How do I Enable devTokens on getstream.io? - getstream-io

on this page it says "To enable development tokens, you need to change your application configuration."
https://getstream.io/chat/docs/tokens_and_authentication/?language=js
to allow use of
await client.setUser(
{
id: 'john',
name: 'John Doe',
image: 'https://getstream.io/random_svg/?name=John',
},
client.devToken('john'),
);
I have changed the app type to 'development' in the getstream dashboard but I still get the following error:
Error: {"code":5,"StatusCode":401,"message":"WS failed with code 5 and reason - development tokens are not allowed for this application","isWSFailure":false}

You need to disable auth checks in the dashboard.
First one in the screenshot:

Related

Stripe Payment Link creates new customer

We have to use payment links as were coming from a native desktop app on MacOS and Windows, Stripe has no support here.
The native desktop apps do not have a web-view.
Using the following API with url params.
https://stripe.com/docs/payments/payment-links#url-parameters
const paymentLink = await stripe.paymentLinks.create({
line_items: [
{
price: price.id,
quantity: 3,
//
},
],
});
The url on the frontend opens as such (note to "client_reference_id")
final url = link + "?client_reference_id=$customerId&prefilled_email=${stripeCustomer!.email}";
The key url params are added.
The problem is, is that "client_reference_id" is ignored and a new customer is created on the Stripe dashboard, this is no good for making payments as we generate the payment for a specific account created on the database.
Any ideas what I could do here?
We tried checkout session but there is no way to open from a link. :-/
I found the answer to this question. So the generic payment link does not work with a customer id, however you can create a session and attach a customer id to it. The session object will return with a url.
Example:
const session = await stripe.checkout.sessions.create({
line_items: [{ price: price_id, quantity: 1 }],
mode: 'subscription',
success_url: 'https://app.seedscout.com',
cancel_url: 'https://app.seedscout.com',
customer: cus_id,
});
You can find more information in their documentation here.
https://stripe.com/docs/api/checkout/sessions/create
Important to note: Stripe has requirements for the format of customer_reference_id:
client_reference_id can be composed of alphanumeric characters,
dashes, or underscores, and be any value up to 200 characters. Invalid
values are silently dropped and your payment page will continue to
work as expected.
I was tearing my hair out trying to work out why client_reference_id wasn't being passed, and it looks like this was the issue – I was separating two values with a period.

Google Search Console API: How do I Solve "User does not have sufficient permission for site"? (When User Has Permissions)

I'm trying to use Google's Search Console API via their Node package, and my code looks like the following:
const auth = new GoogleAuth({
scopes: 'https://www.googleapis.com/auth/webmasters.readonly',
});
const webmasters = google.webmasters('v3');
const params = {
auth,
siteUrl: 'example.com',
resource: {
startDate: '2015-08-25',
endDate: '2015-08-25',
dimensions: ['query', 'page'],
rowLimit: 10,
},
aggregationType: 'byPage',
};
const res = await webmasters.searchanalytics.query(params);
console.log(res.data);
... except that in my version example.com has been replaced with my actual domain.
I'm invoking it at the command line with:
GOOGLE_APPLICATION_CREDENTIALS="/path/to/service_key.json" node index.js
I have a service account created, and the service key JSON file is from it. That service account has access to my Search Console account. When I look at https://search.google.com/search-console/users I see the service user there, and in the Permission column it has "Full".
Can anyone help me understand why I'm getting the following error when I run my code?
{
message: "User does not have sufficient permission for site 'http://example.com'. See also: https://support.google.com/webmasters/answer/2451999.",
domain: 'global',
reason: 'forbidden'
}
The URL mentioned, https://support.google.com/webmasters/answer/2451999, simply links me to the search console users page ... which (again) says the service user has full permissions.
After rooting in google forums and rest of internet I have figured out why it happen.
Need to copy Service account email, long weird format(example: whiskey-tango-foxtrot#certain-something-0123456.iam.gserviceaccount.com) from Google Cloud: https://console.cloud.google.com/apis/credentials to Search Console https://search.google.com/u/1/search-console/users, as a "Full site" user.
Make sure you have added that site(as from on Search Console) via your API or with this tool: https://developers.google.com/webmaster-tools/v1/sites/add
Then, when you perform "list_sites" request, your site should be listed ere and permission_level is "siteFullUser"(according to step 1)
When you add_site or perform query API requests, make sure to set siteUrl according to steps above, eg: http://www.example.com/ (for a URL-prefix property) or sc-domain:example.com (for a Domain property)
Happy coding

Link inside verification-mail not working

Could somebody explain, or better tell me how to fix this problem?
The link found in the "account creation verification email" on Parse-Server (/Heroku), is not working.
The relevant code in index.js is like this:
var api = new ParseServer({
databaseURI: .....,
cloud: .....,
appId: .....,
..........
publicServerURL: process.env.PARSE_PUBLIC_SERVER_URL || 'https://myapp.herokuapp.com',
appName: 'WonderApp',
..........
verifyUserEmails: true,
emailAdapter: {
module: 'parse-server-mailgun',
options: {
// The address that your emails come from
fromAddress: 'yaya#abc.com',
// Your domain from mailgun.com
domain: 'xyz.com',
// Your API key from mailgun.com
apiKey: 'key-key-key-key-key-key-key-key',
// The template section
templates: {
verificationEmail: {
subject: 'Confirm your account',
pathPlainText: resolve(__dirname, 'verification_email.txt')
},
}
}
}
});
The verification mail is sent as expected, when an account is created.
The user also receives it(as expected). The mail looks like:
Please confirm your account by clicking on the link below.
https://myapp.herokuapp.com/apps/YAdLIExyzABC(K#!qB....../verify_email?token=....uxY&username=theguy
But, then when clicking the link here what appears in the web browser:
Cannot GET /apps/YAdLIExyzABC(K
This is not what I expect.
Could someone see where the problem could be?
One more thing I noticed, after trying many things to solve this problem is that, when typing the following line in the web browser :
https://myapp.herokuapp.com/apps/
I get this:
Cannot GET /apps/
I have the feeling this is not supposed to happen. But does anyone know why this happens?
The URL part YAdLIExyzABC(K#!qB...... is your app ID.
It seems that the app ID contains invalid characters that do not allow it to be used in the URL, such as (, # and !. The app ID should contain only characters and numbers.
In the configuration you posted here you replaced the app ID with ....., so to know for sure, it would be necessary to see what you actually set as app ID.

Readonlyrest and Kibana Permission Configuration

I'm trying to setup a basic readonlyrest example with Kibana. My config is as follows:
readonlyrest:
enable: true
response_if_req_forbidden: Forbidden by ReadonlyREST ES plugin
access_control_rules:
- name: Accept requests from users in group team1 on index1
type: allow
hosts: [localhost,127.0.0.1,10.0.0.0/24]
groups: ["team1"]
actions: ["indices:data/read","indices:data/read/mge/*","indices:data/read/mget","indices:data/read/*","indices:data/write/*","indices:admin/template/*","indices:admin/create", "cluster:monitor/*"]
indices: ["<no-index>", ".kibana*", "logstash*", "default" ,"sha*" ,"ba*"]
users:
- username: alice
auth_key: alice:p455phrase
groups: ["team1"]
Unfortunately this does not work. I keep getting Authorization exception with the following error message in elasticsearch logs:
no block has matched, forbidding by default: { action: indices:data/read/mget,
OA:127.0.0.1, indices:[.kibana], M:POST, P:/_mget, C:{"docs":[{"_index":".kibana",
"_type":"config","_id":"4.6.1"}]}, Headers:[]}
What is missing in my config?
In kibana.yml the configuration is:
elasticsearch.username: "alice"
elasticsearch.password: "p455phrase"
If you use case is a basic kibana authentication, you should follow the example in the documentation.
Once you get that working, you could modify the example to assign the required rules to groups, and groups to your hard-coded users.
Keep in mind that this will not be a production ready solution, due to the crappy security level offered by HTTP basic auth between browser and Kibana:
The browser will pass the credentials unencrypted at every request
No way for the user to "logout" from Kibana
Nowadays ReadonlyREST Offers two Kibana plugins (PRO and Enterprise), which fixes the above limitations using encrypted cookies, and injecting a logout button into the Kibana UI.
The 30 days trial is available for download

drive.changes.watch don't sends notifications

I'm using googleapis npm package ("apis/drive/v3.js") for Google Drive service. On backend I'm using NodeJS and ngrok for local testing. My problem is that I can't get notifications.
The following code:
drive.changes.watch({
pageToken: startPageToken,
resource: {
id: uuid.v1(),
type: 'web_hook',
address: 'https://7def94f6.ngrok.io/notifications'
}
}, function(err, result) {
console.log(result)
});
returns some like:
{
kind: 'api#channel',
id: '8c9d74f0-fe7b-11e5-a764-fd0d7465593e',
resourceId: '9amJTbMCYabCkFvn8ssPrtzWvAM',
resourceUri: 'https://www.googleapis.com/drive/v3/changes?includeRemoved=true&pageSize=100&pageToken=6051&restrictToMyDrive=false&spaces=drive&alt=json',
expiration: '1460227829000'
}
When I try to change any files in Google Drive, the notifications do not comes. Dear colleges, what is wrong?
This should be a comment but i do not have enough (50points) experience to post one. Sorry if this is not a real answer but might help.
I learned this today. I'm doing practically the same thing like you - only not with Drive but Gmail api.
I see you have this error:
"push.webhookUrlUnauthorized", "message": "Unauthorized WebHook etc..."
I think this is because one of the 2 reasons:
you didn't give the Drive-api publisher permissions to your topic.
Second if you want to receive notifications, the authorized webHooks Url must be set both on the server( your project) and in your pub/sub service(Google Cloud).
See below - for me this setup works:
1. Create a topic
2. Give the Drive publish permissions to your topic. This is done by adding the Drive scope in the box and following steps 2 and 3.
3. Configure authorized WebHooks. Form the Create Topic page - click on add subscriptions. Not rely vizible here but once you are there you can manage.

Resources