React Native download file from Sharepoint Online - sharepoint

I'm developing an application with React Native that connects to Sharepoint Online. I'm able to log into SPO and use "fetch" to get lists' content through the HTTP-Only/Secure cookies rtFa and FedAuth that are automatically set from login response.
Now, I would like to download files from SPO. I found these plugins: react-native-fetch-blob and react-native-fs. However, when I try to download a file, I get "Access denied. You do not have permission to perform this action or access this resource.".
I guess the problem is that the cookies (rtFa & FedAuth) are not passed to the fetch function of these plugins and I can't set them as they are HTTP-Only/Secure. Any ideas how to resolve this issue without writing native code?
Any help would be greatly appreciated!

I found a solution by contacting the developer of react-native-fetch-blob. The problem was due to no cookies mechanism, he kindly added one.
For more information: https://github.com/wkh237/react-native-fetch-blob/issues/156

Related

Reinstall Shopify App Error: "The Page is not Avalaible

I am developing the shopify app according to the tutorial presented on the page (QR create code), however when I am doing tests, when I uninstall it and try to reinstall it I get the following message:
There is no page at this address
Please check the URL and try again, or use the search bar to find what you need. (Attached in the photo)
Photo 404
If you can help me, thank you very much, I feel that it is as if the authentication failed or I had already used the token, the truth is that I do not know about the subject
My project is in node, react
"#shopify/app": "3.3.3",
"#shopify/cli": "3.3.3"
Thanks
This is a shopify_app bug
You need to delete the previous installation Shop from the database then try the install again and it will work.
If you have only one shop in the database quick solution will be the rails console
rails c
Shop.first.destroy
To resolve it permanently you have to register and handle the app_uninstalled webhook however it will not work 100% of the time due to delay. When the user removes the app the Shopify server trigger webhook with delay (2 seconds to 10 minutes)

Is HTTP PUT access required for uploading to SharePoint via the SaveBinaryDirect method?

We have developed a .NET console application to do file uploading to a SharePoint 2016 document library. The application was built using the Microsoft.SharePoint2016.CSOM library, with file uploading using on the Microsoft.SharePoint.Client.File.SaveBinaryDirect() method call.
Based on results from a web vulnerability scanning, there was a request that the “HTTP PUT method” should be disabled in IIS. However after some testing, we found that
If “HTTP PUT” is enabled, the file upload is successful
If “HTTP PUT” is disabled, the console application would return a 404 error from the file uploading step
We would like to confirm whether “HTTP PUT method” is necessary (and cannot be disabled) for the SharePoint CSOM SaveBinaryDirect() method.
If you use Fiddler to monitor the request, you can find it's PUT request.
First of all, to access the SharePoint services(rest/web) the user should be authenticated. Its not like anyone can upload a file. People can use POST instead of PUT for uploading etc. So I am not sure what type of quality check you are using.
These are the out of the box services SharePoint is providing and I have seen very big enterprises using it without the changes you have suggested.

Instagram API Matching code was not found or was already used

I am seeing this error from my live server using the Instagram API.
{
"Error":true,
"message":"Matching code was not found or was already used."
}
I have read a few suggestion on here to clear cache but that isn't fixing the issue. I am also unable to submit a support ticket directly on the Instagram site as I am receiving an error message while attempting to submit a ticket.
There are a bunch of developers complaining about the same issue at https://news.ycombinator.com/item?id=13178789. I don't think unchecking "Disable implicit OAuth" fixes the issue as I have already tried that and it didn't work.
The best thing you can do is to submit a report to instagram using your client id to put some pressure on their side to fix this issue.
I have the same issue, I guess it's from Instagram I reported an issue from my client panel in developer > manage clients > Report issue.
You can do they resolve this issue as soon as possible.
There is definitely a problem with the Instagram OAuth flow. The returned authorization code doesn't seem to work for some reason, it's very likely a network related problem that they need to fix on their end.
My theory is that the authorization code generated is not distributed to all Instagram API servers, and if you happen to hit a bad node then you're out of luck.
However, I recently found a solution that doesn't rely on the authorization code. If you use the client-side authentication then you'll be able to retrieve the access token without ever using the authorization code. It's less secure but works great as a temporary fix.
You simply change response_type=code to response_type=token. The token response type will redirect the user back to your website using this URL structure:
http://your-redirect-uri#access_token=ACCESS-TOKEN
I recommend fetching the access token from the URL client-side using JavaScript, and then passing it to an endpoint on your website. E.g. /callback?accesstoken={accessToken}. This is required because the content in the hash is not passed to the server.
Example:
<script>
if (window.location.hash && window.location.hash.indexOf('#access_token=') !== -1) {
var accessToken = window.location.hash.replace('#access_token=', '');
window.location.href = '/callback?accesstoken=' + accessToken;
}
</script>
The code snippet above is copied and slightly modified from the solution at https://news.ycombinator.com/item?id=13178789
You can read more about Instagram client side authentication on https://www.instagram.com/developer/authentication/ under Client-Side (Implicit) Authentication
I just had the same issue. Not sure why, but for me the code returned from oauth/authorize/? had 2 special characters at the end - "#_". After removing these my code worked.
This is due to security restrictions in place on your Instagram app. You can choose to allow it by unchecking "Disable implicit OAuth" for your Instagram app, under the Security tab.

Retrieve BLOGS_UPLOADED_IMAGES in java

I have some java code that retrieves blogs through the REST API's. I am not using the social business toolkit, but we have our own framework for that.
The application works perfectly on an on-premise connections environment and has worked on multiple versions.
However when switching to Connections Cloud, some parts stopped worked.
We get a 403 - Forbidden exception on 2 occasions:
Getting the details of a blog post: /blogs/[blog-id]/feed/entry/atom?entryid=[entry-id]
Getting images inside the blog post: /blogs/[blog-id]/resource/BLOGS_UPLOADED_IMAGES/[image file name]
I have fixed issue 1) by switching to the plublishing API: /blogs/[blog-id]/api/entries/[entry-id].
I cannot find a way to fix issue 2). I have also found 2 other image urls:
https://apps.ce.collabserv.com/blogs/[blog-id]/api/media/[file-name]
https://apps.ce.collabserv.com/blogs/[blog-id]/api/media/BLOGS_UPLOADED_IMAGES/[file-name].media
Both return:
<sp_0:error xmlns="http://incubator.apache.org/abdera" xmlns:sp_0="http://incubator.apache.org/abdera">
<code>404</code>
<message>Not Found</message>
</sp_0:error>
I want to authenticate by using Basic Authentication when possible. This does not appear to work with the given 403 urls.
My guess is that this the basic authentication header is not picked up. I have seen this before.
I used to fix this by first calling another URL that does support basic authentication and using the Ltpa cookies to authenticate the image url.
This also does not work: I do get LtpaTokens, but when I pass all the cookies to the URL, the image still does not work.
I prefer not to use OAuth of OAuth 2 at this moment. Is there any other way to fix this?
Anybody else managed to retrieve BLOGS_UPLOADED_IMAGES?
The issue is can also be reproduced in a browser.
Make sure you are not yet authenticated and the blog has posts with
images
Go to /blogs/[blog-id]/api/media
Authenticate using the popup in the browser The Atom feed now appears. This contains the images of your blog.
403 when opening:
/blogs/[blog-id]/resource/BLOGS_UPLOADED_IMAGES/[image]
404 xml when opening: /blogs/[blog-id]/api/media/* links

XPages error when running in web browser and saving new document

So I've finally move my application from development(inaccessible through internet) server to production(accessible through internet) server and I got the following runtime error whenever I'm trying to save a document:
Error while executing JavaScript action expression
Script interpreter error, line=23, col=10: [TypeError] Exception occurred calling method NotesXspDocument.save() not allowed to access or modify file: C:\WINDOWS\TEMP\notesC053A6\xsppers\22\DHRRDLYBXJ
not allowed to access or modify file: C:\WINDOWS\TEMP\notesC053A6\xsppers\22\DHRRDLYBXJ
I've done some testing to see where this would occur and found that it only happen when running the application in a web browser (including the Notes 9 web browser) and creating a new document and saving it.
If I run the application via XPiNC, create a new document and save, I'm able to save the document. And this document can later be edited and saved whether in XPiNC or web browser.
I'm not aware of this problem because during development I usually only test in notes client. When it come to web browser, I'll just create a local copy to test because the development server does not allow access through web browser.
Is there any server setting that I should change? I'm not admin but I could inform my boss to change. Thanks.
EDIT
After further testing, I found that uploading a file could be causing the problem. My XPage has fileUpload control for user to upload attachment with the document. But since it worked on XPiNC I need to know why it doesn't work in web browser and the solution to this.
Check to see if the user running the service of the domino server has full access rights to the c:\windows\temp folder
If your server is running Windows 2008 and no specific user is added to run the service.
Make sure that both system and Services has full access to that folder.

Resources