In flask-jwt-extended how to set a custom token expiry time? - flask-jwt-extended

In flask-jwt-entended package how can we set a custom token expiry time say for example 72 hours? I couldn't find any annotation of examples in the documentation link shared.

See https://flask-jwt-extended.readthedocs.io/en/stable/options/#JWT_ACCESS_TOKEN_EXPIRES if you want to change it globally, or https://flask-jwt-extended.readthedocs.io/en/stable/api/#flask_jwt_extended.create_access_token if you want to change it dynamically or only for some tokens.

Related

keycloak: Determine which RequiredAction was initially called in info.ftl

I am using custom required actions in keycloak 16. Now at the end of the action processing the user sees the content of the info.ftl template. Is it possible to use different info.ftls depending on which action was performed or is there a way to find out which action(s) where executed from within the info.ftl template?
I helped myself by adding a cookie in the request an query this cookie in the info.ftl. Not very elegant, but it works for me.

Google Calendar REST API does not return title and other event fields

Google calendar REST API GET method (https://developers.google.com/calendar/v3/reference/events/get) should return this structure (https://developers.google.com/calendar/v3/reference/events#resource), unless I'm missing something.
I need to get event title and description to use in my application. I 'm getting below response instead.
I've tried to change event visibility (public/private) and availability (free/busy). Actually, API does not show events with Free availability, for which I don't have solution either.
Here is event edit screen screenshot:
https://www.screencast.com/t/X8bRS8kJDT
{
"kind":"calendar#event",
"etag":"\"3145149995624000\"",
"id":"5fnlvcl2msab46p8roqbahhb6g",
"status":"confirmed",
"htmlLink":"https://www.google.com/calendar/event?eid=NWZubHZjbDJtc2FiNDZwOHJvcWJhaGhiNmcgZWQtYWRtaW4uY29tXzMwOHNycjdzdjdiM28xazRpdjZ2cm9mb3Y0QGc",
"updated":"2019-11-01T02:23:17.812Z",
"start":{
"dateTime":"2019-11-11T09:30:00+11:00"
},
"end":{
"dateTime":"2019-11-11T10:00:00+11:00"
},
"visibility":"private",
"iCalUID":"5fnlvcl2msab46p8roqbahhb6g#google.com"
}
Are there other methods to get calendar events details with REST API, including ones with free availability?
Thanks.
04/02/2020:
I actually made it work for "ordinary" Google account - add project, add API, add service account and allocate service account email to the calendar. But I still not sure how to change access level for G Suite account. It allows only to see Free/Busy status.
I've changed default access in Admin Console as this article suggests, but it does not help:
https://www.macworld.com/article/2980005/the-mystery-of-the-unsharable-google-apps-calendar.html
You could try specifying the fields you want to retrieve like the image below:
Or you could put a " * " as the image below to retrieve all values:
fields is a standard Query parameter, which specifies what values you want to include in your response. To learn more about it, you can check Here.

JSON Request is not configure with zap Authentication.

I am using ZAP security testing tool.but at the point of Authentication by username and password of a JSON Request, I face problem to configure these. I checked all links and blogs too. but I can't get the proper step by step solution on it.
Request code:-
{"userName":"cwc_patna","password":"33a0d2e93e0ad396b7c9374bbbc83a58"}
Response code:-
{"userId":72,"userName":"cwc_patna","password":"33a0d2e93e0ad396b7c9374bbbc83a58","emilId":"pratyush#sdrc.co.in","userTypeId":1,"viewName":"cwc","isLive":null,"isActive":null,"isApproved":null,"sjpuAccess":null,"userUserTypeFeaturePermissionMapping":null,"area":null}
That functionality was only just added last week: https://github.com/zaproxy/zaproxy/pull/4624
If you want to use it, you'll either have to use a weekly: https://github.com/zaproxy/zaproxy/wiki/Downloads#zap-weekly
Or, wait for the next full release (likely 2.8.0).
The corresponding PR to update the help content for the new JSON Authentication functionality is here: https://github.com/zaproxy/zap-core-help/pull/188/files if you want to check it out.
You set it up the same way you would for form based authentication. Make sure you define a Logged-in or Logged-out Identifier (or both). Here's some screenshots to help you along:
Manually configure the Authentication for your Context:
Use the Site Tree Context menu(s) to set it up:
Here's an additional help link that might assist you in getting authentication setup: https://github.com/zaproxy/zaproxy/wiki/FAQformauth

How can I restrict a user's access to just a single node of an AEM website?

I'd like to restrict a user's access to just a specific node within an AEM website. I want them to be able to manage a blog; they should be able to view the blog (of course), add/edit/delete entries/comments, upload photos, add/remove other collaborators, etc. However, I don't want them to have access to or even see anything else within AEM.
I have tried giving access to just the blog node under the content path (/content/geometrixx/en/blog), but when I try to log into AEM as this user and edit the blog (localhost:4502/cf#/content/geometrixx/en/blog.html), I get the following error:
No resource found
Cannot serve request to /cf in /libs/sling/servlet/errorhandler/404.jsp
I've tried giving write access to the /content/geometrixx/en/blog node and read access to everything else, and it seems to work, but of course, the user is able to see way too much. It would seem there is some particular node that a user must have read access to in order to edit content nodes, but I'm not sure what that is. Any ideas?
I would go to the /useradmin, chose the user, and in the Permissions tab I would allow access to the below and its child pages:
/content/geometrixx/en/blog - allow read modify create delete replicate
/apps/geometrixx/ - allow read only
/etc/designs/geometrixx - allow read only
/libs - allow read only
/etc/clientlibs - allow read only (optional)
/etc/workflow - allow read only (optional)
This is roughly the solution I use in our setup. As you are aware, you need to give at least read-only to the directories where cq components sit, as well as the components from your application, in this case geometrixx.
edit: Also useful to read: https://helpx.adobe.com/experience-manager/kb/CQ53ACLsMappingToCRX2.html
Most importantly you really need to understand the different pieces of functionality of cq, where they reside (/libs, /apps/, /etc/, etc...) and what is required to have a page properly rendered.
Is it a requirement you have for both author and publisher?
Reading https://jackrabbit.apache.org/api/2.2/org/apache/jackrabbit/core/security/authorization/GlobPattern.html can also help you set ACLs.
I suggest you create a custom group with deny jcr:all on /, and then set the ACL as described by dex and test to see if it helps.
can you try to give the modified access instead of read access,
/content/geometrixx/en/blog - allow read modify
As you need access to single blog node and its jcr:content

How to check Zend_Session expiration after using Zend_Session::rememberMe

I use Zend_Session::rememberMe(60*60*24*90); to make the session of a logged-in user to last for 90 days.
I've read the Zend_Session documentation but didn't find any method to check that this expiration is actually set somewhere.
I cannot check the browser cookie, at least directly, as the webpage is embedded within an Adobe Air widget.
If you just want it for debugging purpose use:
var_dump($_SESSION['__ZF']);
you can see all of the values stored in zend session including rememberme 's expiration.