Not able to get token for office365 onenote - onenote

I am trying to get access token using WebAuthenticationCoreManager for my native UWP application (Windows 10), am using https://www.onenote.com as the resource.
Before requesting for the token I have associated my app with azure and using client id generating from it.
I have also provided necessary delegated permissions for office365api to my application on azure.
I am getting error with code AADSTS65005 with a message "he request has failed because the client has not specified this resource in its requiredResourceAccess list".
Am I missing some steps that needs to be followed?delegated permission snapshot

The resource URI is https://onenote.com/
Please try with that.

Related

LTI 1.3 - Access token - Error validating assertion: Unknown validation exception

I'm trying to create a lti 1.3 integration in Brightspace (POC), and I was able to get to the point where the tool endpoint is launch. At this endpoint I'm trying to get access token in order to get the membership data, so I send the request (for the access token) with the relevant scope and all the credentials with no success. I also added to the url address the relevant parameters as the documentation shows.
I think that at this point I should get the access token with no problems, because when I was trying to integrate with moodle I successfully received the access token back. I know there is a standard in all LMSs but Is there any specific adjustment to integrate with Brightspace.

Service to service authentication is not allowed using forge Autodesk

In 'Autodesk Construction Cloud APIs' I try to use GET method for projects/{projectId}/issues.
This is the documentation for the API: Get issues API Link
I am using Postman and for other API's it works without problems, but for some reason for this API I got the following error:
image of the error:
I know my ProjectId and Token are fine. I am wondering if it has to do with some access the admin must to give me.
best regards,
It looks like your access token is 2-legged. Instead, you will need to use a 3-legged one since its Authentication Context is user context required.
See:
https://forge.autodesk.com/en/docs/oauth/v2/developers_guide/basics/
https://forge.autodesk.com/en/docs/oauth/v2/tutorials/get-3-legged-token/
https://forge.autodesk.com/en/docs/oauth/v2/tutorials/get-3-legged-token-implicit/

Autodesk Forge accessing b360 hub to get projects - error 404

I'm trying to pubhlish a project using this guide - https://forge.autodesk.com/en/docs/data/v2/tutorials/publish-model/
I am able to get the docs hub ID for the expected hub (using 3 legged token, after having Autodesk provision the b360 docs account, and setting up integration w/ forge app), and pass this into the call to get the projects (using same token, or new token) using this guide - https://forge.autodesk.com/en/docs/data/v2/reference/http/hubs-hub_id-projects-GET/
I get back a response 404 error using the hub ID provided in the GET hubs call that starts with b.xxx from the GET hubs
{
"developerMessage": "The requested resource does not exist.",
"moreInfo": "https://forge.autodesk.com/en/docs/oauth/v2/developers_guide/error_handling/",
"errorCode": ""
}
I've tried this with a. as well, instead of b. and also no prefix on hub ID with no luck. I verified that this Id matches what is shown in the account admin settings online as well.
The get request looks like this, and includes authorization token in format Bearer {{token}} where {{token}} is the (same) variable for the token that works when getting hub ID's.
https://developer.api.autodesk.com/project/v1/hubs/b.e3a26052-6b48-4a03-9115-xxxxxxxxxxx/projects
Is my format incorrect, or is there something else going on?
The request looks ok, incl. the hub ID (the b. prefix must be there). One thing to check for is whether the actual user you're using to obtain the 3-legged token has access to any projects inside this hub.
Also, what happens when you try the GET hubs/:hub_id endpoint? Can you see the hub information or do you get 404 as well?

Integration of Spring Oauth2 implementation with the HTML front end using javascript

I am implementing spring oauth2 for securing my rest api. Basically i am limiting the use of rest api to particular users rather then limiting to every users.
I had implemented the backend and secured my api using spring oauth2.
I am following this steps:
1)Send the GET request with the five parameters.
localhost:8080/SpringRestSecurityOauth/oauth/token?grant_type=password&client_id=Awyi123nasdk89&client_secret=asdj39m32##$s&username=rahul#gmail&password=rahul#9831
2) Server validates the user with the help of spring security and return the json response with access code.
{
"access_token": "22cb0d50-5bb9-463d-8c4a-8ddd680f553f",
"token_type": "bearer",
"refresh_token": "7ac7940a-d29d-4a4c-9a47-25a2167c8c49",
"expires_in": 119
}
3)I access protected resources by passing this access token as a parameter, the request goes something like this:
localhost:8080/SpringRestSecurityOauth/api/users/?access_token=8c191a0f-ebe8-42cb-bc18-8e80f2c4238e
4) In case the token is expired, user needs to get a new token using its refreshing token that was accepted in step(2). A new access token request after expiration looks something like this:
localhost:8080/SpringRestSecurityOauth/oauth/token?grant_type=refresh_token&client_id=restapp&client_secret=restapp&refresh_token=7ac7940a-d29d-4a4c-9a47-25a2167c8c49
All the above step are working fine. Now i need to implement this on my client side. So that a particular client can access this call. I am using HTML/CSS as client side technology.
How client can get the access token? Should it be stored in the browser local storage? Or it should be generated every time the rest call is been made?
Any example would help me to proceed further.
I'm implementing my project like you. I use angularjs and get the access token from response json then store it into cookies.
This link provide sample code for you: http://www.baeldung.com/rest-api-spring-oauth2-angularjs. (See Frontend - Password Flow).
Because refresh token should keep secret and the client is html app, you should see this link http://www.baeldung.com/spring-security-oauth2-refresh-token-angular-js for handling refresh token.
For html client, after obtaining access token using refresh token when access token is expired, I use http-auth-interceptor ([http]://witoldsz.github.io/angular-http-auth/) to retry all rest requests failed because of expired access token.
I'm sorry that I have not enough reputation to post more than 2 links.

Google Drive API downloadURL 401 error

Anybody can help or enlighten me with my issue:
I'm a Java developer and I have an existing smart printer app called GDrive App. It uses Google Drive API (oauth 2.0, gdata-version 2.0 and 3.0 for download-print file) .
This has been working for months until now. Actually, only the download-printing part is no longer working this time, I can still access the app (retrieve files, create folder, search and delete files).
Actual problem:
I keep on getting 401 error when I try to download file (to input stream) for printing. It's confusing because I already provided all the necessary information during the request. And it has been working for many months. No changes of the code. Weird.
I have this for headers:
[Authorization: Bearer ya29.CjAkA8uPBUsKWYMSEDpPxUbP_vtQJOKfCZ7O8I4GkpUkN70bGgnDTAVYiVW2m353H2Y
, GData-Version: 3.0
]
While executing this URL to download and print resource, I couldn't access this.
https://doc-0o-7o-docs.googleusercontent.com/docs/securesc/l9c2gms12ko7qqfc58putbb2v38kkvmm/dp5l9kmpu48kdi8mp2rvtmc1dm1f41tk/1468828800000/09859633411849852329/09859633411849852329/0ByU-nFK_03gtZGhBZkxCYmExeGc?e=download&gd=true
Error 401 means that you aren't authorized properly. Most likely the ya29.CjAkA8uPBUsKWYMSEDpPxUbP_vtQJOKfCZ7O8I4GkpUkN70bGgnDTAVYiVW2m353H2Y access token you are using expired and you have to request another.
You should write your code to anticipate the possibility that a granted token might no longer work. A token might stop working for one of these reasons:
The user has revoked access.
The token has not been used for six months.
The user changed passwords and the token contains Gmail, Calendar,
Contacts, or Hangouts scopes.
The user account has exceeded a certain number of token requests.
source
You can use GoogleAuthorizationCodeTokenRequest to request an access token and possibly a refresh token.