I am using DocuSign connect to update the state of my app after an event happens on a document.
I have set up my account like so:
At the moment my "URL to Publish" looks something similar to https://key:secret#example.herokuapp.com. However when I look in the logs I always seem to receive something similar to:
error: Exception in EnvelopeIntegration.RunIntegration: key :: https://key:secret#example.herokuapp.com/webhook :: Error - The remote server returned an error: (401) Unauthorized
When I copy the Envelope Data into a file locally (complete-webhook.xml) and I run the following command through the command line it seems to run successfully:
curl -i -X POST -d #complete-webhook.xml https://key:secret#example.herokuapp.com/webhook
Has anybody got any ideas as to the reason why this could be happening?
When you use a url such as https://username:password#example.com/, your client takes the username:password part of the url and uses it to create an Authorization: Basic header.
You can try it yourself, create a requestb.in and then use the curl command
curl -X POST -d "fizz=buzz" http://username:password#requestb.in/12345
# where 12345 is your requestb.in address
The result on requestb.in:
A request to just /12345 (the incoming url does not include the username or password)
The request includes the header Authorization: Basic dXNlcm5hbWU6cGFzc3dvcmQ=
If you put dXNlcm5hbWU6cGFzc3dvcmQ= through a base64 decoder, you get username:password
Answer, at this point, the Connect system does not support sending basic authentication information when it calls listeners. I have filed an internal feature request.
Work-around
Your listener url can include a query parameter that serves as a password. eg. `example.com/webhook/?pw=9e47a953-c105-44c5-ba5c-4bb77d63694d
Then, in your listener, simply reject any request that does not include the pw query parameter and the value that you chose.
In its requests to your listener, the Connect system will use any query parameters that you originally set when you added the Connect subscription.
Related
i'm integrating the docusign api with my angular application, everything is working good, i created a proxy configuration in order to do the api calls, im using the demo url since i have a demo developer account.
The problem is that when i run my program in local (using localhost) the authentication token is successfully returned by the oauth call but when i upload my program on an external domain the same call returns me an html with irrelevant information with status 200 OK.
I tried to search this on google but i can't find nothing good.
What should i do?
this is the error i get:
ERROR qm
error: {error: SyntaxError: Unexpected token < in JSON at position 0
at JSON.parse ()
at XMLHtt…, text: "<!doctype html>↵↵↵ <meta ch…b0a19788ec.js" defer="">↵↵"}headers: DmlazyInit: ()=> {…}lazyUpdate: nullnormalizedNames: Map(0) {}proto: Objectmessage: "Http failure during parsing for http://frontendly.it/oauth/token"name: "HttpErrorResponse"ok: falsestatus: 200statusText: "OK"url: "http://frontendly.it/oauth/token"proto: Bm
The OAuth call you are making has a parameter called redirectUri.
Look for &redirect_uri= in the URL.
You have to change that for each location, if you put this in a domain - then you cannot use localhost in there.
This URL has to match exactly to where you deployed your application.
For the second call, make sure to make it a POST, not GET, add the headers like this: (more information)
curl --header "Authorization: Basic NWMyYjhkN.....FhODg2MQ=="
--data "grant_type=authorization_code&code=eyJ0eXAi.....QFsje43QVZ_gw"
--request POST https://account-d.docusign.com/oauth/token
I'm looking for a way to include the backend name (as configured by the backend vcl option), that a request was sent to (or response received from; either way) in varnishncsa log output.
When running varnishncsa in client mode, i.e. logging the frontend requests/responses.
The log format is here: https://varnish-cache.org/docs/trunk/reference/varnishncsa.html#format
I've tried to find an "Extended variable" (%{X}x) that would satisfy this option, without luck so far. Varnish version is 6.x.
Do I need to set a custom request or response header, to match on, for this first??
You can use an extended variable to get the job done.
varnishncsa from a backend request
Here's an example where I retrieve the backend name for backend requests:
varnishncsa -b -F "%{VSL:BackendOpen[2]}x"
The VSL tag you need is the BackendOpen tag that would return the following output in varnishlog:
- BackendOpen 32 boot.bla 192.168.224.2 8080 192.168.224.3 53908
As you can see the backend name is the second field, hence the BackendOpen[2] expression.
varnishncsa from a client request
In the client thread the backend is hinted, but not opened.
If you want to access the hinted backend, you'll need to have access to the req.backend_hint variable. You could use std.log() to log this value as a VCL_Log tag.
Here's the VCL example:
vcl 4.0;
import std;
backend default {
.host="1.2.3.4";
.port="80";
}
sub vcl_recv {
std.log("Backend: "+ req.backend_hint);
}
And here's the varnishncsa command the would look for this value:
varnishncsa -c -F "%{VSL:VCL_Log:Backend}x"
Conclusion
Of course you still need to tune your varnishncsa command a bit to include the right fields and filter on the right parameters, but this one should hopefully answer your question.
It's up to you to look for the backend name at client request side or at the backend request side.
I have recorded the script in JMeter, and while validating it, it is throwing an error for the winauth/sso, how to resolve it. my app has oAuth and me have to authenticate it.
I'm running the script for WinAuth, it gets highlighted in red color and under Response Body, it is displaying "Unauthorized"
I have added the HTTP Cookie Manager (check CookieManager.save.cookies=true in jmeter.properties), HTTP Authorization Manager.[images are added down the below for verification purpose]
I'm not able to view the Token_id also.
Images:
1. showing winAuth sso error
2. showing all parameters with its respective values.
You have to do at least three steps:
Add HTTP Cookie Manager (and check
CookieManager.save.cookies=true in jmeter.properties)
Add HTTP Authorization Manager
Using the Regular Expression Extractor extract Authentification token from the first request (from login page) and send it to the second requests.
See that article to get ideas about how to use the Regular Expression Extractor to extract authentication token https://dzone.com/articles/how-to-load-test-saml-sso-secured-websites-with-jm
Hi I used the deploy to bluemix button at the top right of this page
https://alchemy-language-demo.mybluemix.net/?cm_mc_uid=69990450306114782046823&cm_mc_sid_50200000=1478206651
to create an Alchemy language node server. It runs ok -
https://alchemylanguage-nodejs-encekxdev-216.mybluemix.net/
but when I try to post to it using postman I get the response 'internal server error'.
Checking the server logs, it seems to respond to the request with
code: 'EBADCSRFTOKEN', error: 'invalid csrf token'
Even if I try to send the csrf from the webpage version of the site, it still doesn't work.
I feel like I have missed something in the configuration of the server but don't know what. I'm not great with servers etc so sorry if this is super basic.
EDIT - I should mention I have also tried sending an apikey in the request which I got from the service credentials section in the alchemy service bit off the dashboard but the same error occurs.
EDIt - The call to the API I am making looks like this:
POST https://alchemylanguage-nodejs-encekxdev-216.mybluemix.net/api/keywords
with headers:
text: 'this is some dummy text I have made'
I have also tried adding apikey to the headers.
Thanks.
You do not POST your application, you have to POST to the API.
Here is the link with API URL and various samples:
http://www.ibm.com/watson/developercloud/alchemy-language/api/v1
For example, here is a curl request for keywords:
curl -X POST \
-d "outputMode=json" \
-d "url=http://www.twitter.com/ibmwatson" \
"https://gateway-a.watsonplatform.net/calls/url/URLGetRankedKeywords?apikey=$API_KEY"
Make sure you export $API_KEYto your environment before running the command above. You can find the $API_KEY in the AlchemyAPI instance you created in Bluemix.
There's been some thread regarding the Instagram's realtime API, and it's remain unclear whether the fault is of Instagram or the developers that are trying to use it.
My issue is with the first subscription request. I think that my request is correct but I keep getting error \"callback_url\". URL must start with \"http://\" or \"https://\""
The request is:
curl -X POST 'httpiptions?client_id=CLIENT_ID&client_secret=CLIENT_SECRET&object=tag&object_id=love&aspect=media&callback_url=http://myurl.com/subscribe'
Moreover, when I'm changing the request type to GET instead of POST I'm getting a successful message 200 with empty data, and Instagram do not invoke a POST request to my callback_url.
So as I see it there're 2 issues:
1) Should the request be POST( doesn't works for me) or GET( did work for me).
2) Why instagram returns empty data and do not POST to the callback_url.
It has to be a POST.
In order to successfully subscribe and receive a response from the POST you do as your subscription request, your callback URL has to do some extra work and that is to also respond to a GET request sent from Instagram, right after you send the subscription request, to verify that you are the real owner of the callbalck URL.
In summary your callback URL, beside receiving POSTs, has to also respond to a GET request and echo back the hub.challenge parameter sent in that GET request.
Review the detailed description of the process in the documentation: http://instagram.com/developer/realtime/
UPDATE:
Now I could reproduce your described error.
The problem is with your CURL call. Your are supposed to send a POST request along with appropriate POST parameters but your call is doing a POST sending parameters as GET in the URL. Actually the API should reject the whole request but it seems it partially processes the parameters.
Change the CURL to:
curl -F 'client_id=CLIENT-ID' \
-F 'client_secret=CLIENT-SECRET' \
-F 'object=user' \
-F 'aspect=media' \
-F 'verify_token=myVerifyToken' \
-F 'callback_url=http://YOUR-CALLBACK/URL' \
https://api.instagram.com/v1/subscriptions/
This does a POST and sends your parameters correctly.