I just can't seem to get anywhere with this.
I have a web api running fine, with a wpf application using the api via AutoRest.
The api has been uploaded to Azure (App Services)
I now want to lock down the api, so users log in via Active Directory. Again, all users are currently there.
RestCredentials = new TokenCredentials(tokenAuthResult.AccessToken);
Using the RestCredentials I pass in the credentials as type
ServiceClientCredentials
using (var db = new BuxtedAPI(Model.Helpers.Credentials.RestCredentials))
{
var res = db.GetComboList();
ComboValueList = new ObservableCollection<ComboValue>(res);
return ComboValueList;
}
I can see on the log in Azure that the user successfully logs in.
But the system just dies with
Operation returned an invalid status code 'InternalServerError'
No more feedback at all.
Just to note, I am using swagger also here.
I am assuming that the BuxtedAPI call that passing the credentials should pass through the bearer token for the api call to authorise.
I have set nothing else on on webapi code base, no [AUTHORIZED] or anything.
Any chance anyone can help me along here.
Thanks Scott
If anyone else gets in this situation.
The process required Resource Id to be the web app and the clientid to be the native app id.
Scott
Related
Some background
I am connecting external application (server) with Moodle through Web Services API.
First a user obtains web services token through a call to /login/token.php.
Above token can be used to call web services functions through /webservice/rest/server.php endpoint.
The problem
In some cases I need to provide userid, which I don't know, because /login/token.php does not return it.
Things I've tried
I searched through the Web Services api documentation and found core_session_time_remaining function. Documentation says it returns userid and timeremaining properties:
object {
userid int //The current user id.
timeremaining int //The number of seconds remaining in this session.
}
The problem is, returned userid is always 0, irrelevant of what token was used to call this function. Is it a bug in Moodle, or am I using it wrong? How can I get userid?
did you ever tried using the core_webservice_get_site_info wsfunction?
I use it and works fine.
According to the docs: "Return some site info / user info / list web service functions" API Doc
I've implemented facebook login following this blog https://ahoycoders.com/2015/07/09/xamarin-forms-social-authentication-with-azure-mobile-services-part-3/
That blog is based on old Azure portal.
But, I'm using new Azure portal.
1. In the new Azure portal I used Easy APIs option for creating custom API as mentioned in the blog.
2. I copied the scrip mentioned in the blog for my custom API and I'm using only Facebook.
I authenticated via Facebook and then called the following,
return await mobileService.InvokeApiAsync("getextrauserinfo", HttpMethod.Get, null);
Unfortunately, I'm getting the following error,
"Cannot read property 'getIdentities' of undefined"
I don't know what's wrong, please help me in fixing this.
currentUser is no longer obtained from request as .user, it is now request.azureMobile.user
They changed the method calls. It is also no longer getIdentities.
Its getIdentity.
A few other calls slightly changed as well.
I suggest anyone wanting to use that guide use console.log to see what each object actually returns and then switch out the old code for the right call.
Logic in that example should still be fine, just slightly different calls/names.
Ok, I have a working cloudkit container that I am currently using as a database for my app. Now I want to try using the cloudkit API service. In the API access section, I just add a new token. this is the overview of my simple set up:
I tried using Postman to make one POST call, trying to see if my structure of my API call is right. my cloudkit container name is iCloudkit.izzuddin.CoffeeApp, and the records name is Cafe, so this is how I create the api call:
cloudkit.com/database/1/iCloud.izzuddin.CoffeeApp.Cafe/-development/public/records/modify?NewToken=031c663b3314f16ff3ee04719894b6f4e17132ad315eae27fa3e4374fd0b4e81
this is the returned value:
{
"uuid": "737d61ec-a668-4386-9512-b2ec05a8a394",
"serverErrorCode": "AUTHENTICATION_FAILED",
"reason": "no auth method found"
}
Can anybody who have experience explain how to structure the api call? thanks in advance.
Try:
https://api.apple-cloudkit.com/database/1/iCloud.izzuddin.CoffeeApp.Cafe/development/public/records/modify?ckAPIToken=031c663b3314f16ff3ee04719894b6f4e17132ad315eae27fa3e4374fd0b4e81
This should return 421 response AUTHENTICATION_REQUIRED with a redirectURL which you can use for signing in.
The next steps depend on what kind of app (web app / server to server / native) you want to build.
CloudKit Web Service needs not only your API token, but also needs [Web Auth Token], which represents the users.
I was trying out the new enhanced revocable sessions in Parse on my Android app. It works well when logging in or signing up via email password or facebook but doesn't work well for custom authentication, e.g. google+.
I'm currently logging in the user using the cloud code which also creates the new user when signing up. This does not create a new Session object, that means the new enhanced sessions are not used and it still uses the legacy sessions.
I pass the session token back to client where using the become method the user logs in but it's the legacy sessions.
This feels like the feature is not complete but I would really like to move to the new enhanced sessions with my app. Has anyone worked with them yet? Are there any workarounds using the REST API or by creating the sessions manually and handling them manually? I looked into the JS API but it says it's only read only.
Here's the Blog post on Enhanced Sessions.
Where should I go next?
Yes, I found a solution but it's a workaround, works for my case because I don't support signing up with user/password.
Basically, the solution (cloud code) in semi pseudo-code is:
Fetch the user with master key
Check if user.getSessionToken() has value
if it has, return the session token and do a user.become() in the client as usual
if it's not, here the workaround, do the following:
yourPreviousPromiseInOrderToChainThem.then(function(user)
password = new Buffer(24);
_.times(24, function(i) {
password.set(i, _.random(0, 255));
});
password = password.toString('base64')
user.setPassword(password);
return user.save();
}).then(function(user) {
return Parse.User.logIn(user.get('username'), password)
}).then(function(user) {
var sessionToken = user.getSessionToken();
// Return the session token to the client as you've been doing with legacy sessions
})
That means, I'm changing the user password each time in order to make a remote login and, of course, I know thist can't be applied to all cases, it's enough for app because I don't support login with user/password (only third party logins) but I understand that maybe it's not for all cases.
I got the idea from this official Parse example.
I don't like this solution because I think is not a workaround, it's a mega hack but I think there is no other way to do it currently (either Parse.com or Parse-Server)
If you find other workaround, please, share it :)
First things first. I'm a complete OAuth newbie. This will be my first stab at it, and things are getting hairy...
I'm writing a single page application using Durandal & Web API.
The user needs to be able to login using any social network.
I don't have access to a database whatsoever, I have to call an unprotected 3rd party web service which I consume server-side, and need to protect using OAuth.
So I've managed to add the files to my solution which generates the login using facebook contol/button (created a new MVC4 web application, and did a manual copy and paste of all the auth related files, updated bootstrappers etc..), and the code seems to work for the most part.
When facebook redirects back to
[AllowAnonymous]
public ActionResult ExternalLoginCallback(string returnUrl)
{
AuthenticationResult result = OAuthWebSecurity.VerifyAuthentication(this.Url.Action("ExternalLoginCallback", new { ReturnUrl = returnUrl }));
if (!result.IsSuccessful)
{
return this.RedirectToAction("ExternalLoginFailure");
}
if (OAuthWebSecurity.Login(result.Provider, result.ProviderUserId, createPersistentCookie: false))
{
return this.RedirectToLocal(returnUrl);
}
//code removed for brevity ....
}
I get the error specified once the following line tries to execute.
OAuthWebSecurity.Login(result.Provider, result.ProviderUserId, createPersistentCookie: false)
I've removed the [InitializeSimpleMembership] attribute from the controller, as I don't have a database.
Please forgive me if this is the dumbest question ever, but...
Why does the login fail? I mean at that point, isn't the app trying to log into facebook, why does it need a databse? Or am I correct in saying I can remove/replace that code section, with a login/authorise call on the web-service I'm using?
Not the dumbest question ever. Not by a long shot. But you are getting the error because your membership provider is still set to use the SimpleMembershipProvider and OAuthWebSecurity will use the default membership provider. If you don't want to use a database you will have to create or find a different membership provider to use.
EDIT:
I know you said you don't have access to a DB but if you can use SQL Compact you can just stick with the default SimpleMembershipProvider(check out Hanselman's blog) or DevArt has a SQLLite provider. Also the MemFlex Project has a RavenDb provider. If none of those work I think you might just have to write your own.