in the company where I work we have tried to integrate the Hubspot API through OAuth, however, we have not been successful in capturing the code that is generated after logging into hubspot and generating the tokens for the session.
We have tried using the Oracle configuration for handling tokens that APEX brings, it has been configured with the PL / SQL code to obtain the information and through Javascript and with none of these has been possible. Attached photos of what has been done. It should be noted that testing in Postman works since at some point we thought that we had configured something wrong in hubspot but that is not the case.
apex_web_service.g_request_headers.DELETE();
l_clob := apex_web_service.make_rest_request(
p_url => 'https://app.hubspot.com/oauth/APP_ID/authorize?client_id=MyCODEb&redirect_uri=MY_CallBack&scope=oauth accounting',
p_http_method => 'GET'
);
v_status := apex_web_service.g_status_code;
:P2_NEW_1:= v_status || '- GET';
The code above launches the home screen in Hubspot however it fails to capture the code it generates and throws an authentication error.
Related
Background:
I've got a project in Cloud Run with two services, both mapped to custom domains. The production site is mysite.com and the development site is dev.mysite.com. I deployed the development site with the --no-allow-unauthenticated flag to prevent public viewing. I want developers to be able to view the site in a browser though. Based on what I've read the "solution" Google currently has isn't great. You have to run the command gcloud auth print-identity-token to identify your Bearer token then use the ModHeader browser extension to modify the request header. The token is constantly changing and having ModHeader enabled to change the request header breaks authentication on other pages, so it is big PITA, but it works, mostly.
Question:
What doesn't work is having the development site load images from the Google Cloud Storage Bucket. Every resource which should be pulled from the bucket results in a 403 error for that resource, but the page loads fine otherwise. I'm the project owner (i.e. my email address is the "owner") and have admin rights on everything including the bucket in question. The bucket's Access Control is set to "Fine-grained: Object-level ACLs". When I deploy the project using the --allow-unauthenticated the images are accessible. Why isn't the bucket honoring my token?
Update:
I'm not 100% sure, but I think the issue might be related to the fact that ModHeader applies its rules to ALL open tabs. I tried another header modification extension named Requestly which allows rules to be targeted to specific URLs and now my development site is loading images as expected.
I'm trying to set up OAuth to use between my website and Yahoo Fantasy Sports but getting the error message "Fatal error: Uncaught Error: Class 'OAuth' not found". I'm completely new to OAuth and the process described below is the first time I'm dabbling with this.
I've registered for a Yahoo API key and secret and am using them in this code in PHP to try to set up a basic test connection:
$o = new OAuth( $consumer_key, $consumer_secret,
OAUTH_SIG_METHOD_HMACSHA1,
OAUTH_AUTH_TYPE_URI );
Having searched here, I know I need an OAuth extension and PHPoAuthLib was recommended in another post. I've followed the instructions to install it on the web server via Composer (which basically seemed to be composer require lusitanian/oauth in SSH) but am still getting the "Uncaught Error" message. The php/ext folder on my server is empty and I'm don't know if that is a bad sign.
I've run a phpinfo() file on the server and it does not show oAuth. I've also read that I probably need to load the extension in a php.ini file on my server but I don't know exactly how I would do that for the PHPoAuthLib extension. I tried extension=oauth or extension=oauth.so but didn't seem to work.
Any help would be much appreciated! I'm not wedded to that particular extension (I've also seen a recommendation elsewhere for a Python Yahoo OAuth extension but I know nothing about Python or using 'pip')... I just feel like I'm going around in circles trying to figure out each step.
After trying both PHP and Python OAuth extensions mentioned above, it turned out my web hosting provider prevents custom installations via SSH on shared web hosting for security reasons, but was able to install the HTTP OAuth PEAR module that is available via cPanel to enable OAuth to be used.
I am working on SSO authentification system using SAML2 protocol. Since i do not have the real IDP informations yet, i needed test environment so i used this docker image which worked like a charm. I am able to access it through localhost:8080 without any problem and also to log in with test account.
But then, when i try to log into my SP (the website i am working on), though i am well redirected to the idp at localhost:8080/simplesaml/saml2/idp/SSOService.php, i got an error telling me metadata not found. here is the stack trace :
SimpleSAML_Error_MetadataNotFound: METADATANOTFOUND('%ENTITYID%' => '\'\'')
Backtrace:
3 lib/SimpleSAML/Metadata/MetaDataStorageHandler.php:300 (SimpleSAML_Metadata_MetaDataStorageHandler::getMetaData)
2 lib/SimpleSAML/Metadata/MetaDataStorageHandler.php:320 (SimpleSAML_Metadata_MetaDataStorageHandler::getMetaDataConfig)
1 modules/saml/lib/IdP/SAML2.php:330 (sspmod_saml_IdP_SAML2::receiveAuthnRequest)
0 www/saml2/idp/SSOService.php:19 (N/A)
Did anybody ever faced the same one ? Because i don't really understand where SimpleSAMLphp try to get those metadata.
NOTE :
I am manually able to find metadata at localhost:8080/simplesaml/saml2/idp/metadata.php
It is an old project i am working for and it is a fork of symfony 1 so i can't use more recent plugins. So for SSO i use this plugin on service provider side.
Finally solved. The Authn Request i sent contained empty "issuer" field and this one was needed on idp side since simpleSAMLphp seemes to store SP Metadata in an array like Metdata['spName']. So of course their was no entry for the empty string as key.
We have the requirement to fetch an attachment to an Orbeon form from a simple automation script. We found the "List Forms Attachments" API (https://doc.orbeon.com/form-runner/api/persistence/list-form-data-attachments.html) and are trying to call it using a simple "curl" script that runs on the same host as the Orbeon Tomcat instance:
curl -v "http://localhost:8080/orbeon/fr/service/$app/$form/attachments?document=$docid"
This returns an HTTP 403 (Forbidden), and even after reading whatever doc we can find on Orbeon security, we're still scratching our heads over how to configure Orbeon. Is there a simple configuration example showing an Orbeon configuration that would allow the API to be called from a local script like ours? We are running Orbeon CE 2017.1.
If getting this API to work is an ordeal, the other option we'd consider would be a database solution. We have Orbeon running on a MySQL persistence layer, and the same script we're using also has access to this database. Is there an easy way to take a submitted form's XML and fetch the attachment for a given form field?
We see in the submitted form's XML that the attachment tag looks like this:
<File1 filename="Original Filename.doc" mediatype="application/msword" size="14236">
file:/tmp/tomcat7-tomcat7-tmp/xforms_upload_7266596219758922423.tmp?filename=Original+Filename+doc&mediatype=application%2Fmsword&size=14236&mac=fc2febb1227e93643a048fbb02abc16bba346531
</File1>
When we scan the orbeon_form_data_attach database table, we see a row with the file content we expect, but the file_name column doesn't match the file information in the form's XML above...in this example, the file_name on the database is 1af8cd16367470362e13f77e679c0ae590e1f4a5.bin. Some of our forms have multiple attachments, and there doesn't seem to be a direct way to go from the form XML to the file_name in the database table.
Either of these solutions would be fine for us - we just need a way to get the attachments for a form from a simple script.
For reference, the relevant documentation is Authorization of Pages and Services.
You can, although this is not to be done for production but only testing and development, open all services without authentication. See this section. Otherwise, you need to setup an authorization service.
The server is running a custom REST endpoint configured using the following line
org.neo4j.server.webadmin.data.uri=/db/abc
in neo4j-server.properties. REST is then working fine using /db/abc, but then the browser client (http://$SERVERHOST:7474/browser) stops working and displays the Disconnected from Neo4j message. Packet sniffing indicates it is still trying to connect to db/data. Clearing local web caches doesn't help. Is there a way to point the browser client to use a custom endpoint?
Sources indicate that /db/data is possibly hardcoded into the browser as part of client "Settings" (see line 23). There is supposedly a way to reconfigure these settings using the :config command in the client, but the command bar is only available when the client is already connected to the server.
Is there a way to get this to work, or is it possibly a bug in the browser client?
Current option is to download source code of the browser and change what you need.
https://github.com/neo4j/neo4j/tree/2.3/community/browser