I'm attempting to test the Xero Authentication process with Cypress, but I am encountering this error after I login with my correct login details.
Xero Auth Error -
Is there a way to fix this or is there an alternative someone can suggest?
Thank you and have a nice day!
Tried: Connecting to Xero through Cypress
Expecting: Successful Authentication.
The error code indicates your ip address is being blocked by Xero's WAF. Have a look at this article for more information. Stopping actions listed in the article will allow the risk score to reset and restore access after around 24 hours.
https://community.akamai.com/customers/s/article/Why-is-Akamai-blocking-me?language=en_US
If you are not doing any of those things, please reach out to Xero via https://developer.xero.com/contact-xero-developer-platform-support/ with a very recent error code (the one starting #18.xxx) as the code is time-sensitive.
Related
I'm having an issue getting Login Kit to work. Similar to the question asked here I have the correct redirect domain listed in tiktok settings and the redirect_uri is basically just "domain/tiktok" but no matter what I do I get the same error message:
Below is my backend code - it's basically exactly the same as what is listed in the tiktok docs. Any help on this would be much appreciated!
const CLIENT_KEY = 'my_key'
const DOMAIN = 'dev.mydomain.com'
const csrfState = Math.random().toString(36).substring(2);
res.cookie('csrfState', csrfState, { maxAge: 60000 });
const redirect = encodeURIComponent(`https://${DOMAIN}/tiktok`)
let url = 'https://www.tiktok.com/auth/authorize/';
url += '?client_key=' + CLIENT_KEY;
url += '&scope=user.info.basic,video.list';
url += '&response_type=code';
url += '&redirect_uri=' + redirect;
url += '&state=' + csrfState;
res.redirect(url);
UPDATE 8/13/2022
I submitted the app for review and was approved so the status is now "Live in production" instead of "staging". The issue is still there - still showing error message no matter what domain / callback URL I use
UPDATE 8/16/2022
OK so I've made some progress on this.
First off - I was able to get the authentication/login screen to finally show up. I realized to do this you need to:
Make sure that the status of your app is "Live in production" and not "Staging". Even though when you create a new app you may see client_key and client_secret show up don't let that fool you - Login Kit WILL NOT WORK unless your app is submitted and approved
The redirect_uri you include in your server flow must match EXACTLY to whatever value you entered in "Registered domains" in the Settings page. So if you entered "dev.mydomain.com" in Settings then redirect_uri can only be "dev.mydomain.com" not "dev.mydomain.com/tiktok".
I think I might know what the issue is. My guess is that before - on the Settings page you had to enter the FULL redirect URL (not just the domain) and whatever redirect uri was included in the authorization query was checked against this value which was saved in TikTok's database (whatever was entered in the Settings page when path/protocol were allowed). At some point recently, the front-end business logic was changed such that you could only enter a domain (e.g., mydomain.com) on the Settings page without any protocols - however TikTok's backend logic was never updated so during the Login flow they are still checking against an EXACT match for whatever was saved in their DB as the redirect uri - this would explain why an app that was previously using the API with a redirect uri that DOES include protocols (e.g., for Later.com their redirect uri is https://app.later.com/users/auth/tiktok/callback) continues to work and why for any app attempting to save redirect WITH protocols are getting the error message screen. My gut feeling is telling me that the error is not on my part and this is actually a bug on TikTok's API - my guess is it can be addressed either by changing the front-end on the Settings page to allow for path/protocols (I think this is the ideal approach) or to change their backend so that any redirect uri is checked such that it must include 1 of the listed redirect domains.
I've been emailing with the TikTok team - their email is tiktokplatform#tiktok.com - and proposed the two solutions I mentioned above. I suggest if you're having the same issue you email them as well and maybe even link this StackOverflow question so that maybe it will get higher priority if enough people message them about it.
If you're looking for a shot-term hack I'd recommend creating a dedicated app on AWS or Heroku with a clean domain (e.g., https://mydomain-tiktok.herokuapp.com) and then redirect to either your dev or production environment by appending a prefix to the "state" query (e.g., "dev_[STATE_ID]"). I'll just reiterate I consider this a very "hacky" approach handling callbacks and would definitely not want to use something like this in production.
In my case, the integration worked after doing following steps:
In TikTok developers page:
Like #eugene-blinn said: make sure your app is in Live in production status (I couldn't find anything in the documentation about why Staging apps don't work);
Add the Login Kit product to your app and set the Redirect domain field with your host domain, for example: mywebsite.com.
In your code:
From my tests, I could add whanever url path I wanted, the only constraint was that the domain should match with step 2. So, yes, you can add https://mywebsite.com/whatever/path/you/want in redirect_url parameter.
That's it. It should work with these 3 steps.
Additionally, I got other issue related to use specific features in the scope property (like upload or read videos, etc), so here the solution as well:
Only add Video Kit product to the TikTok app and set video.upload or video.list in the scope authorize request won't work unless you also add the TikTok API product in your TikTok app as well. Btw, it neeeds to be approved too.
TikTok fixed the bug that resulted in URL mismatch with redirect domain from working. However, they fixed it only for paths (e.g., /auth/tiktok) but PORT additions still result in an error - so www.domain.com:8080/auth/tiktok won't work but www.domain.com/auth/tiktok WILL work
UPDATE 10/3/2022
Got the following response directly from TikTok engineering team:
At this point, we only support production integrations with TikTok for Developers and require that you have a URL without port number. However, we understand from your communication that this makes it harder for you to build, test, and iterate your integration with us. Unfortunately, at this time, we do not have a timeline for when this additional support for development servers will be added. We request that you only redirect to URLs without port numbers. Thank you for the feedback.
The frontend of the developer's dashboard still rejects protocol and path in validation. However, the backend skips the path validation.
To be able to update the "Redirect domain" simply:
Open dev tools in chrome and go to the "Network" tab.
Clic on "Save changes" button on the dashboard.
Right clic on the "publish" request that appeared and copy as cURL.
Modify the "redirect_domains" field in the request before pasting it in the terminal.
I believe the app still needs to be approved and in production to get it to work. I'm still waiting for approval and it has been a couple of weeks.
UPDATE 9/17/2022
Just like #mauricio-ribeiro, my app worked after it was approved to production. Setting up the redirect domain without path and scheme works just fine.
I had the same problem, my solution:
1.- In my TikTok App dashboard, the “redirect_uri” is: mydomain.com, without http/https and without path (/my-redirect-url). Also you can add subdomains using this rule
2.- In my code, I have to add http or https to the redirect_uri, and feel free to use path (/my-redirect-uri)
I hope this help you
Every time I try to deploy truffle migrate --reset my Organization.sol contract, I get the following error:
Error encountered, bailing. Network state unknown. Review successful transactions manually.
I Googled the error and apparently this is due to contract size. My Organization.sol is not even that big; I’ve seen bigger contracts before.
Here is my contract: https://github.com/ulixir/eth-task-contracts/blob/master/contracts/Organization.sol
Any clues?
Do you also see an error this error
Error: insufficient funds for gas * price + value
In that case, the ethereum account you are trying to use may not have enough ether to perform the migration.
Ether can be added to an account by calling miner.start() from the geth console or by allocating ether to the account using the genesis.json file. You can read more about it here.
If you decide to use the genesis file, take the following steps after allocating data to your ethereum account:
remove the old geth db using geth --datadir "<your datadir>" removedb.
Reinitialize your geth node using the modified genesis file geth <your other params here> init <yourGenesisFile>
within the geth console of the new node, make sure you start the miner miner.start()
When done, try the migration again, it should work now.
If you decided to mine ether without modifying the genesis file, start the mining and give your ethereum account some time to mine enough ether. How long this takes depends on the difficulty level you set on your genesis file.
When you are using this command truffle migrate --reset it is trying to deploy Migration.sol contract also with your Organization.sol .You can see the migration script in migration folder. The error
Error encountered, bailing. Network state unknown. Review successful transactions manually.
means that it cannot determine which contracts are deployed.And telling you to check manually.To check which contracts are deployed you can use this command truffle network.
I use GSuite and I'm coding a very simple web app to use Google Auth API, and I get an exception "idpiframe_initialization_failed".
Now I have the exact HTML as shown in the google Sample:
https://developers.google.com/api-client-library/javascript/samples/samples
1) I've created a project on the Google Developer Console
2) I setup the OAUTH authorization screen
3) I've created the client ID, creating restrictions and redirection URL
4) I've also created the API KEY
5) Finally I've enabled the People API, because discovery services was failing when setting the discoveryDocs parameter
With all of these steps, When I call the gapi.client.init, it raises an exception ONLY in chrome, I cannot understand why.
The code for initializing the API is:
gapi.client.init({
apiKey: 'MY_API_KEY',
discoveryDocs: ["https://people.googleapis.com/$discovery/rest?version=v1"],
clientId: 'MY_CLIENT_ID.apps.googleusercontent.com',
scope: 'profile'
}).then(function (response) {
// Listen for sign-in state changes.
gapi.auth2.getAuthInstance().isSignedIn.listen(updateSigninStatus);
// Handle the initial sign-in state.
updateSigninStatus(gapi.auth2.getAuthInstance().isSignedIn.get());
},function(reason){
console.log('onerror');
console.log(reason);
// Listen for sign-in state changes.
gapi.auth2.getAuthInstance().isSignedIn.listen(updateSigninStatus);
// Handle the initial sign-in state.
updateSigninStatus(gapi.auth2.getAuthInstance().isSignedIn.get());
The code is running the error block, and the message is:
details: "Failed to read the 'localStorage' property from 'Window': Access is denied for this document."
error:"idpiframe_initialization_failed"
Any ideas why I'm coming into this error?
Thanks!
I encountered the same issue. After investing some time, found the reason. This error is because in chrome settings, you have the Block third-party cookies and site data option enabled.
It can be resolved by disabling this option:
"To find the setting, open Chrome settings, type "Content settings" in the search box, click the Content Settings button, and view the fourth item under Cookies."
Uncheck the box "Block third-party cookies and site data".
Hopefully this helps you in resolving your issue.
The problem is with Google's API console and how it handles creating credentials.
It only seems to work when I access it through the following url
https://developers.google.com/identity/sign-in/web/sign-in#before_you_begin
There is a link that lets you create your app and the OAuth credentials.
When I go to the console and create it through that screen it doesn't seem to work.
After trying and re-create again and test with a fresh app I found out that the URL you add to the Authorized Javascript Origins doesn't always get added.
If everything is good then the url should be available in the credentials page
In my case, I just had to wait a bit for Google to take the origin into account. I cannot tell exactly how long it took. I waited ~30min. I then went to sleep and it was working the following morning.
Edit: Ooops I just realized I was using http:// and not https://. That was the actual problem.
I had the same problem and I searched for 3 days: Resolve " popup_closed_by_user" Go to your console.google go to your API MANAGE : Credentials:modify your credentials:
Authorized Javascript origin (http://localhost:port);
authorized redirect URI(http://localhost:port/auth/google/callback);
Example:|| Authorized Javascript origin (http://localhost:4200);
authorized redirect URI (http://localhost:4200/auth/google/callback)
I am totally new to braintree and was just trying out the tutorial (javascript for client and JAVA on the server side)
I created a simple HTML file basically just wrapping the "Hello Client" example. I had also tried using both the given clientToken provided in the example and one I obtained from the sandbox account.
However, after I filled out a valid credit information and tried to submit the form, I've got this error:
"There was an error processing your request. Try again"
And this error occurred BEFORE the form submission was actually sent to the server; braintree.js seems to have intercepted the submission and did some authorization with its server, and thats where the error above came from
I looked at the chrome developer console and saw the requests were like this:
Request URL:https://client-analytics.sandbox.braintreegateway.com
Params:
authorizationFingerprint: [some fp]
sharedCustomerIdentifierType:undefined
analytics[][kind]:dropin.web.inline.add-card.fail
_meta[platform]:web
_meta[platformVersion]: [some value]
_meta[integrationType]:dropin
_meta[sdkVersion]:braintree/web/2.3.3
_meta[merchantAppId]:file:///Users/jiayaohan/Desktop/card.html
braintreeLibraryVersion:braintree/web/2.3.3
_method:POST
callback:callback_json9
And the status code itself was OK (200), but in the response, the content was:
callback_json9({status:201})
Anyone knows what might go wrong with this very simple hello-world client setup? (noted that I've tried using both the given example client Token and one derived from my own sandbox account, but the same error happened)
Thanks!
I work at Braintree.
It looks like there was a failure adding a card. Are you using the available testing card credentials?
Sandbox only accepts certain test numbers, so that could be your issue. The most commonly used test number is 4111111111111111.
I'm trying to use chrome.identity.getAuthToken to get a token, but every time I try this error shows up:
OAuth2 request failed: Service responded with error: 'bad client id: {0}'
I have no idea why this is happening. The client ID I put in manifest.json is exactly the same as the one on the Google Developers Console, and the correct scopes is also included:
oauth2: {
"client_id": "NUMBERS-NUMBERS&LETTERS.apps.googleusercontent.com",
"scopes": ["https://www.googleapis.com/auth/SOME_SERVICE"]
}
The extension is up on the webstore, and I don't see why it is still giving the bad client ID error.
What is possibly causing this error? What am I missing here?
Just as a note for myself and for someone run into.
I have encounter this problems with chrome app , the answers is not my problem ,and finally I found the solution for my problem but produce the same error as the question.
As https://developer.chrome.com/apps/app_identity#client_id say is much special for chrome apps, you have to create a separate client id for your chrome app.
Go to the "API Access" navigation menu item and click on the Create an OAuth 2.0 client ID... blue button.
Enter the requested branding information, select the Installed application type.
you must to choose Installed application an set you Application ID.
what's your Application ID ?
chrome-extension://your application id
chrome-extension://gfmehiepojbflifceoplblionpfclfhf/
I overcomed this problem by setting up the email address and product name in "Consent screen" in the Google Developer Console.
Please refer to https://developers.google.com/console/help/new/#userconsent for detail.
I had a similar problem. Everything seemed to work fine on my own laptop, but when i ran it on another device i got that "bad client id" error.
My problem was that the client-id changed from one device to another, as i did not yet upload my extension to the chrome store.
To overcome that problem, i followed the instructions of How to change chrome packaged app id Or Why do we need key field in the manifest.json?.
You need to create a key to keep the client-id persistent through all devices.
Hope that helps finding the right answer for people with the same issue quicker.