I am trying to create a sample project which consumes DFP services.
Till now :
Still in authentication part :
a) Successfully created clientId, while creating new Client Id have checked installed apps options in the Google developer console.
b) Added the clientId, clientSecret to ads.properties .
Note : Took dfp-axis-jars-and-examples-2.2.0.tar and making my changes in it[by importing project in IDE].
c) I ran into trouble while trying to paste the authoriseUrl in the browser after running GetRefreshToken.
Please find below the error :
"The redirect URI in the request: urn:ietf:wg:oauth:2.0:oob can only
be used by a Client ID for native application. It is not allowed for
the 'WEB' client type. You can create a Client ID for native
application in the Credentials section of the Google Developers
Console."
I believe I have selected the wrong applicationType while creating new ClientId .
Appreciate inputs .
The above answer did not make much sense at first glance but, I have resolved this issue by simply setting a value for redirectUri. So inside of my GetRefreshToken.php file
$redirectUri = "http://same_url_as_the_one_listed_in_console";
After closing looking at the authoriseUrl, it seemed I was sending the wrong redirectUrl.
I forgot to copy paste the redirectUrl generated from the creation of client id in the GetRefreshToken callback property:
private static final String CALLBACK_URL = "https://www.example.com/oauth2callback";//"urn:ietf:wg:oauth:2.0:oob";
No error now :).
Related
Scenario: Grab the authToken after a login.
Pseudo code | Steps :
Login via UI ( selenium )
grab the authToken via Rest.
Note :
I know how to do this completely via RESTassured or Postman but what would be a good approach to handle this during an automated UI test run.
It's easy to do it manually via Chrome Dev tools but using Java - it's a little bit challenging.
Any help would be nice.
If you have the auth token in the cookie then you can use the below.
# update auth_token below with the correct cookie name
authToken = driver.get_cookie('auth_token')['value']
You can fetch out the token value from the client side. It can be in cookies, local storage or the session storage
Check these value in browser. Open developer tool -- Go to application tab and on the left menu u can find these values for each website
or
Try following js command in the browser console
window.document.cookie
window.localStorage
window.sessionStorage
if u can find your token via any of the above js command , use can use them in selenium.
I know this question was asked time and again, here and here. The answers given are pretty much the same, but in my case I still miss something and I cannot figure out exactly what it is. I have a RESTful Web API deployed and that is configured to accept only domain-authenticated calls. So on my client side, in my UWP application, I used the HttpClient class from the Windows.Web.Http namespace. The resources found online all show that I need to do two things:
Enable Enterprise Authentication in the package manifest of my UWP app. I did that. Here is a screen shot of the capabilities selected for my app:
Set the "AllowUI" flag to be false, so that the user is not prompted to enter its credentials. I did that too. Here is a code snippet of what I am doing:
Uri uri = new Uri(_myUriRoute);
var filter = new HttpBaseProtocolFilter { AllowUI = false };
var httpClient = new HttpClient(filter);
HttpResponseMessage response = await httpClient.GetAsync(uri);
With this code in place, I don't get prompted for the credentials, but the response.IsSuccessStatusCode flag comes back as false and the error that I get is 401 - Unauthorized.
Before you ask, yes, the server-side endpoint is properly configured and works fine. If I try this:
Uri uri = new Uri(_myUriRoute);
var filter = new HttpBaseProtocolFilter();
var httpClient = new HttpClient(filter);
HttpResponseMessage response = await httpClient.GetAsync(uri);
I am asked for my credentials and when I enter them correctly, I get a proper HTTP 200 code in response. I also tried this:
Uri uri = new Uri(_myUriRoute);
var filter = new HttpBaseProtocolFilter
{
AllowUI = false,
ServerCredential = new PasswordCredential(_myUriRoute, _myUserName, _myPassword)
};
var httpClient = new HttpClient(filter);
HttpResponseMessage response = await httpClient.GetAsync(uri);
and again, I get a nice HTTP 200.
So what am I missing? I don't want to be prompted and I don't want to store credentials either. I want to have Windows pass automatically the credentials of the current user of the app.
Two things worth mentioning. The above-described behavior happens in my development environment (Visual Studio 2017) while I try debugging/running my app using the "Local Machine" option. Also, the first thing that happens when I start the app is I am prompted to grant permissions to the app to access the pictures folder and account info:
This happens despite the fact that I have selected "User Account Information" among the Capabilities set for the application, as can be seen in the above screen shot of the Capabilities tab, in the application's package manifest.
Any idea of what is missing? Any idea of what else should be tried?
Any suggestion will be highly appreciated.
Cheers,
Eddie
PS: I posted the same question on the MSDN Forums as well
PS2: The Web API is running in IIS Express, started from Visual Studio 2017, in a different instance. I configured IIS Express to expose my Web API using the IP address of my development machine instead of the "localhost". In its web.config file, I have the following setting:
<system.web>
<authentication mode="Windows"/>
</system.web>
I post this, just in case the issue is on the Server side, which I think it isn't.
I just can't seem to get anywhere with this.
I have a web api running fine, with a wpf application using the api via AutoRest.
The api has been uploaded to Azure (App Services)
I now want to lock down the api, so users log in via Active Directory. Again, all users are currently there.
RestCredentials = new TokenCredentials(tokenAuthResult.AccessToken);
Using the RestCredentials I pass in the credentials as type
ServiceClientCredentials
using (var db = new BuxtedAPI(Model.Helpers.Credentials.RestCredentials))
{
var res = db.GetComboList();
ComboValueList = new ObservableCollection<ComboValue>(res);
return ComboValueList;
}
I can see on the log in Azure that the user successfully logs in.
But the system just dies with
Operation returned an invalid status code 'InternalServerError'
No more feedback at all.
Just to note, I am using swagger also here.
I am assuming that the BuxtedAPI call that passing the credentials should pass through the bearer token for the api call to authorise.
I have set nothing else on on webapi code base, no [AUTHORIZED] or anything.
Any chance anyone can help me along here.
Thanks Scott
If anyone else gets in this situation.
The process required Resource Id to be the web app and the clientid to be the native app id.
Scott
I have started a new project from salesforce template o XCODE, then I created a fresh remote acces application on Salesforce web.
Then I replaced the RemoteAccessConsumerKey and the OAuthRedirectURI on the AppDelegate.
When I run the application it says, invalid_scope -> requested scope is not available.
my scope params are:
[NSSet setWithObjects:#"visualforce",#"api",nil] ;
What is the callback URL from your Remote Access object?
One guess is that your callback URL begins with something like "https" rather than a custom scheme like "testsfdc" (which is what the template app provides). Try using a custom scheme instead ie "myapp:///mobilesdk/detect/oauth/done"
Just had this on a legacy hybrid app I had to update for iOS10. I noticed that the Salesforce SDK persists its initial oAuth endpoint data. So switching from sandbox to production will return the above error.
Solved by deleting the app completely and compiling with production config.
Hope this helps.
I'm creating a webapp with this combination of tools. I'm authenticating with App Engine in the following manner:
class googleLogin(webapp.RequestHandler):
def get(self):
callbackURL = 'http://%s/googleLoginCallback' % getHost()
#Create a client service
gdClient = gdata.docs.service.DocsService()
gdata.alt.appengine.run_on_appengine(gdClient)
gdClient.SetOAuthInputParameters(gdata.auth.OAuthSignatureMethod.HMAC_SHA1,
_GoogleConsumerKey,
consumer_secret=_GoogleConsumerSecret)
#Get a Request Token
requestToken = gdClient.FetchOAuthRequestToken(scopes=_GoogleDataScope,
extra_parameters={'xoauth_displayname': APP_NAME})
#Persist token secret
self.session = Session()
self.session[TOKENSECRETKEY] = requestToken.secret
gdClient.auto_set_current_token = True
gdClient.SetOAuthToken(requestToken)
authUrl = gdClient.GenerateOAuthAuthorizationURL(callback_url=callbackURL)
self.redirect(authUrl)
I authenticated my domain with Google at https://www.google.com/accounts/ManageDomain, entering a target URL and am using the given Consumer Key/Secret. For instance, if my domain was 'juno.appspot.com', I am using http://juno.appspot.com as the target url path prefix.
The process is working; however, Google presents this message to the user in a yellow security box:
"The application that directed you
here claims to be 'xxxxxx'. We are
unable to verify this claim as the
application runs on your computer, as
opposed to a website. We recommend
that you deny access unless you trust
the application."
I don't think I should be getting this error, since my server is getting the request token and creating the authorization URL. Does anyone have any insight on how to get rid of this warning?
Google's domain registration has an option to upload a certificate, but I shouldn't need to do that because I'm using OAuth with the HMAC_SHA1 signature method.
Also, not that it should matter, but I'm doing all this through a UIWebView on the iPhone. I'm specifically trying to do all authentication server-side to avoid exposing my Consumer Key/Secret.
Thank you for any tips :)
Solved.
The culprit is this line from above:
extra_parameters={'xoauth_displayname': APP_NAME})
Setting this value for a registered application intentionally triggers a warning to users, as indicated by the Google documentation:
xoauth_displayname:
(optional) String identifying the
application. This string is displayed
to end users on Google's authorization
confirmation page. For registered
applications, the value of this
parameter overrides the name set
during registration and also triggers
a message to the user that the
identity can't be verified. For
unregistered applications, this
parameter enables them to specify an
application name, In the case of
unregistered applications, if this
parameter is not set, Google
identifies the application using the
URL value of oauth_callback; if
neither parameter is set, Google uses
the string "anonymous".
Removing this line no longer allows me to use a 'nice' name in place of the domain, but it gets rid of that annoying yellow box :)
I'm not sure exactly where the issue may be in your code, but I've got a one page oauth/appengine/gdata example which may at least set you in the right direction. Have you tried to navigate to the site directly from the iPhone/desktop browser to see what message is delivered?
Hope it helps.
Alternatively, is it possibly to do with the user agent the UIWebView sets?