I have implement my api with header like image1 with the following code for Alamofire request. And it was working fine.
var headers: HTTPHeaders = [.authorization(bearerToken: token]
But later my web developer changed some thing in his api implementation. From now the token I provided in the 'header section' in the image1 is no longer working. Then I found the api is working for 'Authorization' token like image2 in the postman.
How can I implement this in my Alamofire request? Any help.
Related
Recently google authorization api breaks and because of that other things affects like events on Calender.
We are using google_client_api for rails app and we have checked with other Client Id and Client Secret but still this fails to provide to authorization code in response and because of this everything. Is there anyone who can help me out with this. I
client = Signet::OAuth2::Client.new(client_options)
Client_options = {
client_id: Rails.application.secrets.google_client_id,
client_secret: Rails.application.secrets.google_client_secret,
authorization_uri: 'https://accounts.google.com/o/oauth2/auth',
token_credential_uri: 'https://accounts.google.com/o/oauth2/token',
scope: 'https://www.googleapis.com/auth/calendar https://www.googleapis.com/auth/userinfo.email',
redirect_uri: callback_url
}
Not getting authorization code in response any solution.
I have worked on an Application that uses ASP.NET Core and VueJs. VueJs calls asp.net core controller using AXIOS. Everything is working fine. I was able to publish the site on IIS.
The problem starts when I type url of my web site in lower case.
The url of my web site is
http://10.131.XXX.XXX:94/MyWeb.
Internally axios calls the controller method on the same url.
for example internally in vue js component, I have written something like this
this.API_URL="http://10.131.XXX.XXX:94/MyWeb
axios.post(this.API_URL + '/UserManagement/GetAllUser', postData);
But if type the following url of my web site
http://10.131.XXX.XXX:94/myweb
then axios is not able to call the controller method and return status code 400 -Bad Request.
I am updating my question. because found a few more hint on issues.
[1] Bad Request error gone if I remove ValidateAntiForgeryToken attribute from asp.net core controller method.I add RequestVerificationToken in axios header. but If my request is to myweb this is not avaliable.
[2] My asp.net core controller calls Web API and I am using token authentication there. I keep token in Claim but that Claim is not available when i do request from axios to myweb instead of MyWeb.
Two things on web side using cookie based authentication and for web api using token authentication.
I FIGURE OUT THAT POST REQUEST IS FAILING FROM AXIOS JUST BECAUSE OF ANTIFORGERY TOKEN IN ASP.NET CORE. ALSO WHEN I LOGIN USING LOWERCASE WEBSITE NAME AUTHORIZE ATTRIBUTE REJECTS REQUEST.
I am setting correct token in axios
headers: {
'RequestVerificationToken': xshrfToken,
'Content-Type': 'application/json;charset=utf-8;'
}
so my question is that if I change the website name to lower case why POST request fails.
Any suggestion?
You could use axios interceptor as a hook:
axios.interceptors.request.use(function(response) {
response.url = response.url.toLowerCase();
return response;
});
I am using Google Cloud Endpoints with JWT Authorization and I am trying to Upload File from API.
There is no Issue with JWT as it is already working correctly with all other types ex. [application/JSON].
API POST Call (api/document/processrequest) with Content Type as multipart/form-data is saying Bad Format Response from Google Endpoints for Same Token.
API Post Call (api/document/processrequest) with ContentType (application/JSON) have no issues.
Is Google Cloud Point not supporting multipart/form-data?
Authorization Token is passed in Header. Authorization: Bearer [Token]
Everything works fine in Localhost/Development Environment without Endpoint.
Error Generated In Stackdriver Log:
Firebug error sample call:
Firebug success sample call with application/json:
I have specified application/JSON and multipart/form-data both in openapi specification.
Endpoints does not support multipart/form-data.
From my Angular 2 application I am trying to get data from Moqui but the request always fails with the error code 403.
Here is the REST API call implementation
getExample() {
let url = 'http://localhost:8080/rest/s1/example/examples'
let headers = new Headers({ 'Authorization': 'Basic
am9obi5kb2U6bW9xdWk='});
headers.append('Accept', 'application/json, text/plain, */*');
headers.append('Content-Type', 'application/json; charset=UTF-8');
let options = new RequestOptions({ headers: headers });
let response = this.http.get(url, options).map(res => res.json());
return response;
}
The Moqui logs :-
REST Access Forbidden (no authz): User null is not authorized for View on REST Path /example/examples
There is also a similar question Moqui Rest Nginx but from the answer I do not know that where I have to change the settings in Moqui.
On the client console the error is :-
XMLHttpRequest cannot load http://localhost:8080/rest/s1/example/examples. Response for preflight has invalid HTTP status code 403
But with a rest client like YARC it works :-
You must authenticate for REST API calls except for Service REST API paths that are configured to not require authentication (like the /mantle/my end points in the mantle.rest.xml file in the mantle-usl component).
You have authentication but then there is one other step: authorization. In general if authc is required then authorization is also required. This is done with database records usually either in seed data and can also be added using the System app that is included in the default Moqui runtime (ie the moqui/moqui-runtime repository).
There is an example of authorization setup for Service REST API calls in the MantleSetupData.xml file. The main difference from screen authorization is that the artifact type to use is 'AT_REST_PATH'. Here is that file on GitHub (right near the top of the file):
https://github.com/moqui/mantle-usl/blob/master/data/MantleSetupData.xml
The best documentation for most things to do with REST requests in Moqui, is currently in the comments in the 'rest.xml' file that actually processes the incoming requests (ie handles the /rest path). You can see this on GitHub here:
https://github.com/moqui/moqui-runtime/blob/master/base-component/webroot/screen/webroot/rest.xml
I've been struggling with this for too long now. I have an Expressjs server that provides an endpoint to login. The response I get has a JWT token, expiring in an hour. All good.
On the Emberjs side, I can successfully authenticate and get the token (using ember-simple-auth and ember-simple-auth-token). This works well for protecting my routes. But I can't for the life of me update the RESTAdapter headers to include my new authorization token.
I've tried:
using $.ajaxPrefilter to set the Authorization header. Didn't work
accessing "this.get('session.secure.token')" from the RESTAdapter. Thats undefined.
Please, if someone could point me in the right direction, I'd be eternally grateful. All I need to do is attach the value in "session.secure.token" to the header for all RESTAdapter requests.
Thanks
You should be able to set the simple-auth config property authorizer to simple-auth-authorizer:token - in the simple-auth code it looks for this config property, looks up simple-auth-authorizer:token and uses this in combination with ajaxPrefilter.
// config/environment.js
ENV['simple-auth'] = {
authorizer: 'simple-auth-authorizer:token'
};