Our app (parseSDK 1.13) has a parse-server (2.2.15) backend and sometimes (reproduceable) the user's session gets destroyed. After loading some custom objects from parse-server, the app (or more precise: parse-SDK) sends a strange request to parse-server to set the user password while i'm not doing any register/login/pw-reset related action:
Request: POST /parse/batch
{"requests": [{
"path": "\/parse\/classes\/_User\/abcu45BFAd",
"method": "PUT",
"body": {
"password": "xyz"
}
}]}
Response:
[{
"success": {
"updatedAt": "2016-07-05T23:04:51.041Z"
}
}]
After that request, the server completely destroys the Session entry in the database without any notice. All following requests fail with error 209 (invalid session token).
I do not intent to set/update the pssword and i cannot find, where this request comes from. Any hints are highly appreciated, thanks.
Should be fixed with upcoming 2.2.17
Related
I'm trying to make a Git push request to our Azure Devops server via the API. The address is https://MYSITE.visualstudio.com/MYPROJECT/_apis/git/repositories/2b34d4f7-2c1f-42e7-8861-u0ba34f72b40/pushes?api-version=5.1 and the body is as follows:
{
"commits": [
{
"comment": "Just a dummy commit",
"changes": [
{
"changeType": "edit",
"item": {
"path": "/src/MYPROJECT/MYPROJECT.csproj"
},
"newContent": {
"content": "beans",
"contentType": "rawText"
}
}
]
}
],
"refUpdates": [
{
"name": "refs/heads/TestDummyPRs/upgradeProjectToLatest",
"oldObjectId": "058da4f3328cb1048cb43faf3b5158bc3b025615"
}
]
}
I'm getting the following error:
Web Request Failed after 4 attempts. Request: https://MYSITE.visualstudio.com/MYPROJECT/_apis/git/repositories/2b34d4f7-2c1f-42e7-8861-u0ba34f72b40/pushes?api-version=5.1. Status: BadRequest. Response: Invalid status code [BadRequest]. Response: {"$id":"1","innerException":null,"message":"The parameters are incorrect. A posted push must contain exactly one commit and one refUpdate.\r\nParameter name: newPush","typeName":"Microsoft.TeamFoundation.SourceControl.WebServer.InvalidArgumentValueException, Microsoft.TeamFoundation.SourceControl.WebServer","typeKey":"InvalidArgumentValueException","errorCode":0,"eventId":0}
"A posted push must contain exactly one commit and one refUpdate" doesn't seem entirely reasonable as that's exactly what I have in my body. Does anybody know what might be going on here?
Note that I am having no issues making other web requests, such as creating branches or retrieving file contents.
I expected my web request to proceed smoothly, and to create a Push containing the specified commit to the specified refUpdate.
I have made a manual push for via the Azure Devops web interface and caught the network traffic, and I grabbed the following JSON request out of it:
{
"commits": [
{
"changes": [
{
"changeType": 2,
"item": {
"path": "/src/MYPROJECT/MYPROJECT.csproj"
},
"newContent": {
"content": "beans",
"contentType": 0
}
}
],
"comment": "Just a dummy commit"
}
],
"refUpdates": [
{
"name": ""refs/heads/TestDummyPRs/upgradeProjectToLatest",
"oldObjectId": "058da4f3328cb1048cb43faf3b5158bc3b025615"
}
]
}
This seems to be meaningfully identical to the Push I'm making from my code, other than the enum fields using numerical values instead of text. I have tried my code with numerical values for enums, but that didn't change anything about the error.
I found the issue. The web request from my application was being sent with UTF-16 encoding, whereas Postman had defaulted to UTF-8 encoding. I changed my application to use UTF-8 and it worked.
Problem
When fulfilling SYNC requests, QUERY requests and ReportState calls, I'm reporting all devices as "online": true. I can see this value being correctly read by Google, in that the values appear set on the ReportState Dashboard test tool. Android works fine, showing the device online ("Linked to you") after a brief query ("Connecting..."). Converesly, when using the iOS mobile client, as the user goes into the page for a device, it queries only to then report the device as being offline. Both the dashboard and JSON responses to calls all show "online": true. If the user tries interacting with the device, for example turning it on, it works.
QUERY Response
{
"requestId": "ARequestId",
"payload": {
"devices": [{
"id": "ADeviceId",
"online": true,
"status": "SUCCESS"
}]
}
}
Notes
This could be a bug in the iOS client, but it seems much more likely it's a bug in my code or misunderstanding on my part as this is my first Smart Home Action.
I've tried including "online": true all over the place, e.g. in SYNC, QUERY and ReportState calls. This has at least given the dashboard awareness of the initial online state, but not helped the iOS client.
In general, ReportState seems to work fine, in that my changes are reflected in the dashboard.
Screenshots
Note the contradiction between the test tool's state and the iOS client's indication.
ReportState Dashboard showing online=true
iOS Google Home Client showing same device as offline
I came back to this issue after around a year away from this project. It turns out that this is actually due to misreading the response structure of the QUERY Intent. The SYNC Intent expects an array of objects with "id" fields. The QUERY Intent expects a dictionary keyed by the id.
Bizarrely, even though this is back-end to back-end, and no error is thrown by the Google side, an Android client seems to handle this fine, but the iOS client doesn't.
Essentially, yes there is a bug there somewhere with iOS in as much as it ought to behave the same as Android, and similarly there ought to be a 400 error for the bad request format, but the error was essentially in my response structure.
A Correct SYNC Intent Response
[
{
"id": "DeviceId1",
"online": true,
"status": "SUCCESS"
},
{
"id": "DeviceId2",
"online": true,
"status": "SUCCESS"
}
]
My Erroneous QUERY Intent Response (Same as correct SYNC)
[
{
"id": "DeviceId1",
"online": true,
"status": "SUCCESS"
},
{
"id": "DeviceId2",
"online": true,
"status": "SUCCESS"
}
]
A Correct QUERY Intent Response (a keyed dictionary, rather than an array)
{
"DeviceId1" :
{
"online": true,
"status": "SUCCESS"
},
"DeviceId2" :
{
"online": true,
"status": "SUCCESS"
}
}
So even though the emergent behaviour was different in iOS and Android, it was me all along. It was a very easy to miss slip. Hope this helps someone, as the lack of errors coming back meant this one was infuriating.
I am using the ugcPost endpoint to generate my shares.
According to documentation I am making a pre-upload request (with multipart settings included), and I receive what seems like the appropriate multipart response to that request. However, there are absolutely NO aws key-id or anything... the headers mentioned in the sample are not the ones I am receiving after registering the upload as multipart.
They mention this response to a single part upload request:
{
"value": {
"asset": "urn:li:digitalmediaAsset:C5400AQHpR1ANqMWqNA",
"mediaArtifact": "urn:li:digitalmediaMediaArtifact:(urn:li:digitalmediaAsset:C5400AQHpR1ANqMWqNA,urn:li:digitalmediaMediaArtifactClass:aws-userUploadedVideo)",
"uploadMechanism": {
"com.linkedin.digitalmedia.uploading.MediaUploadHttpRequest": {
"headers": {
"Content-Type": "application/octet-stream",
"x-amz-server-side-encryption": "aws:kms",
"x-amz-server-side-encryption-aws-kms-key-id": "e10ace24-blah-4977-bar-89foo193e2ab"
},
"uploadUrl": "https://video-uploads.s3-accelerate.amazonaws.com/C5400AQHpR1ANqMWqNA/aws-userUploadedVideo?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20180120T000018Z&X-Amz-SignedHeaders=content-type%3Bhost%3Bx-amz-server-side-encryption%3Bx-amz-server-side-encryption-aws-kms-key-id&X-Amz-Expires=86400&X-Amz-Credential=AKIAJYU2MA%2F20180120%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Signature=f7c0756a80998786766588878768778768977687d4c687b3f1a0e8"
}
}
}
}
However, I am receiving something like this when I register a multipart upload:
{
"value": {
"uploadMechanism": {
"com.linkedin.digitalmedia.uploading.MultipartUpload": {
"metadata": "base64_encoded_metadata",
"partUploadRequests": [
{
"headers": {
"Content-Length": "5242880",
"Content-Type": "application/octet-stream"
},
"urlExpiresAt": 1558459064787,
"byteRange": {
"lastByte": 5242879,
"firstByte": 0
},
"url": "https://video-uploads-prod.s3-accelerate.amazonaws.com/ABCD/aws-userUploadedVideo?uploadId=xxx&partNumber=1&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=xxx&X-Amz-SignedHeaders=content-length%3Bcontent-type%3Bhost&X-Amz-Expires=86400&X-Amz-Credential=xxx&X-Amz-Signature=xxx"
},
{...other_parts...}
]
}
}
}
}
As I understand this, I am supposed to iterate on the partUploadRequests array and use the headers contained on each 'chunk' there to make the multipart upload. These headers that I get... I am not getting the "x-amz-server-side-encryption" headers back from LinkedIn when I request it as multipart. So when I attempt the upload of a chunk I get an error from amazon saying something about the signature...
<Error><Code>SignatureDoesNotMatch</Code><Message>The request signature we calculated...(truncated)
I have had no problems making this request outside the realm of multi-part uploads... but when I try to make it multi-part, it fails royally.
Consistent with their api docs, I'd expect to get a 4xx error if I didn't have permissions to perform this action... but I am not getting such error, I just don't get the right headers back from LinkedIn?
This here is what I send in the body of the initial upload registration request:
{
"registerUploadRequest": {
"supportedUploadMechanism": ["MULTIPART_UPLOAD"],
"fileSize": 123123123,
"owner": "url:li:organization:x123123123",
"recipes": [
"urn:li:digitalmediaRecipe:feedshare-video"
],
"serviceRelationships": [
{
"identifier": "urn:li:userGeneratedContent",
"relationshipType": "OWNER"
}
]
}
}
My app has Marketing Dev. Platform access, and I am following these documentation indications: https://learn.microsoft.com/en-us/linkedin/marketing/integrations/community-management/shares/vector-asset-api#register-an-upload
So far, unsuccessful only when trying to do multi-part uploads. I have been able to successfully publish single image posts, and article type of posts so far... but Video uploads are eluding me...
Anyone that can shed some light on this?
EDIT: Almost instantly after posting this, (didn't show up before when I searched earlier) I found this question that seems to hint that this kind of upload is not yet supported?? So far this has a taste of errors, can anyone further confirm this is unsupported!?
Video Uploads are a restricted feature that is granted to select developers only.
Source:
https://learn.microsoft.com/en-us/linkedin/marketing/integrations/community-management/shares/ugc-post-api
I have a react app that makes API call to the endpoint http://localhost:3020/schema/filter. Following is the payload that I am passing with the POST request.
let filterParams = {
"filter": {
"and": [{
"field": "name",
"operator": "LIKE",
"value": "Core"
}, {
"field": "created_at",
"operator": "GREATER_THAN",
"value": "05/26/2017"
}, {
"field": "created_at",
"operator": "LESS_THAN",
"value": "07/02/2017"
}]
}
}
let response = await apiService.post('https://localhost:3020/schema/filter', filterParams)
API SERVER is rails app with puma server.
Server console responds with
2017-07-04 12:04:05 +0545: HTTP parse error, malformed request ():
#<Puma::HttpParserError: Invalid HTTP format, parsing fails.
API SERVER is configured to respond to the JSON payload. Whenever I try to POST request with the payload , the browser responds with
OPTIONS https://localhost:3020/schema/filter net::ERR_SSL_PROTOCOL_ERROR in the browser console in chrome.
Similarly, safari console returns
Fetch API cannot load https://localhost:3020/schema/filter. An SSL error has occurred and a secure connection to the server cannot be made.
Seems like I am having trouble with SSL or certificates. I tried deleting browser caches, cookies and certificate itself. Still no luck.
Any help is appreciated.
This is an error because your service is posting to https://localhost but your rails server is MOST LIKELY not running with https.
If your react app, you should do something like:
var apiBase = process.env === 'PRODUCTION' ?
'https://www.productionapp.com/' : 'http://localhost:3000/'
let response = await apiService.post(apiBase + '/schema/filter', filterParams)
I have got following URL
https://development.avalara.net/1.0/tax/get
and would like to POST following JSON request body
{
"DocDate": "2011-05-11",
"CustomerCode": "CUST1",
"Addresses":
[
{
"AddressCode": "1",
"Line1": "435 Ericksen Avenue Northeast",
"Line2": "#250",
"PostalCode": "98110"
}
]
}
which then will give JSON response
{
"DocCode": "78b28084-8d9a-477c-9f26-afab1c0c3877",
"DocDate": "2011-05-11",
"Timestamp": "2011-05-11 04:26:41",
"TotalAmount": 10,
"TotalDiscount": 0,
"TotalExemption": 0,
"TotalTaxable": 10,
"TotalTax": 0.86,
“TotalTaxCalculated”: 0.86,
"TaxDate": "2011-05-11",
.......
}
I have tried to use
Ext.Ajax.request
but get error
Origin http://localhost is not allowed by Access-Control-Allow-Origin.
which might be due to having different domain.
So, then i tried to use JSONP
Ext.data.JsonP.request
(
{
url: 'https://development.avalara.net/1.0/tax/get',
callbackName: 'test',
method: 'POST',
jsonData: '{"DocDate": "2011-05-11", "CustomerCode": "CUST1", "Addresses": [ { "AddressCode": "1", "Line1": "435 Ericksen Avenue Northeast","Line2": "#250", "PostalCode": "98110" } ] }' ,
success: function(response) {
//do some successful stuff
Ext.Msg.alert(response);
},
failure: function(response) {
//complain
Ext.Msg.alert('fail');
}
});
But URL 404(Not Found) error is encountered and request method is GET instead of POST.
Can anyone help me how POST request body(JSON) and obtaind JSON response from different domain?
Thanks in advance
You have four options:
Use CORS. development.avalara.net would need to setup CORS on the server and allow the domain that the Sencha page is running on.
Reverse Proxy requests through a server on the domain that the Sencha page is running on:
Sencha page (mydomain.com) ---> Web Server (mydomain.com) ---> development.avalara.net
Sencha page (mydomain.com) <--- Web Server (mydomain.com) <--- development.avalara.net
You could also POST the form as a regular form post action, or POST the form inside a hidden iframe.
http://docs.sencha.com/extjs/4.2.1/#!/api/Ext.form.Basic-cfg-standardSubmit
Run the Sencha app inside phonegap/cordova which does not block cross-domain requests.
You cannot do JSON-P with POST requests, JSON-P only supports GET requests. Your options are:
Use a GET request with JSON-P
Move the server functionality to the same server your ST app is running
Use something like Cordova and Whitelist the server you want to use for your AJAX POST requests, then use Ext.Ajax.request.