I'm attempting the final assignment for my course but not getting anywhere due to Oauth2 authentication difficulties. I'm having a great deal of difficulty resolving this! I think it may be due to the fact I'm using a work laptop which is SOE'd and pretty locked down.
I just don't know where to look to resolve this. Any suggestions?
Steps to replicate
1. I've set my Oauth2 application up in Facebook and with Site URL setting as https://localhost:3443/users/facebook/callback
2. When I attempt ANY method (get, post, put etc) on this url, I get the below.
I've tried:
1. bypassing my company's firewall and hotspotting my phone; note that this a workaround I use to install NPM packages as my company seems to block NPM
2. my course's forum\Stack exchange. It seems that I'm the only person in the galaxy that this has affected.
3. F12 in CHrome - there are no messages in the console
4. inserting debug clues in the user route, viz;
router.get('/facebook', passport.authenticate('facebook'),
function(req, res){
console.log('routergetfacebook');//------------------------debug
});
router.get('/facebook/callback', function(req,res,next){
console.log('router.get-facebook-callback');//------------------------debug
In Chrome
This site can’t be reached
In Postman:
Could not get any response
There was an error connecting to https://localhost:3443/users/login.
Why this might have happened:
The server couldn't send a response: Ensure that the backend is working properly
Self-signed SSL certificates are being blocked: Fix this by turning off 'SSL certificate verification' in Settings > General
Client certificates are required for this server: Fix this by adding client certificates in Settings > Certificates
Proxy configured incorrectly Ensure that proxy is configured correctly in Settings > Proxy
Request timeout: Change request timeout in Settings > General
Related
Getting this error:
Access to fetch at 'https://myurl.azurewebsites.net/Player/1' from origin 'http://localhost:19006' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
I'm not the first with this error, but I feel like I have tried everything that one can find through searching for the problem. I'm developing a web API with ASP.net core, that's supposed to communicate with my react-native frontend. Problem is, I cannot for the life of me get the connection to work.
In program.cs I have added
var MyAllowSpecificOrigins = "_myAllowSpecificOrigins";
builder.Services.AddCors(options =>
{
options.AddPolicy(name: MyAllowSpecificOrigins,
policy =>
{
policy.AllowAnyMethod();
policy.AllowAnyHeader();
policy.AllowAnyOrigin();
});
});
and
app.UseCors(MyAllowSpecificOrigins);
I have tried adding no cors to the method itself
[DisableCors]
[HttpGet("{id}")]
public List<Player> GetPlayers(int id)
{
return (from c in _context.Player.Take(1)
where c.PlayerId == id
select c).ToList();
}
I even deployed the server and database on Azure (I was supposed to sooner or later anyway) just hoping that would allow me to get it to work. The API runs fine if I visit the URL and run it through that one. It also works great if I host it locally and go through the web.
On Azure I've changed my cors settings to allow everything:
I can even access the API through expo web if I run it locally at the same time. But I need to be able to do it through my phone as well, or at least an android emulator. Neither of those works for neither a locally hosted server, or one that's on Azure.
How can I solve this?
Actually, shortly after setting my Azure cors settings, it did indeed start to work. Finally, I can at least demo it. Unfortunately, I still have no solution that solves it when hosting locally.
I was hoping one of you could help me out here. I ran out of ideas already.
I have a script with Cypress.io that basically access a website and clicks on a link for LOGIN. I have reduced the code to only access the LOGIN page directly, which was working perfectly for the past 1-2 months, but in the past week I ran the script and it's no longer working.
When it tries to access the URL https://sso.tce.sp.gov.br/cas-server/login it gives the error below.
The most weird thing is that I can access this URL manually from the other non-automated (EDGE, Chrome), but when I try to do it with the Cypress automated browser it doesn't work.
cy.visit() failed trying to load:
https://sso.tce.sp.gov.br/cas-server/login
We attempted to make an http request to this URL but the request
failed without a response.
We received this error at the network level:
Error: Parse Error: Duplicate Content-Length
Common situations why this would fail:
you don't have internet access
you forgot to run / boot your web server
your web server isn't accessible
you have weird network configuration settings on your computer
Apparently it's doesn't look like a proxy thing nor a code thing, do you guys have any idea of what it could be?
Code:
describe('Test', () => {
it('Access AUDESP Website', function () {
Cypress.config('chromeWebSecurity',false);
//cy.visit('https://www.tce.sp.gov.br/audesp')
//cy.get('.menu-superior-itens > [href="https://sso.tce.sp.gov.br/cas-server/login"]').click()
cy.visit('https://sso.tce.sp.gov.br/cas-server/login')
})
})
Any ideas would be very helpful!!
Thank you!
UPDATE:
Guys, I'm still with this error, but I have found out that the website is sending a duplicate header, but cypress is not able to process it. The browser, outside of Cypress, ignores it apparently... any ideas on how to fix it on Cypress?
I've cloned https://github.com/ananay/passport-apple-example and replaced the config with this:
clientID: "com.myname.web",
teamID: "myteamid",
callbackURL: "https://myurldev.com/auth/apple/redirect",
keyID: "mykeyid",
privateKeyLocation: path.join(__dirname, "../apple-key.p8")
I've also added SSL certificate on my machine and starting the server with https, all works fine & is recognized by my browser. I'm also starting the app on port 443 and proxying using my hosts file myurl.dev.com -> 127.0.0.1.
I have the same auth setup for facebook, google & microsoft and everything works fine.
I have:
Created a new APP identifier and enabled Sign in with Apple for it, named it: com.myname.dev
Created a new SERVICE identifier and enabled Sign in with apple, called it: com.myname.web
Added "https://myurldev.com/auth/apple/redirect" to the "Reply URLS" on the service identifier com.myname.web
Set my app identifier com.myname.dev as the main app identifier my service to be grouped with.
Created a private key and enabled sign in with apple, interface confirmed the presence of grouped ID com.myname.web bundled with com.myname.dev for which the key was created.
I have confirmed using console.log that the private key is indeed at the path being passed as parameter.
converted the .p8 file to base64 & then back to UTF-8 in an attempt to use the string for privateKeyString
successfully implemented Apple Oauth several times in the past using passport-apple
This time around, for some reason, auth simply doesn't work.
If I set the clientID as the APP identifier, not the service, I'm getting
invalid_request
Invalid web redirect url.
instead of invalid_client
Any advice on debugging this is highly appreciated. Thank you.
EDIT #1:
I have dug a bit deeper into the passport-apple package to figure out if anything goes against apple's docs around token generation, but the flow never reaches that part, indicating things go wrong on the actual configuration in Apple's console & what I'm trying to use for my project.
EDIT #2
2 of the app Ids I have created always throw "wrong redirect uri" because they're not service IDs so I can't configure redirect_uri, this will change if to "required" if I pass undefined as a redirect_uri.
One of the app ids throws only invalid client_id instead, regardless if I pass undefined or good value for redirect_uri.
EDIT #3
Went full vanilla through the OAuth code flow process and just created a url & redirected the user it, failing with this method is consistent with what is happening when using the passport-apple module.
const url = new URL("https://appleid.apple.com/auth/authorize");
url.searchParams.append("state", "fdbd287b1f");
url.searchParams.append("response_type", "code");
url.searchParams.append("scope", "name email");
url.searchParams.append("response_mode", "form_post");
url.searchParams.append(
"redirect_uri",
"https://raiseitupdev.com/auth/apple/redirect",
);
url.searchParams.append("client_id", "com.myname.web");
return res.redirect(url.toString());
[Creator of the library here.]
Did it stop working in development too? I feel this is a configuration error because the actual thing is working live on my website:
https://passport-apple.ananay.dev
Please follow up on this Github issue. Thanks!
https://github.com/ananay/passport-apple/issues/23
I am currently testing my pact contracts using the below provider options
let opts = {
provider: "api",
providerBaseUrl: "https://my-domain.com",
pactUrls: [
path.resolve(
process.cwd(),
"./pacts/pact-api.json"
),
],
validateSSL: false,
changeOrigin: true,
providerVersion: "1.0.0"
}
return new Verifier(opts).verifyProvider().then(output => {
console.log("Pact Verification Complete!")
console.log(output)
})
When I give the base url as https I get the below error:
Uncaught Error: write EPROTO 140574248376192:error:1408F10B:SSL routines:ssl3_get_record:wrong version number:../deps/openssl/openssl/ssl/record/ssl3_record.c:332:
at WriteWrap.onWriteComplete [as oncomplete] (internal/stream_base_commons.js:92:16)
If I change the url to have http: it does a redirect (I get redirect status code 308).
The https url is a self signed url, and the self signed certificate is present in all our servers. I have no issues accessing the url from any browser or curl or via express.js.
But if I provide the url directly in provider options, I get the error. I went through the pact documentation and I was not able to find any additional arguments.
Any help to overcome this issue is highly appreciated.
Thanks.
Update:
The issue was running pact inside a docker container. The requests from the container were being blocked by an internal proxy. Once the proxy was bypassed, it worked.
Under the hood, pact-js uses the "pact-ruby-standalone". You can set the certificate for the pact-ruby-standalone using the environment variables SSL_CERT_FILE as documented here: https://github.com/pact-foundation/pact-ruby-standalone/releases#pact-provider-verifier
UPDATE:
The issue was due to VPN/proxy settings on the host which was intercepting the request and presenting an invalid certificate.
ORIGINAL POST:
Whilst Beth is correct in that we do use that Ruby library under the hood, Pact JS actually spins up a proxy which the Ruby standalone actually interacts with - i.e. Ruby talks to a local JS server running http, and the proxy re-issues the request to the service. So the issue is most likely in the Pact JS framework.
There could be a few things happening here:
There is an issue in the library somewhere
There is a configuration issue somewhere we need to get to the bottom of
There is something special about the TLS certificate
Could you please update the bug report at https://github.com/pact-foundation/pact-js/issues/429 ?
We're going to need logs and other information to get to the bottom of it (see https://github.com/pact-foundation/pact-js/blob/master/.github/issue_template.md for how to help us help you).
I am trying to send email from my node.js app using nodemailer. I am successful in sending email from my local server after enabling less secure apps on google account.
But when I deployed my code to heroku, it is unable to send email because google is blocking my login attempts. So I logged in to my account and clicked on the option that the login attempt was from me indeed. However it still is not working. I then set up a project on runnable.com and got the same sign in prevented. I did the same for this and accepted it as my sign in attempt. However I am still not able to send emails.
The error that is coming is this :
Server listening on port 80
Failed in sending mail
{ success: false, existing: false, sendError: true }
{ [Error: Invalid login]
code: 'EAUTH',
response: '534-5.7.14 <https://accounts.google.com/ContinueSignIn?sarp=1&scc=1&plt=AKgnsbsNg\n534-5.7.14 LiCfP8u0IX20V3Y1nFt7iYuwJCPg4LVgRxVvEPO5y4-XOjzSsm_xa0XIBE3NP2bM5euv4A\n534-5.7.14 m6LSg0_DQ
Qj9kOm_JuwykQxVyYSKaLGyeibhi_cHtx3Pu4I4UISJCPt3TvHdxCUebMzTbu\n534-5.7.14 2F9wLa-IFpKHf9HPap4Aeu11Nup9ZAlpOCGAmcnbERFeAufeIgAsExtGkrmV2X7mktJ5nq\n534-5.7.14 epNHDpwg2EwMVwzOrpt8rGZahYvs> Please log i
n via your web browser and\n534-5.7.14 then try again.\n534-5.7.14 Learn more at\n534 5.7.14 https://support.google.com/mail/bin/answer.py?answer=78754 a76sm5828252oig.11 - gsmtp',
responseCode: 534 }
Please Help. I am in desperate need of getting it running.
I have the same issue, grap the link on your respone message "https://accounts.google.com/ContinueSignIn?sarp=1&scc=1&plt=AKgnsbsNg\n534-5.7.14" and paste to browser, you will see an announcement that showing google just blocked your sign-in request by cause it perform from strange device, then you can follow google instruction to accept that device.
It's work in my case. But I don't know what happen if heroku dynos sleep then waked up again, maybe it change the machine and you would got this problem again.
In this case, considering using a vps for hosting your mailing app.