I have the following conflict that I have the platform with Sanctum and Swagger for documentation, the issue is that it is not taking the token that I generate from the user when I am in production server.
I have everything configured I think correctly attached files
config/auth.php
'guards' => [
'web' => [
'driver' => 'session',
'provider' => 'users',
],
'api' => [
'driver' => 'token',
'provider' => 'users',
'hash' => false,
],
],
Route/api.php
I made this checkpoint to test that everything is working fine. And I realized that everything is failing here because if I remove the middleware it brings me the data, but if I leave it it does not bring me the data even if I pass the bearer token through postman.
Route::middleware('auth:sanctum')->get('/testeo', function () { //Not worked
return Project::all();
});
Route::get('/testeo', function () { //worked
return Project::all();
});
I checked that the token was saved in DB and matched with the user and everything is fine and still with the same problem at least when I do the tests on the server in real time client (apache), otherwise it happens if I do it locally with (Laragon) and that's what I can not understand because on 1 side with postman if it works and when I try it in real time does not work and throws me unauthorized.
If more data is missing let me know I think those are the main files in configuration.
Related
I have successfully integrated Quickbook accounting APIs with the Development Keys and Credentials. Moreover, when I put Production Keys and Secret, I got an error with status code (403), and later I got to know that is because of scopes.
I noticed there is a function called "getScope()" to check the token scopes. I went to try that and get the following error:
Can't get OAuth 2 Scope. It is not set.
I even tried using access and refresh tokens from the API playground. Still, the error is there.
Here is my code snippet:
$dataService = DataService::Configure(array(
'auth_mode' => 'oauth2',
'ClientID' => $quickBookData->client_id,
'ClientSecret' => $quickBookData->client_secret,
'accessTokenKey' => $quickBookData->access_token,
'refreshTokenKey' => $quickBookData->refresh_token,
'QBORealmID' => $quickBookData->realm_id,
'baseUrl' => "production",
));
$OAuth2LoginHelper = $dataService->getOAuth2LoginHelper();
$scopes = $OAuth2LoginHelper->getScope();
I'm trying to implement SSO via SAML and using my application as both the IdP (routes are based off localhost:3000) and SP (routes based off lvh.me:3000). I used the saml_idp gem to set up the IdP and the omniauth-saml gem for the SP side.
I can get a request sent to the IdP and a response sent back if I bypass the validate_saml_request method in the SamlIdpController in the gem. The response I get returns the user's email and first/last name per what I configured in the config/saml_idp.rb file.
I really don't want to bypass the validate_saml_request. When I looked to see why my request is not being validated, I see that the logs return '[] compare to lvh.me' and 'No acceptable AssertionConsumerServiceURL, either configure them via config.service_provider.response_hosts or match to your metadata_url_host'.
For SPs, my config/saml_idp.rb file looks like:
service_providers = {
"my-application" => {
fingerprint: ENV['SAML_CERT_FINGERPRINT'],
metadata_url: "http://lvh.me:3000/auth/saml/metadata",
response_hosts: ["lvh.me:3000"]
},
}
I confirmed that the metadata does exist at that metadata_url as well. Not really sure why it's not pulling anything via the metadata_url or response_hosts via the config.
On my SP side, the config/omniauth.rb file looks like:
Rails.application.config.middleware.use OmniAuth::Builder do
provider :saml,
:assertion_consumer_service_url => "http://lvh.me:3000/auth/saml/callback",
:issuer => "portal",
:idp_sso_target_url => "http://localhost:3000/saml/auth",
:idp_sso_target_url_runtime_params => {:original_request_param => :mapped_idp_param},
:idp_cert => ENV['SAML_CERT'],
:idp_cert_fingerprint => ENV['SAML_CERT_FINGERPRINT'],
:idp_cert_fingerprint_validator => lambda { |fingerprint| fingerprint },
:name_identifier_format => "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress"
end
While I was unable to get it working using this piece of configuration in the config/saml_idp.rb file, I only needed to have the IdP interact with one SP and was able to get it working by adjusting what I passed to response_hosts and using another part of the code given in the config file (example below):
config.service_provider.finder = ->(issuer_or_entity_id) do
{
fingerprint: ENV['SAML_CERT_FINGERPRINT'],
metadata_url: "http://lvh.me:3000/saml/metadata",
response_hosts: ["lvh.me"]
}
end
From the documentation
Check the format of the registration token you pass to the server. Make sure it matches the registration token the client app receives from registering with Firebase Notifications. Do not truncate or add additional characters.
So I checked FCM token that iOS app receives with the token that database stores. They are identical
Nevertheless, I keep receiving the same error over and over again
"result":{
"multicast_id":8326997376324259978,
"success":0,
"failure":1,
"canonical_ids":0,
"results":[{
"error":"InvalidRegistration"
}
]}
Can somebody open my eyes to what is missed?
....pleeeeease
While fcm request preparation
private function sendPushNotificationToIOS($tokens, $notification) {
$fields = array(
'registration_ids' => $tokens,
'priority' => 'high',
'content_available' => true,
'mutable_content' => true,
'notification' => $notification,
'data' => $notification,
);
}
I sent $tokens as Laravel collection, that is why I didn't get any error from my server.
So make sure you use Array.
I have noticed an issue. If I copy Amazon URL with search results and somebody with another IP opens it then the results can be different.
For example:
https://www.amazon.com/s/ref=sr_nr_p_36_0?lo=toys-and-games&rh=n%3A165793011%2Cp_72%3A1248964011&sort=price-desc-rank&low-price=34.99&high-price=34.99
If you open this URL in from Dallas IP you'll get 102 pages with results.
If you open it with Honolulu IP you'll get 101 pages.
If you open it from Russian IP you'll get 93 pages.
Is that possible to specify US ZIP code for shipping right in the url so that it displays same results for every IP address?
Another little issue I have noticed - it displays different page layout for different people. Sometimes it's default blue links, sometimes it has silver buttons. Maybe somebody knows how to lock the design to one layout with url parameters? :)
There is no simple solution, so here is my complicated way.
The idea is: you must send the same request which is get sent when you manually change ZIP in your browser. Then your ZIP code will be remembered for you session.
Here is my solution in PHP using GuzzleHttp Client:
$jar = new \GuzzleHttp\Cookie\CookieJar();
$client = new \GuzzleHttp\Client([
'headers' => [
'accept' => 'text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8',
'accept-language' => 'en;q=0.8',
'user-agent' => '', //set some User-Agent or just leave it empty cos it works too
'x-requested-with' => 'XMLHttpRequest'
],
'cookies' => $jar,
]);
try {
$client->post('https://www.amazon.com/gp/delivery/ajax/address-change.html', [
'form_params' => [
'locationType' => 'LOCATION_INPUT',
'zipCode' => '11219', //YOUR ZIP HERE
'storeContext' => 'office-products',
'deviceType' => 'web',
'pageType' => 'Detail',
'actionSource' => 'glow',
]
]);
} catch (RequestException $e) {
echo "Failed to set ZIP";
}
$response = $client->get('...'); //get any other page from Amazon, now it will have proper ZIP
I'm using awesome Guzzle feature - cookies container: http://docs.guzzlephp.org/en/stable/request-options.html#cookies
It can remember and process cookies between requests just like browser would do.
In all further requests you should keep using these cookies and it will return you results for your ZIP.
Of course you can process cookies manually, Guzzle isn't required but makes things simpler.
I'm using social auth with Socialite / Laravel 5 ( Google & FB)
With Google, I can make it work in local,
I define Redirect URL to :
http://laravel.dev:8000/auth/login/google
in Google Console
But then, when I try to configure server access, I put
https://example.com/auth/login/google
I get:
Error: redirect_uri_mismatch
In my code, I've put a .env variable
APP_BASE = https://example.com
And in config/services.php
I have :
'google' => [
'client_id' => env('GOOGLE_CLIENT_ID'),
'client_secret' => env('GOOGLE_CLIENT_SECRET'),
'redirect' => env('URL_BASE').'auth/login/google',
]
Once more, this works great in local...
What's wrong with my code???
I think env('URL_BASE') should be env('APP_URL').