I m trying to request https://api.github.com/search/issues?q=repo:react+state:open&sort=created&order=desc&per_page=100&page=1 using my personal authentication token but it always returns 422 status. The way i m using the token is on headers like this:
{
headers: {
authorization: `token ${myToken}`
}
}`
I dont know if i m doing something wrong but i supose this code should be working fine.
Just in case, after reading "How to send the authorization header using Axios", try:
axios.get('https://api.github.com/search/issues?q=react+state:open&sort=created&order=desc&per_page=100&page=1', {
headers: {
'Authorization': `token ${access_token}`
}
})
Try also to generate your token, considering its format has recently changed (March 2021)
As commented by the OP Gabriel Mazurco below, no more repo:.
Related
I'm trying to change my banner on Twitter using 'node-fetch' library, but I can't get past Authentification 1.0a which is needed to post something on Twitter. My last try was using headers.Authorization = "OAuth ACCESS_TOKEN ACCESS_SECRET" but it was a failure. So my question is, what is the correct way of using Auth1.0a in 'node-fetch'?
Thank you in advance!
Btw. the ACCESS_TOKEN and ACCESS_SECRET in the code are not mine, but randomly typed in.
fetch(`https://api.twitter.com/1.1/account/update_profile_banner.json`, {
method: 'POST',
body: {
banner: b64,
},
headers: {
Authorization: "OAuth 2123123415-kbZfcGdHqKxTLlazrgQtzhzhKgHhjgtrLZq6789gui th67jz27z7gh3xhr5ghhgjj1gjHNMthtzuthfnOp3hJwhS5frx"
}
}).then(results => results.json()).then(data => console.log(data))
This is a sample Authorization header from their docs:
Authorization: OAuth oauth_consumer_key="xvz1evFS4wEEPTGEFPHBog", oauth_nonce="kYjzVBB8Y0ZFabxSWbWovY3uYSQ2pTgmZeNu2VS4cg",oauth_signature="tnnArxj06cWHq44gCs1OSKk%2FjLY%3D", oauth_signature_method="HMAC-SHA1", oauth_timestamp="1318622958", oauth_token="370773112-GmHxMAgYyLbNEtIKZeRNFsMKPR9EyMZeS9weJAEb", oauth_version="1.0"
As you can see there are many more fields to consider, I suggest you read the docs carefully.
The placement of your Auth header is correct.
I am trying to use the Basic Authorization method that accepts username and password. I am working in React, using a fetch. It does not seem to work. It sends status 401 Unauthorized. I've no two-factor authentication. And yes, I have used PAT but I want to authenticate using username:password method. Kindly look at the code:
fetch("https://api.github.com/user", {
method: "GET",
headers: {
Authorization: `Basic ${btoa(`${username}:${password}`)}`,
"Content-Length": 0,
},
}).then((response) => response.status);
I'm in the process of attempting to verify a JWT access_token against OneLogin's api as described here. My code is as follows:
const client_id = MY_CLIENT_ID
const client_secret = MY_CLIENT_SECRET
const token = MY_ONE_LOGIN_JWT_ACCESS_TOKEN
axios
.post(
"https://my-endpoint-dev.onelogin.com/oidc/2/token/introspection",
{ token, client_id, client_secret, token_type_hint: "access_token" },
{
headers: {
"Content-Type": "application/x-www-form-urlencoded",
},
}
)
.then((response) => {
console.log("response");
console.log(response);
})
.catch((err) => {
console.log("err");
console.log(err);
});
The endpoint appears to work fine, in fact when the JWT has become expired it gives me an error stating as such and I need to update the token I'm passing along. However, whenever I make a standard request as shown above with valid credentials and tokens I get the following error response:
{error: "invalid_request", error_description: "no client authentication mechanism provided"}
There's no documentation on the provided page that describes what is wrong with the request when that error is received. From the documentation, so far as I can tell, my request is formatted correctly.
I have verified that the Token Endpoint in OneLogin is set to POST, so my assumption that the client_secret should be in the body is documented as correct (though I did try it as Basic just to verify):
I've attempted searching for a solution, but the only thing close I've found advises that the Content-Type header may not be supplied. I've made sure to add that to the list of headers and have verified it shows up in the request, but still the error persists.
Any thoughts to what I may be missing here?
EDIT:
Attempted to do a cURL request and received a 200 response back with the same information. Leading me to believe it's something with the axios call that I have incorrect.
I get this message when I don't provide either the client_id or the client_secret. Hopefully you can validate that you are actually sending both in your request. Maybe you can try the request via postman to double check.
I ran into the same issue and finally figured out you have to turn the data into a query string: https://axios-http.com/docs/urlencoded
For example:
import qs from 'qs';
const data = { 'bar': 123 };
const options = {
method: 'POST',
headers: { 'content-type': 'application/x-www-form-urlencoded' },
data: qs.stringify(data),
url,
};
axios(options);
I have an simple web app I'm testing on localhost (using http-server) in which I'm trying to authorise it following the GitHub tutorial.
I was able to redirect to GitHub page so the user can login there and get the temporary code returned from GitHub as query parameter.
Yet I can't get auth token because every time I send a POST request with all the required data I'm getting CORB error.
The code I'm using to do that:
const getGitHubToken = async code => {
return await fetch(authData.accessTokenURL, {
method: 'POST',
body: {
client_id: authData.client_id,
client_secret: authData.client_secret,
code
},
headers: {
'Accept': 'application/json',
'Content-Type': 'application/json'
}
});
};
So my questions are:
why isn't it working
is it safe to keep client_id and client_secret on client side
any suggestions if it's good idea to apply this approach when my aim is to create an app able to query GitHub API (general stats, public repos), how can I do it better?
The following does not work in the "Code by Zapier" Action.
fetch('https://api.twitter.com/1.1/statuses/update.json?status=' +encodeURIComponent(textToTweet))
.then(function(res) {
return res.json();
})
.then(function(json) {
callback(null, json);
})
.catch(callback);
However, I get the following.
errors:
message:
Bad Authentication data.
code:
215
What additional authentication does one need to do? The Twitter account is already connected to Zapier, or does that not matter?
UPDATE: per feedback below the following code now gives me an 89: invalid or expired token
fetch('https://api.twitter.com/1.1/statuses/update.json?status=' +encodeURIComponent(textToTweet), {
headers: {
Authorization: 'Bearer ACCESS_TOKEN_BEGINSWITH_OWNERID'
}
})
.then...............
This is fairly straightforward if you know the incantations:
Get a token from https://dev.twitter.com/oauth/overview/application-owner-access-tokens.
Add a Authorization: Bearer <yourtoken> header to your fetch() call.
And you should be good to go!