user defined x-header doesnt send to api problem - react-native

user defined x-header doesnt send to api problem
We have a rest api configured with cors. We can access it with ajax, swift etc.
But when we try to send request from android with react-native application x-header doesnt sent in request header. Our parameters added as miscellaneous header and not sent to server.
We try to request with axios and fetch and xmlHttpRequest
By the way when we try the same request with react it works.
My environment:
android,
react-native,
axios,
fetch
xmlHttpRequest

Related

React Native on Web for développement : How send credential cookie

I am developing a React Native apps that use a .net core web API back end.
When I develop, I would like to use the web interface that I get when I type :
expo start --web
This command open this url : http://localhost:19006
My back end listen on : http://localhost:51186
I configure my back end to allow CORS (Cross Origin Request).
I can do some GET and POST request and I work fine since I don't need to be authenticated.
I can call Login api with success but after this step, I can not access to authenticated url.
I have the same problem if I replace localhost by my IP (192.168.x.x).
If I do the same with postman or with my phone, that work fine.
If i look the login response, the back office send a cookie (.AspNetCore.Identity.Application)
I also examined the request send to my back office and it did not contain this credential cookie.
Without this credential cookie, the back end refuse to send the desired resource and redirect me to login page.
How can I send this cookie ?
Is there another way to get authenticated url ?
Thank you for any help

Azure logic app API http response with excel file download using Postman

Created azure logic app HTTP request it gives response for normal JSON schema However, I want to attach SharePoint excel sheet when I trigger the request from Postman.
1.How to used content type or schema to download the attached file. when postman request sent.
2.is that possible to download when you hit API through logic app
3.Generated HTTP POST URL is working
For your requirement, I test it in my side. It seems we do not need to set any value for "Content-Type" in headers of response. Please refer to my logic app below:
Then when you request the logic app url in postman, please choose "Send and Download" instead of "Send".
After that, you can download the file when request the url in postman.

Auth0 access token to API works in postman but not when calling from Vue

I have 2 items set up in Auth0:
Application - Single Page Application
API - Custom API, machine to machine
I've followed the instruction in the link below to call the custom API:
https://auth0.com/docs/quickstart/spa/vuejs/02-calling-an-api
I've downloaded the sample with settings configured for both items mentioned above. The Vue app are able to log in correctly, and are able to call the external API by using the downloaded example codes (the external API, "backend", in the example code was written in Node JS).
However, when I change the backend to my Laravel/Lumen app which already set up for item no.2 (custom API), the Vue app received 401 unauthorized error. So, I copied the access token retrieved through Vue:
const accessToken = await this.$auth.getTokenSilently();
console.log(accessToken);
And try to call the Lumen backend with this access token - and it works perfectly fine!
Is there a setting somewhere that I might've missed to enable Vue & Lumen to work with Auth0?
p/s: The custom Lumen API was made following the instruction from:
https://auth0.com/blog/developing-restful-apis-with-lumen/
Ok it turns out I made a mistake in the axios part of the sample code. The sample is using get, while my API is using post. So I ended up sending the header in the wrong axios parameter. Hope this helps someone that encountered the same problem.

Implementing Okta in React Native and get: Response to preflight request doesn't pass access

I'm implementing the Okta signin widget with React Native
I get this:
Failed to load https://dev-827074.oktapreview.com/api/v1/sessions/me: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:3000' is therefore not allowed access.
After trying to login, I get the following:
UnsupportedBrowserError {name: "UNSUPPORTED_BROWSER_ERROR", message: "There was an error sending the request - have you enabled CORS?"}
We've received similar errors from Okta. What we had to do is add the hostname for the server that hosts the webview as a Trusted Origin.
API -> Trusted Origins -> Add Origin
You can add multiple origins, you probably need to add http://localhost:3000.
You may need to add http://localhost:3000/implicit/callback to your app's Login Redirect URI's in the General Settings of your Okta app
The API you have written does not support CORS. CORS or Cross origin resource sharing allows a web app to submit requests to an API belonging to a different domain. This setting should be enabled on the API side.
This is how it works, whenever a request is sent to a different domain, an OPTIONS method is sent to the server. The server responds back with available options for the web app. If the verb is supported, the browser will send the actual request with the appropriate verb or method (For example, GET or POST). If the verb is not supported, you get the above error message.
In short, enable CORS for your API. If it is a Node / Express API it is just a simple cors package you need to add to your project and use.

Trustpilot API pre-flight not Allowed

I use axios library in vue for authentication (POST with headers) on Trustpilot but the browser send a pre-fligth calling and the Trustpilot API respond me with error because OPTION method is not Allowed.
I suppose that the authentication request is a simple request (https://developer.mozilla.org/en-US/docs/Web/HTTP/Access_control_CORS) but axios make it as a not simple request and the browser call a pre-fligth request. There is a method for fix this problem?
Thanks
You can't do a browser call to the trustpilot oauth endpoint. Cause the Authorization consists of your apikey and secret. Exposing that to a browser client would be vulnerable.
Your server will be able to call the API.
If you don't have a server, then redirect the user to https://authenticate.trustpilot.com with your client_id and redirect url, where the user is able to login in.
You can see more details here: https://developers.trustpilot.com/authentication#implicit