how to specify open id realm in openid4java 0.9.5 - authentication

my url # development : http://192.168.0.1:8888/com.company.MyEntryPoint/MyEntrypoint.html
my url # live env : http://www.example.com/com.company.MyEntryPoint/MyEntrypoint.html
I need users to authenticate using open id,
this is how i want my realm to be:
*.company.MyEntryPoint
I wrote a simple code to specify realm:
AuthRequest authReq =
manager.authenticate(
discovered,
returnToUrl,
"*.company.MyEntryPoint"
);
it does not work.
Exception:
org.openid4java.message.MessageException: 0x301: Realm verification failed (2) for: *.company.MyEntryPoint
at org.openid4java.message.AuthRequest.validate(AuthRequest.java:354)
at org.openid4java.message.AuthRequest.createAuthRequest(AuthRequest.java:101)
at org.openid4java.consumer.ConsumerManager.authenticate(ConsumerManager.java:1073)
Of all the combinations I tried, curiously, the following worked:
AuthRequest authReq =
manager.authenticate(
discovered,
returnToUrl,
"http://localhost:8888/com.capgent.MyEntryPoint"
);
This does not solves my issue but rather complicates it :)
According to google and open id spec it should have worked
complete code snippet:
List discoveries = manager.discover(clientUrl);
DiscoveryInformation discovered = manager.associate(discoveries);
AuthRequest authReq = manager.authenticate(discovered, returnToUrl,"*.company.MyEntryPoint");
FetchRequest fetch = FetchRequest.createFetchRequest();
fetch.addAttribute("email", "http://schema.openid.net/contact/email", true);
fetch.addAttribute("country", "http://axschema.org/contact/country/home", true);
fetch.addAttribute("firstname", "http://axschema.org/namePerson/first", true);
fetch.addAttribute("lastname", "http://axschema.org/namePerson/last", true);
fetch.addAttribute("language", "http://axschema.org/pref/language", true);
authReq.addExtension(fetch);
String returnStr;
if (!discovered.isVersion2())
{
returnStr = authReq.getDestinationUrl(true);
}
else
{
returnStr = authReq.getDestinationUrl(false);
}
What am I doing wrong over here ?

returnStr = authReq.getDestinationUrl(false); => returnStr = authReq.getDestinationUrl(true);

Related

Kreait : verifySessionCookie() not found

I try to verify a session cookie from the $sessionCookieString = $auth->createSessionCookie($idToken, $oneWeek); which work normally.
But report say that the function is not found.
"Call to undefined method Kreait\Firebase\Auth::verifySessionCookie()"
Didn't understand why.
i have the latest version install.
--- Portion of code below ---
use Kreait\Firebase\Factory;
use Kreait\Firebase\Contract\Auth;
use Kreait\Firebase\Auth\UserQuery;
use Google\Cloud\Firestore\FirestoreClient;
use Kreait\Firebase\Auth\CreateSessionCookie\FailedToCreateSessionCookie;
public function doLogin() {
$factory = (new Factory)->withServiceAccount($this->ekonysJson );
$auth = $factory->createAuth();
$this->auth = $auth;
//print_r($auth);
$signInResult = $auth->signInWithEmailAndPassword("email#dot", "password");
$idToken = $signInResult->idToken();
`print_r($signInResult->refreshToken());`
$oneWeek = new \DateInterval('P7D');
$sessionCookieString = $auth->createSessionCookie($idToken, $oneWeek);
$verifiedSessionCookie = $auth->verifySessionCookie($sessionCookieString)
}
refer to doc https://firebase-php.readthedocs.io/en/stable/authentication.html#session-cookies
if you have any idea.... thanks
Solution for this problem

Zoho Creator API Integration Basic Authorization postUrl()

Here is my code and I am getting Internal Error for postural() call. By the way, one more thing I want to know how we can use verify_peer to 0(zero) for not using SSL things. What is wrong with my code?
void SendSMS(SMS SMSObject)
{
//CONFIGURATION
URL = "https://example.com/send_ack.php";
wbLogin = "wbLogin";
wbPwd = "wbPwd";
wbAccount = "wbAccount";
label = "label";
applicationName = "ADR SMS v1.0";
//BASE64 ENCODING
Base64Encoded = zoho.encryption.base64Encode("httpLogin:httpPwd");
AuthorizationBasic = "Authorization: Basic " + Base64Encoded;
//HEADER
HeaderMap = Map();
HeaderMap.put("content-type", "application/x-www-form-urlencoded");
HeaderMap.put("Authorization", AuthorizationBasic);
//REQUEST
RequestMap = Map();
RequestMap.put("compte", wbAccount);
RequestMap.put("op", 1);
RequestMap.put("type", 0);
RequestMap.put("dt", zoho.currentdate.getDay());
RequestMap.put("hr", zoho.currenttime.getHour());
RequestMap.put("mn", zoho.currenttime.getMinutes());
RequestMap.put("label", label);
RequestMap.put("dest_num", "phone_number");
RequestMap.put("msg", "ZC Testing");
RequestMap.put("ref", "ZC");
//CALL POSTURL
Result = postUrl(URL, RequestMap, HeaderMap, false);
//DEBUG
info Result;
}
Use Zoho Creator API for this purpose.

Pentaho - upload file using API

I need to upload a file using an API.
I tried REST CLIENT and didn't find any options.
Tried with HTTP POST and that responded with 415.
Please suggest how to accomplish this
Error 415 is “Unsupported media type”.
You may need to change the media type of the request or check whether that type of file us accepted by the remote server.
https://en.m.wikipedia.org/wiki/List_of_HTTP_status_codes
This solution uses only standard classes of jre 7. Add a step Modified Java Script Value in your transformation. You will have to add two columns in the flow: URL_FORM_POST_MULTIPART_COLUMN and FILE_URL_COLUMN, you can add as many files as you want, you will just have to call outputStreamToRequestBody.write more times.
try
{
//in this step you will need to add two columns from the previous flow -> URL_FORM_POST_MULTIPART_COLUMN, FILE_URL_COLUMN
var serverUrl = new java.net.URL(URL_FORM_POST_MULTIPART_COLUMN);
var boundaryString = "999aaa000zzz09za";
var openBoundary = java.lang.String.format("\n\n--%s\nContent-Disposition: form-data\nContent-Type: text/xml\n\n" , boundaryString);
var closeBoundary = java.lang.String.format("\n\n--%s--\n", boundaryString);
// var netIPSocketAddress = java.net.InetSocketAddress("127.0.0.1", 8888);
// var proxy = java.net.Proxy(java.net.Proxy.Type.HTTP , netIPSocketAddress);
// var urlConnection = serverUrl.openConnection(proxy);
var urlConnection = serverUrl.openConnection();
urlConnection.setDoOutput(true); // Indicate that we want to write to the HTTP request body
urlConnection.setRequestMethod("POST");
//urlConnection.addRequestProperty("Authorization", "Basic " + Authorization);
urlConnection.addRequestProperty("Content-Type", "multipart/form-data; boundary=" + boundaryString);
var outputStreamToRequestBody = urlConnection.getOutputStream();
outputStreamToRequestBody.write(openBoundary.getBytes(java.nio.charset.StandardCharsets.UTF_8));
outputStreamToRequestBody.write(java.nio.file.Files.readAllBytes(java.nio.file.Paths.get(FILE_URL_COLUMN)));
outputStreamToRequestBody.write(closeBoundary.getBytes(java.nio.charset.StandardCharsets.UTF_8));
outputStreamToRequestBody.flush();
var httpResponseReader = new java.io.BufferedReader(new java.io.InputStreamReader(urlConnection.getInputStream()));
var lineRead = "";
var finalText = "";
while((lineRead = httpResponseReader.readLine()) != null) {
finalText += lineRead;
}
var status = urlConnection.getResponseCode();
var result = finalText;
var time = new Date();
}
catch(e)
{
Alert(e);
}
I solved this by using the solution from http://www.dietz-solutions.com/2017/06/pentaho-data-integration-multi-part.html
Thanks Ben.
He's written a Java class for Multi-part Form submission. I extendd by adding a header for Authorization...

Twilio Programmable Voice isn't working

When i try to pass param from my application using [TwilioVoice Call] method i am not able to get those param on twiML application. but when i try to pass same data from POSTMAN with FormData its working fine and also successfully able to create call.
Would you please help me how can i use param passed from my iOS application into twiML
TwiML Application in PHP :
<?php
/*
* Makes a call to the specified client using the Twilio REST API.
*/
include('./vendor/autoload.php');
include('./config.php');
$to = isset($_GET["to"]) ? $_GET["to"] : "";
if (!isset($to) || empty($to)) {
$to = isset($POST["to"]) ? $_POST["to"] : "";
}
$from = isset($_GET["from"]) ? $_GET["from"] : "";
if (!isset($from) || empty($from)) {
$from = isset($POST["from"]) ? $_POST["from"] : "";
}
use Twilio\Twiml;
$response = new Twiml();
$dial = $response->dial(['callerId' => $from]);
$dial->client($to);
echo $response;
iOS Objective-C :
self.call = [TwilioVoice call:[self fetchAccessToken]
params:#{#"to": #"1",#"from":#"2"}
uuid:uuid
delegate:self];
Twilio Error Log when i try to pass param from iOS
Warning - 13224 Dial: Twilio does not support calling this number or the number is invalid
Reference TwiML Application Code
https://github.com/twilio/voice-quickstart-server-php
Twilio developer evangelist here.
The 12100 error comes from Twilio not being able to parse the TwiML returned from your server. In this case, it is because your PHP is not returning TwiML, it's trying to make a call using the REST API.
It should return a <Dial> with a nested <Client>. You can build this up using the helper library too. Try changing your code to this:
<?php
include('./vendor/autoload.php');
include('./config.php');
$to = isset($_REQUEST["To"]) ? $_REQUEST["To"] : "";
$to = str_replace("client:", "", $to);
$from = isset($_REQUEST["From"]) ? $_REQUEST["From"] : "";
use Twilio\Twiml;
$response = new Twiml();
$dial = $response->dial(['callerId' => $from]);
$dial->client($to);
echo $response;
Let me know if that helps.
Step 1. In the name you have to pass name of the user(any thing you want)
Step 2. You need to generate token using 3 parameters
Step 3. You need to create object of VoiceGrant
Step 4. You need to pass Id
Step 5. You need to set PUSH notification Id generate from twilio
$name = $this->input->post('name');
//$PUSH_CREDENTIAL_SID = 'CRaf1a66dd4a7656876e16c7820ef5c01e';
$outgoingApplicationSid = 'APf9b1b789ba690b8789d95a42511f2018';
// choose a random username for the connecting user
$identity = $name;
// Create access token, which we will serialize and send to the client
$token = new AccessToken(
$this->twilioAccountSid,
$this->twilioApiKey,
$this->twilioApiSecret,
3600,
$identity
);
// $chatGrant = new ChatGrant( $pushCredentialSid= "CRaf1a66dd4a7656876e16c7820ef5c01e");
//
// print_r($chatGrant);die;
// Create Chat grant
// $voiceGrant = new VoiceGrant($serviceSid = 'IS840a7e5f64634ab6bf179c3f8b0adfc4',$pushCredentialSid = 'CRaf1a66dd4a7656876e16c7820ef5c01e');
$voiceGrant = new VoiceGrant();
$voiceGrant->setOutgoingApplicationSid($outgoingApplicationSid);
// Optional: add to allow incoming calls
$voiceGrant->setIncomingAllow(true);
$voiceGrant->setPushCredentialSid('CRaf1a66dd4a7656876e16c7820ef5c01e');
// Add grant to token
$token->addGrant($voiceGrant);
// render token to string
$voice_token = $token->toJWT();
if($voice_token){
$data['token'] = $voice_token;
$this->response = array('status'=>1,'data'=>$data);
}else{
$this->response = array('status'=>0,'message'=>'Not found');
}

jmeter testcases which can handle captcha?

We are trying to build a jmeter testcase which does the following:
login to a system
obtain some information and check whether correct.
Where we are facing issues is because there is a captcha while logging into the system. What we had planned to do was to download the captcha link and display, and wait for user to type in the value. Once done, everything goes as usual.
We couldnt find any plugin that can do the same? Other than writing our own plugin, is there any option here?
I was able to solve it myself. The solution is as follows:
Create a JSR223 PostProcessor (using Groovy)
more practical CAPTCHA example with JSESSIONID handling and proxy setting
using image.flush() to prevent stale CAPTCHA image in dialog box
JSR223 Parameters for proxy connection setting:
Parameters: proxy 10.0.0.1 8080
In it, the following code displays the captcha and waits for user input
import java.awt.Image;
import java.awt.Toolkit;
import javax.swing.Icon;
import javax.swing.JOptionPane;
import org.apache.jmeter.threads.JMeterContextService;
import org.apache.jmeter.threads.JMeterContext;
import org.apache.jmeter.protocol.http.control.CookieManager;
import org.apache.jmeter.protocol.http.control.Cookie;
URL urlTemp ;
urlTemp = new URL( "https://your.domainname.com/endpoint/CAPTCHACode");
HttpURLConnection myGetContent = null;
if(args[0]=="proxy" ){
Proxy proxy = new Proxy(Proxy.Type.HTTP, new InetSocketAddress(args[1], Integer.parseInt(args[2])));
myGetContent = (HttpURLConnection) urlTemp.openConnection(proxy);
}else{
myGetContent = (HttpURLConnection) urlTemp.openConnection();
}
// false for http GET
myGetContent.setDoOutput(false);
myGetContent.connect();
int status = myGetContent.getResponseCode();
log.info("HTTP Status Code: "+Integer.toString(status));
if (status == HttpURLConnection.HTTP_OK) {
//We have 2 Set-Cookie headers in response message but 1 Set-Cookie entry in Map
String[] parts2;
for (Map.Entry<String, List<String>> entries : myGetContent.getHeaderFields().entrySet()) {
if( entries.getKey() == "Set-Cookie" ){
for (String value : entries.getValue()) {
if ( value.contains("JSESSIONID") == true ){
String[] parts = value.split(";",2);
log.info("Response header: "+ entries.getKey() + " - " + parts[0] );
JMeterContext context = JMeterContextService.getContext();
CookieManager manager = context.getCurrentSampler().getCookieManager();
parts2 = parts[0].split("=",2)
Cookie cookie = new Cookie("JSESSIONID",parts2[1],"your.domainname.com","/endpoint",true,0, true, true, 0);
manager.add(cookie);
log.info( cookie.toString() );
log.info("CookieCount "+ manager.getCookieCount().toString() );
}
}
}
}//end of outer for loop
if ( parts2.find() == null ) {
throw new Exception("The Response Header not contain Set-Cookie:JSESSIONID= .");
}
}else{
throw new Exception("The Http Status Code was ${status} , not expected 200 OK.");
}
BufferedInputStream bins = new BufferedInputStream(myGetContent.getInputStream());
String destFile = "number.png";
File f = new File(destFile);
if(f.exists() ) {
boolean fileDeleted = f.delete();
log.info("delete file ... ");
log.info(String.valueOf(fileDeleted));
}
FileOutputStream fout =new FileOutputStream(destFile);
int m = 0;
byte[] bytesIn = new byte[1024];
while ((m = bins.read(bytesIn)) != -1) {
fout.write(bytesIn, 0, m);
}
fout.close();
bins.close();
log.info("File " +destFile +" downloaded successfully");
Image image = Toolkit.getDefaultToolkit().getImage(destFile);
image.flush(); // release the prior cache of Captcha image
Icon icon = new javax.swing.ImageIcon(image);
JOptionPane pane = new JOptionPane("Enter Captcha", 0, 0, null);
String captcha = pane.showInputDialog(null, "Captcha", "Captcha", 0, icon, null, null);
captcha = captcha.trim();
captcha = captcha.replaceAll("\r\n", "");
log.info(captcha);
vars.put("captcha", captcha);
myGetContent.disconnect();
By vars.put method we can use the captcha variable in any way we want. Thank you everyone who tried to help.
Since CAPTHA used to detect non-humans, JMeter will always fail it.
You have to make a workaround in your software: either disable captcha requesting or print somewhere on page correct captcha. Of course, only for JMeter tests.
Dirty workaround? Print the captcha value in alt image for the tests. And then you can retrieve the value and go on.