or other valid authentication credential. See https://developers.google.com/identity/sign-in/web/devconsole-project.",
"errors": [ {
"message": "Request is missing required authentication credential. Expected OAuth 2 access token, login cookie or other valid authentication credential. See https://developers.google.com/identity/sign-in/web/devconsole-project.",
"domain": "global",
"reason": "unauthorized"
} ]
, "status": "UNAUTHENTICATED"
}
}
I've checked the message errors and docs already. I'm wondering if maybe I'm missing something or if I can find a way to execute that request without forcing a client-side login?
Has anyone been through it?