I am not able to get Worklight logout working.
The logout button:
<input type="button" value="Logout2" onclick="WL.Client.logout('AuthRealm',{onSuccess: WL.Client.reloadApp})" />
When click to it I get:
onLogoutSuccess: realm: AuthRealm is undefined
But the realm is defined well and logout function of this realm is called after click. I investigated Worklight sources and found out that the problem is in:
onLogoutSuccess(transport=klass { request=klass, transport=XMLHttpRequest, readyState=4, more...})wlclient.js (line 1298)
So the error is thrown from:
if (typeof userInfo[realm] === "undefined") {
WL.Logger.error('onLogoutSuccess: realm: ' + realm + ' is undefined');
return;
}
Where should I set up userInfo? Or why is this error thrown? I didn't find any info in example sources.
I was able to reproduce only when my device had not yet connected to the Worklight server in any way (has not yet logged into the realm, initOnStartup=false, no adapter calls, etc)
It appears that if the client has not yet communicated with the Worklight server, it knows nothing about the realm and so it throws an error when trying to log out of the realm. Try either adding a check to see if the user has logged into the realm or making sure that the user has connected to the Worklight server before they are able to log out.
Even if they haven't yet logged into the realm, the device will know about the realm if it has connected to the server at least once.
Related
I am trying to use Mongo Realm (v10.0.0-beta.9) ; I use a JWT authentication (token being generated by AWS Cognito). It works pretty well since a user has been created (in Mongo Realms Users menu) and I was able to insert a data in my realm. But...
1. Empty user object
One strange thing nevertheless: the user I get from the authentication is empty
const credentials = Realm.Credentials.custom(jwt)
// Authenticate the user
const user: Realm.User = await app.logIn(credentials)
console.log("logged in with Jwt, user:", user) // display "logged in with Jwt, user: {}"
Is it normal? Examples speak about a identity field: console.log(`Logged in as ${newUser.identity}`);
2. React Native hot reload
A bothering thing: I can't reconnect to a realm when reloading the app (pressing r in the console where I npm started). I don't get any error, I just get... nothing. No log appears in Realm console.
The only solution I get is to kill the app, then restart it.
Did I miss a trick to handle that reconnection with RN hot relad?
I've had some troubles converting any Realm objects to printable strings; I always get {} just like you do. I think it could be related to this (unresolved) task on their GitHub.
On a similar note, there are some bugs in Realm's authentication system. I'm trying to get email/password, Facebook, and Google authentication going in my application but all of them currently seem to be broken on Realm's side.
Here are some related issues on their GitHub that you can follow for a solution.
Facebook
Google
Email/pass (fixed, but not released in the latest beta)
I don't have any information about JWT specifically but given these other authentication issues there's a good chance the issue isn't on your side. I recommend opening an Issue on their repository.
As per my requirement, I am using WL.APP.setServerURL before every login request WLAuthorizationManager.loginof mobilefirst.
When I do first an valid/Invalid login attempt it works fine. As on next attempt I do WL.App.setServerURL, and then WLAuthorizationManager.login (login request) OR WLAuthorizationManager.obtainAccessToken (obtain access token request) don't respond anything. No success and no fail. Although non-secure adapter method works fine.
If I do WL.APP.setServerURL only once on application startup, everything works fine but in between call cause application failure.
let url = ... //fetcht url from adapter call
WL.App.setServerUrl(url, function (sucess) {
WLAuthorizationManager.login(securityCheckName, loginParam).then((data) => {
.... //After login code
}, (response) => {
//Login fail code
});
}, function (error) {
});
Flow :-
I call above code on click of login button.I call a method to get server url from adapter first then I set that url as server url.
When I do an invalid attempt of login it works find for first time, and on next call MFP login, it doesn't respond. Not success nor fail in application.
I am getting error in native logs android.
Android Error logs :-
E/SecurityCheckChallengeHandler(30199): SecurityCheckChallengeHandler.submitChallengeAnswer in SecurityCheckChallengeHandler.java:51 :: submitAnswer has been called for unknown request
.
MobileFirst server version :- 8.0.0.00-20170911-123510
MobileFirst Cordova(plugin) version :- 8.0.2017102403
The WL.App.setServerUrl API is meant to be used sparingly whenever the app needs to connect to a server other than the one defined in mfpclient.properties. If you want to keep the server URL constant, you should just put it up in the mfpclient.properties.
Having said that, the behaviour you mention is not expected - can you update your question with a code snippet of your app performing login & setServerUrl
fellow stackoverflowians,
I'm working on a personal project to develop an iOS based chat app that uses Quickblox for its chat functionality.
Just recently we started getting the following error when trying to establish a connection to the Quickblox server and register or sign in a user.
TestApp[3975:76577] -[QBChat loginWithUser:] -> Connecting to Chat, hostName:chat.quickblox.com
TestApp[3975:76577] -[QBChat loginWithUser:] -> Chat server endpoint: chat.quickblox.com, User
Error Domain=GCDAsyncSocketErrorDomain Code=7 "Socket closed by remote peer" UserInfo={NSLocalizedDescription=Socket closed by remote peer}
Sometimes our app is able to log in.. and sometimes it just completely fails all of the time. We cannot figure out if it's the Quickblox server that's having issues or if there's a fix in our code that needs to be added.
Can someone out there please shed some light? We are about to release our app and this is a MAJOR hurdle preventing us from doing so. We cannot get anyone from Quickblox to respond to our ticket. We are an Advanced user (not Pro) and therefore our ticket hasn't been looked at.
Please see the below given code which we use for Quickblox registration and Quickblox sign in. See my inline comments also.
[self CallQBRegister:^{
// I am checking whether the user is already registered or not.
NSLog(#"Successfully registered..");
}
// If already registered then the execution block will come to error block.
// there I am attempting to use Quickblox sign in process.
errorBlock:^{
NSLog(#"Already Registered, Active State is not Changed. Call QB Sign in");
[self callQBSignIn:^{
NSLog(#"QB Login success");
}
errorBlock:^{
NSLog(#"QB Login Failure");
}];
}];
}
After that I am also checking if connection fails I am trying to reconnect with QBChat.
- (void)chatDidFailWithError:(NSInteger)code{
// re login here
[[QBChat instance] loginWithUser:self.currentUser];
}
When ever I am getting this error this code snippet will execute. The code which I am getting here it belongs to an error type, which I have defined in my code. The error what I am getting is "QBChatServiceErrorConnectionRefused".
can anyone help?
Quickblox.. are you listening?
We have successfully configured a MobileFirst 7.0 server for testing and production environment, and deploy an application on it. But after several real devices installing the App (both iOS and Android), we CAN NOT see any devices in the worklightconsole.
No device registered in this runtime.
So how can these devices which havd already installed the app be recognized and displayed in the worklightconsole device tab.
See here: http://engtest01w.francelab.fr.ibm.com:9090/support/knowledgecenter/SSHS8R_7.1.0/com.ibm.worklight.dev.doc/devref/c_the_application_descriptor.html
userIdentityRealms
A comma-separated ordered list of user identity realms for OAuth
authentication. The realms should be ordered by preference. The first
successfully authenticated realm in this list is selected as the user
identity realm. If the list is empty, or no realm in the list was
authenticated, the ID token contains no identity information. This
element is optional and the default value is an empty list.
<userIdentityRealms>WASLTPARealm,
CustomAuthenticatorRealm</userIdentityRealms>
Note: This attribute is
used to set user identity in the OAuth-based flows. For the classic
(pre-V7.0) flows, see the documentation for the customSecurityTest
security test.
You'll need to provide your realm name in the application-descriptor.xml file in order for the app to be listed in the Devices tab.
This was caused by losing connecting with the MF server.
Simple checking the connection by use the following code:
function wlCommonInit(){
WL.Client.connect({
onSuccess: onConnectSuccess,
onFailure: onConnectFailure
});
}
function onConnectSuccess() {
WL.Logger.debug ("Connecting to MobileFirst Server.");
}
function onConnectFailure(data){
WL.SimpleDialog.show("CAN NOT Connecting to MobileFirst Server", "try it again",
[{
text : 'Reload',
handler : WL.Client.reloadApp
},
{
text: 'Close',
handler : function() {}
}]);
}
While debugging, we observe following behavior:
1) When trying to get encryption key from server then error on both (iOS or Android) platform
response [https://xxxx.xxxx.com:443/worklight/apps/services/random]
success: Exception thrown by application class
'com.ibm.ws.webcontainer.session.impl.HttpSessionContextImpl.checkSecurity():685'
SESN0008E: A user authenticated as anonymous has
attempted to access a session owned by user:NewRealm/CN=test
user,OU=Temporary Users,OU=Acc,DC=xxxx,DC=com.
2) When trying to read a stored value error on android is [Logcat]
Android Message: Uncaught 9 at
file:///data/data/com.xxxx.xxxxapp/files/www/default/wlclient/js/encryptedcache.js:63
Where try to call WL.EncryptedCache.read
Worklight version used is 5.0.5 Consumer Edition (with Oracle 11i) on
Windows 2008 R2
WebSphere Liberty profile
Worklight server is sitting behind IBM Datapower XI52. All SSL calls to the server are going via DP.
Authenticator - WebSphereFormBasedAuthenticator & LoginModule - WASLTPAModule
The following is not really an answer, since I'm not familiar with authentication (LTPA, FormBasedAuth, Data Power, etc.)... just a couple of comments that could help you debug/isolate the issue.
Looks like a problem with authentication:
A user authenticated as anonymous has attempted to access a session
owned by user:NewRealm/CN=test user,OU=Temporary
Users,OU=Acc,DC=xxxx,DC=com.
Not with the Encrypted Offline Cache (EOC).
EOC will try to get a random token calling the following function:
WL.EncryptedCache.secureRandom(function (data) {
console.log(data);
});
It should output something like this:
response [/apps/services/random] success: 9053bdcfd902aac3dfb59a9874c9cf55223b7d17
9053bdcfd902aac3dfb59a9874c9cf55223b7d17
You can view the functions source code typing the following in a JS console:
WL.EncryptedCache.secureRandom
If you're using Google Chrome developer tools there's a checkbox for Log XMLHttpRequests when you click on the gear icon > General > Console.
You can also try to request the URL directly. Assuming the host is localhost, port is 10080 and project name is wlproj:
http://localhost:10080/wlproj/apps/services/random
9053bdcfd902aac3dfb59a9874c9cf55223b7d17
You can view HTTP traffic with Wireshark or Charles Proxy.
I imagine this will fix the EOC issue for you, if you don't mind generating the random token locally (less security, AFAIK):
WL.EncryptedCache.secureRandom = function(callback){callback(Math.random()+"")}
For example:
Notice it never goes to the server, everything is done locally.
A user authenticated as anonymous has attempted to access a session owned by user:NewRealm/CN=test user,OU=Temporary Users,OU=Acc,DC=xxxx,DC=com.
This usually means that there is a conflict with the session sent by the user (the session cookie) belongs to a user (in this case), but the LTPA token sent as a cookie was not sent or was not valid. There could be a few causes of this. This best way is to do a trace between datapower and the worklight server to make sure an LTPA token is even being sent to the worklight server. If it is, verify all of the LTPA requirements are met (synchronized time, same private key on both machines).