Outlook api webhook validation error with node js - node.js

I'm facing a problem with the validation of the notification url when I want to register a subscription with the outlook API.
The options passed in the request are :
var optionsSubscription = {
url: "https://outlook.office.com/api/v2.0/me/subscriptions",
method: "POST",
headers: {
"authorization": "Bearer " + user.outlookCalAccessToken,
"accept": "application/json",
"ContentType": "application/json",
},
json: {
"#odata.type": "#Microsoft.OutlookServices.PushSubscription",
"Resource": "me/events",
"NotificationURL": "https://xxx/callback",
"ChangeType": "Created,Deleted,Updated"
},
"Content-Type": "application/json"
}
The response is the following :
Notification URL 'https://xxx/callback?validationtoken=N2FhY2JhNmItYTc2MC00MGUwLThmOGItZWQ2N2Q5Nzg5Y2Y2' verification failed System.Net.WebException:
The request was aborted: Could not create SSL/TLS secure channel.
at System.Net.HttpWebRequest.GetResponse()
at Microsoft.Exchange.OData.Model.Notifications.PushNotification.PushSubscriptionCallbackUrlValidationHelper.SendRequestAndVerifyResponse (Uri callbackUrl, PushSubscription pushSubscription).
When I request the notification url with Postman, it works and returns the validation token with a 200 status as expected.
The SSL certificate is generated with let's encrypt.

Related

Verify request fullfilment dialogflow

I'm trying to verify our fulfillment cloud function is only requested by Dialogflow.
The recommended solution is "Verifying requests" but, in our case, we are using Dialogflow, not Actions SDK:
const {dialogflow} = require('actions-on-google');
const fulfillment = dialogflow({
clientId: "clientIdDialogflow",
debug: true,
verification: "projectId"
});
fulfillment.intent("bienvenida", (conv) => { commonsDialogController.wellcomeFunction(conv) });
...etc
Is it possible use this to verify a request in Dialogflow or only is available in Actions SDK?
If in Dialogflow, and it is not possible use this, we have to retrieve the header and to process JWT, but in the logs the authorization header is not present. The headers are:
Headers { "host": "URL.cloudfunctions.net", "user-agent": "Google-Dialogflow", "transfer-encoding": "chunked", "accept": "*/*", "accept-encoding": "gzip,deflate,br", "content-type": "application/json", "forwarded": "for=\"X.X.X.X\";proto=https", "function-execution-id": "7868dfgr656", "x-appengine-country": "ZZ", "x-appengine-default-version-hostname": "aaaaa-tp.appspot.com", "x-appengine-https": "on", "x-appengine-request-log-id": "id", "x-appengine-user-ip": "X.X.X.X", "x-cloud-trace-context": aaaaaa/aaaa=1", "x-forwarded-for": "X.X.X.X", "x-forwarded-proto": "https", "connection": "close" }
The error in the response is:
{ "status": 403, "body": { "error": "A verification header key was not found" }, "headers": { "content-type": "application/json;charset=utf-8" } }
check out this answered question regarding Dialogflow verification.
You can set verification headers on the Dialogflow console and verify it with the fulfillment library like so:
const app = dialogflow({
verification: {
HEADER_KEY: 'HEADER_VALUE',
},
})
In the Dialogflow console, you can set the header key and value under Fulfillment > Webhook > HEADERS.

I need help trying to call 3rd party api with authentication from node server

I am trying to call 2 3rd party apis. 1st to login and receive Bearer token and 2nd to post message. 1st works fine and I get the token. but when I try to call second api to post message it fails, probably because I dont know how to set the received token in 2nd api
here is my code
var myJSONObject = {
"email": auth[0],
"password": auth[1]
};
req.post({
url: "{{server_url}}/auth/login",
method: "POST",
json: true,
body: myJSONObject
}, function (error, res, body){
if(error){
console.log(error.message);
} else {
var myJSONObject1 = {
"category":"SYSTEM",
"type": "ALERT",
"keywords":"FUNCTION|createSomethingLvl1",
"status":"UNREAD",
"from": "tenantadmin#tenantadmin.com",
"to": "someemail#gmail.com",
"subject": "Some nice subject",
"body": "Some detailed body that contains information that informs the person"
};
req.post({
url: "{{server_url}}/api/message",
method: "POST",
headers: {
"Authorization": res.body.access_token,
"Content-Type": "application/json"
},
json: true,
body: myJSONObject1
}, function (err, res1, body){
if(error){
console.log(err.message);
} else {
console.log(res1.body);
}
});
}
});
If this is a "typical" http bearer token, then you need the word "Bearer" in front of the token like this:
"Authorization": "Bearer " + res.body.access_token,
You can see examples of a Bearer token in the OAuth RFC 6750 where it shows the grammar as:
b64token = 1*( ALPHA / DIGIT / "-" / "." / "_" / "~" / "+" / "/" ) *"="
"Bearer" 1*SP b64token
And, here's an example from a Google API doc:
Authorization: Bearer AbCdEf123456
And, another example from an OAuth doc:
Authorization: Bearer vF9dft4qmT

Script from https://account-d.docusign.com/error?aspxerrorpath=/oauth/token was blocked due to mime type mismatch

I am trying to obtain the Access Token by passing authcode by calling rest api but my response was blocked saying mime type mismatch. PFB sample code
$.ajax({
async: true, // Async by default is set to “true” load the script asynchronously
dataType: 'jsonp',
crossDomain: true,
redirect_uri: 'https://hclo365.sharepoint.com/sites/wf13test',
data: 'grant_type=authorization_code&code=eyJ0eXAiOiJNVCIsImFsZyI6IlJTMjU2Iiwia2lkIjoiNjgxODVmZjEtNGU1MS00Y2U5LWFmMWMtNjg5ODEyMjAzMzE3In0%2EAQkAAAABAAYABwCAGYGDcLfWSAgAgKUHy3C31kgCAONnoYIaQgFOsTImy5_ryv0VAAEAAAAYAAEAAAAdAAAADQAkAAAAMzRkYTY1NDktMTdjMC00MTM3LWE3YWEtYWJkYWMzNjQ0YWMzNwCWbGY1cO_JQKSrZRKWhxjbMACAZ4tNZ7fWSA%2Eaz__M8ULm--8DgmUspzcA1wa7soxB0jQgnKhIwKhRT4jDsmsmIa755xPK7sD1vKmeMM4LDISN1XignVCii1IecpEWO6PWR8gq6UToJG6DnKcPurKWXEwZblsyxf2kOXR1RtDQoev5_VxkqLKTT9rHCFB01eZzTir8SVMs5BPOWdCCufMok-lVyJoq5VRL2YoPB3iOhz8MZAVlElx0srIJJWUuHiXRImmU13__3qtRf82Kxattt_6cN8IcW9rjZDYB0dfcqIKon_Q27Fp8KYU4LEpYHVunKEli60dzWliTFX34KRGJYVpYqK-Zd6OyHuqculMPE6mctVlQbcG1DD3gQ',
url: "https://account-d.docusign.com/oauth/token", // URL to fetch data from sharepoint list
method: "POST", //Specifies the operation to fetch the list item
headers: {
Authorization : "Basic MzRkYTY1NDktMTdjMC00MTM3LWE3YWEtYWJkYWMzNjQ0YWMzOjgzNmQxNmZiLWU1MDctNDM2Ny04Y2ZlLTFiODkzOGU2MTE5Yw==",
"Access-Control-Allow-Origin": '*',
"Access-Control-Allow-Headers": 'application/json',
"accept": "application/json;odata=verbose", //It defines the Data format
"content-type": "application/x-www-form-urlencoded" //It defines the content type as JSON
},
success: function(data) {
console.log('works');
},
error: function(error) {
console.log(JSON.stringify(error));
}
})
Looking for the possible solution for this to capture the access token.
I do not think you can call DS API from AJAX calls, you will be getting CORS issue. DS Dev Blog1, DS Dev Blog2 and DS Dev Blog3 explain how you can achieve Single Page Applications with DocuSign.

Firebase Cloud Messaging Node.JS Notification Not receiving

I programmed a Node.JS Server with FCM and POST Protocol and my Client app is made with Swift code.
In Terminal, It prints success code like this
id=0:1476620858011270%00f7ba1cf9fd7ecd
But In my Client App, there is no notification. So I tried with the notification tab in my Firebase Console, and it worked very well.
This is my header in my server file
var headers = {
'Content-Type': 'application/json',
'Authorization': 'key=<Server Key>',
'project_id': '<Project ID>'
}
and This is my Request Code
request({
headers: headers,
url: "https://fcm.googleapis.com/fcm/send",
method: "POST",
form: {
"notification" :{
"title": "titie",
"body": "body"
},
"content-available": true,
"priority": "high",
"to": "<Firebase Token>"
}
}, function(error, response, body) {
console.log(body);
});

Sharepoint hosted app giving 403 Forbidden Error

I am developing sharepoint hosted app and i am using rest api by angular.js or jquery.So I dont accept the app list give an error 403 Forbidden
Rest call looks like
$http({
method: "GET",
url: appweburl + "/_api/SP.AppContextSite(#target)/web/lists/getbytitle('SurveyManager')/items?#target='" + hostweburl + "'",
headers: {
"accept": "application/json;odata=verbose",
"content-type": "application/json;odata=verbose",
"X-RequestDigest": angular.element(document.querySelector('#__REQUESTDIGEST')).val()
}
});
Response is
{
"error": {
"code": "-2147024891, System.UnauthorizedAccessException",
"message": {
"lang": "en-US",
"value": "Access denied. You do not have permission to perform this action or access this resource."
}
}
}
You need to pass an access token to authenticate the request.

Resources