I followed the Apollo Getting Started example in a Github Codespace.
Upon starting the server, I see the error:
{
"error": "Preflight response is not successful"
}
Sample repo to reproduce is here: https://github.com/anishkny/codespaces-test
I tried various options for cors but it did not work:
...
new ApolloServer({ typeDefs, resolvers
cors: {
"origin": "*",
"methods": "GET,HEAD,PUT,PATCH,POST,DELETE",
"preflightContinue": false,
"optionsSuccessStatus": 204
}
});
...
I had this same issue. It turns out that Playground is not forwarding your Github credentials. Notice that if you visit the preview URL in an incognito window, you are redirected to the Github login screen. The solution is to change Playground settings so that your credentials are sent in GraphQL requests.
Click the top right corner, click the gear icon (settings)
Change the following
- "request.credentials": "omit",
+ "request.credentials": "same-origin",
Related
Strapi Version: 4.1.5
Operating System: Debian GNU/Linux 9
Database: PostgreSQL 13
Node Version: v14.16.0
NPM Version: 6.14.11
Yarn Version: v1.22.5
Hi everyone, I can’t seem to find consistent information on how to use permissions with a custom plugin in Strapi. I want to make an endpoint available to my front-end (Next.JS) application, but only when the front-end application has authenticated as a user and using the JWT that is returned from authenticating with Strapi. I keep getting a 401 returned.
Here’s what I’m doing:
I used this page to set up authentication in Strapi. I have a user created in Strapi, and from the front-end, I can authenticate and it returns a JWT token. When I set up collection types to only be accessible with the “authenticated” role, I can access those collection types in the api using this JWT token. So all of that works. The problem is that I can’t get this to work with my custom plugin, and I’m not sure why. I still get a 401 error instead.
Here’s how I set up the permissions:
Based on this page, I initially tried to leverage the isAuthenticated permission that the Users & Permissions plugin provides:
{
method: "GET",
path: "/progress",
handler: "memberProgress.getProgress",
config: {
policies: ['plugins::users-permissions.isAuthenticated']
},
},
Unfortunately, this did not work. The server raised an error, saying that this could not be found. So back on the document linked above, I decided to take the approach of creating my own gloabl permission. I created src/policies/is-authenticated.js with the following contents:
module.exports = (policyContext, config, { strapi }) => {
if (policyContext.state.user) { // if a session is open
// go to next policy or reach the controller's action
return true;
}
return false; // If you return nothing, Strapi considers you didn't want to block the request and will let it pass
};
Then, I modified my plugin’s route as follows:
{
method: "GET",
path: "/progress",
handler: "memberProgress.getProgress",
config: {
policies: ['global::is-authenticated']
},
},
This is all based on that document I linked to. Unfortunately, this still does not work. It seems to find the permission (server doesn’t raise an error about it), but when I try to access my plugin’s endpoint with the JWT token, I just get a 401 error.
Here is how I’m trying to access the endpoint on the front-end:
// VERIFIED, auth works and I get the expected jwt
const strapiAuth = await strapiApiAuth();
if ( strapiAuth && strapiAuth.hasOwnProperty("jwt") ) {
try {
const response = await axios.get(
`${process.env.STRAPI_BACKEND_URL}/member-progress/progress?year=2022&name=&pageSize=10&page=1`,
{
headers: {
Accept: "application/json",
Authorization: `Bearer ${strapiAuth.jwt}`
},
timeout: 500,
}
);
console.log(response);
} catch (error) {
// This is where I land with the 401 error
console.log(error);
}
}
Strapi check if you have a valid jwt by default with "authenticated" role, but you must mark the permission to your custom endpoint in "Settings→User & Permission Plugin→Roles" of admin panel also.
Summary:
I am creating a Vs Code web extension with OAuth2 based authentication (similar to Github Authentication in VS Code), upon successful authentication, redirects to a specific URI like the one shown below. This URI, unfortunately, contains the auth credentials in the fragment part (i.e. starts with the "#" character). This "#" character and the credentials are added by the OAuth server.
Redirect URI from OAuth server:
https://vscode.dev/callback?vscode-reqid=1&vscode-scheme=vscode&vscode-authority=myPublisher.foo-web-extension&vscode-path=%2Fdid-authenticate#&access_token=XXXX&expires_in=XXXX&location=XXXX&api_domain=XXXX
I'm accessing this URI inside the extension's source using the below code:
context.subscriptions.push(vscode.window.registerUriHandler({
handleUri(uri: vscode.Uri): vscode.ProviderResult<void> {
console.log(uri);
}
}));
// output: { "$mid": 1, "path": "/did-authenticate", "scheme": "vscode", "authority": "myPublisher.foo-web-extension" }
Note here that the 'fragment' part of the vscode.Uri instance is not present in the output
The URI object doesn't contain the fragment part (i.e. #&access_token=XXXX&expires_in=XXXX&location=XXXX&api_domain=XXXX) which is required to log the user in the extension.
Questions:
I can't log the user in until I can access the OAuth credentials from this URI. Is there any way the handler function can get access to the fragment part of the URI? Any workaround?
I'm using vscode.env.openExternal to initiate the login process, which opens a new tab. Is there another option to open the same process in a popup window using VS Code's Extension API? Github Authentication uses a popup window for the same. I wasn't able to find the particular VS Code's Extension API.
What I've tried?
Removing the '#' part from the URI solves the issue as all the credential information gets included in the uri.query object. So, I've reached out to the OAuth provider for removing the "#" character and providing credentials in queryString only, but haven't got a solution from them as of now.
Steps to Reproduce:
Reproducing error during VS Code web extension development
Create a URI for the VS Code's extension to listen for using the below code.
const redirectURI = (await vscode.env.asExternalUri(vscode.Uri.parse(vscode.env.uriScheme + '://myPublisher.foo-web-extension/did-authenticate'))).toString()
Attach this redirectURI to OAuth2 login URI for your provider and open the resultant loginURI using the vscode.env.openExternal method and perform authentication. The OAuth2 authentication provider I'm using redirects to a link containing credential details appended as fragment part.
i.e. https://vscode.dev/callback?vscode-reqid=1&vscode-scheme=vscode&vscode-authority=myPublisher.foo-web-extension&vscode-path=%2Fdid-authenticate#&access_token=XXXX&expires_in=XXXX&location=XXXX&api_domain=XXXX
const loginUri = await getLoginUri(redirectURI);
await vscode.env.openExternal(loginUri);
Listen for the URI event and register a URI handler method to get and save auth credentials.
context.subscriptions.push(vscode.window.registerUriHandler({
handleUri(uri: vscode.Uri): vscode.ProviderResult<void> {
console.log(uri);
}
}));
// output: { "$mid": 1, "path": "/did-authenticate", "scheme": "vscode", "authority": "myPublisher.foo-web-extension" }
As the credential details are present in the fragment part of the redirect URI, the resultant 'uri' I'm getting is having no credential details. We can get access to the credentials details only if we can get access to the fragment part of this 'uri'.
VS Code Web - version information
Version: 1.63.2
Commit: 899d46d82c4c95423fb7e10e68eba52050e30ba3
User Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.99 Safari/537.36
Embedder: vscode.dev
I am using a private repository in my project ( for example https://github.com/org/repo), and recently I am getting the below error message when I trying to run composer install.
[Composer\Downloader\TransportException]
The 'https://api.github.com/repos/org/myrepo' URL could not be accessed: HTTP/1.1 400 Bad Request
You have to update your auth.json file. Please go to Settings > Developer settings > Personal access tokens (Direct URL: https://github.com/settings/tokens) page and generate a new token and copy the token string then enable sso and authorise with your private organisation. Update your auth.json like below format.
{
"http-basic": {
"github.com": {
"username": "<YOUR-USERNAME>",
"password": "<NEW_TOKEN>"
}
}
}
background:
I am trying to build an application that will copy a public repository to the logged in account.
Now i am trying to do a source import in PostMan and i am using the following settings:
i make a PUT request to this link:
https://api.github.com/repos/{myusername}/{empty github repository}/import
with the following header:
Accept:application/vnd.github.barred-rock-preview
With this body:
{
"vcs": "git",
"vcs_url": "https://github.com/{owner of repo i want to copy}/{repo i want to copy}",
"vcs_username": "{myusername}",
"vcs_password": "{mypassword}"
}
I have read the github API for importing repositories. But i am getting the following response from the server:
{
"message": "Not Found",
"documentation_url":
"https://developer.github.com/v3/migrations/source_imports/#start-an-import"
}
Why does the server return a Not Found? How do i get this to work
It need Authentication else will get 404 Not Found
using username and password for authentication
Put URL:
https://{myusername}:{mypassword}#api.github.com/repos/{myusername}/{myreponame}/import
Request Body
{
"vcs": "git",
"vcs_url": "https://github.com/{ownerRepo}/{ownerRepoName}"
}
vcs_username and vcs_password used for remote repo not yours.
I have seen a lot of these errors all over the net with different developer framework
{
"error": {
"message": "Invalid redirect_uri: Given URL is not allowed by the Application configuration.",
"type": "OAuthException",
"code": 191
}
}
I am using Mule ESB to post a comment on a wall but get this error. I have used localhost and the IP address of my PC but nothing seems to work. I am behind a proxy server so not sure if that is the problem. It also seems that Facebook has chaned the UI of the apps page as a lot of sample refer to pages that do not exist anymore.
How do I get my Facebook page to accept my auth and then post using Mule.
Regards.
Jaco.
Have you configured Facebook properly? They tend to change their app system every few months, so any example is usually outdated. The following works with my test app (just tests auth, does not save token):
FB App:
Settings
-> Basic
-> Add Platform
-> App on Facebook
-> Canvas URL: http://localhost:3000/
Mule:
<facebook:config-with-oauth name="Facebook" appId="${id}" appSecret="${secret}" doc:name="Facebook">
<facebook:oauth-callback-config domain="localhost" localPort="3000" remotePort="3000"></facebook:oauth-callback-config>
</facebook:config-with-oauth>
<flow name="authorize">
<http:inbound-endpoint exchange-pattern="request-response" host="localhost" port="3000" path="authorize"></http:inbound-endpoint>
<facebook:authorize config-ref="Facebook"></facebook:authorize>
</flow>
If you have a proxy / port forwarding in your environment, you should add the remotePort option explicitly. I run my Mule inside a virtual machine, and it produces the invalid url error without it.