How Shopify backend part in APP with VSCODE - visual-studio-code

I try to debug shopify backend part, for the frontend, there is no problem i follow
However for the backend part the endpoint remain "Unbound Breakpoint"
This link solutions work well for the frontend part, but not work for the backend!
https://community.shopify.com/c/shopify-apis-and-sdks/how-to-debug-shopify-react-app/td-p/601673
How resolte it ?

Related

How to read an external form redirect?

I'm currently working on a VueJS project on which I've just implemented a SSO system designed by the Portuguese government using our national identity cards, but I'm having some issues parsing the response from the external authentication server.
Here's a small GIF of my problem: https://gfycat.com/threadbarepossiblebagworm
The workflow is as follows:
User clicks on Authenticate.
User chooses "Login via ID Card"
User gets redirected to the external Authentication Provider
User logins with his ID Card.
External Authentication provider then sends back a POST method to the callback URL that is provided.
I read/parse the callback
The issue lies in step 6... The external authentication provider uses the callback URL I provided but I get this error
Cannot POST /users/callback
If this was a typical NodeJS I could just use
router.post('/callback' ....)
Is there a way I can read that callback in VueJS?
I've found this similar issue https://forum.vuejs.org/t/cannot-post-handling-form-post-from-an-external-site/41194/1 but no one managed to offer him a solution.
​
Thanks in advance!
EDIT: Before you ask, yes, that '/users/callback' is defined on router.ts and if I go to that route it does show a page. It's just not designed for POST methods afaik
Vue is a front-end framework, which means it doesn't have direct access to POST requests by default.
For production, are you running an npm script like "npm run build" and then serving the files that appear in the "dist" folder on a webserver, say Apache? Then you would have to respond to the POST request in Apache.
You could then store their authentication result "farther toward the backend" than Vue and have Vue grab it with vuex.

Play Framework authentication: request headers are not being added in production

I have implemented an authorized action as explained in this question as well as the answer by #vdebergue.
This was working great, and the requests made by the front-end application were automatically adding an X-XSRF-TOKEN request header, with the token obtained from the login response.
However upon deploying both front-end and back-end, the requests issued from the browser are no longer adding the X-XSRF-TOKEN request header, thus causing an Unauthorized response from the server (rightfully so).
What I am failing to understand is, what is it that changed between development and deployment?
I do have the request header specified in cors.allowedHttpHeaders:
play.filters.cors.allowedHttpHeaders = ["Accept", "Origin", "Content-Type", "X-XSRF-TOKEN"]
I doubt I have to add this header manually from React (in fact the issue probably has nothing to do with the front-end).
Thanks!
Edit 1:
List of XHR requests:
Details of the login POST request, can see the X-XSRF cookie and the token being passed:
Details of the unauthorized GET that is not setting the X-XSRF as request header:
Same as previous screenshot, but running on localhost, getting authorized with the header added:
Assuming you implemented correctly, and the cookie is not attached during deployment, the issue might be related to the domain of your cookie. The way I did it is to define an an env variable and use it to hold the domain value; so it does not break the implementation during development and tests.
You can look at the Playframework API documentation for more information on how to use the cookie.
Solved in an unconventional matter: front end was made with react, which offers a way to build a static production version.
I simply integrated those static files with play framework's index.scala.html, instead of trying to run it as a separate app on a different port.
It works, however i will not mark it as a best answer yet, because i don't know whether a mobile app connecting to the same play framework backend will play along nicely when it comes to authorisation and cookies. Mobile apps are not browsers (and maybe don't abide by their limitations), and Postman had no issues with cookies.
To be checked.

How can I do FaceBook login with django rest framework without requiring the client to use a popup?

So, I've setup an auth system using djoser and rest-social-auth ( https://github.com/st4lk/django-rest-social-auth )
but it seems it requires the client to open a pop-up or modal to login with facebook, which our frontend dev says is a bad idea, we should use server-side redirects instead.
So - assuming this is sensible - how do I go about the serverside setup to skip the facebook modal on client side? I'm happy to swap out the current social auth lib with something else if it makes things easier.
FWIW - we are using angular on frontend, but are also planning on other frontends in the future
The client side authorization with the JavaScript SDK is the easiest one, and it is perfectly safe. It´s also the best one for the user, because you do not need to redirect to a login page. Not sure why your frontend dev says it´s a bad idea, it´s actually the best and recommended way. The popup is ok in that case, because it is initiated by the user. Here´s an example: http://www.devils-heaven.com/facebook-javascript-sdk-login/
After authorization, you can send the Access Token to the server, in case you need it there. Make sure you read this though, and use appsecret_proof: https://developers.facebook.com/docs/graph-api/securing-requests
You can easily put the code in an Angular service, for example.

Using localhost to test Facebook canvas app

I want to create and test an app initially from localhost (were I run Ruby on Rails or Glassfish). I have read many postings about how to do this and NONE work. I have tried all the solutions discussed on stackoverflow and other sites.
Does anyone have a current method that does work (2015)?
Following did not work
1) in Canvas URL http://localhost:3000/users/index/ with and without localhost as domains
2) Tried editing the Advanced tab to add redirect URL to same URL.
What happens is I get a blank screen (I have even tried really simple hello world type apps that run locally so it should work with facebook).
Thank you,
Lynne
you have to configure secure canvas URL for canvas apps . it is mandatory and it has to be a https URL.
edit: This is actually a lot easier than I thought. I found this python script that creates a local https server. The only issue was that facebook is sending a POST request on the canvas page, and this server doesn't support POST requests, so I modified it a bit and now it handles the facebook canvas page correctly.
You don't need a domain, and in the script it tells you how to generate the self signed certificate. In the facebook app settings you can set https://localhost:4443/ as canvas url.
old post:
It is possible but it's a bit of a hassle. You can set a dns to 127.0.0.1 and use that. So if you own example.com, you can create an A DNS record for localhost.example.com and set it to 127.0.0.1.
The difficult part is that you have to find some way to create a certificate for this domain. If you want an official cert, the easiest option out there is Let's Encrypt. Verification of your domain through an https server is going to be difficult, since the Let's Encrypt servers will try to contact 127.0.0.1. So you're probably better of using DNS challenge validation. Another option would be a self signed certificate, which is a whole different story.
The last step is to find a server that can host https and use the certificates you generated.

What exactly am I supposed to do for OAuth 2.0 and https update?

I am a php developer. I created an application using fbml(non iframe) and didn't check roadmap regularly.
Today I received an email saying update to OAuth 2.0 and HTTPS by October 1st or the apps may be disabled.
I went through the documentation but could not get what exactly I am supposed to do.
From what I understood.
for https
we need to enable or buy ssl for our site and make https://example.com/facebookapps_folder/ accessible and fill the new url in Secure Canvas URL
Is that right?
I am confused about OAuth 2.0.For this do we need to change the whole code and libraries we are referring to.
Where can I get how do I change it.
I see some php examples but could not find clue what needs to be changed?
I think it is way authentication is being done, but I do I do that.
If I fail to do it immediately(as only 3 days left) is that any way I can save my application being disabled?
Make sure you have implemented Oauth2.0 for authentication .. Also you will need an SSL certificate for your app to support https:// protocol