I can't get amplify add auth to work as described. I get stuck at the "Enter a name for your identity pool" step. No matter what I enter it is not accepted and I get "The name of the identity pool should be between 1 and 128 characters."
Even simply hitting return and accepting the default value fails.
Does the CLI work? If so what am I doing wrong?
Related
I get the following error on my Google cloud account if I try to authenticate via oauth2.
That’s an error.
Error: deleted_client
The OAuth client was deleted.
It used to work for over 2 years now. I did not have changed anything.
How can I repair this?
It seems that your OAuth client got deleted from your console, there's a similar question regarding this issue in the following link. You can check that by heading to the APIs & Services menu, under the Credentials topic.
Quoting the provided solution there:
You need to restore (if possible) or re-create it.
Dashboard -> Enable APIs and get credentials like keys -> Credentials -> New Credentials -> OAuth Client ID
Add the new client id and Reversed Client id to GoogleService-Info.plist
Finally add com.googleusercontent.{apps.YOUR_CLIENT_ID} to URLSchemes
I’ve followed this tutorial https://apiai-aws-heroku-nodejs-bots.blogspot.co.uk/2017/07/steps-for-apiai-and-google-account.html but when I go and grab by debugging URL which happens to be https://assistant.google.com/services/auth/handoffs/auth/start?provider=allergology-5fa9c_dev&scopes=https://www.googleapis.com/auth/userinfo.email+https://www.googleapis.com/auth/userinfo.profile+https://www.googleapis.com/auth/admin.directory.resource.calendar&return_url=https://www.google.com/ and paste it into a new window I get Error 500 but no explanation.
I also tried from an incognito window. It does ask for my email and password but then returns the same error.
I’ve used Implicit Grant Type and I don’t have Add quick account linking enabled please ket me know if that’s not right?
When I try the CURL URL I get the message {“status”:{“code”:401,“errorType”:“unauthorized”,“errorDetails”:“Authentication parameters missing”}}
UPDATE - now when I try the basic Talk to Allergology action on the simulator I don’t even get the debug info anymore, but the message “Sorry this action is not available in simulation” :frowning:
Could you please help?
thanks
Morena
I've managed to work out what I need to do by following this answer How to authenticate user with just a Google account on Actions on Google?
In my case - Configure your project (in the cloud console) so that the Calendar API is enabled and that the OAuth2 client is correctly configured.
I also switched from Implicit Grant Type to Authorisation Code.
My app is almost working, I am now having other issues, but at some point the Access Token was coming through with the request.
I have created an API application in linkedIn, so I got client-id and client-secret key. I am however not able to get access token and secret key from LinkedIn.
I have used the below python code to do the job. Everything works well and I get the 'authorization_url', but when I paste it in my browser I get error: "invalid redirect_uri. This value must match a URL registered with the API Key."
*** Note that at the moment the "Authorized Redirect URLs" section in my application is blank and my question is what I should put there? I understand that it should be the same as what I feed in OAuth2Session function (instead of "arbitrary_url" such as 'http://127.0.0.1') in my below code. But have no clue on where to get this url?
Snapshot of my authorization_url page
*** To clarify on what I exactly do step by step:
1) add a url in "Authorized Redirect URLs" textbox in my API application and click on "Add".
2) Then I replace "arbitrary_url" in my code with exactly the same url.
3) Continue to run my code to get the "redirect_response".
4) Try the "redirect_response" in my browser; So far I always got the error: "invalid redirect_uri. This value must match a URL registered with the API Key."
Would appreciate any help on this.
# Import packages
from requests_oauthlib import OAuth2Session
from requests_oauthlib.compliance_fixes import linkedin_compliance_fix
# Credentials you get from registering a new application
client_id = '<my client id>'; client_secret = '<my client secret>'
# Redirect user to LinkedIn for authorization
linkedin = OAuth2Session(client_id, redirect_uri='<arbitrary_url>')
linkedin = linkedin_compliance_fix(linkedin)
authorization_url, state = linkedin.authorization_url('https://www.linkedin.com/uas/oauth2/authorization')
print(authorization_url)
Finally I got my mistake in the first phase! What I was missing was that I needed to click on "update" after clicking "Add" in my application to get that addition be actually performed!
However, still haven't got the client id and and client secret, as I get error after authorization!
Please refer to samples https://github.com/ozgur/python-linkedin. I see that you are missing to match redirect_url in your code. And more samples and explanation here http://requests-oauthlib.readthedocs.io/en/latest/examples/linkedin.html
I created a repository on hub.docker.com and now want to push my image to the Dockerhub using my credentials. I am wondering whether I have to use my username and password or whether I can create some kind of access token to push the docker image.
What I want to do is using the docker-image resource from Concourse to push an image to Dockerhub. Therefore I have to configure credentials like:
type: docker-image
source:
email: {{docker-hub-email}}
username: {{docker-hub-username}}
password: {{docker-hub-password}}
repository: {{docker-hub-image-dummy-resource}}
and I don't want to use my Dockerhub password for that.
In short, you can't. There are some solutions that may appeal to you, but it may ease your mind first to know there's a structural reason for this:
Resources are configured via their source and params, which are defined at the pipeline level (in your yml file). Any authentication information has to be defined there, because there's no way to get information from an earlier step in your build into the get step (it has no inputs).
Since bearer tokens usually time out after "not that long" (i.e. hours or days) which is also true of DockerHub tokens, the concourse instance needs to be able to fetch a new token from the authentication service every time the build runs if necessary. This requires some form of persistent auth to be stored in the concourse server anyway, and currently Dockerhub does not support CI access tokens a la github.
All that is to say, you will need to provide a username and password to Concourse one way or another.
If you're worried about security, there are some steps you can most likely take to reduce risk:
you can use --load-vars-from to protect your credentials from being saved in your pipeline, storing them elsewhere (LastPass, local file, etc).
you might be able to create a user on Dockerhub that only has access to the particular repo(s) you want to push, a "CI bot user" if you will.
Docker Hub supports Access Token
goto Account Settings > Security
its same as Github personal access token (PAT)
You can use this token instead of actual password
i am using this command to upload ssl file.
aws iam upload-server-certificate --server-certificate-name CertificateName --certificate-body file://public_key_certificate_file --private-key file://privatekey.pem
i also placed a config file at ~/.aws/config
and values are
[default]
aws_access_key_id = with my own key
aws_secret_access_key = with my own key
region = ********
but it is giving me this error:
A client error (AccessDenied) occurred: User: arn:aws:iam::419351825566:user/** is not authorized to perform: iam:UploadServerCertificate on resource: arn:a
ws:iam::419351825566:server-certificate/**.crt
Am I not writing AWS Credentials properly? Or I have no access? I am also not sure if I am writing region right..
As of Nov 2015, having an IAM user with a policy of 'IAMFullAccess' will make this work. You can create a new user to have that sole policy, or you can use an existing user and just add the policy.
Note: After uploading the SSL file, you can remove the IAMFullAccess policy if you'd like to tighten down permissions/security again.
New user workflow:
In the jumbo Services menu in AWS, go to IAM
In left sidebar, click on Users
Click blue "Create New Users" button
Type in a name for the user, e.g. "ssl-uploader", and create user
Make note of the keys that AWS gives you. You can't retrieve these later (you'd have to go back to step 1 and create a different user).
Assign the IAMFullAccess policy to the new user
In command line, do aws configure and answer the questions:
AWS Access Key ID: - access key from step 5
AWS Secret Access Key: - secret key from step 5
Default region name: - didn't matter in my case, accepted default None
Default output format: - didn't matter in my case, accepted default None
Run command as mentioned in the question, and it should work. You may want to take note of the JSON it returns in case you need it later.