I'm creating an app on Outsystems, which uses the Yammer API. The issue is the Yammer authentication is causing some problems. In the "OnReady" property of the page, I've added the following code:
yam.getLoginStatus(
function(response) {
if (response.authResponse) {
console.log("logged in");
$parameters.Token = response.access_token.token;
console.dir(response); //print user information to the console
}
else {
yam.platform.login(function (response) { //prompt user to login and authorize your app, as necessary
if (response.authResponse) {
console.dir(response); //print user information to the console
console.dir(response.access_token.token);
$parameters.Token = response.access_token.token;
console.dir($parameters.Token);
}
});
}
}
);
It successfully returns a token, which I am able to verify using console.log(). Additionally, I've added a Login button which has the same code in its OnClick property.
The issue is, when I try to perform the Get Messages API call (Endpoint: https://www.yammer.com/api/v1/messages.json) from OnReady, it gives me the 401 Unauthorized access error. But, when I additionally use the OnReady, and also click the Login button, the API call is successful. I don't understand why, because the token received by both calls are the exact same, but it works after the user logs in twice? Any way to rectify this?
P.S. I've tried using the other endpoint (https://api.yammer.com/api/v1/messages.json). I'm getting the same problem.
Try adding a $resolve() inside the callback function. This way the code will wait until it finished before continuing to your next jav
Related
I have implemented the chrome.identity launchWebAuthFlow to authenticate users of a web extension against an oauth2 provider and the entire flow works perfectly, I receive the access token back in the redirect URL, I extract the token using a regex and then it is valid and accepted to query the APIs.
However, I do not understand why it does not prompt anymore for credentials when I launch again the launchWebAuthFlow. Instead, it retrieves another (valid !) token in the background. Don't get me wrong, I like this, and I prefer it works in the background, but I just don't understand how. Even after clearing all cookies and local data, when I launch the launchWebAuthFlow again it just works in the background without asking for credentials...where are they stored?
Also, not sure if that helps, but my flow is the following:
extension ->oauth2 server->azure ad SSO->enter credentials->redirect to extension
So the real authentication is managed by Azure AD. However, even when I'm signed out from Microsoft, the extension keeps getting a valid auth token when the below code is triggered and without asking for credentials...so the credentials must be stored somewhere...
chrome.identity.launchWebAuthFlow(
{
url: dev.identity_url(),
interactive: true
},
function (responseWithToken) {
// the access token needs to be extracted from the response.
console.log(responseWithToken);
let token = responseWithToken.match(/(?<=access_token=).*(?=&token_type)/);
token = token[0];
chrome.storage.local.set({ "auth-token": token }, function () {
console.log(`Access Token has been saved: ${token}`);
});
}
);
I've created a service worker enabled application that is intended to cache the response from an AJAX call so it's viewable offline. The issue I'm running into is that the service worker caches the page, but not the AJAX response the first time it's loaded.
If you visit http://ivesjames.github.io/pwa and switch to airplane mode after the SW toast it shows no API content. If you go back online and load the page and do it again it will load the API content offline on the second load.
This is what I'm using to cache the API response (Taken via the Polymer docs):
(function(global) {
global.untappdFetchHandler = function(request) {
// Attempt to fetch(request). This will always make a network request, and will include the
// full request URL, including the search parameters.
return global.fetch(request).then(function(response) {
if (response.ok) {
// If we got back a successful response, great!
return global.caches.open(global.toolbox.options.cacheName).then(function(cache) {
// First, store the response in the cache, stripping away the search parameters to
// normalize the URL key.
return cache.put(stripSearchParameters(request.url), response.clone()).then(function() {
// Once that entry is written to the cache, return the response to the controlled page.
return response;
});
});
}
// If we got back an error response, raise a new Error, which will trigger the catch().
throw new Error('A response with an error status code was returned.');
}).catch(function(error) {
// This code is executed when there's either a network error or a response with an error
// status code was returned.
return global.caches.open(global.toolbox.options.cacheName).then(function(cache) {
// Normalize the request URL by stripping the search parameters, and then return a
// previously cached response as a fallback.
return cache.match(stripSearchParameters(request.url));
});
});
}
})(self);
And then I define the handler in the sw-import:
<platinum-sw-import-script href="scripts/untappd-fetch-handler.js">
<platinum-sw-fetch handler="untappdFetchHandler"
path="/v4/user/checkins/jimouk?client_id=(apikey)&client_secret=(clientsecret)"
origin="https://api.untappd.com">
</platinum-sw-fetch>
<paper-toast id="caching-complete"
duration="6000"
text="Caching complete! This app will work offline.">
</paper-toast>
<platinum-sw-register auto-register
clients-claim
skip-waiting
base-uri="bower_components/platinum-sw/bootstrap"
on-service-worker-installed="displayInstalledToast">
<platinum-sw-cache default-cache-strategy="fastest"
cache-config-file="cache-config.json">
</platinum-sw-cache>
</platinum-sw-register>
Is there somewhere I'm going wrong? I'm not quite sure why it works on load #2 instead of load #1.
Any help would be appreciated.
While the skip-waiting + clients-claim attributes should cause your service worker to take control as soon as possible, it's still an asynchronous process that might not kick in until after your AJAX request is made. If you want to guarantee that the service worker will be in control of the page, then you'd need to either delay your AJAX request until the service worker has taken control (following, e.g., this technique), or alternatively, you can use the reload-on-install attribute.
Equally important, though, make sure that your <platinum-sw-import-script> and <platinum-sw-fetch> elements are children of your <platinum-sw-register> element, or else they won't have the intended effect. This is called out in the documentation, but unfortunately it's just a silent failure at runtime.
I ma trying to refresh my access token using the refresh token I have but I get following exception:
com.box.boxjavalibv2.exceptions.BoxServerException:
{"error":"access_denied","error_description":"Access denied"}
Please tell me what could be wrong with my request and why I am getting access_denied
If I send invalid refresh token, then I get
Caused by: com.box.boxjavalibv2.exceptions.BoxServerException:
{"error":"invalid_grant","error_description":"Invalid refresh token"}
I want to know the reasons for access_denied.
------------------- relevant code ------------------
BoxOAuthRequestObject requestObject = BoxOAuthRequestObject.refreshOAuthRequestObject(refreshToken, clientId,
clientSecret);
try {
// Authenticate with the new token
BoxOAuthToken boxOAuthToken = client.getOAuthManager().refreshOAuth(requestObject);
Not really sure what's going on without more information of your code.
One thing is that the sdk does auto-refresh the OAuth token. So basically you don't need to refresh it yourself. Please check https://github.com/box/box-java-sdk-v2#authenticate
I've received that error when attempting to call API methods that accessed the "Manage an enterprise" methods, while my application was defined as "Read and write all files and folders".
Make sure you set the appropriate checkbox at the application level.
How to handle urlfetch error? I'am trying muteHttpExceptions: true, but it doesn't work and the script breaks.
function myFunction() {
var result = UrlFetchApp.fetch("http://www.soccer-wallpapers.net/soccer_wallpaper/barcelona_fc_barcelona_360.jpg ", {
muteHttpExceptions: true });
Logger.log("code: " + result.getResponseCode());
Logger.log("text: " + result.getContentText());
}
But I'm trying another error url to work fine.
http://img8.uploadhouse.com/fileuploads/2058/20586362b34151eb10a4001e1c44305fe41bff6.jpg
Solved handle using the try and catch method.
try
{
var page = UrlFetchApp.fetch("http://www.soccer-wallpapers.net/soccer_wallpaper/barcelona_fc_barcelona_360.jpg");
}
catch(err)
{
Browser.msgBox("error");
}
}
This seems to be working as designed. The muteHttpExeptions is for doing just that. It tells the script to carry on as normal if it received an HTTP error status. In your first example code, the error is not an HTTP error. There is no web server to return an HTTP code of any type. The URL does not exist. The service that reaches out to the internet cannot continue, and there is no HTTP exception to be had.
When I visit http://www.soccer-wallpapers.net/soccer_wallpaper/barcelona_fc_barcelona_360.jpg, I get a timeout message. There was nothing to respond to my request. It appears that soccer-wallpapers.net is no longer responding to requests. It does have a DNS entry, but does not respond to ping from my location.
If you must handle bad URLs, potentially down servers and other server errors, then you will need to use a try{}catch(){} block. How you handle those errors is up you. The muteHttpExceptions flag is meant more for handling HTTP errors as part of your application instead of throwing errors at the script level.
That's still remains an issue in functions that are called in cells where the try-catch in this case is just ignored
I'm using this code to get the user geoposition. All goes well until the user deny permission to get the location. It seems this option gets cached and I don't know how reset it.
Is there any way to re-ask permission? Thanks in advance!
if (navigator.geolocation) {
navigator.geolocation.getCurrentPosition(function(position) {
// Success Callback
}, function(error) {
//error Callback
},{
//options
});
}else{
//geolocation not available
}
Pretty sure this is a browser/device setting stored per site. I think the point is that you can't reset this from a script as it would defeat the point of the prompt in the first place. I believe the only way to reset is to change the setting in the browser/device.
Like bgreater said, it depends on browser. But when user deny permission to get location error function will be called with error object. This error object contains error code. When error code equals 1 it means that user deny permission.
var errorTypes = {
0: "Unknown error",
1: "Permission denied by user",
2: "Position is not available",
3: "Request timed out"
};
I think, you can check this error code and display some kind of information to user.