It appears that DAG is only available as a hosted service. How do I test my code integration programmatically through the REST API for the following methods?
addSiteAccount1
getMFAResponseForSite
putMFAResponseForSite
Is there a way to do this with real account data through the API?
DAG is a simulator for real account and is available to upload an XML to test few real account scenario and then adding the DAG account using the APIs to see how data is fetched.
Every account on DAG has a siteID , username and password which can be used to link it as a real account.
So you can use the SiteID to get the login form of the DAG site and then use the username and password to link the account.
For testing
getMFAResponseForSite
putMFAResponseForSite
use the Dag Site SecurityQA or Dag Site TokenFMPA as sites to add.
for more info on dag please visit
https://developer.yodlee.com/Indy_FinApp/Indy_FinApp_Knowledgebase/Sample_Data/Dummy_Account_Generator
Related
We have a Web application that is protected by Azure ADB2C. Users must be logged in to access the application. When the user logs into the application we use the API connectors feature to go and fetch more user details using the email the user logged in with. These extra details are added to the token as custom attributes and are consumed by the web app inside the OnTokenValidated event.
When our code is deployed to either the Test/Staging or Production endpoints our integration tests are run against that endpoint. I can't spoof the authentication as the tests are talking to live endpoints. I need to authenticate the tests as if they are a real user.
I have looked around and have tried the ROPC flow that is suggested on similar posts. The trouble is with this solution is that it does not call the API connectors to get the extra user details that the 'normal' login flow would.
ROPC Solution:
Integration Test with Azure AD login
How can I make my integration tests authenticate with Azure ADB2C the same way a real user would so that the API connectors are called?
Any help/advice is greatly appreciated.
Thanks.
Thanks you Nasheen Kalam for the blog.
Based on the GIT reference for Integration Test for the Sign up and Sign in Pages
https://git.uwaterloo.ca/jmshahen/ece651-project/-/merge_requests/22
Below are the process:
Run authentication test with pre-defined user
Test Step:
1.Go to application URL: 127.0.0.1:3000
2. Redirect to Sign In page
3. Use registered email and password
4. Sign In
5. Verify Result
Expected Result:
Pass: when email, password is matched
Fail: Error message thrown in case of wrong combination
Run sign up process for new user
Test Steps:
Manually Remove user if already exists in DB
1.Go to application URL: 127.0.0.1:3000/signup
2. Use full name, email address and password
4. Sign Up
5. Verify Result
Test Data
User name: Test User01
User email: testuser#gmail.com
User Password:
usertest01
Verification text:
Test User01
Expected Result:
Pass: when new user is created
Fail: Error message thrown in case of user already exists
I wanna answer my application's reviews with service account. But regarding to api documantation of google play console, for answering review's, i need to have my auth'key. :
GET https://www.googleapis.com/androidpublisher/v3/applications/your_package_name/reviews?
access_token=your_auth_token
But in my json file that i got from "create key" on my service account page, i have nothing like: "auth token". What should i do?
Note: I also have 1 more small question: I wanna list all of my applications for google play. I found some non-offical api's that can retrieve all app's for spesific developer. But for that i need to have people's developer name that i cannot retrieve from any api.
But in my json file that i got from "create key" on my service account page, i have nothing like: "auth token". What should i do?
Your auth token is not in the key file you downloaded it contains what you need to request an access token.
Assuming that you have created service account credentials on Google cloud console. What you have in that file is the credentials you need to create an access token.
Your application calls Google APIs on behalf of the service account, so users aren't directly involved. This scenario is sometimes called "two-legged OAuth," or "2LO." (The related term "three-legged OAuth" refers to scenarios in which your application calls Google APIs on behalf of end users, and in which user consent is sometimes required.)
Requesting an access token using a service account requires a number of steps Preparing to make an authorized API call I recommend you look for a client library in your chosen language coding it yourself is not for the feint at heart.
I wanna list all of my applications for google play.
In order to do that you will need to grant the service account access to your accounts data probably by sharing the data with it. Or you will need to use Oauth2 to authorize your application then you will have access to it.
First, I'd like to mention that problems like this had been discussed before in the topics like:
How to authenticate user with just a Google account on Actions on Google?
But I could not find any information at all related to ways of linking Google Assistant app with my own web server.
Problem:
GET https://oauth-redirect.googleusercontent.com/r/my-google-assistant-app#access_token=ACCESS_TOKEN&token_type=bearer&state=STATE always returns "Account field to link" error
A Way to Reproduce:
I created a new project in Actions on Google Console
I built an application using Dialogflow
I created a Heroku Web Server as my webhook (ex: webhook.herokuapp.com)
So everything worked just fine. I've successfully connected my Google Assistant app with my webhook.
But then I decided to send requests to my another one Heroku Web Server (ex: webserver.herokuapp.com) which needs a user to be logged in. So I decided to implement account linking of my Google Assistant app with webserver.herokuapp.com
I implemented Google-OAuth2 authorization at webserver.herokuapp.com. Also I want to mention that I used Client ID and Client Secret of my Google Assistant App
So, Google Authorization worked perfectly at my webserver.herokuapp.com
Then I enabled account linking settings for my Google Assistant app with Implicit Flow
So, that's it!
Epilogue
I open Google Assistant, tell it "Talk to my test app", then it greets me and offers me to link accounts. I say "yes".
Then I see how Google Assistant requests my login URL at webserver.herokuapp.com. Then I enter my Google email and password. As a result I logged in at my webserver! Then my webserver makes a redirection to:
https://oauth-redirect.googleusercontent.com/r/my-google-assistant-app#access_token=ACCESS_TOKEN&token_type=bearer&state=STATE
And I get the error I've described at the top of my post.
Any help would be appreciated
UPDATE with parameter information
These are my constants:
Google Assistant Project_ID = nodejs-sdk-local-test
Google Assistant Client_ID = 1067979601708-ldr3ga115es3fdo823slfnj46gjoes66.apps.googleusercontent.com
state = manually_set_state_value
The flow is I open my Google Assistant and say "Ok Google, talk to my test app", it answers my request and then I say something like "do some action which need authorization". Google Assistant app offers me to link an account and I say "Yes".
This is where Google Assistant app makes a call to my https://webserver.herokuapp.com/google-oauth2 endpoint. A purpose of this endpoint is to redirect me to the Google Login Page.
Now I'm being redirected to the Google Login Page (everything seems to be correct. client_id and state parameters are similar to the constants). This is the example of an URL where I am being redirected to: https://accounts.google.com/o/oauth2/auth?client_id=1067979601708-ldr3ga115es3fdo823slfnj46gjoes66.apps.googleusercontent.com&redirect_uri=http://webserver.herokuapp.com/complete/google-oauth2/&state=manually_set_state_value&response_type=code&scope=openid+email+profile
At the Google Login Page I enter my credentials and then I'm being redirected to the redirect_uri=http://webserver.herokuapp.com/complete/google-oauth2 endpoint. A purpose of this endpoint is to register or login me at webserver.herokuapp.com and then redirect me to another Google URL. An example of the Google URL: https://oauth-redirect.googleusercontent.com/r/nodejs-sdk-local-test#access_token=<token_omitted>&token_type=bearer&state=manually_set_state_value
So it seems that everything is correct. I logged in to my webserver.herokuapp.com, got an access token. Also project_id and state parameter in the last Google URL are similar to constants. Anyway, this Google URL returns me an error "Accounts failed to link"!
The most common cause of this is that you're not passing back the same value for state that was sent to you when Google redirected to your site. Make sure this is the same value and, for your security, make sure you validate the other parameters that are sent to you as well.
When the user is redirected to https://webserver.herokuapp.com/google-oauth2, there should be some parameters sent as part of the query. Those parameters include a state parameter. It should look something like this:
https://myservice.example.com/auth?client_id=GOOGLE_CLIENT_ID&redirect_uri=REDIRECT_URI&state=STATE_STRING&response_type=token
Note that while the client_id and redirect_uri are values that you should expect and test for, the state value is not one that you would have set. Google generates a different one every time. This is the state that you should be using later when you redirect to
https://oauth-redirect.googleusercontent.com/r/nodejs-sdk-local-test#access_token=<token_omitted>&token_type=bearer&state=STATE_STRING
Good morning I am using internal mulesoft Access Management APIs API Reference. I have successfully setup my postman to get the security token after login, and even executed successfully the /api/users/me. However, regardless of the access provided to the connection/login user, i can't get the full list of users (/api/users), receiving a Not authorized error. Let me explain the context. We are running on a federated platform, so we can't manage the users registration from the console, but need to wait until they login through SSO the first time to grant access to the correspondent business group and role. There is a complain as the users need to send the admin a note letting know of their successful first login, and afterwards wait to receive the access to the business group. After they login for the first time, their profiles are created in the root org. You can see them only when you are in the master organization. However, you can't get their new user id when you request a list of users of this master organization (/api/organizations/{orgId}/users). We are looking to execute this /api/users in a batch app that runs periodically and do a cross verification to get the users not associated to any orgid or role. This way we can avoid the requirement of the user sending a note to the admin. When I execute the /accounts/api/users, (API Call), we receive a 401 Unauthorized response, despite the token is correct as it is working fine with the others APIs. there is no mention of any other parameter or requirement in the API reference.
Please advise what can be done to solve this authorization error and complete our app. Thank you in advance.
Had the same issue but figured it out.
Instead of calling /api/users, you should be calling
https://anypoint.mulesoft.com/accounts/api/organizations/{orgId}/members
to get a list of users
I want to know how to use photobucket api. I successfully created a login in photobucket.
I am following the guidelines given http://api-portal.anypoint.mulesoft.com/photobucket/api/photobucket-api/docs/getting-started
The first step i am failing is that http://developer.photobucket.com is redirecting to different page.
As it is written
Go to the Photobucket developer web site at developer.photobucket.com, agree to the terms of service, sign up, and get the API key.
I am not able to open developer.photobucket.com.
I also see a redirect from developer.photobucket.com to photobucket.com. It seems that they incorrectly configured the redirect. The information about using Photobucket API required link was found in the support section:
Our engineers are working on a new API, with lots of changes, however,
this won't be available to users for a couple more months. Here is the
documentation on the current API.
If you'd rather not wait for this updated API, and would like the
current iteration now, please send an email to our API request email
address with the following information:
Your Photobucket username (This is the username for the account that
you have already created on Photobucket): Your application name
(whatever you would like): Do you require the key for commercial or
non-commercial purposes:
All three of these answers are required!
Send the API request to: pbdl-api#photobucket.com
The subject for the email should be: API Request