I'm trying to set a Mailgun mail service in an ionic app. Here is the code:
Controller:
$http({
"method": "POST",
"url": "https://api.mailgun.net/v3/" + mailgunUrl + "/messages",
//"crossDomain": "true",
"headers": {
"Access-Control-Allow-Origin": "*",//"http://localhost:8100",
"Access-Control-Allow-Headers": "content-type, accept",
//"Access-Control-Allow-Credentials": "true",
"Access-Control-Allow-Methods": "GET, POST, PUT, DELETE",
"Content-Type": "application/x-www-form-urlencoded",
'Authorization' : 'Basic '+ mailgunApiKey
//"Authorization": "Basic " + mailgunApiKey//$base64.encode('api:key-'+mailgunApiKey)
},
data: "from=" + "no-reply#ineevent.com" + "&to=" + $scope.datapopup.mail + "&subject=" + "Guestlist" + "&text="
config.xml
<content src="main.html"/>
<access origin="*"/>
<plugin name="cordova-plugin-whitelist" version="1"/>
<plugin name="cordova-plugin-crop" spec="~0.1.0"/>
<allow-navigation href="*" />
<allow-intent href="*"/>
<allow-intent href="http://*/*"/>
<allow-intent href="https://*/*"/>
<allow-intent href="tel:*"/>
<allow-intent href="sms:*"/>
<allow-intent href="mailto:*"/>
<allow-intent href="geo:*"/>
I receive the status '0' error and the logs show that CORS (Cross-Origin request) is not allowed with access-control-allow-headers missing (translated from french).
Another error from Chrome is 'Request header field Access-Control-Allow-Origin is not allowed by Access-Control-Allow-Headers in preflight response.'.
I tried also from android device but is not working. Any idea?
Add this to index.html
<meta http-equiv="Content-Security-Policy" content="default-src *; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval'">
and add cordova-plugin-whitelist plugin to your app.
For the purpose of development you can use CORS plugin for Chrome.
Your controller can be like this:
.controller("EmailCtrl", function($scope, $http) {
var mailgunUrl = "YOUR_DOMAIN_HERE";
var mailgunApiKey = window.btoa("api:key-YOUR_API_KEY_HERE")
$scope.recipient = "mail#gmail.com";
$scope.send = function(recipient, subject, message) {
$http(
{
"method": "POST",
"url": "https://api.mailgun.net/v3/" + mailgunUrl + "/messages",
"headers": {
"Content-Type": "application/x-www-form-urlencoded",
"Authorization": "Basic " + mailgunApiKey
},
data: "from=" + "ionic#example.com" + "&to=" + recipient + "&subject=" + subject + "&text=" + message
}
).then(function(success) {
console.log("SUCCESS " + JSON.stringify(success));
}, function(error) {
console.log("ERROR " + JSON.stringify(error));
});
}
})
The answer is very simple:
when you run android from ionic you shouldn't use any optional parameter:
ionic run android
Related
I was trying to do bulk deletion of files from google drive using rest API. So i was framing the request for bulk deletion request i was able to achieve the deletion with the similar request framing method Bulk delete files on Google Drive with raw XMLHttpRequest but i was trying to achieve this without sending the body instead of sending multipart array in the request object. I am getting error 400 with following response body
<HTML>
<HEAD>
<TITLE>Bad Request</TITLE>
</HEAD>
<BODY BGCOLOR="#FFFFFF" TEXT="#000000">
<H1>Bad Request</H1>
<H2>Error 400</H2>
</BODY>
</HTML>
This is my request object which is failing
const _multipart = []
arrayOfFileIds.forEach((current) => {
const obj = {
body: 'Content-Type: application/http\n\n' +
'DELETE https://www.googleapis.com/drive/v3/files/' +
current + '\nAuthorization: Bearer ' + authToken
}
_multipart.push(obj)
})
const requestOptions = {
url: 'https://www.googleapis.com/batch/drive/v3',
method: 'POST',
headers: {
'Content-Type': 'multipart/mixed'
},
multipart: _multipart
}
And below request Object is working
const boundary = 'END_OF_PART'
const separation = '\n--' + boundary + '\n'
const ending = '\n--' + boundary + '--'
const requestBody = arrayOfFileIds.reduce((accum, current) => {
accum += separation +
'Content-Type: application/http\n\n' +
'DELETE https://www.googleapis.com/drive/v3/files/' +
current +
'\nAuthorization: Bearer ' + authToken
return accum
}, '') + ending
const requestOptions = {
url: 'https://www.googleapis.com/batch/drive/v3',
method: 'POST',
headers: {
'Content-Type': 'multipart/mixed; boundary=' + boundary
},
body: requestBody
multipart: _multipart
}
Modification points:
The access token can be included in the request header.
Put Content-Type of each batch request out of body.
When these points are reflected to your script, it becomes as follows.
Modified script:
const _multipart = [];
arrayOfFileIds.forEach((current) => {
const obj = {
"Content-Type": "application/http",
body: "DELETE https://www.googleapis.com/drive/v3/files/" + current + "\n",
};
_multipart.push(obj);
});
const requestOptions = {
url: "https://www.googleapis.com/batch/drive/v3",
method: "POST",
headers: {
"Content-Type": "multipart/mixed",
Authorization: "Bearer " + authToken,
},
multipart: _multipart,
};
Note:
When I tested the above modified script, no error occurs. The files can be deleted. When you tested the above script, when an error occurs, please confirm the script and the access token, again.
Reference:
request
i'm trying to send cookie:
axios.get('https://localhost:44303/api/Home',{headers:{
"Accept": "application/json",
"Authorization": "Bearer " + localStorage.getItem("user"),
"Cache-Control": "no-cache",
'Cookie': document.cookie
// передача токена в заголовке
},credentials: "same-origin"}, ).
then(Response =>this.games=Response.data );
},
and i'm getting this error:
does anyone know how to solve this problem?
Experimenting with Azure DevOps using Postman and a SAPUI5 test application, essential knowledge of how xhr requests work. Managed to successfully read and update a Work Item in DevOps using Postman, however the latter step (update-PATCH) fails when I try to do it using SAPUI5 (read-GET worked). What I get is an authorization failure, telling me that I should use a token bearer authorization, problem is that I'm already doing it but seems to be ignored. Samples of (working) Postman and (non-working) SAPUI5 request headers along with the error returned to SAPUI5 anf the invocation call below. Having a look at them, issue SEEMS to be an authentication cookie sent from SAPUI5 which I can't remove at the moment. Any ideas?
PS: this is research work, in order to avoid CORS stuff, I'm running Chrome with no security option.
Postman Request Header (as shown in Postman, data body included):
--header 'Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsIng1dCI6IkhsQzBSMTJza3hOWjFXUXdtak9GXzZ0X3RERSIsImtpZCI6IkhsQzBSMTJza3hOWjFXUXdtak9GXzZ0X3RERSJ9.eyJhdWQiOiJodHRwczovL21hbmFnZW1lbnQuYXp1cmUuY29tLyIsImlzcyI6Imh0dHBzOi8vc3RzLndpbmRvd3MubmV0L2JkZWFlZGE4LWM4MWQtNDVjZS04NjNlLTUyMzJhNTM1YjdjYi8iLCJpYXQiOjE1ODIxMTQzNTYsIm5iZiI6MTU4MjExNDM1NiwiZXhwIjoxNTgyMTE4MjU2LCJhaW8iOiI0Mk5nWUdCL0Y4RCtXcUZuaG5QVTZkUTdHdGF5QUE9PSIsImFwcGlkIjoiZDU1M2E1NTctMjdjMy00MWQ3LWFiM2YtNzc4NDVjNDg3Y2VkIiwiYXBwaWRhY3IiOiIxIiwiaWRwIjoiaHR0cHM6Ly9zdHMud2luZG93cy5uZXQvYmRlYWVkYTgtYzgxZC00NWNlLTg2M2UtNTIzMmE1MzViN2NiLyIsIm9pZCI6ImE4NDUyYmJiLWY3NmUtNDExZi05ZGFlLWU5YmZmOGRhZGIyZCIsInN1YiI6ImE4NDUyYmJiLWY3NmUtNDExZi05ZGFlLWU5YmZmOGRhZGIyZCIsInRpZCI6ImJkZWFlZGE4LWM4MWQtNDVjZS04NjNlLTUyMzJhNTM1YjdjYiIsInV0aSI6Im9wNXYzN1RvdVVlTXBFdTJaRFN1QUEiLCJ2ZXIiOiIxLjAifQ.euzljaai1dMHgPwmN5smOUTCBW0cK_i8kNPdi9wdhAQ17eGoX8tYg6RK8gufsY3aPo_WTLsouR8f_tTjt1BdmGmH4h0hNO7hlHkXMUQr2ZJfMwX1UhikcX91fVMUuSneqnaMo8EqqtBa3iROn1Pi_sN5v8sQPYtkJBwZaFx20SxbQu_dMjilw9ibPhv24GAMY_2z53lBegagqaCbPHR7e-g94363eZh6RlX0bBJhaoK5zj8G1U6xqdLyGSY1q1lWo3m1GTjAciWuF7zvSLqOpzAMhu9GkY07idKdHjKQefewOFygsuGzMWTPklGyzHqHkagzyeubZrIKA1Jpi6beSg' \
--header 'Content-Type: application/json-patch+json' \
--data-raw ' [{
"op": "replace",
"path": "/fields/System.Title",
"value": "The ability to restrict access for users who are on long term leave XXX"
}]
SAPUI5 Request Header (from Debugger "Network" tab)
:authority: XXXXXXXXXXXX.visualstudio.com
:method: PATCH
:path: /SAP/_apis/wit/workitems/8919?api-version=5.1
:scheme: https
accept: */*
accept-encoding: gzip, deflate, br
accept-language: en-GB,en-US;q=0.9,en;q=0.8
authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsIng1dCI6IkhsQzBSMTJza3hOWjFXUXdtak9GXzZ0X3RERSIsImtpZCI6IkhsQzBSMTJza3hOWjFXUXdtak9GXzZ0X3RERSJ9.eyJhdWQiOiIwMDAwMDAwMi0wMDAwLTAwMDAtYzAwMC0wMDAwMDAwMDAwMDAiLCJpc3MiOiJodHRwczovL3N0cy53aW5kb3dzLm5ldC9iZGVhZWRhOC1jODFkLTQ1Y2UtODYzZS01MjMyYTUzNWI3Y2IvIiwiaWF0IjoxNTgyNTUyMjA0LCJuYmYiOjE1ODI1NTIyMDQsImV4cCI6MTU4MjU1NjEwNCwiYWlvIjoiNDJOZ1lKajRwV0s5OTBIcEV5YlQ5ZVpLV2lwdUFRQT0iLCJhcHBpZCI6ImQ1NTNhNTU3LTI3YzMtNDFkNy1hYjNmLTc3ODQ1YzQ4N2NlZCIsImFwcGlkYWNyIjoiMSIsImlkcCI6Imh0dHBzOi8vc3RzLndpbmRvd3MubmV0L2JkZWFlZGE4LWM4MWQtNDVjZS04NjNlLTUyMzJhNTM1YjdjYi8iLCJvaWQiOiJhODQ1MmJiYi1mNzZlLTQxMWYtOWRhZS1lOWJmZjhkYWRiMmQiLCJzdWIiOiJhODQ1MmJiYi1mNzZlLTQxMWYtOWRhZS1lOWJmZjhkYWRiMmQiLCJ0ZW5hbnRfcmVnaW9uX3Njb3BlIjoiRVUiLCJ0aWQiOiJiZGVhZWRhOC1jODFkLTQ1Y2UtODYzZS01MjMyYTUzNWI3Y2IiLCJ1dGkiOiJkazJkaklvWlJFT0pUSTlzN0QyVkFBIiwidmVyIjoiMS4wIn0.jsUzsnVpz6WtkcmjnvS22_b8pTNQIpcLhA3bRuFaQUek1dPNwOS5K_7pqoqmJeQhmuY2TFoQ6Yx6GGgHf91eKXLhaABXc9TYHMr5UMcGf11mGfIUlDf9Si5kd5UP_HhyCVsSYAsPhihU9SutYzBK5Nw0pxPKLP27C2IUJ8qH0ax8Pid3czWkMQGZUkJtHiXB9ewo3fPOloRWVqsvHp9UbL1L5o9ErWZHxyBty_kaheNCWI-aoCUEFBqDO8kNK-JONS9qNQ7zGYYvkJMcMwpwYctxlso1-x81Um3EFGqkJbGCjT0vSNMlRrrPKI0vG4QLuLX4JTr91b08Nj3cv6zTng
content-length: 129
content-type: application/json-patch+json
cookie:SpsAuthenticatedUser=DisplayName=Grigorios%20Kampouroglou&aad=False;VstsSession=%7B%22PersistentSessionId%22%3A%222faed874-961a-4420-989e-b747711f4a13%22%2C%22PendingAuthenticationSessionId%22%3A%2200000000-0000-0000-0000-000000000000%22%2C%22CurrentAuthenticationSessionId%22%3A%22df72f060-60df-4490-9a89-5a291acc15b2%22%2C%22SignInState%22%3A%7B%22spsprodweu4.vssps.visualstudio.com%22%3A%7B%22LastSignInTick%22%3A637177215165345730%2C%22SignInCount%22%3A2%7D%7D%7D; FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U2VjdXJpdHlDb250ZXh0VG9rZW4gcDE6SWQ9Il8wYmMyNzFmMC03NTllLTQ4NTYtODQ3MS1jMzBhNmM0NDFhOGUtN0M5N0VEMjBFREI4NjYyRTdBRkYzRTEyRDQ3RUI4QjQiIHhtbG5zOnAxPSJodHRwOi8vZG9jcy5vYXNpcy1vcGVuLm9yZy93c3MvMjAwNC8wMS9vYXNpcy0yMDA0MDEtd3NzLXdzc2VjdXJpdHktdXRpbGl0eS0xLjAueHNkIiB4bWxucz0iaHR0cDovL2RvY3Mub2FzaXMtb3Blbi5vcmcvd3Mtc3gvd3Mtc2VjdXJlY29udmVyc2F0aW9uLzIwMDUxMiI+PElkZW50aWZpZXI+dXJuOnV1aWQ6ODE1M2FmMGItNTY5OS00OWFjLTgwZmEtMjM0NjY2MzgyZTg2PC9JZGVudGlmaWVyPjxDb29raWUgeG1sbnM9Imh0dHA6Ly9zY2hlbWFzLm1pY3Jvc29mdC5jb20vd3MvMjAwNi8wNS9zZWN1cml0eSI+MFlkQ1daWk9tSTRBQVFBQUNvRHFhbnBTQzhmU09ZeDRLbE1naFBoNmtNOHAwMDJTNEV4ZG4wWFZFSEdNbzBBeE81NzZuaHBVeXYyYXBxWWZkTFVhV3luVUlXSkZ0SFZsa2VGcGxSdkNtK0NLbnJVRlV1NjI5LytSdUpCTEd3bDRNU3NKTVVwK215dXNUVDZ3aVhRa2JnN3Y5Q2ZoQVlGUDEwaytZaTh5L3VVQ2NTeWVhbGtxdWlIVHd2Rjh3ZlovOGRlU3YxS3R1VFRYRlhLbFdaWTlwMi8yOU1FeUw4elM1R2xBdVhNWjNUR0lQckl5SXNWNjQ3R3FOT3lOQ05OVmdZeGl2cmxnM0RuOHZLQkp1RCtaMzVOQ1Bmay9DcjBUbzh3c2hqa0dHUjFQNHcxSnpNVHJ6S2xoN2VJT2lOOVlLczV1L001V3hsVU83RFNYSU91SWE5L2Y4VmxvVjN1cm5MT3pTU2N1Q1MwTjZVRzhyU3pIeXc5Q1NFU21tcWV2ejI4QUM0ajV1dHJhLzdwREFBRUFBRnlIdVp3cVhESmVkNUt6T2dkYzIrRktNdHNTM3VyUHNQeHY3OVRiZVRMYTFYREdPNEVBbzJMa0VPN2kxMVBzZHJ0S1pVK25MbXJRZUlWc2xHYk41Q3RaUzBZK3oxOWpCNjVNaUtFZXNITXF4Q3FOWFh1bnJDaDkvZUNkWE9pZnllTVlxLzhwMldNWWhxMVI1cVhxeWR3RVRrVmREY2VNMy9yazJmN1dyQUs2dm1qdDhRbnlNVmhhbXdCdkpZWm9oQkxvV0hMaVlyMlc3clZUc1BGWmZOWkIrb29UY0RjUzNnUmtRWi9PbmN4OUMrbDVNNmxsb1J5QnhjeDgySmQ4UUE5Q25DcCtLYXRRYTZSRnhZenAzTjFKRHdmR3ZBQTE0emNueDZuUjAxL25PK2hYTW9ad2pwZ1ZqKytCNzIxYy9GSlk1bHRUQmhyQzVHZWVQK0M0Nnh2d0JBQUFmVjkrTVFEY0NzRVovWFYzSHpZdkN3bjhkY054ZDUvdUIreFRkKzU1ZldMczVraytCcEJESk5IUW5WelNXTFEvRnlaT3hGWGMvQ2U2ZnliSVZTajViY3A4Z1lKY1FNVzZCRlhhWEg2TXp4TGtBaFBxZ0VrNHBOMXJzcWxqOVFmWXY0UTNYNGhmSlMzMG1PZ25jYVFPZHpDSmlyRGlMMGR0NFN2ZVlOeEJlT1lTZTRDZjV1YWw1ZllWWjBweUhTQmR0ODltTGVLU2V3UGxMMmloL29kU0k5bi9NU3R5N3BtSnRTcWhDaG9VbWtyTmpVUnVYVVJ4dGZBTHhDTngzVDJhbnlUa3BUN1AzVjVOUEhFWVcvRGw0aUNXVGV5ZUFLOE5qUUVXc1A4aytWWU90UWZONU5o; FedAuth1=Z1FEWFk3TlA4UDV4NFZzZ0lmcFE5ZmNRTTNvR3g3K1E2N1ZCSTBVVnRhbWZSaEswN3ZjRGsrZXk0dE9XMXpvbFovR3pYaUM0Yk8zZnpjamFhZDJCMkNHbFpva1I3QXphQnFqQm5HdlBVcU8zVjNzSTd4THdsVVhGSS9Qak54OFBXZm5vMnhkM2F5dTZUaWhVZDFJY3R0ZXp6Nm45b0JqTkFXUDJCNWNjNERMT1IxOHBGdVR6YXFxMmo3K3Y1WDVnN2pRWnBHVVpFbUtOUWdVUnhMakRTK3M1Y0RaOUVBeXlEaXBTMktRbGY1dFk3MTVva3liU3hDUGhJVWlnQktFNEx2M0dmb0lpSzVGT0VKeTRWalY4MG4wRlB3V2lZblU0Yy9SRjI2NWlFM1Mzdzc2ZElqQlJKdXc2dU5EY0Jia3ZieWx2VWRuRnFpVm1MQnVYaWFtTW5FNUhEejNDTHNrUXBNaWZmNklaMWtzbkVkOEV6d0l1U1dhUnFNOG5xWXQyeGRTU1p5TXN6R04xeHJjbEM2bTU0Wi9XU3BjU3hHZlpwVExIa1FleERkYmlrMTZjRlI5RW1iTFdkaUhLb1dzaU9mMUJqOWNCcmpDRDIxVFROaS9WZmNiRjZxa0toWmRrczVxNlhsN2tLcC9yb2I4bjlyYXo0SDM1NTh6am51YjZNdDZJNnZNM3prZjhnMUs4dlhXR0FJbHhYVVhxMkNJdXdyUUtITGZuVE1veWMwajQzZCtlQXFJRkFBU3ZEZTdNb3I0MGYzSnVIQnF4elBWczNrUzNBU05BcWdad0JKY2F3U2YydnA0cE5DZ2YrTEdDVHhkSzJINzV6ZWJQbnh2WVQ5bDlQWXMyUW93bUVkU0Y5MXk5MSt1QTc4b2pwck94WSsrZE5UclczbDEwUjdIZm14L1RPVWpIUHQ3V1dKRjI5SmYrbzViVG0rZUZSOVlxQlBSanBLTm9xQW5RY2tuSEFQeFpLYWNwQVozaVNqOTBVa0EyMnNac2Z1MTdRTU9xd0k1SVNZbFh6d20xV3JDeDRYQ0VVOW9nK3ByajdROENzeFpqRVIzNjlTSitsLzIzc0hUa2t6eUpzV2RadUJSYzJhUWpoREFJK0tONVlGU3Z4TStMMUtSd29YQW5FaE1pcHRTaml0Z0RIaHF5N2Q0V2lNU3h6VmdVRXVCWTZVOTUzT0ErcDhXWmdaTlRqRDRHWFIvamFPOUNZWjJ4cHNTaURvRHBOeG9nUmMxbnpuVUNkcGsrZHpuNmN1dzZDY1dIYlgzUDdHWVVxcFJnRDFZUU5XSnVTdHdyZ2tOd2wzVDM0cWhJdEhhczRpdHVPb2pEMkJwY2hOb3dBM1FQblRFLy9tR216R1JPNkgwbEVCY2p6OE1JNmE5SVFsUjBxL1lqbGtWbStGS2RDY0dzTDlHOE05TVRHN3hsenYyK1hmSENDOEt6WEt5NjdDTGMxTW0rTTI1Q3NqMzBadS9xdTYranlYWDBwblVaNERHSjZ0bFk5c202WUkveDhDQWswSjkwQmg2UFF0YVdBYU1tQTJDNld4TytuVkp2SjVoVWhOWkxFYkk0dThiMGtXL3JOOGxzZnZFb1JEemUzdjFXcXZlVldUaGpPZTdZeWdUeVlkcmE1RGorUGVhenloMzBSNldXdGp0c2k1NlFldmpYLzZ3am1QNFJYR1Z3QURZcU1JTVFRcXFXOUhsbnVuWHBSYk85eVByZWV0S3p6UWw0aUQxNDV4N2phclY0U2JQb003bkdESmxia3VCV1A5RHNMUDVYb2hOQ2pyS0RpaDJ2bk9zSnVpWkZRN3liMVZwVG9qeUl3cUE9PTwvQ29va2llPjwvU2VjdXJpdHlDb250ZXh0VG9rZW4+; UserAuthentication=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsIng1dCI6InpQVTRQb1VlNU1McFR2dWRGTmxaQXQ4Mkd4ayJ9.eyJmYW1pbHlfbmFtZSI6IkthbXBvdXJvZ2xvdSIsImdpdmVuX25hbWUiOiJHcmlnb3Jpb3MiLCJvaWQiOiIzZWY1OThmMi00MTk4LTQ1NDctYTM5Mi0zMmJhYTdkNTA4NTIiLCJ0aWQiOiJiZGVhZWRhOC1jODFkLTQ1Y2UtODYzZS01MjMyYTUzNWI3Y2IiLCJzdWIiOiJiZGVhZWRhOC1jODFkLTQ1Y2UtODYzZS01MjMyYTUzNWI3Y2JcXHVpdGdrYUBsZWVkcy5hYy51ayIsInVuaXF1ZV9uYW1lIjoidWl0Z2thQGxlZWRzLmFjLnVrIiwiZW1haWwiOiJ1aXRna2FAbGVlZHMuYWMudWsiLCJwdWlkIjoiYWFkOjEwMDMzRkZGQTNBRkZENEQiLCJ2ZXIiOiIxLjAiLCJqdGkiOiJmOGQ1ZDczNS1hNjNkLTQ5N2QtYWNjNi0xZTBmYTUwM2E4NmQiLCJpc3MiOiJhcHAudnN0b2tlbi52aXN1YWxzdHVkaW8uY29tIiwiYXVkIjoiZTVjODY2NzYtZDA2My00ZGEzLWJiOTYtYzhlMDUwNGJkYmE1IiwibmJmIjoxNTgyNTQ5NjY5LCJleHAiOjE1ODMxNTQ0Njl9.DDrwADcUeMCB-Tt9sLu6T042hel7aTdm8IfUmQY7pHOkT9VPQSAhVE-Puw3Y8dzfnzteIhojaSEsVI17pjGblOuDbCVcb9LzJ17u-XCmD2SY2M6i-t_xOaj-daYy2tRigVpN-lCoQ-K9VcF7mkHH4hiFynHUQDMcUn7gV9xs7zDCE4ILbDvnltKfFvcn0wQP0BxJwurhK8PaDhSPrr1fm-b38zmYB8nGEaYiobDdX8ZSOxMnlEUivoRkogGp51nSHZzexI3ER7TDJRMPSVkTeaIiatoWWjli8AlPewMKM46Ulb6TtbC4liBrqFnY46dTA-aSvb0oyNCynJi89b2yXw
origin: https://webidetesting4693883-af5c37dc2.dispatcher.hana.ondemand.com
referer: https://webidetesting4693883-af5c37dc2.dispatcher.hana.ondemand.com/webapp/index.html?hc_orionpath=%2FDI_webide_di_workspace92fzelc13935in9e%2FTest_space&neo-di-affinity=BIGipServerdisapwebide.hana.ondemand.com+%21MfjRbGTQMxtzeMH2sXeD7QV2Vba36qePi57x9XciOdsuGVAcQO4JzpULTwOmB5brhKtfSMM9EVgn%2FK0%3D&origional-url=index.html&sap-ui-appCacheBuster=..%2F&sap-ui-xx-componentPreload=off
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: cross-site
user-agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.116 Safari/537.36
Error response
"{"$id":"1","innerException":null,"message":"A cross-origin request from origin \"https://webidetesting4693883-af5c37dc2.dispatcher.hana.ondemand.com\" is not allowed when using cookie-based authentication. An authentication token needs to be provided in the Authorization header of the request.","typeName":"Microsoft.VisualStudio.Services.WebApi.VssApiUnsafeCrossOriginRequestException, Microsoft.VisualStudio.Services.WebApi","typeKey":"VssApiUnsafeCrossOriginRequestException","errorCode":0,"eventId":3000}"
SAPUI5 code
_updateWorkItem: function() {
var promise = $.Deferred();
var self = this;
url = "https://login.microsoftonline.com/bdeaeda8-c81d-45ce-863e-5232a535b7cb/oauth2/token";
$.ajax({
url: url,
headers: {"Content-Type": "application/x-www-form-urlencoded"
},
type: "POST",
dataType: "json",
data: {
"grant_type": "client_credentials",
"client_id": "d553a557-27c3-41d7-ab3f-77845c487ced",
"client_secret": "53GH[jL6VqID#cp]DQ[wMS5#Smx]0l80"
},
success: function(xhrData) {
var json= [{
"op": "replace",
"path": "/fields/System.Title",
"value": self.getView().byId("sTitle").getValue().toString()
}];
sDevOpsToken = xhrData.access_token;
url = "https://XXXXXXXXXXXX.visualstudio.com/SAP/_apis/wit/workitems/" + oModel.getProperty("/id").toString() +"?api-version=5.1";
$.ajax({
url: url,
headers: {"Content-Type": "application/json-patch+json",
"Cookie": null
},
type: "PATCH",
data: JSON.stringify(json),
cache: false,
dataType: "application/json-patch+json",
beforeSend: function (xhr) {
//xhr.setRequestHeader("Authorization", "Basic " + btoa("" + ":" + "{sDevOpsToken}"));
//xhr.setRequestHeader("Authorization", "Bearer " + btoa(sDevOpsToken));
xhr.setRequestHeader("Authorization", "Bearer " + sDevOpsToken);
},
success: function(xhrData2) {
oModel.setProperty("/Title", self.getView().byId("sTitle").getValue().toString());
promise.resolve();
},
error: function(xhrData2) {
MessageBox.error(xhrData2.response);
promise.resolve();
}
});
}
});
var readyToGo = function() {
};
jQuery.when(promise).done().then( jQuery.proxy(readyToGo, this) );
}
I have the rest endpoint for accessing the sharepoint calendar from my internal network at work. It looks like this:
https://teamsites.{COMPANY}.com/sites/{SITE_URI}/_api/Web/Lists/getbytitle({TITLE-OF-CALENDAR})/items
When I do an authorized GET request to the above url, it gives me a list of 4 events from the calendar, but the dates are kind of random. What is the endpoint I need to specify in order to retrieve all of the events for the current month?
Also, I'm guessing that the reason I'm only getting 4 events per request is because of some pagination thing that I'm not handling... if you know how to retrieve all the events in one request, that would be a bonus.
Thanks in advance!
The events for a current month could be retrieved via the following CAML query:
<Where>
<DateRangesOverlap>
<FieldRef Name='EventDate' />
<FieldRef Name='EndDate' />
<Value Type='DateTime'>
<Month />
</Value>
</DateRangesOverlap>
</Where>
For that matter GetItems method could be utilized as demonstrated below:
var query = `
<Where>
<DateRangesOverlap>
<FieldRef Name='EventDate' />
<FieldRef Name='EndDate' />
<Value Type='DateTime'>
<Month />
</Value>
</DateRangesOverlap>
</Where>`
getListItems(_spPageContextInfo.webAbsoluteUrl,'TeamCalendar',query)
.done(function(data){
var items = data.d.results;
for(var i = 0; i < items.length;i++) {
console.log(items[i].Title);
}
})
.fail(function(error){
console.log(JSON.stringify(error));
});
where
function getListItems(webUrl,listTitle, queryText)
{
var viewXml = '<View><Query>' + queryText + '</Query></View>';
var url = webUrl + "/_api/web/lists/getbytitle('" + listTitle + "')/getitems";
var queryPayload = {
'query' : {
'__metadata': { 'type': 'SP.CamlQuery' },
'ViewXml' : viewXml
}
};
return $.ajax({
url: url,
method: "POST",
data: JSON.stringify(queryPayload),
headers: {
"X-RequestDigest": $("#__REQUESTDIGEST").val(),
"Accept": "application/json; odata=verbose",
"content-type": "application/json; odata=verbose"
}
});
}
But there is one limitation with this approach, neither REST nor CSOM/JSOM APIs do not support expanding for recurring events (it means only a single event item will be returned for a recurring event). Refer those requests for a more details:
Provide CSOM and REST API for recurring calendar events
Add support for recurring events in the REST API
For that scenario legacy SharePoint Web Services comes to the rescue, in particular Lists Web Service.
The following example demonstrates how to retrieve events for a current month and expand recurring events (SPServices library is utilized here):
$().SPServices({
operation: "GetListItems",
async: false,
listName: "TeamCal",
CAMLViewFields: "<ViewFields>" +
"<FieldRef Name='Title' />" +
"<FieldRef Name='EventDate' />" +
"<FieldRef Name='EndDate' />" +
"<FieldRef Name='Location' />" +
"<FieldRef Name='Description' />" +
"<FieldRef Name='fRecurrence' />" +
"<FieldRef Name='RecurrenceData' />" +
"<FieldRef Name='fAllDayEvent' />" +
"</ViewFields>",
CAMLQuery: "<Query>" +
"<Where>" +
"<DateRangesOverlap>" +
"<FieldRef Name='EventDate' />" +
"<FieldRef Name='EndDate' />" +
"<FieldRef Name='RecurrenceID' />" +
"<Value Type='DateTime'>" +
"<Month />" +
"</Value>" +
"</DateRangesOverlap>" +
"</Where>" +
"<OrderBy>" +
"<FieldRef Name='EventDate' />" +
"</OrderBy>" +
"</Query>",
CAMLQueryOptions: "<QueryOptions>" +
"<RecurrencePatternXMLVersion>v3</RecurrencePatternXMLVersion>" +
"<ExpandRecurrence>TRUE</ExpandRecurrence>" +
"</QueryOptions>",
completefunc: function (xData, Status) {
$(xData.responseXML).SPFilterNode("z:row").each(function() {
var $node = $(this);
var eventTitle = $node.attr("ows_Title");
console.log(eventTitle);
});
}
})
Been trying to use Jhipsters oauth2 login with an ionic app on localhost, and keep getting:
OPTIONS http://172.16.40.31:8080/oauth/token (anonymous function) # ionic.bundle.js:23826sendReq # ionic.bundle.js:23645serverRequest # ionic.bundle.js:23357processQueue # ionic.bundle.js:27879(anonymous function) # ionic.bundle.js:27895Scope.$eval # ionic.bundle.js:29158Scope.$digest # ionic.bundle.js:28969Scope.$apply # ionic.bundle.js:29263(anonymous function) # ionic.bundle.js:36615eventHandler # ionic.bundle.js:16583triggerMouseEvent # ionic.bundle.js:2948tapClick # ionic.bundle.js:2937tapMouseUp # ionic.bundle.js:3013
?ionicplatform=android:1
XMLHttpRequest cannot load http://172.16.40.31:8080/oauth/token. Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:8100' is therefore not allowed access. The response had HTTP status code 401.
?ionicplatform=android:1
XMLHttpRequest cannot load http://172.16.40.31:8080/api/logout. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:8100' is therefore not allowed access.
I have tried adding the google plugin, did not change anything. Made sure that the
.antMatchers(HttpMethod.OPTIONS, "/**").permitAll()
was in the setting.
Is there anything else I am missing?
try uncommenting cors in application.yml
cors: #By default CORS are not enabled. Uncomment to enable.
allowed-origins: "*"
allowed-methods: GET, PUT, POST, DELETE, OPTIONS
allowed-headers: "*"
exposed-headers:
allow-credentials: true
max-age: 1800
To access REST API with Oauth2 authentication in ionic you must first get the token in ionic app by
$http({
method: "post",
url: "http://192.168.0.4:8085/[Your app name]/oauth/token",
data: "username=admin&password=admin&grant_type=password&scope=read write&client_secret=my-secret-token-to-change-in-production&client_id=auth2Sconnectapp",
withCredentials: true,
headers: {
'Content-Type': 'application/x-www-form-urlencoded',
'Accept': 'application/json',
'Authorization': 'Basic ' + 'YXV0aDJTY29ubmVjdGFwcDpteS1zZWNyZXQtdG9rZW4tdG8tY2hhbmdlLWluLXByb2R1Y3Rpb24='
}
})
.success(function(data) {
alert("success: " + data);
})
.error(function(data, status) {
alert("ERROR: " + data);
});
here "YXV0aDJTY29ubmVjdGFwcDpteS1zZWNyZXQtdG9rZW4tdG8tY2hhbmdlLWluLXByb2R1Y3Rpb24=" is equal to (clientId + ":" + clientSecret)--all base64-encoded
you can use https://www.base64encode.org/ to verify or recreate it for yourself
the aboue $http if successful will give you this JSON
{
"access_token": "2ce14f67-e91b-411e-89fa-8169e11a1c04",
"token_type": "bearer",
"refresh_token": "37baee3c-f4fe-4340-8997-8d7849821d00",
"expires_in": 525,
"scope": "read write"
}
take notice of "access_token" and "token_type" if you want to access any API this is what you have to use.
for example
$http({
method: "get",
url: "http://192.168.0.4:8085/auth-2-sconnect/api/countries",
withCredentials: true,
headers: {
'Authorization':' [token_type] + [space] + [access_token] '
}
})
.success(function(data) {
alert("success: " + data);
})
.error(function(data, status) {
alert("ERROR: " + data);
});