project-A enables Natural Language API.
project-B doesn't.
project-A's service account is allowed to access both project-A and project-B.
Under this situation, the following step for a sample script like this should work:
export GOOGLE_APPLICATION_CREDENTIALS="/path/to/credentials.json"
run the script
Where, the credentials.json contains:
...
"project_id": "project-A",
...
Now, when I modify it as follows:
"project_id": "project-B",
Then,
Q1) I thought the script failed because project-B Natural Language API has not yet been enabled. However, it works, why? Does this actually access project-A's NL-API?
Q2) Is there any way to check access log at GCP? Then, I can check which project the script runs.
Q3) I think it is usual approach to share credentials.json between project-A and project-B and to switch project under some situations. At Dialogflow, each API need to pass project-ID so that credentials.json sharing works. How about NL-API to switch project with sharing credentials?
Related
I have a script that retrieves a webhook (meaning it has to be deployed as a publicly accessible App), and then uses an API to send a message.
The API requires using a key and secret, which I obviously don't want accessible to the public.
Q1: Is there a way to hide an API key/secret in another script and somehow have it accessible?
(Or any other similar solution - doesn't have to be fancy, just functional/safe).
Alternate Question:
Q2: What can a stranger actually see in my public Apps Script project? The full code? If I hide keys in a functions with an underscore ie. function name_(){}, can they read it?
IMPORTANT INFO: I have not 'shared' the project or spreadsheets with anyone, they're still private. But I've 'deployed' the Web App with permissions for 'anyone'. I assume that means anyone can access?
Everything in the script is visible to whoever has access (script owner, workspace admins, added users). Unless only the url of the webapp is shared and if the script itself is not shared then they are not able to access the script, so technically you can still keep them in your script. It is safe there and only the owner and workspace admins (if it is for Google workspace) can access it.
A way you can store/save the key is by storing it in script properties. Doing this you only need to run the script once to store the API key, moving forward you can remove the API key from the script and it will still run:
https://developers.google.com/apps-script/guides/properties#saving_data
Also refer to this post for more information, in my posted answer I have also provided alternatives and reference links:
Is it safe to put in secrets inside Google App Script code?
My project meet this issue, too. Because the amount of functions is not too much , So i hide my main GAS behind an dummy one .
So far I had 2 GAS
the main GAS with key , and all functions , and I deploy it as Web APP
Of cause u need doGet or doPost to do as entrance of API
The dummy one to share with users.
Then you can call something like below in dummy GAS
var url = 'https://script.google.com/macros/s/xxxxxxxxxxx/exec';
UrlFetchApp.fetch(url,{'method': 'get'});
I hope its useful in your case.
I have multiple rules in my tenant and now I want to write unit tests for my rules just like https://github.com/auth0/rules/tree/master/test Now the issue is in the docs (https://auth0.com/docs/support/testing) it’s written that we can use https://www.npmjs.com/package/auth0-rules-testharness module for unit test our rules but I think the explanation is old and it’s not updated because in the sample project (https://github.com/tawawa/auth0-rules-testharness-sample) we need to add webtask token and sandbox url and now we can’t find webtask token in Auth0 dashboard (https://manage.auth0.com/#/account/webtasks) and also where can I get this sandbox url? Any help?
It looks like that npm package is a little out of date. Here are some updated resources:
Unit testing rules
Rules Best Practices: https://auth0.com/docs/best-practices/rules
Specifically: https://auth0.com/docs/best-practices/rules#testing
Some example repos:
https://github.com/auth0-customers/rule-test-example
https://github.com/auth0/auth0-rules-local-testharness
I'm trying to implement this prototype app: https://github.com/agraebe/Take-Me-Home-Now As a disclaimer, I'm fairly new to Node JS and API integration. I'd like to get the code functioning to show that I properly implement this OAuth2 workflow, and saw this app as a good way to practice that.
I'm having trouble obtaining an access token and receive the error: Invalid access token when I go to localhost:1455, and then click the "Login to request ride" button.
I've seen various reasons on stackoverflow. One could be that I need to have requests approved by Uber. I wouldn't think so though, since the code is using sandbox and not production.
My redirect uri is set as https://login.uber.com/oauth/v2/authorize?client_id=client_id&response_type=code with "client_id" set as my client id in that link. I've made sure the redirect uri matches what I have in the app developer account page.
Also, I've hard coded the details into the config.js file, since I've seen someone mention on stackoverflow that storing the environment variables could be an issue from the error I was receiving.
please help...
thanks!
I created the Take-Me-Home-Now app. Assuming you already installed all the dependencies (npm install in the project root folder), here are some things to consider:
You should disable your ad-blocker to ensure that's not the issue
You have to configure your app in the Uber Developer Dashboard:
Create a new app
Go to the authorizations tab and set the following configuration:
redirect url: http://localhost:1455/api/callback
origin url: http://localhost:1455/
general scopes: enable all the scopes (except for the priviliged ones)
Go to the settings tab and copy over the required credentials (client id, server token, and client secret). You will need them to start the NodeJS server, like this: client_id=[1] client_secret=[2] server_token=[3] redirect_uri=[4] mashape_key=[5] node app.js
In order to make use of the gender-awareness feature, you'd need to get an account with Mashape (Face++). As you might have realized already, the start command above also requires this key.
When you register your app with uber, you will have to define a callback URL. Even if it is your development machine (i.e. localhost:1455) When you send the request to the Auth server, you provide a client_id, response_type and callback_url.
When the user successfully authenticates, Uber sends back a code (hence the response_type=code) as a URL parameter to your callback URL. This code is NOT the token. This code is then used to get the token using the client_id, client_secret and code.
I would suggest doing some reading on how oAuth works to get a better understanding.
I'm writing a bash script to automatically setup a private github repo, as well as setup a deployHQ project for the same. This works well. However I can not add the GitHub repository to deployhq (via bash script using curl api calls) seemingly because I figure that there hasn't been an initial commit yet.
The idea of the script is to set everything up initially. From GitHub to deployhq to uploading deployhq ssh-rsa keys to the github repository - For each client website we begin to work on.
I'm using API keys, and in particular I'm using a personal access token to send commands to GitHub.
So my question is, how do I setup a new repository on GitHub with an initial commit, before the project has even started? (in order to satisfy deployhq)
I figure I need to use the API key to do this, as to avoid any user prompts.
It could just be a simple README.md file.
This is what I'm using so far (which works).
Note: obviously this is just part of the script.
SETUP_GITHUB_PROJECT_JSON='{
"name": "'$DHQ_PROJECT_PERMALINK'",
"description": "This project is a test",
"private": "true"
}'
SETUP=`curl -X POST -d "$SETUP_GITHUB_PROJECT_JSON" -H "$HEADER_ACCEPT" -H "$HEADER_CONTENT_TYPE" -u $GITHUB_API_KEY:x-oauth-basic "$GITHUB_BASE_URL"user/repos`
Happy to clarify as needed.
I have written this module in node js, which is an express middleware and will enable your node app with an API for accessing cloud storage services such as dropbox.
For example this will list the available services
wget http://localhost:6805/api/v1.0/services/list/
And this will list a directory of the user Dropbox
wget http://localhost:6805/api/v1.0/dropbox/exec/ls/path/to/folder/
Of course, the user must have connected his Dropbox account to the app. To do so, your app must call this
wget http://localhost:6805/api/v1.0/dropbox/connect/
Which returns an URL, which you will open to let the user authorize the access to the service (this is an oauth2 authorization mechanism). Then call this to finish the auth process
wget http://localhost:6805/api/v1.0/dropbox/login/
My question is : how to test the API? I mean functionnal tests. I could mock each service (Dropbox for example) but it may be a lot of work don't you think?
No answer yet, so I can say that for now, the only way I have found is to use selenium to simulate a browser.
I open a test page, and type my test login/password, just like a human would.
Then I run tests normally