After upgrading Teams Toolkit to 4.2.0, while debugging team Application in Visual studio code, it fails with
API call to Developer Portal failed: Error, Request failed with status code 403, API name: create-app, X-Correlation-ID: undefined. This may come from some intermittent service error. Please wait for a few minutes and retry the current step. data: "<%3Fxml version="<REDACTED: user-file-path>" encoding="<REDACTED: user-file-path>"%3F>\nAuthenticationFailedServer failed to authenticate the request. Make sure the value of Authorization header is formed correctly including the <REDACTED: user-file-path>:<REDACTED: user-file-path>:2022-12-21T17:17:27.0783537ZAuthentication scheme Bearer is not supported in this version."
stack:
DeveloperPortalAPIFailed: API call to Developer Portal failed: Error, Request failed with status code 403, API name: create-app, X-Correlation-ID: undefined. This may come from some intermittent service error. Please wait for a few minutes and retry the current step. data: "<%3Fxml version="<REDACTED: user-file-path>" encoding="<REDACTED: user-file-path>"%3F>\nAuthenticationFailedServer failed to authenticate the request. Make sure the value of Authorization header is formed correctly including the <REDACTED: user-file-path>:<REDACTED: user-file-path>:2022-12-21T17:17:27.0783537ZAuthentication scheme Bearer is not supported in this version."
at AppStudioResultFactory.SystemError (<REDACTED: user-file-path>:2:7338905)
at wrapException (<REDACTED: user-file-path>:2:7304721)
at Object.importApp (<REDACTED: user-file-path>:2:7308431)
at process.processTicksAndRejections (node:<REDACTED: user-file-path>:96:5)
at async Object.createTeamsApp (<REDACTED: user-file-path>:2:7286749)
at async AppManifest.provision (<REDACTED: user-file-path>:2:7258303)
at async AppManifest. (<REDACTED: user-file-path>:2:6625833)
at async TeamsfxCore.provision (<REDACTED: user-file-path>:2:6128194)
at async TeamsfxCore. (<REDACTED: user-file-path>:2:6625833)
at async FxCore.provisionResourcesOld (<REDACTED: user-file-path>:2:7628193)
at async FxCore. (<REDACTED: user-file-path>:2:7772838)
at async exports.ProjectSettingsWriterMW (<REDACTED: user-file-path>:2:7846344)
at async exports.ContextInjectorMW (<REDACTED: user-file-path>:2:7761355)
at async FxCore. (<REDACTED: user-file-path>:2:7768296)
at async exports.VideoFilterAppBlockerMW (<REDACTED: user-file-path>:2:7896895)
at async exports.ProjectSettingsLoaderMW (<REDACTED: user-file-path>:2:7844791)
at async exports.ProjectVersionCheckerMW (<REDACTED: user-file-path>:2:7849870)
at async exports.AadManifestMigrationMW (<REDACTED: user-file-path>:2:7740883)
at async exports.ProjectConsolidateMW (<REDACTED: user-file-path>:2:7761067)
at async exports.ProjectMigratorMW (<REDACTED: user-file-path>:2:7810098)
at async exports.ConcurrentLockerMW (<REDACTED: user-file-path>:2:7743579)
at async exports.ErrorHandlerMW (<REDACTED: user-file-path>:2:7774291)
While debugging teams app in visual studio code, it should load the application in Microsoft Teams. Instead it is failing. This is after upgrading Team Toolkit to v4.2.0
Related
I need a user-request from a web app to call an AWS Chalice endpoint which triggers a long-running job. I can't let the user's browser wait for a response.
Chalice creates a REST API in API Gateway automatically, so this should be possible as it's not an HTTP API.
How to implement an endpoint in AWS Chalice which responds to the user immediately before executing the attached Lambda function?
I am aware of the InvocationType: Event header which should allow for this, but this has no effect, the endpoint does not call the Lambda asynchronously (the client gets a response when the job completes 20-30 seconds later).
Here's what the endpoint in the Chalice app roughly looks like:
#app.route('/api-v1/runLongJob', methods=['PUT'])
def run_long_job():
# do some stuff that takes a long time here
return {'status_code': 200}
I have also set InvocationType as a header in the Method request section in the API Gateway console:
See this screenshot for what that looks like
An example of how I call this endpoint from Python with the InvocationType header:
url = "https://----------.execute-api.xx-xxxx-x.amazonaws.com/api/v1-api/runLongJob"
data = {
'some parameter': 'some data'
}
headers = {
'Content-Type': 'application/json',
'InvocationType': 'Event'
}
r = requests.put(
url,
data=json.dumps(data),
headers=headers
)
How to create an asynchronous endpoint in a Chalice app?
The solution is to use the .lambda_function feature in Chalice along with the invocationType='Event' parameter in the invocation call, like this:
import boto3
from chalice import Chalice
lambda_client = boto3.client('lambda')
app = Chalice(app_name='api')
LOG.setLevel(logging.INFO)
#app.route('/v1/lambdaTest')
def test_endpoint():
LOG.info(datetime.now().strftime('%Y-%m-%d %H:%M:%S'))
_ = lambda_client.invoke(
FunctionName="api-dev-testFunction",
InvocationType='Event',
Payload="{}"
)
LOG.info(datetime.now().strftime('%Y-%m-%d %H:%M:%S'))
return {'status_code': 200}
#app.lambda_function(name='testFunction')
def test_lambda_function(event, context):
LOG.info(datetime.now().strftime('%Y-%m-%d %H:%M:%S'))
time.sleep(20)
LOG.info(datetime.now().strftime('%Y-%m-%d %H:%M:%S'))
This generates two lambda functions, one for the API and one for the asynchronous task. When the API is called, the response is immediate, but the task takes 20 seconds to complete.
Note that I had to manually permit the API lambda to invoke the other, in the AWS console.
I am working on porting oauth2client library to google-auth and oauthlib library
Right now for oauth2 authentication, I am using javascript client and using grantofflineaccess method in it.
The flow for oauth2client library was:
using the js client, we get the authorization code and pass it in oauth2client.client.credentials_from_code to get the credentials object. In the paramaeters, we pass only clientid,secret,scopes and code. There was no mention of redirect_uri.
Right now I am replacing it with flow
https://google-auth-oauthlib.readthedocs.io/en/latest/reference/google_auth_oauthlib.flow.html
This means that I HAVE TO pass redirect_uri to create the flow object, following which I can use flow.fetch_token(code) to get flow.credentials.
Here is my javascript side code (angularJS) (Reference: https://developers.google.com/identity/sign-in/web/reference)
// init
gapi.load('auth2', () => {
const authScopes = {
client_id: $window.GOOGLE_API_CLIENT_ID,
scope: scopes.join(' '),
};
auth2 = gapi.auth2.init(authScopes);
// When signin button clicked
auth2.grantOfflineAccess({ redirect_uri: 'postmessage', prompt: 'consent' })
.then((response) => {
// We enter this when user signins into google account and 'ALLOWS' the scopes. We receive the code in response using which we get the access and refresh token. The below calls are being made to backend
Something.authenticateUser(response.code).then(() => {
$scope.sheetsWizard.onLoginSuccess();
The backend code: (django)
# Upon receiving the 'code', it calls oauth2client function to get credentials object
credentials = client.credentials_from_code(
GOOGLE_API_CLIENT_ID,
GOOGLE_API_CLIENT_SECRET,
scopes,
data['code']
The above was older code, How the new code looks in the backend (The frontend or angularJS remains the same)
flow = Flow.from_client_config(client_config=dictionary_with_client_credentials, scopes=scopes, redirect_uri='some_website.com')
flow.fetch_token(code = data['code'])
credentials = flow.credentials
My questions:
Is there a method in google-auth that I am missing, so I don't have to pass redirect_uri, and still get at least access_token and refresh_token, after receiving code?
in js gapi client, there is a mention of redirect_uri='postmessage', but could not find documentation related to it. What does it mean?
While testing my skill, if I do not reply and it times out, Alexa sends a SessionEndedRequest to my Lambda function.
Based on these docs: Handle Requests Sent by Alexa:
Your service cannot send back a response to a SessionEndedRequest.
Therefore, I am not responding to these requests.
But then my app shows a card with this message:
Skill response was marked as failure
(Skill Name)
Request Identifier: amzn1.echo-api.request.xxxxxxxxxxxxxxxxxxxxx
The target Lambda application returned a failure response
So what should we handle this request that does not give a response, and does not result in this error?
I use Node.js in Lambda, but a Python answer is fine too.
Are you sure the error in the card was for SessionEndedRequest only?
Generally, even if you send a response back to Alexa for a SessionEndedRequest, it won't be spoken.
You can handle a SessionEndedRequest like this in ask-nodejs-sdk-v2.
const SessionEndedRequestHandler = {
canHandle(handlerInput) {
console.log("Inside SessionEndedRequestHandler");
return handlerInput.requestEnvelope.request.type === 'SessionEndedRequest';
},
handle(handlerInput) {
console.log(`Session ended with reason: ${JSON.stringify(handlerInput.requestEnvelope)}`);
return handlerInput.responseBuilder.getResponse();
},
};
I have an web app which I bundled using webpack, I placed my entire react/redux app in the public file which will be served by nodejs(express-generator). My app works when I run in localhost/ local env. However when I deploy to heroku. I cannot make calls.
The below is the error message:
bundle.js:19 GET https://glacial-cove-64389.herokuapp.com/users/ 401 (Unauthorized)
Object {err: Error: Request failed with status code 401 at e.exports (https://glacial-cove-64389.herokuapp.co…}
err
:
Error: Request failed with status code 401 at e.exports (https://glacial-cove-64389.herokuapp.com/bundle.js:19:10382) at e.exports (https://glacial-cove-64389.herokuapp.com/bundle.js:26:6821) at XMLHttpRequest._.(anonymous function) (https://glacial-cove-64389.herokuapp.com/bundle.js:19:9464)
__proto__
:
Object
initially I thought it could be my my ROOT_URL so I changed it the below is an example of my actions file.
const ROOT_URL = "//glacial-cove-64389.herokuapp.com"
const axiosOption = {headers: { authorization : localStorage.getItem('token')}}
/*Sign in user*/
export function signinUser({ email, password }){
return function(dispatch){
axios.post(`${ROOT_URL}/users/signin`, { email, password })
.then(function(res){
dispatch({ type: AUTH_USER })
localStorage.setItem('token', res.data.token);
browserHistory.push('/users');
})
.catch(function(err){
dispatch(authError('Invalid email or password'))
console.log({err});
})
}
}
So what happens is that the react recognize the login and push user to the correct route. but it return the above error msg status code 401 once it hits the main pages.
The main problem I have is when I try to perform CRUD which doesn't work
Here is my repo: https://github.com/boyboi86/API_basic_random
I found out the hard way..
If you intend to put everything within your public file when scaffold with express-generator. Putting CORS within your Nodejs is insufficient because now your axios (react) that makes the call is also subjected to CORS, And you will have to config within your axios with the following:
axios.defaults.headers.post['Access-Control-Allow-Methods'] = 'PATCH, DELETE, POST, GET, OPTIONS';
This is to ensure all calls made will be allowed. I realised this when I look at the response headers.
I'm hoping someone can help with this:
I have a web api secured with Azure AD Bearer Authentication, where I have two web clients that can successfully authenticate on the web api using bearer tokens from AD. The Web API and both web applications are configured as applications in AD. I've tried to use ADAL for Cordova for accessing the web api a iOS/Android app but it's returning 401.
ClaimsPrincipal.Current.Identity.IsAuthenticated is returning false.
I'm using the client id for the native application I've setup in Azure AD, and I'm receiving the token but this token is invalid. After I've parsed the token on jwt.io, everything seems correct but I've noticed the token doesn't have a header.
I've added permissions to access the Web Api and sign in and access AD as the user.
The code I'm using in Cordova is below, the authority I'm using is the same as the other apps that are working. Where resource is the app Id for the Web Api in AD, and client id is the client id for the native app in Azure Ad.
// Attempt to authorize user silently
AuthenticationContext.acquireTokenSilentAsync(resource, clientId)
.then(function (result) {
sessionService.logIn(result.idToken);
console.log(result);
deferred.resolve();
}, function () {
// We require user credentials so triggers authentication dialog
AuthenticationContext.acquireTokenAsync(resource, clientId, redirectUri)
.then(function (result) {
console.log(result);
sessionService.logIn(result.idToken);
deferred.resolve();
}, function (err) {
console.log("Failed to authenticate" + err);
deferred.reject("failed to authenticate");
});
});
I've also tried using result.accessCode, which also doesn't work.
StartUp.Auth.cs in Web Api:-
app.UseCors(Microsoft.Owin.Cors.CorsOptions.AllowAll);
app.UseWindowsAzureActiveDirectoryBearerAuthentication(
new WindowsAzureActiveDirectoryBearerAuthenticationOptions
{
Tenant = ConfigurationManager.AppSettings["ida:Tenant"],
TokenValidationParameters = new TokenValidationParameters {
ValidAudiences = Audiences
}
});
}
Can anyone help please?
Thanks
You appear to be sending the wrong token to the API - you are supposed to send result.accessToken. See https://github.com/Azure-Samples/active-directory-cordova-multitarget/blob/master/DirSearchClient/js/index.js for an example.