I have setup a new Rails application using devise and devise_saml_authenticatable to authenticate against Office 365.
The login unfortunately shows following error message:
Sign in
Sorry, but we’re having trouble signing you in.
AADSTS7500522: XML element 'AuthnContextClassRef' in XML namespace 'urn:oasis:names:tc:SAML:2.0:assertion' in the SAML message must be a URI.
My config/decise.rb file looks as follows:
config.saml_create_user = true
config.saml_update_user = true
config.saml_default_user_key = :email
config.saml_session_index_key = :session_index
config.saml_use_subject = true
config.idp_settings_adapter = nil
config.saml_configure do |settings|
settings.assertion_consumer_service_url = "https://localhost:3000/users/saml/auth"
settings.assertion_consumer_service_binding = "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
settings.name_identifier_format = "urn:oasis:names:tc:SAML:2.0:nameid-format:transient"
settings.issuer = "https://localhost:3000/saml/metadata"
settings.authn_context = ""
settings.idp_slo_target_url = "https://login.microsoftonline.com/common/wsfederation?wa=wsignout1.0"
settings.idp_sso_target_url = "https://login.microsoftonline.com/xxx/saml2"
settings.idp_cert_fingerprint = "E4:....."
settings.idp_cert_fingerprint_algorithm = "http://www.w3.org/2000/09/xmldsig#sha1"
end
and the "Reply URL (Assertion Consumer Service URL)" in the Azure configuration is set to
https://localhost:3000/users/saml/auth
Any ideas how to fix this?
Finally figured it out: All the Devise examples have
settings.authn_context = ""
set. If I set it to
settings.authn_context = "urn:oasis:names:tc:SAML:2.0:ac:classes:Password"
then the error disappears.
Related
I am new to shopify. Now I want to use shopify API to create a price rule, this is my source code here
I use rails 5.1.4, shopify_app 8.1.0
shop_url = "https://api_key:secret#domain/admin"
ShopifyAPI::Base.site = shop_url
prerequisite_saved_search_ids = [53677883419]
price_rule = ShopifyAPI::PriceRule.new
price_rule.title = "demodemo"
price_rule.target_name = "line_item"
price_rule.target_selection = "all"
price_rule.allocation_method = "across"
price_rule.value_type = "fixed_amount"
price_rule.value = "-10.0"
price_rule.customer_selection = "prerequisite"
price_rule.prerequisite_saved_search_ids = prerequisite_saved_search_ids
price_rule.start_at = Time.now.iso8601
res = price_rule.save
puts res
However it always return me false. If anyone has the idea? Thanks a million!
Please check this Api to create price rule(Shopify Api). I have used this Api in php and its working fine for me.
I have created App and then use Api key and secret key to generate price rule.
Thanks
For the ones coming to this question, one could fetch Price rules as per shopify_app gem for Rails applications as:
First allow your app to access read/write permissions in initializers/shopify.rb file as:
config.scope = "read_products, write_products, read_price_rules, write_price_rules"
After that you can fetch price rules as:
#price_rules = ShopifyAPI::PriceRule.find(:all, params:{id: '4171201931'})
And can also create a price rule as:
#create_price_rule = ShopifyAPI::PriceRule.new(
price_rule: {
title: "FREESHIPPING2",
target_type: "shipping_line",
target_selection: "all",
allocation_method: "each",
value_type: "percentage",
value: "-100.0",
usage_limit: 20,
customer_selection: "all",
prerequisite_subtotal_range: {
greater_than_or_equal_to: "50.0"
},
starts_at: "2017-11-19T17:59:10Z"
}
)
#create_price_rule.save
There are validations involved. Incase you want to check the response, one may inspect it like #create_price_rule.inspect
Or even you can delete a PriceRule as:
#price_rules = ShopifyAPI::PriceRule.find(:all).first
#price_rules.destroy
#last_price_rule = ShopifyAPI::PriceRule.find(4171860875)
Grafana version 4.0
Datasource influxDB
Please consider me as a beginner.
For this, how to set alerts in Grafana dashboard? alerts send to emails.
/etc/grafana/grafana.ini
I wrote SMTP config like this:
[smtp]
enabled = True
host = localhost:25
user =
If the password contains # or ; you have to wrap it with trippel
quotes. Ex """#password;"""
[emails]
welcome_email_on_sign_up = True
When I set alerts in Grafana dashboard its show error:
template variables are not supported.
Configure this /usr/share/grafana/conf/defaults.ini file as the following:
[smtp]
enabled = true
host = smtp.gmail.com:587
user = Your_Email_Address#gmail.com
password = """Your_Password"""
cert_file =
key_file =
skip_verify = true
from_address = Your_Email_Address#gmail.com
from_name = Your_Name
ehlo_identity =
In this example, I set my own Gmail account with its SMTP:
smtp.gmail.com with 587(TLS) port.
You Should find your SMTP email address with its port.
[NOTE]
Don't forget to put your password in password_field.
Mail alert grafana configuration for windows \grafana-6.4.4.windows-amd64\grafana-6.4.4\conf\defaults.ini
[smtp]
enabled = true
host = smtp.gmail.com:587
;user =
# If the password contains # or ; you have to wrap it with triple quotes. Ex """#password;"""
;password =
;cert_file =
;key_file =
skip_verify = true
from_address = your_mail_id
from_name = Grafana
;ehlo_identity = dashboard.example.com
I am working on SAML authentication
I have settings with digest and signature method in rsa-sha256, but when I create the request to redirect a authenticating user the request is in rsa-sha1 ...
In the url, there is SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1
But I want it to be rsa-sha256
Settings :
def saml_settings
settings = OneLogin::RubySaml::Settings.new({:idp_cert_fingerprint_algorithm => XMLSecurity::Document::SHA256})
settings.assertion_consumer_service_url = "..."
settings.issuer = "..."
settings.idp_sso_target_url = "..."
settings.name_identifier_format = "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress"
#settings.authn_context = "urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport"
settings.certificate = CONFIG_CERTIFICATE
settings.private_key = CONFIG_PRIVATE_KEY
settings.security[:authn_requests_signed] = true # Enable or not signature on AuthNRequest
settings.security[:logout_requests_signed] = true # Enable or not signature on Logout Request
settings.security[:logout_responses_signed] = true # Enable or not signature on Logout Response
settings.security[:digest_method] = XMLSecurity::Document::SHA256
settings.security[:signature_method] = XMLSecurity::Document::SHA256
settings.security[:embed_sign] = false
settings
end
and when I create the request :
request = OneLogin::RubySaml::Authrequest.new
redirect_to(request.create(saml_settings))
Here, request.create(saml_settings) is returning the In the url, there is SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1
How can I change this to be in rsa-sha256?
Actually, I found the anwser :
In the lib, the sha1 ou sha256 ecryption will be defined by the settings,
in the method create_params of OneLogin::RubySaml::Authrequest we have
if settings.security[:authn_requests_signed] && !settings.security[:embed_sign] && settings.private_key
params['SigAlg'] = XMLSecurity::Document::SHA1
...
end
so, I had
settings.security[:embed_sign] = false
And so the condition was TRUE. But it has to be FALSE
so I've put
settings.security[:embed_sign] = true
(actually, it has to be at true)
and
request.create(saml_settings, {:SigAlg => XMLSecurity::Document::SHA256}))
And it's done !
( cf http://www.rubydoc.info/github/onelogin/ruby-saml/OneLogin/RubySaml/Authrequest#create-instance_method )
I have the following code
shopify_store_name = ShopifyStore.where(:store_id => 98).pluck('shop').first
shopify_access_token = ShopifyStore.where(:store_id => 98).pluck('access_token').first
session = ShopifyAPI::Session.new("#{shopify_store_name}.myshopify.com", shopify_access_token)
ShopifyAPI::Base.activate_session(session)
shop = ShopifyAPI::Shop.current
# Create a new product
new_product = ShopifyAPI::Product.new
new_product.title = 'This is a new Product'
new_product.product_type = 'Type'
new_product.vendor = 'Vendor'
new_product.save
Which when run causes : Failed. Response code = 403. Response message = Forbidden.
However if I copy and paste the code in to my rails console window it works perfectly? Any one got any idea what that would be?
Thanks in advance!
403 will usually happen for permission issues.
You probably don't have the permission write_products for that token.
For those getting this error, you need to set up the permission in your shopify_app.rb initializer (in the initializers folder under config) under the scope field:
ShopifyApp.configure do |config|
config.application_name = "My Shopify App"
config.api_key = ENV['SHOPIFY_API_KEY']
config.secret = ENV['SHOPIFY_API_SECRET']
config.old_secret = ""
config.scope = "read_products,read_customers" # Consult this page for more scope options:
# https://help.shopify.com/en/api/getting-started/authentication/oauth/scopes
config.reauth_on_access_scope_changes = true
config.embedded_app = true
config.after_authenticate_job = false
config.api_version = "2020-04"
config.shop_session_repository = 'Shop'
config.allow_jwt_authentication = true
config.webhooks = [
{topic: 'app/uninstalled', address: "#{ENV['APP_URL']}/webhooks/app_uninstalled", format: 'json'},
]
end
In the script I wrote, I'm logging into Amazon successfully on behalf of the user with their credentials. Then I'm trying to fill out the form to enter a new address. Here's my current code:
class AmazonCrawler
def initialize
#agent = Mechanize.new do |agent|
agent.user_agent_alias = 'Mac Safari'
agent.follow_meta_refresh = true
agent.redirect_ok = true
end
end
def login
login_url = "https://www.amazon.com/gp/css/account/address/view.html?ie=UTF8&ref_=ya_add_address&viewID=newAddress"
#agent.get(login_url)
form = #agent.page.forms.first
form.email = "whatever#gmail.com"
form.radiobuttons.last.check
form.password = "my_password"
dashboard = #agent.submit(form)
end
end
class UsersController < ApplicationController
def index
response = AmazonCrawler.new.login
form = response.forms[1]
# fill out form
form.enterAddressFullName == "Your Name"
form.enterAddressAddressLine1 = "123 Main Street"
form.enterAddressAddressLine2 = "Apartment 34"
form.enterAddressCity = "San Francisco"
form.enterAddressStateOrRegion = "CA"
form.enterAddressPostalCode = "94101"
form.enterAddressPhoneNumber = "415-555-1212"
form.AddressType = "RES"
form.enterAddressIsDomestic = "0"
form.GateCode = ""
new_response = form.submit( form.button_with(value: /Save.*Continue/) )
end
end
I submit the form and it takes me to the same "Add an Address" form but there are no discernible errors, nothing new on the page. The new_response request has the same form filled out.
When I inspect the post request, here's what I get:
enterAddressFullName=test+user&enterAddressAddressLine1=123+Main+Street&enterAddressAddressLine2=123&enterAddressCity=san+francisco&enterAddressStateOrRegion=ca&enterAddressPostalCode=94101&enterAddressCountryCode=US&enterAddressPhoneNumber=4155551212&enterAddressIsDomestic=0&AddressType=RES&GateCode=&isDomestic=0&newAddress.x=55&newAddress.y=17&newAddress=Save+%26+Continue&addressID=&sessionId=204-4423391-1593712
The main thing that stands out to me is the last part of it:
&newAddress.x=55&newAddress.y=17&newAddress=Save+%26+Continue&addressID=&sessionId=176-3067966-1293712
I'm not setting newAddress.x or newAddress.y anywhere, I seem to be unable to.
Any ideas as to why this isn't submitting successfully? Is it an SSL issue perhaps?
newAddress is the name of the button. The .x and .y indicate where exactly on the button was clicked. There's a lot of reasons why a form will return you back, most likely it didn't like one of your values.
Figured it out. I was setting the name with the == rather than = which was causing the field to be empty