I just created a new user field in my form named UID and marked it required.
Now if I click anywhere on site administration it redirects me to
edit.php?id=2&course=1 and asks me to update UID and when I try to do it, it says:
Forbidden
You don't have permission to access /user/edit.php on this server.
Additionally, a 403 Forbidden error was encountered while trying to use an ErrorDocument to handle the request.
Related
What I have:
a WebApp (ReactJs), an Api (Spring-Boot) each running on a single pod in Kubernetes and an Ambassador wrapped around these (WebApp and Api are having the same domain), my Identity Provider is Azure AD.
In Azure AD I configured a Web-redirect URI for my WebApp.
My Problem:
Accessing the WebApp the first time directs me to microsoft login screen, after entering my credentials I get redirected to my WebApp. When I let the browser tab with my WebApp open, don't use it for 1/1,5 hours and go back and click a button in my WebApp (which triggers a call to my API) I get this CORS error:
Access to XMLHttpRequest at
'https://login.microsoftonline.com/{tenantId}/oauth2/v2.0/authorize?client_id={clientId}&redirect_uri={ambassador-redirectUri}&response_type=code&scope=openid&state={state}'
(redirected from 'https://mydomainname/api/webapp/people') from origin 'https://mydomainname'
has been blocked by CORS policy:
Response to preflight request doesn't pass access control check:
No 'Access-Control-Allow-Origin' header is present on the requested resource
Obviously my access token expired and my application tries to reach the identity provider to get a new one, but my Idp does not allow this.
I followed these steps for setting up Ambassador with Azure AD: https://www.getambassador.io/docs/edge-stack/latest/howtos/sso/azure/ but it seems like I missed something. Anyone a clue what it could be?
The logon flow via the https://login.microsoftonline.com page that you initially experience works only because the URL you want to access (that is, the URL of your WebApp) is in the browser's address bar, hence is used to load a page into the browser tab.
You cannot repeat the same logon flow for an XMLHttpRequest, because this has no address bar and browser tab. Even if the redirection were allowed, the Javascript code of your WebApp could not do anything with the HTML response it would receive from https://login.microsoftonline.com.
If one of your API endpoints (such as https://mydomainname/api/webapp/people) detects that the session is expired, it should not respond with a redirection to https://login.microsoftonline.com, but rather with a specific error code like
HTTP/1.1 403 Forbidden
Content-Type: application/json
{"error": "Session expired",
"redirect": "https://mydomainname/login"}
and when your WebApp receives this, it should present a button to the user labeled
Session expired, press to login again
and pressing this button should open https://mydomainname/login in a new browser tab, which will then automatically redirect to https://login.microsoftonline.com and so on. After the user has closed that tab again, your WebApp can repeat the API request.
I've created a Github app with the option "Request user authorization (OAuth) during installation".
When a user requests his admin to install the app, the admin accepts and gets back to the app. I then get a url like:
http://localhost:3000/auth/github/callback?code=a22757013d09ccc5f6ed&installation_id=18334019&setup_action=install&state=MYAPPSTATE
BUT when the user Authorize & Request and he gets back to the app I only get a url like so:
http://localhost:3000/auth/github/callback?setup_action=request&state=MYAPPSTATE
My question is, how to get Github to give me the code parameter so I can know which user has requested to install the github app ?
Thank you 🙏
Apparently this has been fixed now https://github.com/pre-commit-ci/issues/issues/70#issuecomment-899129055
Here is the response I got from GitHub support:
The code parameter is only returned for authorization during installation. There isn't a way to generate one for the user who has requested an admin to approve, authorise and install.
As an organization owner/admin, you should see on the GitHub App review install page the user who has made this request during the application installation. You can also check the integration_installation_request.create logs in the organization to find the user who has requested the installation
I have created a custom REST api to call the order api and get the order details, but it is redirecting me again to login page when I calling the api from browser and it throws error "Permission Denied". How to resolve it?
On AEM 6.1 instance I am trying to login using facebook.
Facebook login page opens up successfully. However when I key in any facebook credentials it gives me an authentication failed message and the url is appended with http://localhost:4503/ etc/cloudservices/facebookconnect/PROD_Facebook_APP.login.html//callback/j_security_check?code=AQAIAv.....(mix of alphabets and numbers).
This was working earlier. I dont see any error mesage on the logs and on developer tools
Failed to load resource: the server responded with a status of 403 (Forbidden).
Any help on this would be greatly appreciated.
Regards.
In magento from admin panel I can have the customer key and customer secret key.. I have install oauth on my system But for getting the access token i give the url as : http://192.168.1.101:8010/magento/oauth/token but it returns as:
This webpage is not found
No webpage was found for the web address: http://192.168.1.101:8010/magento/oauth/token
Error 6 (net::ERR_FILE_NOT_FOUND): The file or directory could not be found.
How can i get resolve of this...