Unable to Access SAP Fiori Application - Error: 403 Forbidden - sapui5

I have been trying out the Freestyle SAP Fiori Project and Deployed it to my Sub Account Space. It is Deployed Successfully and it is in a running state. However, when I try to access it, it says "403 Forbidden".
Screenshot 1: Error Message while Accessing the App
Screenshot 2: App Status
#Update 1: Roles, Scope, Role Templates are Empty
I went inside the deployed Application to see its Roles, Scopes & Role Templates. But all of them are empty. Can this be the reason? If yes, how do we assign them?
#Update 2: Roles, Scope, Role Templates are Empty
I have verified the MTAR Archive to see whether xs-security.json file is getting included and I can confirm it is getting included. For example, below is the content of that file.
xs-security.json
{
"xsappname": "demofiori",
"tenant-mode": "dedicated",
"description": "Security profile of called application",
"scopes": [
{
"name": "uaa.user",
"description": "UAA"
}
],
"role-templates": [
{
"name": "Token_Exchange",
"description": "UAA",
"scope-references": [
"uaa.user"
]
}
]
}

Related

Deploying azure storage fileServices/shares - error: The value for one of the HTTP headers is not in the correct format

As part of a durable function app deployment, I am deploying azure storage.
On deploying the fileServices/shares, I am getting the following error:
error": {
"code": "InvalidHeaderValue",
"message": "The value for one of the HTTP headers is not in the correct format.\nRequestId:6c0b3fb0-701a-0058-0509-a8af5d000000\nTime:2022-08-04T13:49:24.6378224Z"
}
I would appreciate any advice as this is eating up a lot of time and I am no closer to resolving it.
Section of arm template for the share deployment is below:
{
"type": "Microsoft.Storage/storageAccounts/fileServices/shares",
"apiVersion": "2021-09-01",
"name": "[concat(parameters('storageAccount1_name'), '/default/FuncAppName')]",
"dependsOn": [
"[resourceId('Microsoft.Storage/storageAccounts/fileServices', parameters('storageAccount1_name'), 'default')]",
"[resourceId('Microsoft.Storage/storageAccounts', parameters('storageAccount1_name'))]"
],
"properties": {
"accessTier": "TransactionOptimized",
"shareQuota": 5120,
"enabledProtocols": "SMB"
}
}
Answer to this: removing the property "accessTier": "TransactionOptimized" resolves the issue. The default value for this is TransactionOptimized.
Although the template exported from azure portal includes this property, deployment fails if this parameter is present.

Flutter website on firebase hosting works fine with domain 1 but not domain 2

I am using flutter web to create a website for my buisness. I am hosting it on firebase hosting with the url
https://xspectre-9a3b3.web.app/
Now when I added the new domain
https://xspectre.net
The website does not load in this domain and gives the error
main.dart.js:1 Uncaught SyntaxError: Unexpected token '<'
(index):1 Uncaught (in promise) DOMException: Failed to register a ServiceWorker for scope ('https://xspectre.net/') with script ('https://xspectre.net/flutter_service_worker.js'): The script has an unsupported MIME type ('text/html').
It does not work with https://xspectre-9a3b3.firebaseapp.com/ either. What should I do?
EDIT
I discovered the real error is not the MIME type one since it is in my real project too. The actual error is somehow
Uncaught SyntaxError: Unexpected token '<'
When I open the main.dart.js it shows me different code then it should. It shows me the html files not the main.dart.js code and I think that is what is causing the problem. I dont know how or why the files are different for both the URLs.
**EDIT 2 **
Finally figured out the root problem.
Whenever I try to do firebase init, it goes to initialize the whole flutter directory. This means that it says,
You're about to initialize a Firebase project in this directory:
C:\FlutterProjects\xspectre
and not
You're about to initialize a Firebase project in this directory:
C:\FlutterProjects\xspectre\build
Now I need to figure out how to do firebase init and deloy in the /build and not root
The website probably still works for you as it is already cached by the service worker. Try with another browser and it will not work.
firebase init should be run in the project directory, not in the build directory.
After that, edit your firebase.json file to look like
{
"hosting": {
"public": "build/web",
"ignore": [
"firebase.json",
"**/.*",
"**/node_modules/**"
],
"rewrites": [
{
"source": "**",
"destination": "/index.html"
}
],
"headers": [
{
"source": "**",
"headers": [
{
"key": "Cache-Control",
"value": "no-cache"
}
]
}
]
}
}
"public": "build/web" points to the directory where the files for deployment are.
Now you can do flutter build web and firebase deploy

Deployed Keycloak Script Mapper does not show up in the GUI

I'm using the docker image of Keycloak 10.0.2. I want Keycloak to supply access_tokens that can be used by Hasura. Hasura requires custom claims like this:
{
"sub": "1234567890",
"name": "John Doe",
"admin": true,
"iat": 1516239022,
"https://hasura.io/jwt/claims": {
"x-hasura-allowed-roles": ["editor","user", "mod"],
"x-hasura-default-role": "user",
"x-hasura-user-id": "1234567890",
"x-hasura-org-id": "123",
"x-hasura-custom": "custom-value"
}
}
Following the documentation, and using a script I found online, (See this gist) I created a Script Mapper jar with this script (copied verbatim from the gist), in hasura-mapper.js:
var roles = [];
for each (var role in user.getRoleMappings()) roles.push(role.getName());
token.setOtherClaims("https://hasura.io/jwt/claims", {
"x-hasura-user-id": user.getId(),
"x-hasura-allowed-roles": Java.to(roles, "java.lang.String[]"),
"x-hasura-default-role": "user",
});
and the following keycloak-scripts.json in META-INF/:
{
"mappers": [
{
"name": "Hasura",
"fileName": "hasura-mapper.js",
"description": "Create Hasura Namespaces and roles"
}
]
}
Keycloak debug log indicates it found the jar, and successfully deployed it.
But what's the next step? I can't find the deployed mapper anywhere in the GUI, so how do I activate it? I tried creating a protocol Mapper, but the option 'Script Mapper' is not available. And Scopes -> Evaluate generates a standard access token.
How do I activate my deployed protocol mapper?
Of course after you put up a question on SO you still keep searching, and I finally found the answer in this JIRA issue. The scripts feature has been a preview feature since (I think) version 8.
So when starting Keycloak you need to provide:
-Dkeycloak.profile.feature.scripts=enabled
and after that your Script Mapper will show up in the Mapper Type dropdown on the Create Mapper screen, and everything works.

IBM Blockchain (Hyperledger) - "Error when deploying chaincode"

I'm following the instructions to deploy some chaincode to the IBM Hyperledger Blockchain, using the swagger API on the IBM Bluemix dashboard.
In order to deploy some chaincode, I need to submit a JSON request, which contains the path to the chaincode repository:
{
"jsonrpc": "2.0",
"method": "deploy",
"params": {
"type": 1,
"chaincodeID": {
"path": "https://github.com/series0ne/learn-chaincode/tree/master/finished"
},
"ctorMsg": {
"function": "init",
"args": [
"Hello, world"
]
},
"secureContext": "user_type1_0"
},
"id": 0
}
I have logged in user_type1_0 before attempting to deploy, but this is the result I get:
{
"jsonrpc": "2.0",
"error": {
"code": -32001,
"message": "Deployment failure",
"data": "Error when deploying chaincode: Error getting chaincode package bytes: Error getting code 'go get' failed with error: \"exit status 1\"\npackage github.com/series0ne/learn-chaincode/tree/master/finished: cannot find package \"github.com/series0ne/learn-chaincode/tree/master/finished\" in any of:\n\t/opt/go/src/github.com/series0ne/learn-chaincode/tree/master/finished (from $GOROOT)\n\t/opt/gopath/_usercode_/424324290/src/github.com/series0ne/learn-chaincode/tree/master/finished (from $GOPATH)\n\t/opt/gopath/src/github.com/series0ne/learn-chaincode/tree/master/finished\n"
},
"id": 0
}
Any ideas?
P.S. Currently running commit level 0.6.1 of the Hyperledger blockchain on Bluemix.
Try stripping out the 'tree/master' portion of your deployment url. Notice that the example linked below does not include this portion of the url:
https://github.com/IBM-Blockchain/learn-chaincode#deploying-the-chaincode
This url is going to be passed into a go get <url> command inside the peer, which will download the chaincode so that it can be compiled. So, this url must match the format accepted by this command.
I tried using the Learn Chaincode example based on the advice from Dale to change the address of the repository from https://github.com/GitHub_ID/learn-chaincode/tree/master/finished to https://github.com/GitHub_ID/learn-chaincode/finished. The Blockchain network used for this test was running on Bluemix with version 0.6.1 of the Hyperledger Fabric. With the modified path, it was possible to use the APIs tab within the interface for the Blockchain network to deploy the chaincode.
Following are some things to check.
The v2.0 branch from https://github.com/IBM-Blockchain/learn-chaincode should be used with a Blockchain network running Hyperledger Fabric version 0.6.1. Is your personal fork even with the v2.0 branch from https://github.com/IBM-Blockchain/learn-chaincode?
Was the chaincode deployment issued from the same validating peer used to register the user_type1_0 user? The validating peer can be selected at the top of the APIs tab. There is a note in the Learn Chaincode instructions indicating that the same validating peer must register the user and deploy the chaincode.
Your go get is command either not able to access Location of your package due to ACL or its parameters are invalid as per IBM doc. Please recheck its format

Can not restore backup to target instance - replicated setup, target instance non replicated setup

When trying to restore a backup to a new cloud sql instance I get the following message when using curl:
{
"error": {
"errors": [
{
"domain": "global",
"reason": "invalidOperation",
"message": "This operation isn\"t valid for this instance."
}
],
"code": 400,
"message": "This operation isn\"t valid for this instance."
}
}
When trying via google cloud console, after clicking 'ok' in the 'restore instance from backup' menu nothing happens.
I'll answer even thought this is a very old question, maybe useful for someone else (would have been for me).
I just had the same exact same error, my problem was that the storage capacity for the target instance was different than the one for the source instance. My source instance was accidentally deleted so this was a bit troublesome to figure out. This check list helped me https://cloud.google.com/sql/docs/postgres/backup-recovery/restore#tips-restore-different-instance