I'm using simple-oauth2. I've got the authorization part working, and I'm getting a code back from the API. However, when I attempt to create a token from that code using simple-oauth2's authCode.getToken function, the result is blank.
oauth2.authCode.getToken({
code: code,
redirect_uri: credentials.redirect_uri
}, callback);
function callback(err, result){
console.log(result)
token = oauth2.accessToken.create(result);
}
That console.log statement returns absolutely nothing, not even "undefined." Tokens created with this blank result have an empty string as the "token" property inside the returned object, like so:
{ create: [Function: create],
token: '',
expired: [Function: expired],
refresh: [Function: refresh],
revoke: [Function: revoke] }
This code is copied nearly verbatim from the examples page, and I can't figure out what I could be doing wrong. What am I missing?
It turns out my config.site URL just had http, not https, and so wasn't returning anything. Adding the "s" fixed it.
Related
I am implementing the Microsoft Auth code flow but I am stuck with this error.
Based on this code example, here is how I am initializing the client:
const config = {
auth: {
clientId: process.env.MICROSOFT_CLIENT_ID,
authority: process.env.MICROSOFT_AUTHORITY,
clientSecret: process.env.MICROSOFT_CLIENT_SECRET,
},
};
const cca = new msal.ConfidentialClientApplication(config);
And later I want to create an authentication URL to redirect the user to:
const authCodeUrlParameters = {
scopes: ["user.read"],
redirectUri: "http://localhost:8080/oauth/microsoft",
state: 'state_here',
};
cca
.getAuthCodeUrl(authCodeUrlParameters)
.then((authCodeUrl) => {
return authCodeUrl;
})
.catch((error) => console.log(JSON.stringify(error)));
But I am getting this error: {"errorCode":"empty_url_error","errorMessage":"URL was empty or null.","subError":"","name":"ClientConfigurationError"}
Based on the docs about errors, it looks like it's thrown before requests are made when the given user config parameters are malformed or missing.
Anybody can spot where the configs are malformed?
The error is because of the missing configuration requirements in the application.
And most importantly , check the authorization request url for missing parameters like state and nonce and the redirect url.
Here request URL may require state and nonce parameters form cache as part of authCodeUrlParameters to construct the URL.
In authCodeUrlParameters see which of them is missed as they may lead to url to null.
You try to give your domain in knownAuthority
Ex:
auth: {
clientId: 'xxxx-xx-xx-xx-xxxxx',
authority: '<give authority>',
knownAuthorities: ['<domain here>']
redirectUri: 'https://localhost:8080'
},
cache: {
cacheLocation: "sessionStorage",
storeAuthStateInCookie: false,
secureCookies: false
},
Please make sure the redirect url is in correct format:
See Redirect URI (reply URL) restrictions - Microsoft Entra | Microsoft Learn
After setting the correct url, I could get proper response
I'm attempting to use the Stripe Terminal SDK in the Nativescript plugin seed and test it in the demo-angular app. I'm able to initialize the SDK by setting the connection token provider. When the SDK calls the provider's fetchConnectionToken method, the app crashes with no terminal output when the method calls the SDK-supplied completion handler. Debugging in XCode shows _EXC_BAD_ACCESS code=2.
Relevant code:
iOSFetchConnectionToken(completion: (p1: string, p2: NSError) => void) {
/* No crash if the following two lines are uncommented */
// completion(hardCodedTokenSecret, nullError);
// return;
Http.request({
url: DemoSharedStripeterminalBasic.serverAddress,
method: 'POST',
headers: {
"Content-Type": "application/json",
"Stripe-Public-Key": this.stripeTestKey
},
content: JSON.stringify({
connectedAccountId: this.connectedAccountId
})
}).then(response => {
const result = response.content?.toJSON();
secret = result.secret;
completion(secret, null); // App crashes with no output
})
}
The above function is assigned to the ConnectionTokenProvider's fetchConnectionToken method. I'm able to call the completion handler successfully before the HTTP request (using hardcoded or null values – see the commented lines at the top), but the crash occurs when I invoke the completion handler in the "then" block of the request, using either the returned value from my API server or a hardcoded/null value. Logging out the completion function gives "function () { [native code] }" which indicates that it's properly accessible in memory. I can't figure out where the bad access is coming from or why it's only happening inside the "then" block.
In the sample above, I'm using Nativescript's built in HTTP module, but I've also tried with JS fetch and have the same issue. I've also tried rewriting using async/await with no luck. My API server correctly returns a valid token (I successfully used the same one for the hard-coded token secret), so I know that isn't the issue either. Any help is hugely appreciated, thanks!
I have set up reCAPTCHA v3 on my ASP.NET MVC project. Everything is working fine and is passing back data properly.
So the code below depends on another dll I have, but basically, the response is returned in the form of an object that shows everything that the JSON request passes back, as documented by https://developers.google.com/recaptcha/docs/v3
It all works.
But now that I know the response was successful, and I have a score, what do I do? What happens if the score is .3 or below? Some people recommend having v2 also set up for secondary validation (i.e. the 'choose all the stop signs in this picture' or 'type the word you see'). Is that really the only 'good' option?
Obviously the code isn't perfect yet. I'll probably handle the solution in the AJAX call rather than the controller, but still. What should I do if the score is low?
I read this article
reCaptcha v3 handle score callback
and it helped a little bit, but I'm still struggling to understand. I don't necessarily need code (although it would never hurt) but just suggestions on what to do.
VIEW:
<script src="https://www.google.com/recaptcha/api.js?render=#Session["reCAPTCHA"]"></script>
grecaptcha.ready(function () {
grecaptcha.execute('#Session["reCAPTCHA"]', { action: 'homepage' }).then(function (token) {
$.ajax({
type: "POST",
url: "Home/Method",
data: JSON.stringify({token: token }),
contentType: "application/json; charset=utf-8",
dataType: "json",
success: function (response) {
console.log('Passed the token successfully');
},
failure: function (response) {
alert(response.d);
}
});
});
});
CONTROLLER:
[HttpPost]
public void ReCaptchaValidator(string token)
{
ReCaptcha reCaptcha = new ReCaptcha();
Models.ReCaptcha response = new Models.ReCaptcha();
response = reCaptcha.ValidateCaptcha(token);
//response returns JSON object including sucess and score
if (response.Success)
{
//WHAT DO I DO HERE????
}
}
Ended up getting the answer from another forum. Basically, the answer is "anything you want". There is no right or wrong when handing a successful response.
So what could be done, is if the response is successful and CAPTCHA doesn't throw a flag, do nothing. But if CAPTCHA is unhappy, you could display an alert or a banner that says 'could not process', or you could even add in CAPTCA version 2, which would make them do the picture test or the 'I am not a robot' checkbox, etc.
event.respondWith(caches.match(event.request).then(function (response) {
if (response) {
return response;
}
//return fetch(event.reuqest, { credentials: 'include' });
//event.respondWith(fetch(event.request, { credentials: 'include' }));
}));
This is a common code for handling request via serviceworkers , if the url is in cache then return cache response or fetch it from server .
But my doubt is regarding the 2 commented lines , we need to use one of them for fetching the response .
My doubt is, when i use event.respondWith(fetch(event.request, { credentials: 'include' for fetching a page , i get the following error
DOMException: Failed to execute 'respondWith' on 'FetchEvent': The fetch event has already been responded to.
But the page is finally rendered , definitely browser is finally fetching the response , but when i use sam for fetching an image , i get the same error and on top of that the image is not fetched .
if i use the second option that return fetch(event.reuqest, { credentials: 'include' }); , then it works fine for both image as well as page.
I am not able to figure out what is the reason of that error , and also why it is behaving differently for file and page .
My another doubt is , do i actually need the credential parameter here ,i added it because most of the implementations i saw in web have used it,but what i have observed is that the request object already has a credential property with it , now it is not always
include
sometime it is
same-origin
too.
So could it happen that i am actually overriding the actual credential value by adding it .If that is not the case , then there is no difference in including it or not.It does not matter .
But if it is other way around , then we should not overwrite the credential value, which can have bad side effects.
You already have a call to event.respondWith, you don't need to call it twice.
Your first call is going to use the promise returned by:
caches.match(event.request).then(function(response) {
if (response) {
return response;
}
return fetch(event.reuqest, { credentials: 'include' });
})
This promise resolves to:
response, if the request is in the cache;
the promise returned by the call to fetch, otherwise.
The promise returned by fetch will resolve to a response, which is then going to be used by respondWith.
I'm currently trying to call the twitter API using meteor and so far i got this:
updateTotalFoll:function(){
var Twit = Meteor.npmRequire('twit');
var T = new Twit({
consumer_key: 'AWzYAlWFRh9zsownZMg3',
consumer_secret: 'aYpL3zMPfqRgtX1usPQpEREEXVNPfNYna9FiIwTeDYR',
access_token: '4175010201-TEp9qNKO4mvjkj0GMjJFZIbGPYaVv4',
access_token_secret: 'EPpcJyN27E4PvhJpYaTHflNFOv3DuR05kTP2j'
});
var Id2=RandomCenas.findOne({api:"twitter"})._id;
T.get('statuses/user_timeline', { screen_name: 'jeknowledge' }, function (err, data, response){
//console.log(data[0].user.followers_count);
RandomCenas.update(Id2,{$set:{totalFoll:data[0].user.followers_count}});
});
}
with "RandomCenas" being a MongoDB.
What i'm trying to do is updating this collection with the info from the call , but i get this error
Error: Meteor code must always run within a Fiber.
Try wrapping callbacks that you pass to non-Meteor libraries with Meteor.bindEnvironment.
I've searched the web for a way to counter this , but i cant seem to apply the solutions that i came across with.
Any help with how i can deal with this?
try it like that
T.get('statuses/user_timeline', { screen_name: 'jeknowledge' }, Meteor.bindEnvironment(function (err, data, response) {
//console.log(data[0].user.followers_count);
RandomCenas.update(Id2,{$set:{totalFoll:data[0].user.followers_count}});
}));
the reason this is happening is because callback function which you pass it's happening outside the current Meteor's Fiber check the answer Error: Meteor code must always run within a Fiber