I am new to rhomobile and i am trying to develop an application where i need to authenticate google account ids for accessing the application.
I have tried using openid for authentication. I have first written a get request to get the XRDS. After getting the XRDS, then i have written a POST request to request the login.
But after sending the post i got a reponse as below:
<HTML>
<HEAD>
<TITLE>Method Not Allowed</TITLE>
</HEAD>
<BODY BGCOLOR='#FFFFFF' TEXT='#000000'>
<H1>Method Not Allowed</H1>
<H2>Error 405</H2>
</BODY>
</HTML>
Params: {"rho_callback"=>"1", "status"=>"error", "error_code"=>"2", "http_error"=>"405", "headers"=>{"allow"=>"GET, HEAD",
"cache-control"=>"private, max-age=0", "content-type"=>"text/html; charset=UTF-8", "date"=>"Mon, 28 May 2012 21:54:15 GMT", "expires"=>"Mon, 28 May 2012 21:54:15 GMT", "server"=>"GSE", "transfer-encoding"=>"chunked", "x-content-type-options"=>"nosniff", "x-frame-options"=>"SAMEORIGIN", "x-xss-protection"=>"1; mode=block"}, "__rho_object"=>{"body"=>"0"}, "post"=>"complete"}
Can anyone please help me how to proceed. Or is there some other kind of authentication that i can use?
here some example code of Writing the RhoSync Authentication Method for Google API. This may help you. http://docs.rhomobile.com/google-api-rhodes-rhosync-tutorial#writing-the-rhosync-authentication-method-for-google-api
Related
I'm calling an Microsoft Graph API endpoint to change sensitivity labels (like described here and documented here). It's a beta endpoint and currently working well. Here's how to use it according to the documentation:
PATCH https://graph.microsoft.com/beta/groups/{id}
Content-type: application/json
{
"assignedLabels":
[
{
"labelId" : "45cd0c48-c540-4358-ad79-a3658cdc5b88"
}
]
}
Looking at the response headers I noticed those three related to deprecation Deprecation, Sunset and Link:
"Link": "<https://developer.microsoft-tst.com/en-us/graph/changes?$filterby=beta,PrivatePreview:Restricted_AU_Properties&from=2021-04-01&to=2021-05-01>;rel=\"deprecation\";type=\"text/html\",<https://developer.microsoft-tst.com/en-us/graph/changes?$filterby=beta,Device_Properties&from=2022-01-01&to=2022-02-01>;rel=\"deprecation\";type=\"text/html\"",
"Deprecation": "Mon, 05 Apr 2021 23:59:59 GMT",
"Sunset": "Sat, 19 Feb 2022 23:59:59 GMT",
I'm trying to determine whether this means that the endpoint stops working on Feb 19 with respect to sensitivity labels. The links in the Link response header unfortunately do not work and look kind of internal-ish. E.g. https://developer.microsoft-tst.com/en-us/graph/changes?$filterby=beta,PrivatePreview:Restricted_AU_Properties&from=2021-04-01&to=2021-05-01
Looking at the query parameters of the link I see the keywords Restricted_AU_Properties and Device_Properties. The Microsoft Graph change log does not show anything about those or the assignedLabels that is about to happen.
How do I have to read this response? Is setting sensitivity labels using this endpoint going to stop working on Feb 19?
Talking to a colleague helps. Apparently the 1.0 Graph API endpoint also allows setting sensitivity labels and the documentation claiming that it is read-only is wrong:
So my interpretation for now is that the deprecation headers tell me to use the 1.0 endpoint instead of beta. Which would kind of make sense.
I have an API Gateway that publishes the request in SQS. This Gateway has SQS SendMessage policy, and this issue I am describing here does not happen when I use the Test option of the gateway.
I am using Insomnia to make requests to the server, with these headers:
Content-Type: application/x-www-form-urlencoded
x-api-key: <My API Key>
Basically the configuration was done following this tutorial:
https://medium.com/#pranaysankpal/aws-api-gateway-proxy-for-sqs-simple-queue-service-5b08fe18ce50
The only difference I included the MessageGroupId on the Mapping template for deduplication:
Action=SendMessage&MessageBody=$input.body&MessageGroupId=$context.resourcePath
The response I am getting is vey weird, because it is a Http 200, with header:
date: Mon, 12 Apr 2021 13:05:53 GMT
content-type: application/json
content-length: 377
x-amzn-requestid: xxxxxxxxxxxxxxxxxxx
x-amz-apigw-id: xxxxxxxxxxxxx
x-amzn-trace-id: Root=xxxxxx
And the body:
<?xml version="1.0"?>
<ErrorResponse
xmlns="http://queue.amazonaws.com/doc/2009-02-01/">
<Error>
<Type>Sender</Type>
<Code>AccessDenied</Code>
<Message>Access to the resource https://sqs.xxxxxxx.amazonaws.com/arn:aws:sqs:us-xxxx-x:xxxxxxxx:xxxxxxxxx.fifo is denied.</Message>
<Detail/>
</Error>
<RequestId>xxxxxxxxxxxxxx</RequestId>
</ErrorResponse>
x's are used to hide information I am not sure are sensible.
I am not sure how to proceed, it seems to an issue while publishing in the queue.
In my inexperience, I was not aware that API Gateway requires Deploy for most of the changes.
I'm using the GTMOAuth-2 library to implement an OAuth 2 Authorization Code Grant flow to the Asana API, but consistently getting back a server error 500. The GTMHTTPFetcher log is as follows (selectively redacted):
fetch tokens for app.asana.com
2013-05-08 16:46:58 +0000
Request: POST https://app.asana.com/-/oauth_authorize
Request headers:
Content-Type: application/x-www-form-urlencoded
User-Agent: gtm-oauth2 <user-agent>
Request body: (199 bytes)
client_id=<client-id>&client_secret=_snip_&code=<client-secret>&grant_type=authorization_code&redirect_uri=http%3A%2F%2Fwww.google.com%2FOAuthCallback
Response: status 500
Response headers:
Cache-Control: no-store
Content-Length: 303
Content-Type: text/html; charset=UTF-8
Date: Wed, 08 May 2013 16:46:56 GMT
Pragma: no-cache
Server: nginx
Set-Cookie: <cookie>
X-Asana-Content-String-Length: 303
X-Asana-Preferred-Release-Revision: 20130508_073846_310cafc985fd5fb43121784b58d5dcd2503ffffe
Response body: (303 bytes)
<html>
<head>
<title>Error</title><script>__FILE__="(none)";var config = {
"CLUSTER": "prod",
"PRETTY_JS_CODEGEN": false,
"ENABLED_FEATURES": ""
};</script><link rel="shortcut icon" href="/-/static/luna/browser/images/favicon.ico" />
</head>
<body>
<h3>Error</h3><pre>Server Error</pre>
</body>
</html>
I've double-checked the auth and token URLs, client ID and secret, made sure the redirect URIs match on Asana and in-app. Interestingly, the authorization flow seems to get as far as authorizing the app (and the Asana site records the app as authorized), but it then never seems to return the authorization token. Is there anywhere I might be going wrong, or is this truly an internal server error?
(I work at Asana). I'm unsure where in the flow this request is being made, but it doesn't look correct. Once you've obtained the authorization code (by having the user interact with the Asana form), the library should then make a request to our /-/oauth_token endpoint, and pass us the code. So it's possible that you just need to be using the /-/oauth_token endpoint instead of the /-/oauth_authorize endpoint as you're doing.
If you look at our OAuth examples you'll note that there are two different URLs, one for authorization and one for token exchange.
Asana is probably returning a 500 because it's not expecting this and we're not doing a good enough job catching the problem.
I'm trying to figure out how to gracefully inform a user that an e-mail has not been sent from Rails.
The issue is this line of code:
OrderNotifier.received(#order).deliver
and what happens when the smtp server does not respond to the deliver command (smtp server is down, for instance). I've seen example code like:
#response_from_deliver = OrderNotifier.received(#order).deliver
but can find no documentation that says either this is a valid assignment or, if it is, what the various responses from an ActionMailer deliver might be.
Thanks for any information.
You will get back the Mail::Message object type. Apidock.com looks like it has some good information on ActionMailer.
#<Mail::Message:70225058423980,
Multipart: false, Headers: <Date: Mon, 20 Jan 2014 12:06:05 -0600>,
<From: info#socialrest.me>,
<To: myemail#gmail.com>,
<Message-ID: <52dd658d8f0f7_11643fde8d219160235e4#iMac.local.mail>>,
<Subject: Welcome to My Site>,
<Mime-Version: 1.0>,
<Content-Type: text/html>,
<Content-Transfer-Encoding: quoted-printable>>
I've got a production app and occasionally I see this error appear in the logs.. I can't seem to duplicate it on my end, so it seems like there is a user out there somewhere with some specific settings / cookies / etc that are causing this problem. I am not sure... The log shows that this user was redirected to this callback url: "users/auth/facebook/callback?code=AQCayaAoFOruFgwbfg1D682j8DbxOt0CZYNH3Vv5RtYKlQgSzISyN8ygTn25W_RTl3fu35cS1-tl5ArZ9B_XylwORP0hGU6st8P6TyTYUzfiR1m0poaSRkX-KBeWiBvT6IUsm-Af0VJcUNTQPg-dM1F9y5CgJ2bTJEJqhCE9wYlvkUY3kguwcl3TQ48FTT4-PhA///"
The actual error is:
RuntimeError: #<OAuth2::Response:0x1da7fae0 #error=#<OAuth2::Error: OAuth2::Error>, #options={:parse=>:query}, #parsed={"{\"error\":{\"message\":\"Invalid verification code format.\",\"type\":\"OAuthException\"}}"=>nil}, #response=#<Faraday::Response:0x1da8fa80 #on_complete_callbacks=[], #env={:response=>#<Faraday::Response:0x1da8fa80 ...>, :request_headers=>{"Content-Type"=>"application/x-www-form-urlencoded"}, :body=>"{\"error\":{\"message\":\"Invalid verification code format.\",\"type\":\"OAuthException\"}}", :status=>400, :url=>#<Addressable::URI:0xed52bf0 URI:https://graph.facebook.com/oauth/access_token>, :request=>{:proxy=>nil}, :parallel_manager=>nil, :response_headers=>{"expires"=>"Sat, 01 Jan 2000 00:00:00 GMT", "access-control-allow-origin"=>"*", "content-type"=>"text/javascript; charset=UTF-8", "connection"=>"close", "www-authenticate"=>"OAuth \"Facebook Platform\" \"invalid_code\" \"Invalid verification code format.\"", "date"=>"Thu, 13 Oct 2011 15:58:29 GMT", "content-length"=>"81", "cache-control"=>"no-store", "x-fb-rev"=>"457598", "x-fb-server"=>"10.65.13.60", "pragma"=>"no-cache"}, :ssl=>{:ca_file=>"/etc/pki/tls/certs/ca-bundle.crt"}, :method=>:post}>>
and the parameters were:
{"code"=> "AQCayaAoFOruFgwbfg1D682j8DbxOt0CZYNH3Vv5RtYKlQgSzISyN8ygTn25W_RTl3fu35cS1-tl5ArZ9B_XylwORP0hGU6st8P6TyTYUzfiR1m0poaSRkX-KBeWiBvT6IUsm-Af0VJcUNTQPg-dM1F9y5CgJ2bTJEJqhCE9wYlvkUY3kguwcl3TQ48FTT4-PhA///",
"action"=>"",
"controller"=>""}
I know if I manually go to "users/auth/facebook/callback?code=blah" it will trigger this same error because the callback code parameter is obviously bogus, but it doesn't look like there's anything suspicious about the actual code in the user's params hash-- so I am wondering why it would be an invalid format?
Has anyone else experienced this?
I think the following link provides the answer: http://developers.facebook.com/docs/authentication/#authenticating-users-in-a-web-application
You first need to call https://graph.facebook.com/oauth/authorize with your client_id and redirect_uri. This will then redirect you back to the redirect_uri, with a verification code in the query string that you can pass to your https://graph.facebook.com/oauth/access_token call (via the code parameter) to exchange for an oAuth access token.
Good luck! :)