{"statusCode":403,"error":"Forbidden","message":"User to be acted on does not match subject in bearer token.","errorCode":"unowned_resource"}
curl_setopt_array($curl, array(
CURLOPT_URL => "https://XXXXXXXXX.auth0.com/api/v2/users /auth0|XXXXXXXXX",
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => "",
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 30,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => "PATCH",
CURLOPT_POSTFIELDS => json_encode($postpassword),
CURLOPT_HTTPHEADER => array(
"authorization: Bearer ".$accesstoken,
"content-type: application/json"
),
));
Hope this is something related to settings in auth0 configuration.
Can any one help on about this error..
I had the same problem and I figured out a solution for me.
I missed some scopes for my application. Under APIs, Auth0 Management API, Machine to Machine Applications expand your application (click the downward arrow besides the Authorized switch) and add read:users and maybe read:users_app_metadata.
Related
I have an app where I want my user to be able to add their own SMTP server, whether by Mailgun, Amazon SES, etc.
If we're taking the mailgun as an example, right now my Mailgun is set up in config/web.php like so
'mailgun' => [
'class' => 'boundstate\mailgun\Mailer',
'key' => 'MYKEY',
'domain' => 'DOMAIN',
],
Then I use the following to compose an email
Yii::$app->mailgun->compose()->setFrom($FROM)
->setReplyTo($contest_creator_email)
->setTo($email)
->setSubject($subject_line)
->setTextBody($plaintext)
->setHtmlBody($htmlemail)
->send();
How would I make it so that my user could set-up his own key instead of using mine? Is there a way to do this?
You can do this by setting mailer configuration.
Before sending email you can set mailer configuration in your api/controller.
//Set config value dynamicaly
Yii::$app->set('mailer', [
'class' => 'yii\swiftmailer\Mailer',
'useFileTransport' => false,
'transport' => [
'class' => 'Swift_SmtpTransport',
'host' => 'YourHostName',
'username' => 'UserName',
'password' => 'Password',
'port' => 'Port',
'encryption' => 'Encryption'
],
]);
And send mail as below.
Yii::$app->mailer->compose()->setFrom($FROM)
->setReplyTo($contest_creator_email)
->setTo($email)
->setSubject($subject_line)
->setTextBody($plaintext)
->setHtmlBody($htmlemail)
->send();
I currently have the following configuration for Authentication component in CakePHP
public $components = array(
'Session',
'Auth' => array(
'authError' => 'Please login to your account',
'logoutRedirect' => array(
'controller' => 'pages',
'action' => 'display',
'home'
),
'authenticate' => array(
'Form' => array(
'passwordHasher' => array(
'className' => 'Simple',
'hashType' => 'sha256'
)
)
),
'authorize' => array('Controller') // Added this line
)
);
And my work is integrated with vb.net windows form application. Is there a way or an Authentication class that can be common between both vb.net & CakePHP?
Password hashing is an irreversible process. You cannot "decrypt" them.
If you want to use the same hashes for authentication in your vb.net code then use the same hashing algo to hash user provided plain password and then compare the hashes. When using password hasher with sha256, the hash is generated by appending security salt to the plain text string and then the resulting string is sha256 hashed. So do the same in your vb.net code.
I am not able to get the yii parameterized hostnames working. I am trying to display http://member.testsite.com when the user clicks on login from http://www.testsite.com.
I have the member module created with SiteController.
In my rules, I have:
'rules' => array(
'<controller:\w+>/<id:\d+>' => '<controller>/view',
'<controller:\w+>/<action:\w+>' => '<controller>/<action>',
'<controller:\w+>/<action:\w+>/<id:\d+>' => '<controller>/<action>',
'http://member.testsite.com' => 'member/site/index',
),
In my login, I have the URL pointing to
'url'=>array('member/site/index')
When I hover over login, it shows member.testsite.com, but when I click it takes me to website-unavailable.com
When I change the rules to
'http://member.testsite.com' => 'member/<controller>/<action>',
it takes me to testsite.com/member/site/index/
Am I missing any step?
Example:
'rules' => array(
'://<member:\w+>.<host>/<controller:\w+>/<action:\w+>'
=> '<controller>/<action>',
),
I have an RSPEC integration test for a Rails 3.1 app that needs to test an api for a mobile client by issuing a POST request with JSON params and a mobile header that needs to use http_basic authentication
As the request object is not available in an integration test I'm kinda stuck
This is the code I have so far
it "successfully posts scores" do
# request.env["HTTP_ACCEPT"] = "application/json" #This causes an error as request is nly available in controller tests
post "scores", :score => {:mobile_user_id => #mobile_user.id, :points => 50, :time_taken => 7275}.to_json,
:format => :json, :user_agent => 'Mobile', 'HTTP_AUTHORIZATION' => get_basic_auth
end
The post request does not recognise that I am using http basic authentication but unsure if the format for json is correct. Any help appreciated
get_basic_auth is a helper me4thod that looks like this
def get_basic_auth
user = 'user'
pw = 'secret'
ActionController::HttpAuthentication::Basic.encode_credentials user, pw
end
I use a before_filter in my controllers that checks for mobile and http_basic_authentication that looks like this
def authorize
logger.debug("#### Authorizing request #{request.inspect}")
if mobile_device?
authenticate_or_request_with_http_basic do |username, password|
username == Mobile::Application.config.mobile_login_name && Mobile::Application.config.mobile_password
end
else
unless current_user
redirect_to login_url, :notice => "Please log in"
end
end
end
I get a redirect to login so obviously the mobile header is not being accepted so I have no idea really if any of the other headers are working
UPDATE
Figured it out
post("scores", {:score => {:mobile_user_id => #mobile_user.id, :points => 50, :time_taken => 7275}}.to_json,
{"HTTP_USER_AGENT" => "Mobile", 'HTTP_AUTHORIZATION' => get_basic_auth, 'HTTP_CONTENT_TYPE' => "application/json"})
Does the trick nicely
I figured out what I needed to do
post("scores", {:score => {:mobile_user_id => #mobile_user.id, :points => 50, :time_taken => 7275}}.to_json,
{"HTTP_USER_AGENT" => "Mobile", 'HTTP_AUTHORIZATION' => get_basic_auth, 'HTTP_CONTENT_TYPE' => "application/json"}
Obviously the "mobile" user agent is not needed to test normal json requests.
Hope that helps someone
Have some validating problems which seem to appear only when using the Auth component.
I have 4 fields in my register form: username, password, password_confirm and email.
I also have the multivalidatable behaviour attached to my User model. Here are the rules which apply to the register form:
var $validationSets=array(
"register" => array(
"username" => array(
"usernameFieldNotEmpty" => array(
"rule" => "notEmpty",
"message" => "You did not enter the username!"
),
"usernameValid" => array(
"rule" => "__alphaNumericDashUnderscore",
"message" => "The username you entered is not valid!"
),
"usernameExistsInDatabase" => array(
"rule" => array("__existingRecord", false),
"message" => "The username you entered has been already registered in our database!"
)
),
"password" => array(
"passwordFieldNotEmpty" => array(
"rule" => "notEmpty",
"message" => "You did not enter your password!"
)
),
"password_confirm" => array(
"passwordConfirmFieldNotEmpty" => array(
"rule" => "notEmpty",
"message" => "You did not confirm your password!"
),
"passwordsMatch" => array(
"rule" => array("__fieldMatch", "password"),
"message" => "The passwords you entered don't match!"
)
),
"email" => array(
"emailFieldNotEmpty" => array(
"rule" => "notEmpty",
"message" => "You did not enter the e-mail!"
),
"emailValid" => array(
"rule" => "email",
"message" => "The e-mail you entered is not valid!"
),
"emailExistsInDatabase" => array(
"rule" => array("__existingRecord", false),
"message" => "The e-mail you entered has been already registered in our database!"
)
)
/*"language" => array(
)*/
)
Here is my register form:
<?php echo $this->Form->create('User', array('url' => array('controller' => 'users', 'action' => 'register')));?>
<fieldset>
<legend><?php __('Add User'); ?></legend>
<?php
echo $this->Form->input('username');
echo $this->Form->input('password', array('type' => 'password', 'value' => ''));//value='' - resets the password input on any error on the page
echo $this->Form->input('password_confirm', array('type' => 'password', 'value' => ''));
echo $this->Form->input('email');
?>
</fieldset>
<?php echo $this->Form->end(__('Submit', true));?>
Now, everytime I submit the form EMPTY, the password field, although empty, passes all validation tests (I tried putting value => '' in the code, but it's useless).
Also, the email input seems to pass the 'notEmpty' test and the error shown is that The email is not valid
I've looked over all my code but couldn't find any solution.
http://pastebin.com/xnQ02BCW
this is what i would use.
About the Password problem: what version of CakePHP are you using?
The Auth component in 1.2 automatically hash your password, so that it will result not empty even if it is. In 1.3 it should be OK but I don't know from what version.
I've managed to do a couple of "hacks" so the problem is solved for now.
Don't think this is the most appropriate way of doing it, but it might get in handy for other users having my problem:
Firstly, in my UsersController, I wrote this snippet, so if the password field is left empty by the user, reset it to '' before validation:
if($this->data['User']['password'] == $this->Auth->password('')){
$this->data['User']['password'] = '';
}
$this->User->set($this->data);
if($this->User->validates()){ //post validation login }
The second problem was the e-mail validation. Oddly, I got this problem fixed by changing the order of the rules in the Multivalidatable Behaviour. So, from:
"email" => array(
"emailFieldNotEmpty" => array(
"rule" => "notEmpty",
"message" => "You did not enter the e-mail!"
),
"emailValid" => array(
"rule" => "email",
"message" => "The e-mail you entered is not valid!"
),
"emailExistsInDatabase" => array(
"rule" => array("__existingRecord", false),
"message" => "The e-mail you entered has been already registered in our database!"
)
)
I now have:
"email" => array(
"emailExistsInDatabase" => array(
"rule" => array("__existingRecord", false),
"message" => "The e-mail you entered has been already registered in our database!"
),
"emailValid" => array(
"rule" => "email",
"message" => "The e-mail you entered is not valid!"
),
"emailFieldNotEmpty" => array(
"rule" => "notEmpty",
"message" => "You did not enter the e-mail!"
)
)
I don't know whether this was intended or not, but it seems like the last rule which isn't fulfilled is the one displayed. To my logic, the rules would have been arranged in their order of appearance, so if the first one doesn't apply, stop checking and display it.
I repeat, I don't know if this is the right approach, but I seem to have worked out these problems.
If you have anything to add up, please do so!
EDIT
Found the 'official' explanation in the Cake 1.3 Book. It says:
By default CakePHP tries to validate a field using all the validation rules declared for it and returns the error message for the last failing rule. But if the key last is set to true for a rule and it fails, then the error message for that rule is returned and further rules are not validated. So if you prefer to show the error message for the first failing rule then set 'last' => true for each rule.
So, another approach to my problem is to set the validation rules in their order of appearance and add a last key to the rule array.