I have had a small program using the js api working on "http://test.de"
So my SDK Domains appears as so:
Now I want to move the api across a handful of subdomains of test.de
So I altered the SDK Domains as so:
Which does not work.
Throwing this error:
It will work if I specifically set up the subdomain on the Valid SDK Domains as so:
So how can I make the Valid SDK Domains accept all subdomains of an approved url?
Based on the documentation from LinkedIn and other material on the matter, you cannot use a wildcard in the list of valid sdk domain names.
The documentation states:
Provide a comma-separated list of fully qualified domain names, including the protocol (i.e. http, https) and any non-standard port numbers.
What you expect from the API will be very helpful but doesn't look to be available from LinkedIn, at-least as of now.
Related
Consider the case where you have some knowledge you want to name and you want to put it into a knowledge graph format like the resource description framework (RDF). However, you don't have an email, a web domain, or access to a namespace authority to generate a URI for the RDF knowledge graph.
This rules out tag uris, cool uris, and most other schemes, respectively.
Some possible options that I am not entirely happy with for the mentioned reasons:
http://localhost/myConcept but this implies a resolvable location. It might also still imply identical concepts for all interpreters of your knowledge graph.
file:///myConcept file scheme but this implies there is a resolvable physical location.
urn:uuid:f81d4fae-7dec-11d0-a765-00a0c91e6bf6 uuid scheme, but this doesn't let you put a human readable component in the URI. It would be great if the uuid scheme allowed urn:uuid:f81d4fae-7dec-11d0-a765-00a0c91e6bf6/myConcept
Magnet uris were envisioned to help communicate between local machines and the web. But they remain a draft, aren't well defined, and the examples reuse other schemes that depend on naming authorities.
data:,myConcept data scheme but this also depends on registering a mime type, and as far as I can tell there aren't any mime types for abstract concepts. It also fails to encode any type of uniqueness such as would be the case with encoded files or communicate that this concept is only locally unique.
informal schemes like urn:sha1:, but these imply that there is some content to be hashed - and concepts with identical names but different meanings would get assigned the same hash.
What I am looking for identifies a concept in a unique way on a local machine that when communicated with others implies that the concept name can only be interpreted as unique in that single communication and may not be integrated with other knowledge graphs before being altered to be globally unique. It also doesn't rely on any namespace authorities or emails (which also require registration). Does such a scheme exist (maybe informally)? What would you do given the constraints?
Edit: Just want to clarify my view on emails and web domains. Emails are easy and the registration process is completely automated - you can sign up for one immediately. However, you are dependent on that organization to maintain the email registry, not kick you out (like if your email account is inactive), and not go out of business. Personal web domains require a subscription and it should not be required that publishers of data also pay an upkeep fee. This would likely lead to deregistration when they no longer want to pay the fee and the data can now become ambiguous if another user reuses those URIs for other purposes. Free web domains like yourName.github.io have the same issues as email addresses.
My company is wanting to implement OpenID Connect via Oauth 2.0 across our client software, which comes in Windows, HTML5, Android, IOS, etc. Toward that end, we are trying to find a way of getting the login info back that will work across these platforms.
Our understanding was that a custom uri scheme (i.e., companyname://) was the recommended way of going forward, and we have verified on our end that that would work. However, we have yet to be able to find a provider that would support that configuration. So far OneLogin & Google are both locked to https:// (or http:// for dev), which leaves us something of a conundrum.
So essentially, my question is, were we misled about the custom uri scheme? If so, is there another method we can use that will allow our web & standalone apps to pick up the return info from whichever OpenID providers we go with? We want to keep it open as possible, so we're trying to avoid lock-in APIs and suchlike. Any advice would be appreciated. Thanks.
We do support the custom URI redirect. You'll need to select right type of client when creating a client id on Google developer console.
See the details here.
https://developers.google.com/identity/protocols/OAuth2InstalledApp
One way to support any provider is that you use a Web flow to redirect to a page on your site and then your website does a redirect to a custom scheme.
I am building a web application where development teams can install and use inside their companies. I am exploring the possibility of adding SSO support with Github since it is very convenient for developers.
In Github API, Auth0, Google etc. you need to specify Callback URLs.
The problem is that since everybody can deploy an instance of my application they can host it under any valid domain or just use a local ip address. So the Callback URLs cannot be predefined.
One option is to instruct people to deploy the app under certain local domains/subdomains. However, I don't think this is a good solution.
Do you know any other options that might solve my problem?
Is SSO only suitable for apps that run under global(already known) domains?
I know this isn't exactly a how-to question, but Linked-In Support directed me to StackOverflow when I asked them this question, and I cannot find the answer anywhere after googling/searching the forums:
Per the LinkedIn APIs Terms of Use (https://developer.linkedin.com/documents/linkedin-apis-terms-use), section E.1, second bullet point:
Don’t try to exceed or circumvent your limitations on calls and use.
This includes creating multiple Applications for identical, or largely
similar, usage (e.g., having one Application per customer). If we
believe that you have exceeded or circumvented our limitations, or if
you have tried to, we may temporarily suspend or permanently block
your access to the APIs, disable your developer account, or both.
It sounds like I'm not allowed to create multiple instances of an application. However, the nature of my software is that each of my clients gets a subdomain and runs an instance of my app on a server particular to that client. Each client thus needs their own OAuth redirect_uri, and the only solution that I can think of is to create an application for each of my clients (which are organizations and not individual users).
Does this practice violate the TOS, and if so, what's a viable alternative?
If this practice is allowed, what is the maximum number of applications (and API keys) I can create?
Thanks in advance.
Register a single client/app but add multiple RedirectURI's for that instance, one for each customer/domain. This is allowed per LinkedIn documentation by adding multiple URLs in the OAuth 2.0 Redirect URLs text area, separated by a comma:
OAuth 2.0 Redirect URLs: Comma separated list of absolute URLs allowed
for OAuth 2.0 redirections.
BACKGROUND
I have a number of Ruby plugins for SiriProxy I have either written myself or use others for voice control of my home (https://github.com/elvisimprsntr?tab=repositories). SiriProxy is basically a MITM proxy which allows one to interject your own actions and responses into the Siri protocol. Unfortunately, Apple made some extensive changes to the Siri protocol which breaks SiriProxy in iOS 7. Siri in iOS 7 uses MPTCP, a new ACE protocol, and possibly different certificates. We have been unsuccessful getting SiriProxy to work with iOS 7. (https://github.com/plamoni/SiriProxy/issues/542)
ALTERNATIVE TO SIRI
Since it is highly unlikely that Apple will ever release a public API for Siri, or automator apps like AutoVoice and Tasker on iOS, I thought an alternative would be use the Google voice search app which is available for both iOS and Android, which there are a number of advantages:
- Speech to Text is performed on the device.
- Does not use MPTCP, HTTPS, or require a login
- The Google voice search simply builds an HTTP GET google search query URL. In some cases the app will speak the response.
- I think the google search uses cookies, but not sure if that is critical.
REQUIREMENTS
I have read a number of posts, forums, etc. looking for the best way to approach this, unfortunately there seems to be a number of ways to approach this.
- Must be implemented in Ruby in order to maximize reuse of existing SiriProxy plugins.
- A proxy which would allow me to parse the URL for keywords in the search query.
- Allow me to simply pass the results of the google query when a keyword match is not made.
- Allow me to replace the google search results my own response.
QUESTION
What I am struggling with in where to begin. I can’t be the first one to have a need for a similar proxy in Ruby. Any suggestions would be welcome.
UPDATE: REF POSTS
Help with HTTP Intercepting Proxy in Ruby?
accessing a website through a proxy using Net::HTTP proxy in ruby
Ruby Eventmachine & HTTP requests via proxy
How to create proxy server in ruby that accepts HTTPS
Ruby MITM proxy
best today is mitmproxy (python) and then communicate between python and ruby somehow (RPC-style) and python runs with mitmdump -s your-script.py