How to map API response to output claims in B2C custom policy? - azure-ad-b2c-custom-policy

I have use Technical Profile in B2C custom policy to call REST API and it returned format like this
{
"value": [
{
"id":"00000000000"
"name": "",
}
]
}
So in case how to get id and map it to output claim ? Please let me know a way to do it, I have investigated but I can not find out a solution so far

Did you try this?
https://learn.microsoft.com/en-us/azure/active-directory-b2c/json-transformations#getclaimfromjson
You want to extract value.0.id
Here you can see example json:
https://github.com/azure-ad-b2c/unit-tests/blob/main/claims-transformation/json/CT_GetClaimFromJson.xml

Related

Is ory/keto support Contextual and Time-based authorization?

I have a scenario where I want to restrict access to a document based on his IP address using ory/keto authorization service.
It looks like I can't achieve contextual attribute based authorization using ory/keto. I couldn't find any docs on that in ory/keto doc space. I tried few authorization check payloads to pass the dynamic attributes for the user. An example is provided below (I tried and it didn't work, ory/keto doesn't allow nested subject_sets).
{
"namespace": "document",
"object": "document",
"relation": "view",
"subject_set": {
"namespace": "user",
"object": "john",
"relation": "is",
"subject_set": {
"namespace": "ip-address-range",
"object": "0.0.0.10/11"
}
}
}
Can we achieve Contextual and Time-based authorization with ory/keto? If we can, can I get an example of how could I do it?
There is an issue for this (which was probably the inspiration for Auth0/OpenFGA): https://github.com/ory/keto/issues/319
It is a cool feature but there is no implementation effort yet.

Invalid variant ID while creating checkout for Shopify

I am trying to create checkout url using Admin API with following params.
URL: https://shopy-test11.myshopify.com/admin/api/2020-10/checkouts.json
{
"checkout": {
"line_items": [
{
"variant_id": 37033347711169,"quantity": 2
}
]
}
}
Unfortunately its returning below error which is not properly documented anywhere that I could find.
{
"errors": {
"line_items": {
"0": {
"variant_id": [
{
"code": "invalid",
"message": "is invalid",
"options": {}
}
]
}
}
}
}
I also tried Shopify-api ruby gem and got same error. There are some similar issue online, but none answers why that issue is occurring and how to fix it. This is new app under development which will create custom checkout. There's only one sales channel which is "Online Store" and is enabled for all products. Any ideas how to fix this issue? Any help is appreciated.
You seem to be mixing up concepts here. The checkout API is only associated with the Storefront API, and has nothing to do with the Admin API.
So this URL: /admin/api/2020-10/checkouts.json seems to be impossible. There is no endpoint in the admin API for checkouts, whereas, Storefront API which does have checkouts, might be your proper URL. So try that:
/api/2020-10/checkouts.json
And if you have the correct token in your header, it will likely work.

Firebase rule auth.token.email is not working: "Simulated write denied"

https://firebase.google.com/docs/reference/security/database/#authtokenF
{
"rules": {
"c":{
".write":"newData.child('email').val()=== auth.token.email"
},
}
}
Always it showing "Simulated write denied"
How to solve this problem ? Is there any mistake with my firebase rule
It looks like you're not providing an email address in the authentication data.
When you select a provider, the simulator shows the exact auth.token payload that it will use. For the Google provider my Auth token payload looks like this:
The simulator takes the literal JSON that is shown in here, and uses it as auth.token.
{
"provider": "google",
"uid": "27e08474-4e33-460d-ba92-ba437c6aa962"
}
Since there is no email provided, your rules (correctly) fail.
For testing this scenario, you'll want to switch to a custom provider, so that you can specify your own auth token with an email property:

Create MasterCard tokenization API

I have a mobile app containing payment method via MasterCard. I have this tutorial:
https://ap-gateway.mastercard.com/api/documentation/apiDocumentation/rest-json/version/latest/api.html?locale=en_US
I want to create Tokenization which contains customer's master detail, I have followed this tutorial part:
https://ap-gateway.mastercard.com/api/documentation/apiDocumentation/rest-json/version/latest/operation/Tokenization%3a Create or Update Token (with system-generated token).html?locale=en_US
I tried with :
POST https://ap-gateway.mastercard.com/api/rest/version/41/merchant/{{MyMerchantID}}/token
Params:
{
"sourceOfFunds": {
"type": "CARD",
"provided": {
"card":{
"number": "5123450000000008",
"expiry": {
"month": "05",
"year": "17"
}
}
}
Note: The number is a mastercard test number.
I am always get this error:
error
cause "INVALID_REQUEST"
explanation "Invalid credentials."
result "ERROR"
I followed the params in second URL.
Can anyone help? Are the params correct or I missed something?
In your configuration file, you need to set the following:
$configArray["merchantId"] = "[merchantId]";
// API username in the format below where Merchant ID is the same as above
$configArray["apiUsername"] = "merchant.[merchantId]";
// API password which can be configured in Merchant Administration
$configArray["password"] = "your api password";
Setting the above parameters in the config file will solve your problem
Try replacing "ap-gateway" with the real gateway provided for you. Your merchantID is not supported in test gateway.
First, you should ask you bank to enable the tokenization for your merchant account
POST
https://ap-gateway.mastercard.com/api/rest/version/61/merchant/{{MyMerchantID}}/token
you have to set Authorization->Basic Auth
Username : Your_MerchantID
Password : ApiPassword
Params:
{
"session": {
"id": "SESSION0002510583427E2239608H32"
}
}

Google Drive API insert permission only returns id

I'm using this request to grant user permission for a folder
https://www.googleapis.com/drive/v2/files/{{id}}/permissions?sendNotificationEmails=true&fields=emailAddress,id,name,role,type,value
but it returns only the id field
{ id: '0123456789876543210' } like this
How can I get all other information in response ? or,
is there any BUG in Drive REST API ?
From the documentation here https://developers.google.com/drive/v2/reference/permissions/list:
The return resource is in the following form:
{
"kind": "drive#permissionList",
"etag": etag,
"selfLink": string,
"items": [
permissions Resource
]
}
Which means you would need to specify your query field param as
items(emailAddress,id,name,role,type,value)
Rather than:
emailAddress,id,name,role,type,value
Alternatively, you can leave the fields param out to ensure you actually have the information available. Hope that helps!