What is the permission required to upload an asset to a release via a github app? (no OAuth)
I need to POST to url like https://{{git_url}}/api/uploads/repos/{{owner}}/{{repo}}/releases/{{releaseNumber}}/assets?name={{assetName}}
In the permission page there is no POST to /repos/:owner/:repo/releases/:release_id/assets
Im on GitHub Enterprise 2.22.17.
Currently I am getting
502 Bad Gateway {
message: 'Error uploading to https://media.{{git_url}}/releases/{{releaseNumber}}/files: 404',
request_id: '******'
}
Unclear to me as well. I do get this error from a GitHub Actions step trying to deploy something to GitHub Releases, until I created a custom Personal Access Token that has full repo permissions, and nothing else selected:
I haven't yet tried deselecting any of those to get the smallest set required.
GitHub Enterprise 3.0.13 here.
Related
I am trying to sign up the users using Azure B2C(by doing this I am using MSAL with Angular),
by mail confirmation, captcha v2(google) and MFA.
For the first attempt I used just a normal sign up with the email and afterwards with MFA and had no issues creating the users.
Than I added captcha and in my sign-up, meaning that I needed to use a custom page.
To add captcha feature I used the following process from this link Link - Create Captcha with Azure B2C (regarding one step that is described in the article, the azure function was created in the portal, because locally I had some issues)
In my sign up page where you add the email address and all the claims of the user, after adding all the claims and checked the captcha feature, than press for create, appears the following message:
errorCode: "AADB2C90261" message: "The claims exchange
'PreUserWriteRestful' specified in step '1' returned HTTP error
response that could not be parsed." status: "400"
AADB2C90261 -Taken from Microsoft page - Error Code - The claims exchange '{0}' specified in step '{1}' returned HTTP error response that could not be parsed.
Also the MFA feature doesn't appear. What can be ? that I missed to do ? Or what it represents ?
Tested without MFA and the same issue persists
Did anybody that is using Azure B2C added captcha ?
Thank you.
I tried to reproduce the same in my environment and got below results:
Initially I deployed Azure Function via Portal and left index.js file as default like below:
I configured one API connector named Verify Captcha by adding above function URL in endpoint like below:
Now I added this API connector to my user flow like below:
When I ran the user flow by entering required details in Sign up page and checked the captcha feature, I got the same error as below:
To resolve the error, I tried deploying 2 Http Trigger Functions locally:
HttpTrigger1 - modified index.js file with this GitHub code
and installed required modules like below:
HttpTrigger2 - left index.js file with default code like below:
By updating properties in local.settings.json file, I deployed these functions to Azure:
{
"IsEncrypted": false,
"Values": {
"AzureWebJobsStorage": "",
"FUNCTIONS_WORKER_RUNTIME": "node",
"BASIC_AUTH_USERNAME": "xxxxx",
"BASIC_AUTH_PASSWORD": "xxxxx",
"CAPTCHA_SECRET_KEY": "6LfoQ9oxxxxx21BEE23-kPQkv6QIQt8",
"B2C_EXTENSIONS_APP_ID": "dcxxx0b0-d5xf-42x-b1a4-97xxx689x1"
}
}
Response:
When I checked in Azure Portal, functions are updated successfully like below:
I configured another API connector named Verify Captcha server side by adding above function URL in endpoint like below:
Now I updated API connector with above in my user flow like below:
I ran the user flow by entering required details in Sign up page and checked the captcha feature like below:
When I selected Create account, I got response like below:
It may take some time to complete the captcha like below:
When I tried the same with default index.js like HttpTrigger2, I'm getting same error as you. So, make sure to replace code in your index.js file with this GitHub code.
You can try the same in your environment locally to resolve the issue.
I'm following the instructions for setting up a Blazor Web Assembly hosted using Azure AD B2C located here: https://learn.microsoft.com/en-us/aspnet/core/blazor/security/webassembly/hosted-with-azure-active-directory-b2c?view=aspnetcore-5.0
When the login is clicked a message appears stating 'There was an error trying to log you in: 'Error: could not resolve endpoints. Please check network and try again. Detail: TypeError: NetworkError when attempting to fetch resource.'
In the debug window the message is displayed: Microsoft .AspNetCore.Authorization.DefaultAuthorizationService[2] Authorization failed. These requirements were not met: DenyAnonymousAuthorizationRequirement: Requires an authenticated user.
In the Microsoft instructions for this error message the recommendation is in Azure for the app set the manifest setting of allowPublicClient to null or true. I set this attribute for both the server app and the client app to true but this did not make a difference.
I was able to follow the instructions in your link and make it work.
Some things to try for the client app registration:
'Authentication': For the 'Platform configurations' make sure you choose SPA and the redirect urls are correct
'Authentication': For 'Implicit grant' don't check 'Access tokens' and 'ID tokens'
'API permissions' make sure you added the server registration and clicked 'Grant admin consent'
In my case, this error was a false positive. I fixed my real problem by adding this code to the .csproj file in the Client project:
<ItemGroup>
<TrimmerRootAssembly Include="Microsoft.Authentication.WebAssembly.Msal" />
</ItemGroup>
I'm trying to publish app from Azure DevOps to appcenter.ms
I have code building and artifacts are being generated. However, step to upload the app to appcenter always fails with the same error:
2019-01-28T14:40:34.0252515Z ##[error]"<!DOCTYPE html>\n<html lang=\"en\">\n<head>\n<meta charset=\"utf-8\">\n<title>Error</title>\n</head>\n<body>\n<pre>Cannot POST //apps//company/appname//release_uploads</pre>\n</body>\n</html>\n"
http response code: 404
I have added a service connection under Azure DevOps:
Name: api
Server URL: https://api.appcenter.ms
API Token: XXXXX
I'm using App Center Distribute step to publish.
Under build config I got app slug set correctly. What API endpoint I should use?
You can use this endpoint. I've got this issue too and stuck up for days trying to find the right answer but no reference says they change the endpoint.
Server URL: https://api.mobile.azure.com/v0.1
Although the instructions currently suggest otherwise I had success in using the org style APP SLUG setting and it fixed my issue.
{user}/{appname} is the format that worked for me.
I'm developing an API using VS 2017, which I'm testing using Postman. I've been following this blog post Getting started with Windows Azure AD Authentication using Postman. I finally got it to give me an access token and a refresh token. About 3 quarters of the way through the post I came across this:
resource : https://management.core.windows.net
which has to be put into Postman (I'm using the Windows app version of Postman). I wasn't sure what that was for, so I left it off. I eventually got an access token and a refresh token, but when I when to get more info for all subscriptions, I got errors saying that I had specified a valid resource. So, I thought what I'd have to do was start over again, but re-authenticating and getting a code from Azure. I did so, and put that into Postman, as the blog post instructs. However, issuing this POST results in this error:
"error": "unauthorized_client",
"error_description": "AADSTS70002: Error validating credentials. AADSTS65005: Invalid resource. The client has requested access to a resource which is not listed in the requested permissions in the client's application registration. Client app ID: d37abf69-42ce-4571-b146-f3422e73f041. Resource value from request: https://management.core.windows.net. Resource app ID: 797f4846-ba00-4fd7-ba43-dac1f8f63013. List of valid resources from app registration: 00000002-0000-0000-c000-000000000000.\r\nTrace ID: 9f028899-6d03-409e-8db4-4e9905000300\r\nCorrelation ID: ec253a1b-9fdc-495f-9310-6b40a42e5d93\r\nTimestamp: 2018-11-19 22:20:02Z",
"error_codes": [
70002,
65005
]
I don't understand why nor what I could have done wrong. I've prespecified the resource as the tutorial instructed, so what have I done wrong?
Looking at the error message, it seems you could have missed adding relevant permissions for "Windows Azure Service Management API" to your app registration.
Steps:
Go to Azure Portal > Azure AD > App registrations > Your app (with app id: d37abf69-42ce-4571-b146-f3422e73f041)
Go to Settings > Required permissions > Add > Select "Windows Azure Service Management API"
Select the relevant permission under Delegated permissions section. Click on select and then "Done". You should get a notification in portal that successfully added permissions. You should see Windows Azure Service Management API listed under required permissions as well.
After these steps, continue as per the blog post you've mentioned with Postman steps to get the access token again.
I found myself in the same situation when i was trying to setup Postman. Its not as complicated as most blogs make seem. I created a tutorial to try to make the process easy.
http://hazelnest.com/blog/blog/2018/11/17/azure-postman-configuration/
https://youtu.be/2bfgeBKRxl4
Hope this helps.
I'm trying to authorize with chrome.identity.getAuthToken() to get token for Picasa web service. I couldn't find Picasa API in Google Developer Console and set its scope to "https://picasaweb.google.com/data/" oauth2 part of manifest.json. Picasa docs say that I can skip this step.
chrome.identity.getAuthToken({
interactive: true
}, function (token) {
if (chrome.runtime.lastError) {
console.error(chrome.runtime.lastError);
} else {
console.log(token);
}
});
getAuthToken() always ends with an error "OAuth2 request failed: Service responded with error: 'bad client id: {0}'". If no scopes are set, the error looks like "OAuth2 request failed". Where have I mistaken?
Steps I take to make it work
Go to Google Developers Console and create a new project.
Go to APIs & auth > Credentials in the panel to create new Client ID. The application ID of chrome app can be obtained from Chrome Developer Dashboard if you your app is uploaded.
Go to APIs & auth > Consent screen and fill in Email Address and Product Name and Save.
I didn't know step 3 was necessary.
It seems amazing but after 1 day has passed, everything is working :)
UPD: I've tried gdrive sample from chrome-app-samples repo and added scope for Picasa. After everything worked fine, I copied its key and oauth2 section to my app's manifest. Everything worked fine too. After this I deleted client_id for app in developer console and created it again. And after that everything was ok.
You need to register your application in Google Developer Console and obtain a client_id. See the 'Credentials' pane to configure your application.