I'm trying to change the message of sendResetPwd on feather auth management because he has security issues, I think
I have this result
BadRequest: User not found.
at new BadRequest (node_modules/#feathersjs/errors/lib/index.js:86:17)
at getUserData (/node_modules/feathers-authentication-management/lib/helpers.js:93:11)
at node_modules/feathers-authentication-management/lib/sendResetPwd.js:32:14
Is there a way to change message "User not found"
Same for
BadRequest: User is not verified.
Thanks in advance
Carlos Vieira
I found a hack solution
In feathers app-hoks set this
error: {
all: [
preventErrorMessages,
]
}
and check for 'sendResetPwd' in context and set new message error fired up
Related
This is the code i'm trying to use for deleting messages posted through a webhook to a chat room (I grab messageID when I create It with this same request but POST method and sending message in a text variable):
var WEBHOOK_URL2 = "https://chat.googleapis.com/v1/spaces/<SPACE>/messages/<MESSAGEID>.<MESSAGEID>?key=<KEY>&token=<TOKEN>%3D";
var options = {
'method' : 'delete',
'muteHttpExceptions' : true,
};
var response = UrlFetchApp.fetch(WEBHOOK_URL2, options);
Logger.log (response);
The response is
"error": {
"code": 401,
"message": "Request is missing required authentication credential. Expected OAuth 2 access token, login cookie or other valid authentication credential. See https://developers.google.com/identity/sign-in/web/devconsole-project.",
"status": "UNAUTHENTICATED"
}
As commented, creating messages works with those credentials (key / token from chatroom webhook) Maybe i am missing something from the documentation at https://developers.google.com/hangouts/chat/reference/rest/v1/spaces.messages/delete ?
Thank you in advance,
That error usually occurs because the request lacks the access token or that access token wasn't validated. I assume that you are using Apps Script for this task. If my assumption is true, you'll find this reference useful; it summarizes the OAuth 2.0 protocol for Google APIs using JavaScript. For obtaining access tokens, please refer to this other guide for a complete step-by-step. Please, follow those steps on your request routine and don't hesitate to write back if you need more help.
I posted this last week and have made progress since, where I've discovered the packages that VSCode's JSON support is delivered via extensions:
https://github.com/vscode-langservers/vscode-json-languageserver
https://github.com/Microsoft/vscode-json-languageservice
and all the rest. I'm trying to reuse this in an Electron (NodeJS) app. I'm able to fork a process starting the language server and initialize it:
lspProcess = child_process.fork("node_modules/vscode-json-languageserver/out/jsonServerMain.js", [ "--node-ipc" ]);
function initialize() {
send("initialize", {
rootPath: process.cwd(),
processId: process.pid,
capabilities: {
textDocument: true
}
});
}
lspProcess.on('message', function (json) {
console.log(json);
});
and I see that console.log firing and showing it seems to be up correctly.
My thoughts are that I just want to send a textDocument/didChange event as per the LSP:
send('textDocument/didChange', {
textDocument: TextDocument.create('foo://bar/file.json', 'json', 0, JSON.stringify(data))
});
where data is a JSON object representing a file.
When I send that message and other attempts at it I get
error: {code: -32601, message: "Unhandled method textDocument/didChange"}
id: 2
jsonrpc: "2.0"
Any idea what I'm doing wrong here? My main goal is to allow edits through my Electron app and then send the updated JSON to the language server to get schema validation done.
EDIT: I'm even seeing unhandled method initialized when I implement connection.onInitialized() in the jsonServerMain.js.
EDIT2: Update, I figured out where I was going wrong with some of this. initialized and textDocument/didChange are notifications, not requests.
EDIT2: Update, I figured out where I was going wrong with some of this. According to the LSP, initialized and textDocument/didChange are notifications, not requests. Requests have an id field that notifications don't, so when sending a notification, remove the ID field.
I am using this code in Apps script
function getUserObjByEmail(email){
// Same as using AdminDirectory class.
var apiUrl = "https://www.googleapis.com/admin/directory/v1/users/"+email+"?fields=id";
var token = ScriptApp.getOAuthToken();
var header = {"Authorization":"Bearer " + token};
var options = {
"method": "GET",
"headers": header
};
var response = JSON.parse(UrlFetchApp.fetch(apiUrl, options));
return response;
}
which I run as a function from App Maker project. Things go smoothly when I use the app since I have an admin role( I guess, not sure ) but the problem arises when other normal users in our domain start using the deployed app maker app. I checked the server logs and its full of this message:
Exception: Request failed for
https://www.googleapis.com/admin/directory/v1/users/email#domain.com?fields=id
returned code 403.
Truncated server response: { "error": { "errors": [ { "domain": "global",
"reason": "forbidden", "message": "Not Authorized to access this
resource/api" ... (use muteHttpExceptions option to examine full response)
Any idea how to fix this? I have manually added the required scopes for the apps script library, I added the following:
"https://www.googleapis.com/auth/script.external_request",
"https://www.googleapis.com/auth/admin.directory.user"
The reason this happens is because YOU have admin rights, otherwise you'd be getting the same error message. The other users don't have admin rights hence they get the error. To solve this problem, you can either deploy the application running it as the developer or you can use a service account to impersonate an admin and do the process.
Regarding the first approach, you can find more info here https://developers.google.com/appmaker/security/identity.
Regarding the second approach, you can use the following app script library https://github.com/gsuitedevs/apps-script-oauth2#using-service-accounts
Moreover, if you do not require to get custom schemas information, then you can simply use a directory model and that should work for all users. Check the reference here: https://developers.google.com/appmaker/models/directory
I have the problem that after registering the service worker the navigator.serviceWorker.controller always is null.
I want to use postMessage to send a message to the service worker.
However, navigator.serviceWorker.controller always returns null,
and shows the error TypeError: Cannot read property 'postMessage' of null.
Sometimes I can use navigator.serviceWorker.controller.postMessage, but at other times navigator.serviceWorker.controller returns null,
I am not sure how to deal with this issue...
I have done some research, but I still cannot fix my issue...
Has anybody any ideas?
Thanks,
Terry
Here is the test page that I created.
https://terrylee7788.github.io/test_web_worker.html
Use navigator.serviceWorker.ready
navigator.serviceWorker.ready.then(function(serviceWorkerRegistration) {
// Let's see if you have a subscription already
return serviceWorkerRegistration.pushManager.getSubscription();
})
.then(function(subscription) {
if (!subscription) {
// You do not have subscription
}
// You have subscription.
// Send data to service worker
navigator.serviceWorker.controller.postMessage({'data': dataToServiceWorker});
})
I have a problem. My cosmos gui application crashes after trying to authorize with keystone.
Horizon application is running on https://192.168.4.33:443,
while cosmos-gui is running on http://192.168.4.180:81.
My gui config file looks like this:
"oauth2": {
"idmURL": "https://192.168.4.33",
"client_id": "***********************************",
"client_secret": "*********************************",
"callbackURL": "http://192.168.4.180:81/auth",
"response_type": "code"
},
and inside horizon i registered application Cosmos Big data
with parameters:
Description
Cosmos Big data
URL
https://192.168.4.33
Callback URL
http://192.168.4.180:81/auth
So afterwards i start cosmos-gui application and after clicking on login it redirects me to this url:
https://192.168.4.33/oauth2/authorize/?response_type=code&client_id=0434fdf60897479588c3c31cfc957b6d&state=xyz&redirect_uri=http://192.168.4.180:81/auth
And that is ok.But then, when i click on button authorize it leads me to this url:
http://192.168.4.180:81/auth?state=xyz&code=NVfyZUov1KuQ8yTw498oItHgYC2l9Z
and at that moment cosmos-gui application crashes and everything that i get from the log is this:
/home/cosmos-gui/fiware-cosmos/cosmos-gui/src/app.js:138
req.session.access_token = results.access_token;
^
TypeError: Cannot read property 'access_token' of undefined
at /home/cosmos-gui/fiware-cosmos/cosmos-gui/src/app.js:138:43
at /home/cosmos-gui/fiware-cosmos/cosmos-gui/src/oauth2.js:168:22
at ClientRequest.<anonymous> (/home/cosmos-gui/fiware-cosmos/cosmos- gui/src/oauth2.js:140:9)
at ClientRequest.emit (events.js:95:17)
at CleartextStream.socketErrorListener (http.js:1548:9)
at CleartextStream.emit (events.js:95:17)
at SecurePair.<anonymous> (tls.js:1400:19)
at SecurePair.emit (events.js:92:17)
at SecurePair.maybeInitFinished (tls.js:980:10)
at CleartextStream.read [as _read] (tls.js:472:13)
On the side of keystone everything looks ok.This is from keystones log:
2015-08-24 16:34:02.604 27693 INFO keystone.contrib.oauth2.controllers [-] OAUTH2: Created Authorization Code to consumer 0434fdf60897479588c3c31cfc957b6d for user idm with scope [u'all_info']. Redirecting to http://192.168.4.180:81/auth?state=xyz&code=NVfyZUov1KuQ8yTw498oItHgYC2l9Z
2015-08-24 16:34:02.606 27693 INFO eventlet.wsgi.server [-] 127.0.0.1 - - [24/Aug/2015 16:34:02] "POST /v3/OS-OAUTH2/authorize HTTP/1.1" 302 208 0.121336
When you authorize the Cosmos app in Keystone, the callback URL is called and this piece of software is executed:
// Handles requests from IDM with the access code
app.get('/auth', function(req, res) {
// Using the access code goes again to the IDM to obtain the access_token
oa.getOAuthAccessToken(req.query.code, function (e, results){
// Stores the access_token in a session cookie
req.session.access_token = results.access_token;
res.redirect('/');
});
});
I.e. Keystone calls the callback with an access code (a soft piece of security) that can be used to retrieve the final access token (a hard security element).
It seems your Keystone is generating the access code but it is not returning the access token when asked for it. Can you check the Keystone logs in order to find the access token request? May you print any error returned by this call?
oa.getOAuthAccessToken(req.query.code, function (e, results)
After a bit of debugging and printing arguments that were going into the app.get('/auth', function(req, res)
i found this Error: DEPTH_ZERO_SELF_SIGNED_CERT
It seems it doesn't recognize self signed certificates as valid.
Anyway as first line in file:
cosmos-gui/src/app.js
i added
process.env.NODE_TLS_REJECT_UNAUTHORIZED = '0';
and now it is working.