Swagger-ui keeps showing example petstore instead of provided swagger.json - node.js

I followed instructions to set up swagger documentation for my existing node API using swagger-jsdoc.
The swagger.json is being served correctly and I added a path to it in the url parameter of the SwaggerUiBundle in index.html like this:
const ui = SwaggerUIBundle({
url: "https://my.domain:5292/swagger.json",
dom_id: '#swagger-ui',
presets: [
SwaggerUIBundle.presets.apis,
SwaggerUIStandalonePreset
],
plugins: [
SwaggerUIBundle.plugins.DownloadUrl
],
layout: "StandaloneLayout" })
However, the first thing it tries to do when opening the page in the browser is showing the default http://petstore.swagger.io/v2/swagger.json instead of my swagger.json. It actually fails to do so because I'm serving the page through https and the petstore is not https but that's a different matter...
Inputing my address to the swagger.json manually into the form on the page works as expected. It shows the API page correctly and validates it. However, I don't want to always re-enter the address there and would like to have it as a default.

Swagger UI 3.0.9 had a bug where it ignored the url parameter and always opened Petstore.
It was fixed in 3.0.10.

I had been having this issue lately when deploying using docker. Tried everything from changing all instance of petstore to my own api json docs but to no avail.
Finally I found out about API_URL environment variable, set it to my api docs in DockerFile and voila!
Took me two days but it was great to see it finally working.

You can disabled default url by adding below configuration in application.property file
springdoc.swagger-ui.disable-swagger-default-url=true

Related

passport-apple inexplainable invalid_client on nodejs backend -- using clean example repository with fresh set of credentials

I've cloned https://github.com/ananay/passport-apple-example and replaced the config with this:
clientID: "com.myname.web",
teamID: "myteamid",
callbackURL: "https://myurldev.com/auth/apple/redirect",
keyID: "mykeyid",
privateKeyLocation: path.join(__dirname, "../apple-key.p8")
I've also added SSL certificate on my machine and starting the server with https, all works fine & is recognized by my browser. I'm also starting the app on port 443 and proxying using my hosts file myurl.dev.com -> 127.0.0.1.
I have the same auth setup for facebook, google & microsoft and everything works fine.
I have:
Created a new APP identifier and enabled Sign in with Apple for it, named it: com.myname.dev
Created a new SERVICE identifier and enabled Sign in with apple, called it: com.myname.web
Added "https://myurldev.com/auth/apple/redirect" to the "Reply URLS" on the service identifier com.myname.web
Set my app identifier com.myname.dev as the main app identifier my service to be grouped with.
Created a private key and enabled sign in with apple, interface confirmed the presence of grouped ID com.myname.web bundled with com.myname.dev for which the key was created.
I have confirmed using console.log that the private key is indeed at the path being passed as parameter.
converted the .p8 file to base64 & then back to UTF-8 in an attempt to use the string for privateKeyString
successfully implemented Apple Oauth several times in the past using passport-apple
This time around, for some reason, auth simply doesn't work.
If I set the clientID as the APP identifier, not the service, I'm getting
invalid_request
Invalid web redirect url.
instead of invalid_client
Any advice on debugging this is highly appreciated. Thank you.
EDIT #1:
I have dug a bit deeper into the passport-apple package to figure out if anything goes against apple's docs around token generation, but the flow never reaches that part, indicating things go wrong on the actual configuration in Apple's console & what I'm trying to use for my project.
EDIT #2
2 of the app Ids I have created always throw "wrong redirect uri" because they're not service IDs so I can't configure redirect_uri, this will change if to "required" if I pass undefined as a redirect_uri.
One of the app ids throws only invalid client_id instead, regardless if I pass undefined or good value for redirect_uri.
EDIT #3
Went full vanilla through the OAuth code flow process and just created a url & redirected the user it, failing with this method is consistent with what is happening when using the passport-apple module.
const url = new URL("https://appleid.apple.com/auth/authorize");
url.searchParams.append("state", "fdbd287b1f");
url.searchParams.append("response_type", "code");
url.searchParams.append("scope", "name email");
url.searchParams.append("response_mode", "form_post");
url.searchParams.append(
"redirect_uri",
"https://raiseitupdev.com/auth/apple/redirect",
);
url.searchParams.append("client_id", "com.myname.web");
return res.redirect(url.toString());
[Creator of the library here.]
Did it stop working in development too? I feel this is a configuration error because the actual thing is working live on my website:
https://passport-apple.ananay.dev
Please follow up on this Github issue. Thanks!
https://github.com/ananay/passport-apple/issues/23

Cors no-access-control-allow-origin when trying to call B2C login

I cannot resolve this error, i have a .net core web api, with a react application inside of it ( net core react template )
I have also added cors:
services.AddCors(options =>
{
options.AddPolicy("AllowMyOrigin",
builder => builder.WithOrigins("https://localhost:44300")
.AllowAnyHeader()
.AllowAnyMethod()
.AllowCredentials()
);
});
I have tried multiple things but i cant get past this error.
I have found loads of material online to try and nothing seems to work i feel like i am missing something really obvious?
Can someone point me in the right direction.
I expect that there should be an allow origin header:
I also tried using the Mosif browser extension to turn cors on, this stoped the cors error from showing but now i have a 404 (notfound ) on:
https://login.microsoftonline.com/tfp/domainname.onmicrosoft.com/b2c_1_sign_up/v2.0/.well-known/openid-configuration
You mention that you get an 404 error when opening the openid-configuration url. This means that part of your configuration is incorrect. You must be able to open this url in your browser and get back a JSON document. Copy it to a new tab and tweak it until you get back a result.
Please double check your configured policy and tenant name. The full url usually looks like this:
https://tenantname.b2clogin.com/tenantname.onmicrosoft.com/<policy-name>/v2.0/.well-known/openid-configuration
https://tenantname.b2clogin.com/tenantname.onmicrosoft.com/v2.0/.well-known/openid-configuration?p=<policy-name>
https://login.microsoftonline.com/tfp/tenantname.onmicrosoft.com/<policy-name>/v2.0/.well-known/openid-configuration
All of these are equally valid and can be used depending on your scenario.
The config should then look something like this:
authentication.initialize({
instance: 'https://tenantname.b2clogin.com/',
tenant: 'tenantname.onmicrosoft.com',
Another issue might be if your B2C tenant quite new, Microsoft could be blocking support for microsoftonline for your tenant. In this case, try switching to the b2clogin.com domain as your instance.
You can see a possible value for this url when opening the user flow in the Azure Portal.
As a sidenote, I would suggest switching to a different react library. The one you are using is not really being maintained. We are currently using https://github.com/syncweek-react-aad/react-aad

How to fill login prompt with Webdriver IO?

I'm working on a CLI with OCLIF. In one of the commands, I need to simulate a couple of clicks on a web page (using the WebdriverIO framework for that). Before you're able to reach the desired page, there is a redirect to a page with a login prompt. When I use WebdriverIO methods related to alerts such as browser.getAlertText(), browser.sendAlertText() or browser.acceptAlert, I always get the error no such alert.
As an alternative, I tried to get the URL when I am on the page that shows the login prompt. With the URL, I wanted to do something like browser.url(https://<username>:<password>#<url>) to circumvent the prompt. However, browser.url() returns chrome-error://chromewebdata/ as URL when I'm on that page. I guess because the focus is on the prompt and that doesn't have an URL. I also don't know the URL before I land on that page. When being redirected, a query string parameter containing a token is added to the URL that I need.
A screenshot of the prompt:
Is it possible to handle this scenario with WebdriverIO? And if so, how?
You are on the right track, probably there are some fine-tunings that you need to address to get it working.
First off, regarding the chrome-error://chromewebdata errors, quoting Chrome DOCs:
If you see errors with a location like chrome-error://chromewebdata/
in the error stack, these errors are not from the extension or from
your app - they are usually a sign that Chrome was not able to load
your app.
When you see these errors, first check whether Chrome was able to load
your app. Does Chrome say "This site can't be reached" or something
similar? You must start your own server to run your app. Double-check
that your server is running, and that the url and port are configured
correctly.
A lot of words that sum up to: Chrome couldn't load the URL you used inside the browser.url() command.
I tried myself on The Internet - Basic Auth page. It worked like a charm.
URL without basic auth credentials:
URL WITH basic auth credentials:
Code used:
it('Bypass HTTP basic auth', () => {
browser.url('https://admin:admin#the-internet.herokuapp.com/basic_auth');
browser.waitForReadyState('complete');
const banner = $('div.example p').getText().trim();
expect(banner).to.equal('Congratulations! You must have the proper credentials.');
});
What I'd do is manually go through each step, trying to emulate the same flow in the script you're using. From history I can tell you, I dealt with some HTTP web-apps that required a refresh after issuing the basic auth browser.url() call.
Another way to tackle this is to make use of some custom browser profiles (Firefox | Chrome) . I know I wrote a tutorial on it somewhere on SO, but I'm too lazy to find it. I reference a similar post here.
Short story, manually complete the basic auth flow (logging in with credentials) in an incognito window (as to isolate the configurations). Open chrome://version/ in another tab of that session and store the contents of the Profile Path. That folder in going to keep all your sessions & preserve cookies and other browser data.
Lastly, in your currentCapabilities, update the browser-specific options to start the sessions with a custom profile, via the '--user-data-dir=/path/to/your/custom/profile. It should look something like this:
'goog:chromeOptions': {
args: [
'--user-data-dir=/Users/iamdanchiv/Desktop/scoped_dir18256_17319',
],
}
Good luck!

nodejs api returning nothing

I am trying to implement MEAN app for which I made node server
app.get("/posts",(req,res)=>{
posts=[{"title":"a","context":"b"},{"title":"c","context":"d"}]
res.send(posts); // tried even with res.status(200).json(posts)
});
when it checked with api tester it works well output snapshot
output snapshot with apitester
when i try to access with angular services
getposts()
{
var url='http://localhost:3000/posts';
this.http.get<post[]>(url).subscribe(data=>this.posts=data);
console.log(this.posts);
return this.posts;
}
when i do console.log(posts) it returning []
can someone please help i am struggling from last 2 days?
As you have not added the screenshot from the Browser's Inspector => Network Tab, I am guessing this answer will help you in case my guess is right.
Try setting the below in your front-end project (Angular in your case):
Try setting the below in your back-end project (Node in your case):
Also, verify your updates as in the below screengrab in the Browser's Inspector (Chrome in my case):
Please Note: - The mentioned response headers have special meaning, so kindly look for more info with a simple Google search. Use these settings during your development phase on localhost.

Codeigniter Controller class login form : 404 page not found

Im trying to combine several tutorials about Codeigniter and bootstrap and understand per codes so i can integrate it in my project. What i am trying to do right now is create a login form using the two framework.
And i setup my View according to the turotial included in Codeigniter 'user_guide/tutorial/static_pages.html' which my landing page is named as 'home.php' is inside the folder 'pages' and header.php, and footer.php is inside the 'templates' folder. I created also a controller: Page.php.
I also use .htaccess to hide 'index.php'. Now i follow this tutorial how to create a login page:
http://learnjquerybootstrap.blogspot.com/2015/01/login-session-using-codeigniter-and-bootstrap.html?m=1
-the only difference is this since i use htaccess:
<?php echo form_open(clogin/index); ?>
But when I try to submit the page i receive a: 404 page not found.
My navbar links are working fine. I understand that the codeigniter works like this:
http://localhost/myfolder/index.php/class/function/
so when i submit my form the url that show up is:
http://localhost/myfolder/clogin/index
and gives me: 404 page not found.
Question:
What is wrong with it?
is there something wrong with the tutorial that i am using? i check other tutorials and the controller structure is just the same, like on this link:
http://www.kodingmadesimple.com/2014/08/how-to-create-login-form-codeigniter-mysql-twitter-bootstrap.html
do i need to include clogin.php in route.php?
or is it about the htaccess? my
uri_protocol
is configured as
'REQUEST_URI'
in config.php. i tried other options but still the same.
Don't need include to route.
I recommented ready auth library.
If you use DevTools in your browser maybe "Network" tab of devtools can help you to why you get 404 error.
i already firgured it out.The mistake was in the route.php, since i tried to combine two examples.. i realized that the wildcard route that i included from the Codeigniter user guide will not work with the Clogin.php.
Since it was set as
$route['(:any)']='pages/view/$1';
So the url works as
http://localhost/myfolder/pages/view/clogin
instead of
http://localhost/myfolder/clogin.
I removed it and now it is working.

Resources