ngrok blocked by Fortinet FortiGuard - microsoft-graph-api

I would like to use ngrok for Microsoft Teams app development but it's being blocked by our FortiGuard threat protection and I cannot create a tunnel with the standard command ngrok http 80.
What do I tell our FortiGuard admin that needs to be changed in order to allow ngrok to work?
Thanks.

#colonel_claypoo If your problem persists, Can you check if you can use
tunnelrelay (Refer the URL) instead of ngrok.

In such scenario, you may need to talk to your administrator to see how to enable the ports required for NGROK. You may want to get it started from here

Related

Ngrok not passing my post request on to localhost

I'm trying to set up a webhook for Stripe and I've created a controller, according to the Stripe doc , to do it in ASP.Net MVC running in a virtual machine (maybe that changes things?). I've been testing the action in the controller to see if I can receive posts, so I'm using Postman to send my localhost posts requests which are working. But now I need to use Ngrok to give my localhost a url so that Stripe can use it. I'm running ngrok and passing in these parameters to run
ngrok http -host-header="localhost:44368" 44368
and here is what I see, everything looks ok
But now when I try and use it in Postaman
ex https://11d1ba97.ngrok.io/StripeWebHook/Index
I get a 502 Bad Gateway message and the action method never gets hit.
I get the same problem when I try and send a test webhook from Stripe.
FYI - The request times from Ngrok using 'localhost:4040' show all my response times as 0ms.
Update - I was emailed by ngrok
"The trouble is the HTTPS. ngrok terminates HTTPS traffic and then forwards the unencrypted http traffic through to your local application. You want to do one of two things:
1) make your application expose an HTTP port as well and forward traffic to that
2) use ngrok's TLS tunnels (which hand of TLS traffic to you for termination). with this option you have all the complexities of doing cert management, cert mismatches, etc, just fyi. i'd recommend #1 if possible"
Question - anyone know how to open up a http port in a ASP.Net MVC app using Https?
My problem was that the breakpoint in my application wasn't getting hit.
I was using
ngrok http 58533
but changing it to the following allowed my breakpoint to get hit.
ngrok http -host-header=rewrite localhost:58533
Bit late to the party :)
I could get http working by un-checking Enable SSL flag in Properties.
Step 1: Right click Web Api project, select Properties
Step 2: Download and install extension
https://marketplace.visualstudio.com/items?itemName=DavidProthero.NgrokExtensions
Step 3: Start ngrok Tunnel from Visual Studio
(image from https://raw.githubusercontent.com/dprothero/NgrokExtensions/master/docs/img/menu-item.png)
Step 4: Copy Forwarding http url
Step 5: Paste in Postman, and append the controller/action
you get 200! (upvotes? :))

Is there an api for the admin websocket server in dart's pub serve?

I have noticed that when I do a pub serve --mode=debug I get 2 servers one on port 8080 and the other 'admin' server on 8079. 8079 seems to be a websocket server judging by the message I get when I navigate to it.
So the question is what does it do? Can I milk it for useful debugging information, or is it just for controlling the monkeys inside the machine?
Are there any docs on this?
I haven't seen any detailed information beside this traking bug https://code.google.com/p/dart/issues/detail?id=16954
Accessing it with the browser just returns
Currently this server only accepts Web Socket connections.

OAuth: how to test with local URLs?

I am trying to test OAuth buttons, but they all (Facebook, Twitter, LinkedIn) come back with errors that seem to signal that I can not test or use them from a local URL.
How do people usually work in development with OAuth stuff if they all seem to require a non-dev and non-local connections environments?
Update October 2016: Easiest now: use lvh.me which always points to 127.0.0.1, but make sure to verify that this is still true every time you need to invoke it (because domains can expire or get taken over, and DNS poisoning is always a concern)
Previous Answer:
Since the callback request is issued by the browser, as a HTTP redirect response, you can set up your .hosts file or equivalent to point a domain that is not localhost to 127.0.0.1.
Say for example you register the following callback with Twitter: http://www.publicdomain.com/callback/. Make sure that www.publicdomain.com points to 127.0.0.1 in your hosts file, AND that twitter can do a successful DNS lookup on www.publicdomain.com, i.e the domain needs to exist and the specific callback should probably return a 200 status message if requested.
EDIT:
I just read the following article: http://www.tonyamoyal.com/2009/08/17/how-to-quickly-set-up-a-test-for-twitter-oauth-authentication-from-your-local-machine, which was linked to from this question: Twitter oAuth callbackUrl - localhost development.
To quote the article:
You can use bit.ly, a URL shortening service. Just shorten the [localhost URL such as http//localhost:8080/twitter_callback] and register the shortened URL as the callback in your Twitter app.
This should be easier than fiddling around in the .hosts file.
Note that now (Aug '14) bit.ly is not allowing link forwarding to localhost; however Google link shortener works.
PS edit: (Nov '18): Google link shortener stopped giving support for localhost or 127.0.0.1.
You can also use ngrok: https://ngrok.com/. I use it all the time to have a public server running on my localhost. Hope this helps.
Another options which even provides your own custom domain for free are serveo.net and https://localtunnel.github.io/www/
Or you can use https://tolocalhost.com/ and configure how it should redirect a callback to your local site. You can specify the hostname (if different from localhost, i.e. yourapp.local and the port number). For development purposes only.
For Mac users, edit the /etc/hosts file. You have to use sudo vi /etc/hosts if its read-only. After authorization, the oauth server sends the callback URL, and since that callback URL is rendered on your local browser, the local DNS setting will work:
127.0.0.1 mylocal.com
Set your local domain to mywebsite.example.com (and redirect it to localhost) -- even though the usual is to use mywebsite.dev. This will allow robust automatic testing.
Although authorizing .test and .dev is not allowed, authorizing example.com is allowed in google oauth2.
(You can redirect any domain to localhost in your hosts file (unix/linux: /etc/hosts))
Why mywebsite.example.com?
Because example.com is a reserved domain name. So
there would be no naming conflicts on your machine.
no data-risk if your test system exposes data
to not-redirected-by-mistake.example.com.
You can edit the hosts file on windows or linux
Windows : C:\Windows\System32\Drivers\etc\hosts
Linux : /etc/hosts
localhost name resolution is handled within DNS itself.
127.0.0.1 mywebsite.com
after you finish your tests you just comment the line you add to disable it
127.0.0.1 mywebsite.com
Google doesn't allow test auth api on localhost using http://webporject.dev or .loc and .etc and google short link that shortened your local url(http://webporject.dev) also bit.ly :). Google accepts only url which starts http://localhost/...
if you want to test google auth api you should follow these steps ...
if you use openserver go to settings panel and click on aliases tab and click on dropdown then find localhost and choose it.
now you should choose your local web project root folder by clicking the next dropdown that is next to first dropdown.
and click on a button called add and restart opensever.
now your local project available on this link http://localhost/
also you can paste this local url to google auth api to redirect url field...
This answer applies only to Google OAuth
It is actually very simple and I am surprised it worked for me (I am still sceptical of what my eyes are seeing).
Apparently you can add localhost as a trusted domain on the Google Developer Console, since localhost is an exception for most rules as you can see here.
This can be done on this page under OAuth 2.0 Client IDs. Click edit and then add http://localhost:8000 or similar ports, and hit save.
It is crucial that you include http or https in the input box.
HTTP or HTTPS?
I am once again surprised that Google allows http, although do note that there is a minor security risk if your application has been released to production.
If you want to be extra cautious, you can choose to stick with https. This will require you to set up an SSL certificate on your localhost server.
This is easier than you think, since the SSL certificate needs not be valid. Many http servers should give you this option. You will have to click the "proceed anyway" button anyway in your browser to bypass the big red warning.
This is more secure than http since either a) users will see a big red warning if hackers are trying something phishy, or b) the only time they won't see this warning is if the user intentionally set up a self-hosted SSL certificate, in which case they probably know what they are doing (I suppose a virus could technically do this as well, but at that stage they've already gotten enough control of a user's system to do anything they want).
I ran into some issues with the tools mentioned in other answers such as http://tolocalhost.com not forwarding query parameters (not to mention you have to visit the page and configure it first, same case with https://thomasmcdonald.github.io/Localhost-uri-Redirector/) and http://lvh.me not being useful to me because I run a proxy on my local machine and need the public URL to point to a private URL like http://mywebsite.dev.
So I made my own tool that filled my needs and may fill yours:
https://redirectmeto.com
Examples:
https://redirectmeto.com/https://www.google.com/search?q=puppies
http://redirectmeto.com/http://localhost:4000/oauth/authorize
http://redirectmeto.com/http://client.dev/page
Another valuable option would be https://github.com/ThomasMcDonald/Localhost-uri-Redirector. It's a very simple html page that redirects to whatever host and port you configure in the UI.
The page is hosted on Github https://thomasmcdonald.github.io/Localhost-uri-Redirector, so you can use that as your OAuth2 redirect url and configure you target host and port in the UI and it will just redirect to your app
If you have a domain, you can create a subdomain that redirects to your local entry point, it works for me
I created a public subdomain : oauth-test-local.alexisgatuingt.fr that redirects you to http:127.0.0.1:8000/oauth/callback/google with the returned data
Taking Google OAuth as reference
In your OAuth client Tab
Add your App URI example(http://localhost:3000) to Authorized JavaScript origins URIs
In your OAuth consent screen
Add mywebsite.com to Authorized domains
Edit the hosts file on windows or linux Windows C:\Windows\System32\Drivers\etc\hosts Linux : /etc/hosts to add 127.0.0.1 mywebsite.com (N.B. Comment out any if there is any other 127.0.0.1)

How to set up my xampp so that when i type my ip to get my custom made site

What i want to do is to set xampp so that when i give my ip to someone they can access my site. The reason for me to find something like this is cause i want to embed paypal testing to my site and it is needed to set a URL for the customers to return to my site when they complete their transactions... I run XAMPP 1.7.7 and my modem is a siemens. Also is there any free way to get a url ie blahblahblah.net or something like this?
In order to do this you will need to set up port forwarding on your router to your web server on your machine (you will have to look at your Siemens router documentation on how to do this). You will only be able to do use a custom URL if your router suports dynamic DNS, which most modern routers do. This required because probably the way you access the Internet your IP address can change each time you log in. If this is the case, you can get one free domain for this purpose at DynDNS.

How can I get Yahoo OAuth to work when I develop locally when my local domain is not registered with Yahoo?

I'm working on an app that uses Yahoo OAuth. The OAuth had been working fine but I just registered my domain with Yahoo and now it will not let me use the OAuth when I develop locally because
"Custom port is not allowed or the host is not registered with this consumer key."
The issue is because my call back URL is to a domain that is not registered with Yahoo (http://localhost:8080/welcome).
I'm not sure what to do. I'm also new to development so if you could be specific with suggestions that would be awesome! Any help is greatly appreciated.
Hiii... yahoo works on localhost :).. what you have to do is while registering for a yahoo consumer key and secret key, the registration page asks you what type of application is yours. I guess it gives you two options , website and the oder one as stand alone app. Choose stand alone app as in your case. Then it will give you a pair of keys, and it will work on localhost :). Enjoy!
It looks like Yahoo! doesn't want you to do this. Some answers from similar questions might be helpful (or not):
How do I develop against OAuth locally?
401 Unauthorized using Yahoo OAuth
Yahoo OAuth question
EDIT: more evidence Yahoo! doesn't support this: http://developer.yahoo.net/forum/?showtopic=6496&cookiecheckonly=1
I found the simplest solution was just to register for a separate key for my development environment. As long as you don't verify the domain for that key, you shouldn't hit any issues.
After many attempts, I too came to the conclusion that Yahoo's redirect_uri does not seem to work with ports other than 80.
The one solution that worked for me:
Download ngrok
Run the app and input ngrok http xxxx in the console - where xxxx is the port you are trying to access
The command will generate a http://xxxxxx.ngrok.io forwarding link that can be used for Yahoo's needs
Create a new Installed Application at https://developer.yahoo.com/apps/create/ and input http://xxxxxx.ngrok.io in the Callback Domain field.
Links should now work with this redirect_uri
Addressing Muhammad's comment in Vignes's answer here because I can't comment. You should be able to use a callback with a stand alone app if you specify 127.0.0.1 as the callback domain. You may also needed to change the port that your local server is listening to, because you cannot request that yahoo use e.g. port 8000. Make sure your local server is listening to port 80.
As of writing, setting the Application Type to Installed Application and then leaving the Callback Domain blank will give you errors.
What works is configuring 127.0.0.1 as the Callback Domain for the app. This works regardless if you are choosing Web Application or Installed Application as the Application Type. However, Yahoo! does not accept callback URLs with ports in it so you have to make sure your app listens to port 80 (or 443 if https) when running locally.
Another less ideal option would be using some random non-existent domain like local.dev.env.com as Callback Domain and then editing your hosts file by adding this:
127.0.0.1 local.dev.env.com
This will forward all requests on local.dev.env.com to 127.0.0.1.

Resources