How can i get shared secret when i have test account on first data global gateway. I am integrating my website with first data for payment processing
Follow the below url for creation of new set of credentials in demo env:
https://firstdata.zendesk.com/entries/21510561-Global-Gateway-e4-Demo-Accounts
Related
We have a Web application that is protected by Azure ADB2C. Users must be logged in to access the application. When the user logs into the application we use the API connectors feature to go and fetch more user details using the email the user logged in with. These extra details are added to the token as custom attributes and are consumed by the web app inside the OnTokenValidated event.
When our code is deployed to either the Test/Staging or Production endpoints our integration tests are run against that endpoint. I can't spoof the authentication as the tests are talking to live endpoints. I need to authenticate the tests as if they are a real user.
I have looked around and have tried the ROPC flow that is suggested on similar posts. The trouble is with this solution is that it does not call the API connectors to get the extra user details that the 'normal' login flow would.
ROPC Solution:
Integration Test with Azure AD login
How can I make my integration tests authenticate with Azure ADB2C the same way a real user would so that the API connectors are called?
Any help/advice is greatly appreciated.
Thanks.
Thanks you Nasheen Kalam for the blog.
Based on the GIT reference for Integration Test for the Sign up and Sign in Pages
https://git.uwaterloo.ca/jmshahen/ece651-project/-/merge_requests/22
Below are the process:
Run authentication test with pre-defined user
Test Step:
1.Go to application URL: 127.0.0.1:3000
2. Redirect to Sign In page
3. Use registered email and password
4. Sign In
5. Verify Result
Expected Result:
Pass: when email, password is matched
Fail: Error message thrown in case of wrong combination
Run sign up process for new user
Test Steps:
Manually Remove user if already exists in DB
1.Go to application URL: 127.0.0.1:3000/signup
2. Use full name, email address and password
4. Sign Up
5. Verify Result
Test Data
User name: Test User01
User email: testuser#gmail.com
User Password:
usertest01
Verification text:
Test User01
Expected Result:
Pass: when new user is created
Fail: Error message thrown in case of user already exists
My company has a strict compliance policy with respect to protecting the client secrets and passwords of azure active directory client apps(client secret for aad app) and service accounts (passwords).
However during bug fixing in production or replicating issues on production code or active debugging, we need to debug the production code by passing these credentials from postman or fiddler.
Is it safe to save these keys in Postman and share it by generating a public url? Is there any way of sharing it from postman to a specific set of users? Or is there any better way of sharing the API requests with set of users.
You can invite someone to postman workspace using thier email Id, sharing public collection url is not safe anyone with url can access that
Other way is to download collection and environment as json and send that json file instead .
There is no way to mask secrets as even if you store it in variable , the secret will be exposed in postman console
https://learning.postman.com/docs/collaborating-in-postman/sharing/
to invite to workspace :
Create a workspace :
Invite someone to workspace
select team, type the user's email id you want to invite , click add , then click create workspace. A mail will be send to the user's email through which user can join workspace.
now share that collection to or environment to that workspace
Posted this on github and was told to come here ask for help
Hello!
I am trying to implement custom authentication for my resources on Google Cloud Storage using this module with a service account. I am trying to abstract away the need for a Google account for my end users.
What the ideal workflow would look like:
User queries https://cdn.example.com/[[BUCKET]]/[[FILENAME]] using Bearer token
The API on that end intercepts the bucket and file name and checks the validity of the token
The API then would request the resource at https://storage.cloud.google.com/[[BUCKET]]/[[FILENAME]]
Step 3 Returns the Location header that I will pass over to the user
After snooping around a bit I found out that the Location header returned in step 3 in the form of https://[[DATA]].googleusercontent.com/download/storage/v1/b/[[BUCKET]]/o/[[FILENAME]]?qk=[[KEY]] is a public link that can be accessed by anonymous users too. Which is exactly what I want. However while using the storage API I can only see selfLink and mediaLink, not the link above.
I tried using google-auto-auth to sign the request with my service account towards the storage.cloud.google.com endpoint but I get an Unauthorized error.
From looking here I understand that to access the storage.cloud.google.com is based on cookie authentication, which google-auto-auth doesn't seem to do. All it does is add a Bearer token to the header of the request.
This looks like you need signedUrls
Yea, that would be great, if it didn't expose the email of the service account.
Cheers!
TL;DR How to get the redirect URL from storage.cloud.google.com links using a service account?
I'm tring to fetch the list of tenants using the identity (Keystone) API, V2, of OpenStack.
After I authenticate as user "admin" on the public port (5000).
I am able to make a /v2.0/tenants call to the identity API, also on port 5000, using the token I got from the authentication. However, it only returns a single result, while there are multiple tenants.
I tried many things to overcome this:
Used port 35357 - the /tenants call returned 401 unauthorized
Tried port 7777 with the admin token - got 401
The same call from the PostMan Chrome extension did work
tried to repeat the suggestion in this thread - my authentication call with tenant name failed on request format, and I couldn't find any example to how such a request should look
Some observations:
I added user "admin" as admin in multiple projects
The authentication response:
shows no roles for user admin
metadata shows is_admin=0
serviceCatalog appears empty
Any help will be appreciated
Yaron
The /tenants API returns the list of tenants that your user has access to. The admin user does not automatically have access to all tenants - it has permission to assign users to any tenant, though. So check again if your user actually has permissions to all of these tenants.
If you have access to the Openstack Horizon dashboard, login with your user and see the list of tenants that you can choose (usually available as a select-box in the top-left of the screen - depends on your openstack distro)
I recommend that you use the Openstack CLI with the --debug option - use the cli to list the tenants you have access to. The debug flag will output the Openstack API calls to the console screen.
I'm going to setup this Example for Amazon Cognito Sync demo, using Eclipse + ADK + AWS libs V2.9.
I created an identity pool in the Cognito Console, so I got the Identity Pool ID which is used in CognitoSyncClientManager.java at:
private static final String IDENTITY_POOL_ID = "us-east-1:1a23b013-1abc-123-b123-123abc1fe5";
private static final Regions REGION = Regions.US_EAST_1;**
(perhaps not all regions seem to run in test mode)
I registered my (developing-)app in the Seller Central with Eclipse Help>Android>Bild>MD5 fingerprint and the package-name from AndroidManifest.xml, so got my api_key.txt Value.
From the AWS doku I got my Provider URL (code as sample), which is used in DeveloperAuthenticationProvider.java at:
private static final String developerProvider = "cognito-sync.us-east-1.amazonaws.com";
private static final String cognitoSampleDeveloperAuthenticationAppEndpoint = "arn:aws:iam::123456789123:role/Cognito_TestMyAppAuth_DefaultRole"
private static final String cognitoSampleDeveloperAuthenticationAppName = "Cognito sync demo";
After creating some Users which are attached to groups with permissions to IAM full access and (auto)generated roles for unautherized and autherized Roles, my app is running in this way:
Login with Amazon - is running, but where will their datasets be created and is it possible I see them in the AWS Console?
Simple Browse your data (without login) - is running, unauthenticated users and their datasets appear/are counted in the Identity console
Developer Authentication fails with Username or password do not match - combined with an "Unable to reach resource..." in the LogCat.
Now I think, the last missing thing in this game is the parameter cognitoSampleDeveloperAuthenticationAppEndpoint=...
Where can I find it and what else could I have missed to setup for a full running Example?
Thanks for using Cognito demo. Answers to your questions
Yes, you can see the datasets in the AWS console. Navigate to Cognito inside the AWS Console and go to your identity pool. On the left hand side menu go to identity browser and you will see the list of identities or you can search for an identity. Click on the identity and you can see the datasets owned by that identity.
Developer Authentication is a feature which helps to integrate your authentication system with Cognito. For this you should have a backend server serving user's authentication requests, and once you authenticate users you can request OpenId Connect tokens for them from Cognito using the GetOpenIdTokenForDeveloperIdentity API call. The developer provider name is the one which you setup for your identity pool in the AWS Cognito console. For using the sample you can setup a sample server application by following this blog and the readme file of the the server side application.
P.S.: Please avoid sharing your identity pool id.
Thanks,
Rachit