anyone have any idea how to enable CORS in the context of C# Backend Mobile Service being invoked by a JS function via the MS Azure Mobile Services JS library?? I get 405 and have looked at this link (https://gist.github.com/HenrikFrystykNielsen/6c934be6c6c8fa9e4bc8) which makes sense but no longer applies.
Mobile Services written in JS can be configured for CORS via the portal, but not C# backends.
thanks in advance
The answer in the gist still applies -- remember to load the CORS NuGet package as well.
Henrik
Related
We have an Angular5 application with a DotNet OData backend API. The application is hosted in a Web Application with a virtual directory for the Angular5 app and another virtual directory for the DotNet backend. The web application is secured by Azure AD, with an Azure AD Application defined for the web site.
This all works perfectly. We have no authentication code in the front end (except for 'withCredentials: true' set in the service calls) but apparently having the whole application protected by Azure AD makes the front end able to call the backend without issue (Azure makes you authenticate when you access the Angular5 front end).
The problem comes when we try to develop the front end. When developing Angular5 one needs to run the Angular5 code locally, so I've set up a web app which hosts only the backend code and point the local configuration for the Angular5 app there. This fails with the first backend call with a 401. One of our developers discovered that if you simply plug in the URL to the backend with the same browser (i.e. copy the failing call from the browser network developer tab into a new browser tab in the same browser) you will go through the authentication process and then when you run the local Angular5 app again it works. We thought we had found a workaround until we noticed that for some reason this only seems to fix the "read only" calls. GET works, OPTIONS works but POST fails with a 401. I put some debugging code in the backend but it seems this code does not even get called (i.e. Azure, not our backend, is blocking the call).
So I've tried to figure out how to get the local Angular5 instance to behave as the one hosted by the Web app but I can't figure out what I need to be doing. I have also been unable to find anyone else doing this so I can't find a solution.
I have tried various solutions of actively getting a token (e.g. setting up /.auth/me, using adal5 to "login", etc.) for the front end but it seems every possible solution is defeated by CORS in the end. Our backend has an Allow-Origin for localhost:4200 but this doesn't apply to login.windows.com for the authentication step. I tried putting localhost:4200 in the CORS setting on the Azure Web App but then it complains about an Allow-Authentication header being missing and I have no way to force Azure to provide that. I read online that this is happening because Azure didn't expect people to be using "cookie authentication" so after some research I found that "cookie authentication" was being used because of the "withCredentials: true" calls, so I changed all of those to false. Then the Allow-Authentication failure goes away but I just run into more CORS failures during the authorisation (login.windows.com).
So I'm really stuck here. I can't believe I'm the only person on earth who's trying to run a local instance of Angular5 against an Azure AD secured Azure Web app backend but I can't find any examples anywhere of people successfully doing this. I also would like to avoid having to do some elaborate local authentication because the code works perfectly as-is when hosted on the same Azure Web app as the backend. Does anyone have a setup like I describe that is working?
I have a GraphQL server using graphql-yoga based on an Node JS express server running on Google App Engine.
Basically, the server exposes an HTTP endpoint with a single route accepting POST requests returning a JSON result, which is consumed by a mobile application.
It doesn't handle user authentication.
From what I understand, it is possible to use Google Cloud Endpoints to deploy an ESP (Extensible Service Proxy) in front of my server in App Engine.
It exposes an API with a secure endpoint that handles user authentication via Firebase Auth, Auth0 or Google Sign In.
Are my assumptions correct? I've deployed both with an open API specification that contains the right secure parameters but, without any bearer token, all requests are accepted.
Reference documentation: https://cloud.google.com/endpoints/docs/openapi/authenticating-users
ESP cannot run in front of your application on App Engine Standard the same way it can on App Engine Flex. That mostly has to do with the difference in architectures of those runtimes --- App Engine Flex is based on deploying containers (including multiple at a time), whereas App Engine Standard does not currently support multi-container deployments.
Because of this, we have the Endpoints Frameworks that add similar functionality as a library for applications based on App Engine Standard --- but this is only supported for the Python and Java runtimes.
Unfortunately, this means that if you're sticking with the combination of Node + App Engine Standard, there isn't currently a way to use Cloud Endpoints.
I've created a web application API with a swagger interface that I've deployed as an API App to Azure.
When creating a Logic App I can find my API App but whenever I try to use it I get the following error:
Failed to fetch swagger. Ensure you have CORS enabled on the endpoint
and are calling an HTTPS endpoint.
I'm using the default https url for the API definition in the API App:
https://microsoft-SOME-LONG-MS-INTERNAL-ID.azurewebsites.net/swagger/docs/v1
The swagger docs have been provided in my C# web API application through Swashbuckle.
For CORS I've set a single * item.
This didn't seem sufficient for the Logic App to access the API App I then configured Authentication / Authorization for the API App to use Azure Active Directory (express), creating an AD Azure App.
I believe the issue will be one of configuring security which is all pretty new to me in Azure. I'd like to make the API App inaccessible externally, but available to Web Apps and Logic Apps within my Azure subscription.
I've not added any authentication mechanism to the ASP.NET web application itself as I figured the web application would effectively be sitting in a private network on Azure. Perhaps this is a bad assumption and I need to add authentication to allow Azure AD to work?
Any pointers / suggestions?
Turns out I needed to update the Azure SDK for Visual Studio. I had an older version that was deploying a preview Api App which resulted in a "Api app host" type being deployed rather that an "API app" type.
Everything works after the update and I've found some documentation for securing the API App and making it available in the Logic App - https://azure.microsoft.com/en-us/documentation/articles/app-service-logic-custom-hosted-api/
How can I configure azure storage CORS without programmatically ? Do I really need to install visual studio and configure myself.
My current situation right now is I'm created linux instance VPS in Digital Ocean. I'm running wordpress web application and integrated with azure CDN.
I'm getting http origin not allows from the font file, I knew that something deal with CORS from azure storage. How can I configure the best way ?
CORS configuration is configurable via REST API's - so not bound to VS at all. If you are running Linux you can configure using Java or Node.Js. Resources:
- CORS overview with pointers to REST docs http://blogs.msdn.com/b/windowsazurestorage/archive/2014/02/03/windows-azure-storage-introducing-cors.aspx
- Java client library - https://github.com/Azure/azure-storage-java
- Node client library - https://github.com/Azure/azure-storage-node
I have a Windows Azure Mobile Service up and running, however, there is a need for that service to consume some data expose through an external SOAP service and store that information in the mobile service database.
I would like to set up a worker in the mobile service, so the calls to the external SOAP service are executed in a fixed period of time.
I've been looking for a solution to this problem, but haven't found anything yet. So any help that would get me in the right direction would be appreciated.
Unfortunately there isn't an easy way to talk to a SOAP service from your Mobile Service backend. The backend is based on Node.js, and even though there are some Node modules for talking to SOAP services, they are currently not supported in Mobile Services. We are working on a solution that will enable you to use any Node module in your service, but it is not out yet.
If you control the SOAP service and it is written using WCF, you may be able to easily add a REST endpoint to the service with just a few config changes and then consume it from your Mobile Service via plain HTTP requests by using the "request" module.