I created a GitHub Webhook function, copied and pasted the Function URL and GitHub Secret to the GitHub to the WebHook I created in GitHub and I keep getting the following error.
{"Message":"The WebHook signature provided by the 'X-Hub-Signature' header
field does not match the value expected by the 'GitHubWebHookReceiver'
receiver. WebHook request is invalid."}
Any ideas what I'm doing wrong?
OK, so it turns out the GitHub Secret from the Develop page matches the _master key from the Admin Keys (All Functions) keys on the Manage page.
When I used the default key from the Function Keys it started working. By the names of those sections that sounds like the key I actually want to use and maybe the portal is displaying the wrong one in the GitHub Secret field.
Not sure if this is the answer or a workaround.
Related
I wanted to try out Sharepoint integration with Postman. So, I was following the steps given in the below article: https://medium.com/#anoopt/accessing-sharepoint-data-using-postman-sharepoint-rest-api-76b70630bcbf. I followed all the steps exactly as to how it is mentioned in the article. So I created the following:
Environment with key value pairs
Environmental Variable
Used the URL provided below:
https://accounts.accesscontrol.windows.net/{{realm}}/tokens/OAuth/2
Entered the key value pairs in body and javascript in Test and clicked on Send.
When I click on Send, I am getting the below error:
Error
{"error":"invalid_request","error_description":"AADSTS900023: Specified tenant identifier '{{realm}}' is neither a valid DNS name, nor a valid external domain.\r\nTrace ID: af51e70f-4f1d-4b25-8112-d800d1a2e600\r\nCorrelation ID: d92a6863-6cba-4c84-8569-135bfabbaf91\r\nTimestamp: 2021-02-05 03:04:37Z","error_codes":[900023],"timestamp":"2021-02-05 03:04:37Z","trace_id":"af51e70f-4f1d-4b25-8112-d800d1a2e600","correlation_id":"d92a6863-6cba-4c84-8569-135bfabbaf91","error_uri":"https://accounts.accesscontrol.windows.net/error?code=900023"}
After spending so much time on the issue, I realized that the body should use the form-data rather than x-www-form-urlencoded. After using form-data and when I clicked on the Send button, I was able to get the success token correctly in my environmental variable.
Click here to view the image
I'm trying to to get the changes of a changeset but it returns 404. I used this:
https://<myname>.visualstudio.com/<projectname>/_apis/tfvc/changesets/291/changes
changeset exists
without the '/changes' it works, returns the changeset info but I also need the merge sources
tried to specify the API version (e.g.: api-version-5.0)
I created a full control Personal Access Token for the client app but no luck. I tried to use this link in the browser and I got the same result: it works only without '/changes'.
What did I wrong?
As this is an old Q, this is for anyone else who has same problem, The projectname needs to be removed from the request.
https://<myname>.visualstudio.com/_apis/tfvc/changesets/291/changes
You look at the docs and sure enough it's not there but most other REST calls require a project name, so it can be confusing.
Also the docs are not very clear that you can interchange https://{myName}.visualstudio.com/ for the documented https://dev.azure.com/{organization}
I came across the badge section on jwt.io and the 'View on jwt.io' caught my eye. Is there a way to link to jwt.io, which then shows the users JWT token (from my application) and my verification key?
Skimming through the code of their page I couldn't find a clue on how to do that. Did I miss something on their page?
I'm still trying to find the answer on how to preload the secret with my own, to help users see what was happening.
However I did manage to get the link to work correctly though:
https://jwt.io/#id_token=your-token-here
Found it on their blog post:
https://auth0.com/blog/2015/07/21/jwt-json-webtoken-logo/
Not sure how you were supposed to find it before they linked that post on jwt.io.
Also linking this here, because I only just found it. I had been trying to find a nicely formatted documentation for our users for ages (before we just linked them to jwt.io):
https://auth0.com/learn/json-web-tokens/
I know it is many years later, but I have found how to pre-load the keys information (which I could find by using the "Share JWT" option, which actually creates a link).
The jwt.io debugger accepts additional query parameters:
token - the JWT token value
publicKey - as the name implies
Probably it does accept private key parameter, if given, and properly URL encoded, but did not test it. The example below uses a JWK form for the public key, but PKCS#8 and PKCS#1 are also accepted.
Example
On both GitHub and GitLab, you can download a user's SSH public keys with a simple GET request to the URL https://server/username.keys,
for example:
curl https://github.com/unclebob.keys
This gives:
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEArmmGWKZ8UAO6myYW94liK4oMNBen6Sl7r0QAb6Et0y1kwCIBeBrHZhsSFQBzw0H517FeML9d+fBMSShZloMvw5x8nLQq5kbi4+8JXC4+CwW505fipjFY4ABj60BZioZn4Hndf8bwmCwXDHVtjfUeBD8b+Sjn7VNQ123rd1t5TLYDShk+2I4ldDhxbkFRqBF1gz3is4BsngdsHQp5AuuFWmiD2FRDRZDACdUyL8fUIP6O/3TAGFNKP2CG6//8+XHbQOYUaJ9RkSAJ453dx2PwDdiIXJyIJRO/q8wqWyRhA94XtJ77zP9BMyrRVnMClYcQoc9WBBlocp519l9vsp6jyQ==
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCoQ9S7V+CufAgwoehnf2TqsJ9LTsu8pUA3FgpS2mdVwcMcTs++8P5sQcXHLtDmNLpWN4k7NQgxaY1oXy5e25x/4VhXaJXWEt3luSw+Phv/PB2+aGLvqCUirsLTAD2r7ieMhd/pcVf/HlhNUQgnO1mupdbDyqZoGD/uCcJiYav8i/V7nJWJouHA8yq31XS2yqXp9m3VC7UZZHzUsVJA9Us5YqF0hKYeaGruIHR2bwoDF9ZFMss5t6/pzxMljU/ccYwvvRDdI7WX4o4+zLuZ6RWvsU6LGbbb0pQdB72tlV41fSefwFsk4JRdKbyV3Xjf25pV4IXOTcqhy+4JTB/jXxrF
Unfortunately, notice that there is no comment field at the end.
On GitHub and GitLab the comment field is there in the system, you can view and edit in your profile to easily distinguish your multiple keys from each other.
But when accessing using this method, both GitHub and GitLab drop the comment field, for some reason.
Is there an easy way to get the public keys from these services? I'm aware of the REST APIs, but as far as I know they return JSON, which is not so convenient for example if I want to simply redirect the output of curl to append to an authorized_keys file. If I have to parse JSON, that adds more complexity to my scripts I'd like to avoid.
That seems a security issue, where the comment content might leak some possibly sensitive data if it were returned (since you can set any comment in there).
That is why the very specification of that "get keys" feature in GitLab does include:
it "should not render the comment of the key" do
get :get_keys, username: user.username
expect(response.body).not_to match(/dummy#gitlab.com/)
end
What is the difference between GitHub username and GitHub ID? I was asked for my Github ID for a certain project and I happened to give my username. But the person is unable to find me on GitHub with my username. So I got a GitHub ID from the below URL:
http://caius.github.io/github_id/
But I'm unable to find this ID from my account directly. Where can I find this in my GitHub account? It would be great if someone could elaborate on this.
Thank You.
It can be easily retrieved using GitHub API:
https://api.github.com/users/your_github_user_name
where instead of your_github_user_name you must use the desired GitHub username.
Example:
https://api.github.com/users/github
It can be easily retrieved using Github API.
Example: https://api.github.com/users/username
It can be easily retrieved using Github API. If you cannot use the API answer or from http://caius.github.io/github_id/ you can go to github --> settings --> emails , under the Primary email address you will find {id}+{user_name}#users.noreply.github.com. The format is simillar to this: 50826640+hirwablessing#users.noreply.github.com, that 50826640 is the id.
From this answer
If you cannot use the API answer or from http://caius.github.io/github_id/ you can go to github --> settings --> emails, under the Primary email address you will find {id}+{user_name}#users.noreply.github.com.
This is at least true if you have Keep my email address private checked.
I have this text in the Keep my email address private explanation, and I'm guessing this will be there even if it is turned off.
Look for 'noreply' in the emails section.
If you do have the GitHub Id but need to find the username / login you can do it like this with the List users endpoint:
Subtract the id by 1 and run the following query. My GitHub Id is 4015237 and therefore the query parameter since receives the value 4015236.
https://api.github.com/users?since=4015236&per_page=1
https://docs.github.com/en/rest/users/users?apiVersion=2022-11-28#list-users
Description for since:
Query parameters - since - A user ID. Only return users with an ID
greater than this ID.
Don't use the ID stated in other answers I tried this and it didn't work and said it was invalid on AWS.
It's located on the main GIT repository. Those random letters and numbers are below the add file button with no description, obviously. Not only that but it's clickable if you click into it you'll find a much longer commit ID. You want the longer one.
Everyone loves completely unnecessary complexity in a platform!!
Step-1: Go to this link:
https://caius.github.io/github_id/
Step-2 Enter your Github username
You got it!
The second method is:
Go to your GitHub account and click on the Settings option.
Go to the emails section.
You id is listed there. The format is:
{id}+{user_name}#users.noreply.github.com