I'm trying to make a chrome extension, which will have a free trial.
Following the documentation here, the first thing to do is enabling Chrome Identity API. As far as i can tell, there's no such thing...
Anyway... I've done every other steps, and ends up with a 500 error.
Here is part of what i've done.
Of course i changed values of all ids, keys, token, etc..
manifest.json
{
"name": "The name of my app",
"version": "1.0.9",
"key": "my_very_long_key",
"description": "A description",
"manifest_version": 2,
"permissions": [ "activeTab", "storage", "declarativeContent", "identity", "https://www.googleapis.com/" ],
"oauth2": {
"client_id": "the_client_id_i_setup_in_Credentials_oauth2_section.apps.googleusercontent.com",
"scopes": [
"https://www.googleapis.com/auth/chromewebstore.readonly"
]
},
// other stuff...
code
chrome.identity.getAuthToken({
'interactive': true
}, (token) => {
console.log("Token: %o", token);
console.log("chrome.runtime.id: %o", chrome.runtime.id);
var CWS_LICENSE_API_URL = 'https://www.googleapis.com/chromewebstore/v1.1/userlicenses/';
var req = new XMLHttpRequest();
req.open('GET', CWS_LICENSE_API_URL + chrome.runtime.id);
req.setRequestHeader('Authorization', 'Bearer ' + token);
req.setRequestHeader('Content-Type', 'application/json');
req.onreadystatechange = () => {
if (req.readyState == 4) {
var license = JSON.parse(req.responseText);
console.log(license);
}
}
req.send();
});
And here is an example of output.
Token: "ya29.GlzqBp1FaFegsgm.oihohjbrbznghdfgmgighnzxfvxz3ve5G8GQ4VxZ653FqBa8aqq-JXil-VS5IGeknneZ6KnKbyknw-gXw"
chrome.runtime.id: "asdflhlkrfhuilerdfb"
Object
error:
code: 500
errors: Array(1)
0:
domain: "global"
message: "Backend Error"
reason: "backendError"
__proto__: Object
length: 1
__proto__: Array(0)
message: "Backend Error"
__proto__: Object
__proto__: Object
So i'm able to obtain the access token, but then calling the API with it doesn't seem to lead to anything.
Reopened bug: https://issuetracker.google.com/issues/140188619
Please, star it on issuetracker.google.com, if you have the same issue to speed up Google)
UPDATE:
Issue was fixed by Google!
https://bugs.chromium.org/p/chromium/issues/detail?id=940478#c18
Related
I am trying to build a chrome extension, that when clicking on the toolbar icon will call a function that interfaces with Asana's api (https://asana.com/developers/documentation/getting-started/quick-start).
Here's my code:
Manifest
{
"manifest_version": 2,
"name": "test",
"description": "asana test",
"version": "1.0",
"browser_action":
{
"default_icon": "icon.png"
},
"permissions": [
"https://app.asana.com/api/**",
"activeTab"
],
"background": {
"scripts": [ "scripts/require.js", "scripts/background.js"],
"persistent": true
}
}
background script
require(['asana'], function (asa) {
var asana = asa;
});
chrome.browserAction.onClicked.addListener(function(tab) {
// replace with your personal access token.
var personalAccessToken = '0/123456789....';
// Construct an Asana client
var client = asana.Client.create().useAccessToken(personalAccessToken);
// Get your user info
client.users.me()
.then(function(me) {
// Print out your information
console.log('Hello world! ' + 'My name is ' + me.name + ' and my primary Asana workspace is ' + me.workspaces[0].name + '.');
});
});
Any ideas what I am missing?
Apologies if this question is simplistic. I went over other similar threads but still stuck :(
Resolved this problem by using #ajax to call the apis directly, rather than requiring asana.
Example the below function was added in the background script
function authTest()
{
$.ajax({
url: 'https://app.asana.com/api/1.0/users/me',
type: 'get',
processData: false,
contentType: 'application/octet-stream',
headers: {
"Authorization": "Bearer 0/....,
},
success: function (data) {
console.log(data);
},
error: function (data) {
console.error(data);
}
})
}
I have this post request to JIRA to create an issue:
require('isomorphic-fetch');
process.env.NODE_TLS_REJECT_UNAUTHORIZED = "0";
var summ = "Review Test Ticket";
var issue = {
"fields": {
"project":
{
"key": "ABC"
},
"summary": summ,
"description": "This is a test JIRA issue creation",
"issuetype": {
"name": "Story"
},
"assignee": {
"name": "myname"
},
"customfield_10902": [{ "value": "Red Team" }],
"customfield_10008": 1
}
};
var missue = JSON.stringify(issue)
fetch("https://my_jira_host/jira/rest/api/2/issue/", {
body: missue,
headers: {
"Authorization": "Basic my_auth_token",
"Content-Type": "application/json"
},
method: "POST"
})
.then(function( data ) {
console.log(data);
}).catch(function(data) {
alert(data);
});
If the above code is in a file called "my_file.js" if I run node my_file.js the ticket is successfully created.
However, if I move that code inside a function that runs on button click in my react app, and then run the app (on localhost or a server) then it fails. I get a 403. The alert displayed from my catch is: TypeError: NetworkError when attempting to fetch resource.
I have tried absolutely everything. Have no idea where to go from here. Any ideas?
i am using the atlassian-connect-express toolkit for creating Atlassian Connect based Add-ons with Node.js.
It provides Automatic JWT authentication of inbound requests as well as JWT signing for outbound requests back to the host.
The add-on is authenticated when i install it in the JIRA dashboard and return the following pay-load:
{ key: 'my-add-on',
clientKey: '*****',
publicKey: '********'
sharedSecret: '*****'
serverVersion: '100082',
pluginsVersion: '1.3.491',
baseUrl: 'https://myaccount.atlassian.net',
productType: 'jira',
description: 'Atlassian JIRA at https://myaccount.atlassian.net ',
eventType: 'installed' }
But i am not able to authenticate the JIRA Rest Api with the JWT token generated by the framework. It throws below error message.
404 '{"errorMessages":["Issue does not exist or you do not have permission to see it."],"errors":{}}'
below is the code when i send a GET request:
app.get('/getissue', addon.authenticate(), function(req, res){
var request = require('request');
request({
url: 'https://myaccount.atlassian.net/rest/api/2/issue/ABC-1',
method: 'GET',
}, function(error, response, body){
if(error){
console.log("error!");
}else{
console.log(response.statusCode, body);
}
});
res.render('getissue');
});
Below is the code for my app descriptor file:
{
"key": "my-add-on",
"name": "Ping Pong",
"description": "My very first add-on",
"vendor": {
"name": "Ping Pong",
"url": "https://www.example.com"
},
"baseUrl": "{{localBaseUrl}}",
"links": {
"self": "{{localBaseUrl}}/atlassian-connect.json",
"homepage": "{{localBaseUrl}}/atlassian-connect.json"
},
"authentication": {
"type": "jwt"
},
"lifecycle": {
"installed": "/installed"
},
"scopes": [
"READ",
"WRITE"
],
"modules": {
"generalPages": [
{
"key": "hello-world-page-jira",
"location": "system.top.navigation.bar",
"name": {
"value": "Hello World"
},
"url": "/hello-world",
"conditions": [{
"condition": "user_is_logged_in"
}]
},
{
"key": "getissue-jira",
"location": "system.top.navigation.bar",
"name": {
"value": "Get Issue"
},
"url": "/getissue",
"conditions": [{
"condition": "user_is_logged_in"
}]
}
]
}
}
I am pretty sure this is not the correct way i am doing, Either i should use OAuth. But i want to make the JWT method for authentication work here.
Got it working by checking in here Atlassian Connect for Node.js Express Docs
Within JIRA ADD-On Signed HTTP Requests works like below. GET and POST both.
GET:
app.get('/getissue', addon.authenticate(), function(req, res){
var httpClient = addon.httpClient(req);
httpClient.get('rest/api/2/issue/ABC-1',
function(err, resp, body) {
Response = JSON.parse(body);
if(err){
console.log(err);
}else {
console.log('Sucessful')
}
});
res.send(response);
});
POST:
var httpClient = addon.httpClient(req);
var postdata = {
"fields": {
"project":
{
"key": "MYW"
},
"summary": "My Story Name",
"description":"My Story Description",
"issuetype": {
"name": "Story"
}
}
}
httpClient.post({
url: '/rest/api/2/issue/' ,
headers: {
'X-Atlassian-Token': 'nocheck'
},
json: postdata
},function (err, httpResponse, body) {
if (err) {
return console.error('Error', err);
}
console.log('Response',+httpResponse)
});
You should be using global variable 'AP' that's initialized by JIRA along with your add-on execution. You may explore it with Chrome/Firefox Debug.
Have you tried calling ?
AP.request(..,...);
instead of "var request = require('request');"
You may set at the top of the script follwing to pass JS hinters and IDE validations:
/* global AP */
And when using AP the URL should look like:
url: /rest/api/2/issue/ABC-1
instead of:
url: https://myaccount.atlassian.net/rest/api/2/issue/ABC-1
My assumption is that ABC-1 issue and user credentials are verified and the user is able to access ABC-1 through JIRA UI.
Here is doc for ref.: https://developer.atlassian.com/cloud/jira/software/jsapi/request/
Using google API
function googleLogin(req, res, next) {
var google = require('googleapis');
var plus = google.plus('v1');
SCOPES = 'https://mail.google.com';
var OAuth2 = google.auth.OAuth2;
var oauth2Client = new OAuth2(
'215995260545-6rp2pg69olionsiugudcl4fni3o36ap9.apps.googleusercontent.com',
'xxxxxxxxxxxxxxxxxxxxxxxx',
'https://developers.google.com/oauthplayground'
);
oauth2Client.setCredentials({
access_token: req.query.ac_token,
refresh_token: req.query.rf_token
});
plus.people.get({
userId: 'me',
auth: oauth2Client
}, function(err, response) {
if (err) console.log(err);
console.log(response);
});
}
When I run this code, I am getting the error like **insufficient permission**. Am I wrong anywhere??
"code": 403,
"errors": [
{
"domain": "global",
"reason": "insufficientPermissions",
"message": "Insufficient Permission"
}
]
How can I solve this problem?? I have also referred the Gmail API scopes.
The main part of your problem is that you are using the wrong endpoint https://developers.google.com/oauthplayground is not something you can use to my knowlage
How you should be doing it
try adding the following scope
profile - View your basic profile info
You also shouldnt have to go though the google+ api you may be able to request the info from the userinfo endpoint but it depends on what info you are after
https://www.googleapis.com/oauth2/v3/userinfo?access_token=XXX
UserInfo Response
{
"family_name": "Lawton",
"name": "Linda Lawton",
"picture": "https://lh5.googleusercontent.com/-a1CWlFnA5xE/AAAAAAAAAAI/AAAAAAAAl1I/UcwPajZOuN4/photo.jpg",
"locale": "en",
"gender": "female",
"link": "https://plus.google.com/+LindaLawton",
"given_name": "Linda",
"id": "117200475532672775346"
}
People api request
https://www.googleapis.com/plus/v1/people/me
Response
{
"braggingRights": "Extreme Beekeeper first to recorded an Hive inspection using Google Glass with out a veil on.",
"image": {
"url": "https://lh5.googleusercontent.com/-a1CWlFnA5xE/AAAAAAAAAAI/AAAAAAAAl1I/UcwPajZOuN4/photo.jpg?sz=50",
"isDefault": false
},
"id": "117200475532672775346",
"objectType": "person",
"verified": false,
"tagline": "Google Developer Expert 2014 - 2017",
"etag": "\"ucaTEV-ZanNH5M3SCxYRM0QRw2Y/0gZZ-LRb-PWLjbw12lr-IOAearE\"",
"circledByCount": 2514,
"occupation": "Google Developer Expert, BIA Developer at Targit",
..... Lots of stuff here ...
}
You should try testing using the Oauth playground
I'm actually implementing Social sharing in my project, so i am doing google+ sharing. While posting message to Google+ using nodejs,I'm getting 403 forbidden error do i need to configure anything on google+ account so that posted message is seen at google+
var params = { "object": {
"originalContent": "hello"
},
"access": {
"items": [
{
"type": "mycircle"
}
],
"domainRestricted": true
}
};
var headers = {
Authorization: 'Bearer ' + google_access_token
};
request.post(shareApiUrl, {
url: 'https://www.googleapis.com/plusDomains/v1/people/{{userid}}/activities',
headers: headers,
body: params,
json: true
}, function (err, response, body) {
console.log(body)
)}
Error Description:
{
"error": {
"errors": [
{
"domain": "global",
"reason": "forbidden",
"message": "Forbidden"
}
],
"code": 403,
"message": "Forbidden"
}
}
For Posting a feed/or message we should have Google Apps account, but it is impossible with regular GMail account, or your Apps admin hasn't enabled Google+ for the Apps domain.