Locally on my mac book, my chrome extension is trying to identify whether or not my chrome browser is signed into a specific website. I am referencing these docs. However, the cookie data I am getting back for this specific website is the same regardless of whether or not my browser has authenticated with the site. This is what the cookie looks like printed to console:
{
"domain": "some-random-string.ngrok.io",
"hostOnly": true,
"httpOnly": true,
"name": "_the_app_session",
"path": "/",
"sameSite": "unspecified",
"secure": false,
"session": true,
"storeId": "0",
"value": "random sttring"
}
This is the code I am running:
// Attempt
chrome.cookies.getAll(
{"url": "https://some-random-string.ngrok.io", "name": "_the_app_session"},
function(cookies) {
console.log('cookies', cookies)
}
)
// Attempt
chrome.cookies.get({"url": "https://some-random-string.ngrok.io", "name": "_the_app_session"}, function(cookie) {
console.log('cookie', cookie)
});
How can my chrome extension identify whether or not my browser is signed into a specific website?
This is my manifest file:
{
"manifest_version": 3,
"icons": {
"16": "cooking-icon.png",
"128": "cooking-icon.png"
},
"name": "Some app",
"description": "A Chrome extension app",
"version": "0.1.0",
"action": {
"default_title": "App",
"default_popup": "popup.html"
},
"permissions": [
"cookies",
"scripting"
],
"host_permissions": [
"http://*/*",
"https://*/*"
]
}
My work around for this was to create an endpoint in my app which would check whether or not the browser was signed in. Make a GET request to this endpoint:
const authenticated = await fetch('http://random-string.ngrok.io/authenticated', {
mode: 'cors',
cache: 'no-cache',
headers: {
'Content-Type': 'application/json'
},
credentials: 'include'
});
Based on the response my chrome extension could tell whether or not my browser has signed into the site.
Related
I am using a kickstart.json file to setup FusionAuth in developer environments. Everything is automated except I still need to manually go and get the client secret from the fusion auth instance.
Is there anyway I can predefine the client secret in the kickstart file so I can pre-configure it in my app?
you should absolutely be able to set the client secret from kickstart.json. Any API call should work from within Kickstart.
https://fusionauth.io/docs/v1/tech/apis/applications#create-an-application indicates you can POST an application including the client secret.
So a kickstart file like this should work:
{
"variables": {
"defaultTenantId": "30663132-6464-6665-3032-326466613934"
},
"apiKeys": [
{
"key": "mykey",
"description": "API key"
}
],
"requests": [
{
"method": "POST",
"url": "/api/application/85a03867-dccf-4882-adde-1a79aeec50df",
"body": {
"application": {
"name": "Pied Piper",
"roles": [
{
"name": "dev"
},
{
"name": "ceo"
},
{
"name": "intern"
}
],
"oauthConfiguration" : {
"clientSecret": "shhh-your-desired-secret"
}
}
}
}
]
}
I haven't tested that, but don't see any reason why it would not work. (Note that 1.37, the most recent version, has an issue with kickstart as documented here: https://github.com/FusionAuth/fusionauth-issues/issues/1816 but that should be fixed soon.)
If this doesn't work for you, please share the error message and a scrubbed kickstart file.
We are getting an error while executing a WorkItem in Forge's Design Automation API.
The error is this:
Error: The category 'rfaFile' in '$(rfaFile)' is unrecognized. Valid values are args, settings, appbundles, engine, engines.
And it happens right after the 'Start preparing script and command line parameters.' in the report.txt. We are not really sure why's this happening. It looks like the error is thrown in the activity. The activity looks like this:
function publishActivity() {
return $.ajax({
url: "/api/forge/design_automation/activities",
headers: {
"X-CSRF-Token": csrfToken,
"Forge-Token": forgeToken
},
method: "POST",
contentType: "application/json",
data: JSON.stringify({
activity: {
"id": "DeleteWallsActivity",
"commandLine": [ "$(engine.path)\\\\revitcoreconsole.exe /i \"$(args[rfaFile].path)\" /al \"$(appbundles[TestAppId].path)\"" ],
"parameters": {
"rfaFile": {
"zip": false,
"ondemand": false,
"verb": "get",
"description": "Input Revit model",
"required": true,
"localName": "$(rfaFile)"
},
"result": {
"zip": false,
"ondemand": false,
"verb": "put",
"description": "Results",
"required": true,
"localName": "result.rfa"
},
"inputJson": {
"verb": "get",
"description": "input json",
"localName": "params.json",
"ondemand": false,
"required": false,
"zip": false
}
},
"engine": "Autodesk.Revit+2021",
"appbundles": [ "petar3db.TestAppId+test" ],
"description": "Deletes walls from Revit file."
}
})
}).done(function(data) {
console.log("Activity created");
bundleUploadData = data["uploadParameters"];
}).fail(function(jqXHR, textStatus) {
console.log("Failed to create activity", jqXHR.responseJSON);
console.log(jqXHR, textStatus);
});
}
and it looks like the "localName": "$(rfaFile)" is causing the trouble.
Let's take a look at our WorkItem code which we execute via websockets:
{
"headers": {
"Authorization" : "Bearer <token here>"
},
"action": "post-workitem",
"data": {
"activityId": "petar3db.DeleteWallsActivity+test",
"arguments": {
"rfaFile": {"url": "https://developer.api.autodesk.com/oss/v2/signedresources/da992c60-a3d7-469d-8c3e-d0f089e2e509?region=US", "pathInZip": "emptyfam.rfa"},
"result": {"verb": "put", "url": "https://developer.api.autodesk.com/oss/v2/signedresources/b78151c1-93aa-495f-96c8-183bca26e071?region=US"},
"inputJson": {"localName": "params.json", "url": "the url to the file"}
}
}
}
the really strange part is that this process worked just fine and started throwing this error when we added "inputJson" into the activity and workItem. (We want to send some JSON data to the AppBundle with the WorkItem)
What can be the issue? Are missing something?
As for "localName": "$(rfaFile)", to be noted that if the local name is defined like this, Design Automation will come up a valid name for this argument by its own logic. If you want to fully control the input file, such as accessing it in the addin(Appbundles)'s code, it is recommended to define a "real" localName instead, e.g. "localName": "input.rfa"
In your case above, you may need to:
Remove /i \"$(args[rfaFile].path)\" from commandLine in the Activity
Define "localName": "inputRFA", so the input will be downloaded, unzipped as a folder named as inputRFA. emptyfam.rfa should be under this folder.
Call OpenDocumentFile in the addin to open a Revit file, get document
Call document.LoadFamily(".\inputRFA\emptyfam.rfa", out family); in the adding to open/load rfa file. See this Revit API
There is a mismatch in parameter name in activity with the argument name in workitem. Correct way to post the workitem should be:
{
"headers": {
"Authorization" : "Bearer <token here>"
},
"action": "post-workitem",
"data": {
"activityId": "petar3db.DeleteWallsActivity+test",
"arguments": {
"rfaFile": {"url": "https://developer.api.autodesk.com/oss/v2/signedresources/da992c60-a3d7-469d-8c3e-d0f089e2e509?region=US", "pathInZip": "emptyfam.rfa"},
"result": {"verb": "put", "url": "https://developer.api.autodesk.com/oss/v2/signedresources/b78151c1-93aa-495f-96c8-183bca26e071?region=US"},
"inputJson": {"localName": "params.json", "url": "the url to the file"}
}
}
}
Change the argument field rvtFile to rfaFile.
We are trying to figure out whether Docusign can be used in productive scenarios for our client requirements.
We have a UI5 application which will be used to sign Documents. We have created a template in the demo instance of Docusign.
However when we are trying to create an envelope from the application we are getting 400 Error Unable to parse multipart body. Now the same payload when used in POSTMAN application results in the envelope getting created successfully. The headers passed are also the same.
In Ui5 App :
var settings = {
"async": true,
"crossDomain": true,
"url": "/docusign/envelopes",
"method": "POST",
"timeout": 0,
"headers": {
"Authorization": "User DnVj27euWrCi4ANoMV5puvxVxYAcUCG3PlkUSpWpC08=, Organization 6ba64ce816dec995b17d04605e329a30, Element X4XuUq/T5UUh2o9xwaamZCCRwOKUCPr1Kv1Nj+qHPj0=",
"Content-Type": "application/json"
},
"data": JSON.stringify({
"status": "sent",
"compositeTemplates": [{
"compositeTemplateId": "1",
"inlineTemplates": [{
"recipients": {
"signers": [{
"email": "johndoe#testmail.com",
"name": "John Doe",
"recipientId": "1",
"roleName": "Signer",
"clientUserId": "12345",
"tabs": {
"textTabs": [{
"tabLabel": "firstName",
"value": "John"
}, {
"tabLabel": "lastName",
"value": "Doe"
}, {
"tabLabel": "phoneNo",
"value": "022-635363"
}, {
"tabLabel": "email",
"value": "test#gmail.com"
}]
}
}]
},
"sequence": "1"
}],
"serverTemplates": [{
"sequence": "1",
"templateId": "0bf97611-a457-4e8e-ac7e-1593c17ba3f6"
}]
}]
})
};
var deferred = $.Deferred();
$.ajax(settings).done(function (response) {
deferred.resolve(response);
}.bind(this)).fail(function (error) {
deferred.reject(error);
}.bind(this));
In Postman :
Help would be greatly appreciated in resolving this issue.
Could you stringify outside of the json settings and perhaps break your call down a little before placing everything in settings.
i.e. Try and re-shape your jquery ajax call:
var headers = {"Authorization": "User DnVj27euWrCi4ANoMV5puvxVxYAcUCG3PlkUSpWpC08=, Organization 6ba64ce816dec995b17d04605e329a30, Element X4XuUq/T5UUh2o9xwaamZCCRwOKUCPr1Kv1Nj+qHPj0=", "Content-Type": "application/json" };
var payload = JSON.stringify({
"status": "sent",
"compositeTemplates": [{
"compositeTemplateId": "1",
"inlineTemplates": [{
"recipients": {
"signers": [{
"email": "johndoe#testmail.com",
"name": "John Doe",
"recipientId": "1",
"roleName": "Signer",
"clientUserId": "12345",
"tabs": {
"textTabs": [{
"tabLabel": "firstName",
"value": "John"
}, {
"tabLabel": "lastName",
"value": "Doe"
}, {
"tabLabel": "phoneNo",
"value": "022-635363"
}, {
"tabLabel": "email",
"value": "test#gmail.com"
}]
}
}]
},
"sequence": "1"
}],
"serverTemplates": [{
"sequence": "1",
"templateId": "0bf97611-a457-4e8e-ac7e-1593c17ba3f6"
}]
}]
});
$.ajax({
"async": true,
"crossDomain": true,
"url": "/docusign/envelopes",
"method": "POST",
"timeout": 0,
"headers": headers,
"data": payload
});
I am sure this will lead you to your final "consolidated" answer.
If the exact same JSON is being sent from Postman and from the UI5 application, then you'll get the same results. But you aren't, so something is different.
Probably the UI5 system is sending the API as a mime multi-part request, but isn't setting the content type for the JSON request part correctly.
To verify: use the DocuSign API logger to see what is being received by DocuSign. Compare between the request being sent from UI5 and from Postman.
To fix: you'll need to set additional UI5 parameters so the request is NOT sent as a multi-part mime message. Or send the multi-part message with the needed settings. See the docs and see a multi-part example.
PS PLEASE post an answer to your question with the solution to your problem (once you've found it) to help others in the future. Thank you!!
I was able to fix the issue by directly using the Docusign API (https://demo.docusign.net/restapi/v2/accounts). I was earlier using the SAP Openconnector to connect to Docusign.
https://api.openconnectors.eu3.ext.hanatrial.ondemand.com/elements/api-v2
Thanks all for the help.
I have run into the very same issue recently, and almost decided to give up, but finally, I have managed to find a way to make it work!
The thing is that you need to execute the Ajax call in the following way:
_createEnvelops: function () {
var deferred = $.Deferred();
var oTemplateData = this._getTemplateData();
var oFormData = new FormData();
oFormData.append('envelope', JSON.stringify(oTemplateData));
var settings = {
"async": true,
"crossDomain": true,
"url": '/docusign/envelopes',
"method": "POST",
"data": oFormData,
processData: false,
contentType: false,
"headers": {
"Authorization": sAuthToken
}
};
$.ajax(settings).done(function (response) {
deferred.resolve(response);
}.bind(this)).fail(function (error) {
deferred.reject(error);
}.bind(this));
return deferred;
},
Maybe it will be useful for someone in the future ;)
I'm using the Auth.currentAuthenticatedUser method to retrieve the attributes recorded for the logged user from AWS Cognito - but only basic atributes are showing. The ones I want are "name" and "family name", but they don't seem to be loaded in the Promise.
This is only the beggining, but I'm concerned as I will want to retrieve other attributes which are not showing up, like user picture, for instance.
Tried to use currentAuthenticatedUser and currentUserInfo with the same results.
async componentDidMount() {
await Auth.currentAuthenticatedUser({bypassCache: true})
.then ( user => this.setUserInfo( user ) )
.catch( err => console.log(err))
}
CognitoUser {
"Session": null,
"attributes": Object {
"email": "r...#gmail.com",
"email_verified": true,
"phone_number": "+5...",
"phone_number_verified": false,
"sub": "246e9...",
},
"authenticationFlowType": "USER_SRP_AUTH",
"client": Client {
"endpoint": "https://cognito-idp.us-east-2.amazonaws.com/",
"userAgent": "aws-amplify/0.1.x react-native",
},
"deviceKey": undefined,
"keyPrefix": "CognitoIdentityServiceProvider.12ddetjn0c0jo0npi6lrec63a7",
"pool": CognitoUserPool {
"advancedSecurityDataCollectionFlag": true,
"client": Client {
"endpoint": "https://cognito-idp.us-east-2.amazonaws.com/",
"userAgent": "aws-amplify/0.1.x react-native",
},
"clientId": "12ddetjn0c0jo0npi6lrec63a7",
"storage": [Function MemoryStorage],
"userPoolId": "us-east...",
},
"preferredMFA": "NOMFA",
"signInUserSession": CognitoUserSession {
"accessToken": CognitoAccessToken {
"jwtToken": "e...oJPg",
"payload": Object {
"auth_time": 1565137817,
"client_id": "1...6lrec63a7",
"event_id": "c3...-4bd9-ad42-200f95f9921c",
"exp": 15...2,
"iat": 156...5872,
"iss": "https://cognito-idp.us-east-2.amazonaws.com/us-east-...",
"jti": "5483e...544149c42e58",
"scope": "aws.cognito.signin.user.admin",
"sub": "246e93...f4d8e6f4725b",
"token_use": "access",
"username": "r...f",
},
},
"clockDrift": -2,
"idToken": CognitoIdToken {
"jwtToken": "eyJraWQiOiJk...",
"payload": Object {
"aud": "12ddetjn0c0j..rec63a7",
"auth_time": 1565137817,
"cognito:username": "r..",
"email": "r..#gmail.com",
"email_verified": true,
"event_id": "c3ae..200f95f9921c",
"exp": ..2,
"iat": ..2,
"iss": "https://cognito-idp.us-east-2.amazonaws.com/us-east-..",
"phone_number": "+5...3",
"phone_number_verified": false,
"sub": "246e937..f4d8e6f4725b",
"token_use": "id",
},
},
"refreshToken": CognitoRefreshToken {
"token": "eyJjd...",
},
},
"storage": [Function MemoryStorage],
"userDataKey": "CognitoIdentityServiceProvider.12ddetjn0....userData",
"username": "r...ff",
}
To get all user attributes, you may be looking for the Auth.userAttributes() function. To use this you want something like this code:
const authUser = await Auth.currentAuthenticatedUser();
const attributes = await Auth.userAttributes(authUser);
// the next line is a convenience that moves the attributes into
// the authUser object
attributes.forEach((attr) => {
authUser.attributes[attr.Name] = attr.Value;
});
If you're still not getting the attributes you need, take a look here, and you can see that you can enable the reading of other attributes from the Amplify command line.
So, in the root of your project:
Type "amplify update auth" at the console.
Select "Walkthrough the auth configurations"
Step through making all the same selections as you've done before.
When it asks, "Do you want to specify the user attributes this app can read and write?" it's "Y", and then you select the attributes you want to be able to read.
When you finish the wizard, use "amplify push auth"
When that's completed, try re-running.
As an alternative to steps 1-4 above, you can also edit cli-inputs.json in the amplify\backend\auth<your auth config name> directory. It's in "userpoolClientReadAttributes". Simply add the attributes you would like to this array (e.g. "name").
This answer was verified with amplify CLI version 8.1.0.
Background
I am using the newer Yodlee Aggregation API that differs from what I was previously building off of.
I am currently using this endpoint in the account registration flow to put the MFA response:
PUT /{cobrandName}/v1/providers/{providerAccountId}
My request looks like this:
{
url: `${this.rest}providers/${providerAccountId}`,
headers: {
'Authorization': `cobSession=${self.appToken}, userSession=${token}`
},
form: {
'MFAChallenge': JSON.stringify(newMfa)
}
}
where this.rest is my personal rest url, providerAccountId is the appropriate providerAccountId for the refresh, self.appToken is the current cobrand session token, token is the current user's login token, and newMfa is a JSON object being stringified that matches this profile:
{
"loginForm": {
"mfaTimeout": 94650,
"formType": "questionAndAnswer",
"row": [
{
"id": "SQandA--QUESTION_1--Row--1",
"fieldRowChoice": "0001",
"form": "0001",
"label": "What is the name of your state?",
"field": [
{
"id": "SQandA_QUESTION_1_1",
"name": "QUESTION_1",
"isOptional": false,
"value": "Enter the answer",
"valueEditable": true,
"type": "text"
}
]
},
{
"id": "SQandA--QUESTION_2--Row--2",
"fieldRowChoice": "0001",
"form": "0001",
"label": "What is the name of your first school",
"field": [
{
"id": "SQandA_QUESTION_2_2",
"name": "QUESTION_2",
"isOptional": false,
"value": "Enter the answer",
"valueEditable": true,
"type": "text"
}
]
}
]
}
with the exeption being the value fields of the field object, which have been encrypted with PKI as per instructions.
Issue
However, when I carry out this PUT request, I get this error from Yodlee:
{ errorCode: 'Y803',
errorMessage: 'MFAChallenge or providerParam required',
referenceCode: 'p1460412835654A4Q24t' }
though I clearly have an MFAChallenge parameter in my form. Any ideas on why I could be getting this error if the MFAChallenge is present (and note that it is the only info that is passed through the PUT request other than through headers or url parameters)? I tried putting it through as body data, but that doesn't seem to work, and very few of the API endpoints actually seem to use body over form encoded strings, though there was at least one.
You have to send this information MFAChallenge as part of URL, see below example
https://developer.api.yodlee.com/ysl/restserver/v1/providers/10114184?MFAChallenge=%7B%20%22loginForm%22%3A%20%7B%20%20%20%20%20%22mfaTimeout%22%3A%2094650%2C%20%20%20%20%20%22formType%22%3A%20%22questionAndAnswer%22%2C%20%20%20%20%20%22row%22%3A%20%5B%20%20%20%20%20%7B%20%20%20%20%20%20%20%20%20%22id%22%3A%20%22SQandA--QUESTION_1--Row--1%22%2C%20%20%20%20%20%20%20%20%20%22fieldRowChoice%22%3A%20%220001%22%2C%20%20%20%20%20%20%20%20%20%22form%22%3A%20%220001%22%2C%20%20%20%20%20%20%20%20%20%22label%22%3A%20%22What%20is%20the%20name%20of%20your%20state%3F%22%2C%20%20%20%20%20%20%20%20%20%22field%22%3A%20%5B%20%20%20%20%20%20%20%20%20%20%20%20%20%7B%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%22id%22%3A%20%22SQandA_QUESTION_1_1%22%2C%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%22name%22%3A%20%22QUESTION_1%22%2C%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%22isOptional%22%3A%20false%2C%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%22value%22%3A%20%22Enter%20the%20answer%22%2C%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%22valueEditable%22%3A%20true%2C%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%22type%22%3A%20%22text%22%20%20%20%20%20%20%20%20%20%20%20%20%20%7D%20%20%20%20%20%20%20%20%20%5D%20%20%20%20%20%7D%2C%20%20%20%20%20%7B%20%20%20%20%20%20%20%20%20%22id%22%3A%20%22SQandA--QUESTION_2--Row--2%22%2C%20%20%20%20%20%20%20%20%20%22fieldRowChoice%22%3A%20%220001%22%2C%20%20%20%20%20%20%20%20%20%22form%22%3A%20%220001%22%2C%20%20%20%20%20%20%20%20%20%22label%22%3A%20%22What%20is%20the%20name%20of%20your%20first%20school%22%2C%20%20%20%20%20%20%20%20%20%22field%22%3A%20%5B%20%20%20%20%20%20%20%20%20%20%20%20%20%7B%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%22id%22%3A%20%22SQandA_QUESTION_2_2%22%2C%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%22name%22%3A%20%22QUESTION_2%22%2C%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%22isOptional%22%3A%20false%2C%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%22value%22%3A%20%22Enter%20the%20answer%22%2C%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%22valueEditable%22%3A%20true%2C%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%22type%22%3A%20%22text%22%20%20%20%20%20%20%20%20%20%20%20%20%20%7D%20%20%20%20%20%20%20%20%20%5D%20%20%20%20%20%7D%20%5D%20%7D