Unable to run karate feature file in gitlab CIVD - karate

I am facing issue while running karate feature file through CICD pipeline.
Just made a simple api call which has authentication and I used basic auth js for passing authentication ( User name and password) . It’s working fine in my local and if I execute same feature in gitlab CICD , I am getting 403 (message :forbidden) error.
Any help is appreciate
Just made a simple api call which has authentication and I used basic auth js for passing authentication ( User name and password) . It’s working fine in my local and if I execute same feature in gitlab CICD , I am getting 403 (message :forbidden) error.
Any help is appreciate

Related

How to add security to Azure Function?

I’m new at Azure. So i’ve developed a simple Web app in net core 6 which autenticathes with AZ AD.
I also add to my solución an azure function but the idea is to add JWT to it .
From azure portal i added, authentication but i dont know how to get a token to , for example, test it with postman.
Does someone know how to do this? I’ve Watch a lot of videos but still can’t get it .
Regards
i need help to add security to my az function and be able to add jwt to my web app and to try tokens from postman.
I tried to reproduce the same in my environment and got the results like below:
Create an Azure AD Application and add API permissions:
Generate the Auth-Code by using below Endpoint:
https://login.microsoftonline.com/TenantID/oauth2/v2.0/authorize?
client_id=ClientID
&response_type=code
&redirect_uri=RedirectURI
&response_mode=query
&scope=[https://management.azure.com/.default](https://management.azure.com/.default "https://management.azure.com/.default")
&state=12345
To generate the token, I used the below parameters:
GET https://login.microsoftonline.com/TenantId/oauth2/v2.0/token 
client_id:ClientID
client_secret:ClientSecret
scope:https://management.azure.com/.default
grant_type:authorization_code
redirect_uri:RedirectUri
code:code
By using the above generated access token, you can access Azure Function successfully like below:
GET https://management.azure.com/subscriptions/SubID/resourceGroups/RG/providers/Microsoft.Web/sites/funcapp/functions/function?api-version=2022-03-01

Airflow auth via AD in rest API doesn't work

I have an Airflow application running in K8s.
It's authenticate via AD, this in web view work's fine and AD credentials allows the access, but doesn't work in rest API.
My airflow.cfg there is: airflow.api.auth.backend.basic_auth and the service was rebooted, everything based in airflow's documentation.
If we run the command in airflow service $ airflow config get-value api auth_backends return airflow.api.auth.backend.basic_auth.
In my test, I'm using isomnia to request mode basic auth with user and password of LDAP.
But, even everything has been based in the airflow documentation, all requests return
401 - Unauthorized
{
"detail": null,
"status": 401,
"title": "Unauthorized",
"type": "https://airflow.apache.org/docs/apache-airflow/2.1.3/stable-rest-api-ref.html#section/Errors/Unauthenticated"
}
I think my requests are correct, I've did an connection in airflow without LDAP/AD and works.
I've read airflow service log and all requests contain there, but does not allow the access.
I'm not found many documentation about it and the airflow documentation of API authentication is really limited.
Someone could help me?
I discovered the issue, the pipeline has updated airflow.cfg with configmap. Therefore, my description above, about airflow.cfg configurations is true, but in configmap was read deny_all.
I've resolved not excluded the question, because my problem in the pipeline might be usefull for someone else.

Auth0 login locally

I have an application and an api, in terms of auth0, an static frontend and a expressjs backend, in production both are working. I setup Auth0 and users are able to login with Google accounts.
In production is working, but the problem I am facing is when I am working on my locally, when I run the application on my computer and I try to login I get the following error
Unhandled Runtime Error
Error: Request failed with status code 401
In the application setup I have
Allowed Callback URLs
https://www.myexample.com, http://localhost:3000, https://myexample.us.auth0.com/api/v2/
Allowed Logout URLs
https://www.myexample.com, http://localhost:3000
Allowed Web Origins
https://www.myexample.com, http://localhost:3000
and in the frontend
<Auth0Provider
domain="myexample.us.auth0.com"
clientId="XXXXXXXXXXX"
redirectUri={(process.browser) ? window && window.location.origin : 'http://localhost:3000'}
audience="https://myexample.us.auth0.com/api/v2/"
scope="read:current_user update:current_user_metadata"
>
If further information is needed, just let me know
I am not sure if I am missing some config or there is something I should change?

Can I use git-tfs with extra header?

I need to automate the 'git-tfs pull' command in azure devops.
I have no problem executing this command with my user/pass from cmd window, but when it runs in Azure DevOps Build Agent it doesn't finish, sure it is an authentication problem.
Git-commands have the possibility to pass additional http-headers with the request. This is used by Azure DevOps build agent to pass OAuth token in an AUTHORIZATION: bearer-header when fetching the files.
Is it possible that git-tfs pull can pass the extra headers with the request?
Is it possible that git-tfs pull can pass the extra headers with the request?
No...
But... I haven't tried this and I'm guessing it won't work, since setting an OAuth credential tends to require a different object type in the TFVC Client Object Model, but this may do the trick:
git config --local tfs-remote.default.username .
git config --local tfs-remote.default.password $(SYSTEM.ACCESSTOKEN)
This will set the OAuth token in pipelines as the password to use for authentication. Make sure the pipeline has access to this special variable.
If the OAuth Token for the pipeline won't do the trick, you could try using a Personal Access Token instead.

Docker API logs JWT issue

I am using Docker to run containers for an app that uses Angular, Identity Server, and an API(using a Compose.yml file to run them all together).
The API is responsible for returning database info, based on the user logged in through Identity Server. Locally, the API returns the user info after login without any issues. However, when I use Docker to run the app, the user can login but not have their db info returned to the angular page. I checked the logs for the API container, and am receiving the following errors:
fail: Microsoft.AspNetCore.Authentication.JwtBearer.JwtBearerHandler[3]
fail: Microsoft.AspNetCore.Diagnostics.DeveloperExceptionPageMiddleware[1]
So it appears to me that there is an issue with the API receiving the token. I only see these error messages after I login through ID server. The ID server container logs do not display any errors before or after I login.
Can someone help me resolve this issue?