I am new to uipath and i am struck with automating our college website login. I am suggested to use the "type secure text" activity to secure the password that has to be entered in the password field. but it was not present in activity panel. youtube tutorials are suggesting to use the assets section in the orchestrator followed by get credential.
Is that possible to secure the password with "Type secure text" without using the "get credential" activity and "assets section" in the orchestrator ?
Thanks in Advance
In short, yes, you can use "type secure text" activity without get credential or asset section.
You will need to create a new variable of type SecureString and pass it as an argument to type secure text:
mystring = your string
newsecurestring = new System.Net.NetworkCredential(“”, “myString”)).SecurePassword
Then pass newsecurestring to type secure text activity.
There are 2 ways to use secure passwords or let's say credentials:
Orchestrator Assets
Windows Credentials
As both are very well documented, it should be fine to just link to them here.
Related
I am trying to access logs from an app. Apparently, the only way to do that is the herkoku client.
I am working remotely. When I do
heroku login -i
Error: Your account has MFA enabled; API requests using basic authentication with email and password are not supported. Please generate an authorization token for API access.
But there is no link provided where or how to get such a token.
And the documentation does not mention the creation of such a token. Only how to store it.
Any ideas?
While logged in to the Heroku web interface, go to "Account settings" (in the menu under your avatar in the top right) and scroll down to "API Key". Generate one if there isn't one already, or click "Reveal" to see the existing one.
Now, re-run heroku login -i, and enter your email as normal, but enter that API key instead of your account password.
The above method works. But: You have to type this password into the CLI. Cutting and pasting does not work.
I'm creating an application in Blazor WebAssembly with Microsoft.Authentication.WebAssembly.Msal for the authentication. I followed this link. I'm using the RemoteAuthenticatorView component to perform a login. But I want that the user has to confirm his password for a critical operation. Or maybe he has to re-login. How can I do that ?
Edit: Previously, I used Microsoft.Identity.Client in a desktop application. To do the confirmation, I used the AcquireTokenByUsernamePassword function. But it's not possible in a webapp.
If you using the Azure AD Signin user flow a textfield for password input isn't possible.
This because the form containing the field has to be Remote inside the Azure AD domain.
If you want, as you propose as alternative, a popup to confirm the identity of the user, the only possibility is to logout the user and redirect him to the login.
But in this case you (he) lost any session data and it's hard to use the returnUrl parameter to restore the same status, with i.e. a form with data.
I think should be better to send an email with a verification code, or, as Microsoft does on the Azure Portal, request a keyword to confirm the operation.
Generally speaking this keyword could be any of your choice, in the past I've used a secret word configured by the user himself inside his profile page.
Xcode won't let me login to GitHub using my email and password, and is forcing me to use an account and personal access token. Of course, I could just generate a token and log in with that. However, I’d prefer not to have to use tokens - logging in with an email and password is just so much more simple.
Is this normal behavior, and is anyone else experiencing this? Maybe there is a workaround that I'm not aware of?
This is normal behavior. GitHub is deprecating their basic auth with username/password for their API. In fact, when you access them via Xcode with an old account you get an email about it:
Basic authentication using a password to the API is deprecated and
will soon no longer work. Visit
https://developer.github.com/changes/2020-02-14-deprecating-password-auth/
for more information around suggested workarounds and removal dates.
To do this, after you generate the token (recommend the repo token), go to xcode > Preferences > Accounts > GitHub
If SSH is shown: press Enter Password and a new screen appears with a placement for your token. When you enter the token, the protocol will change to HTTPS.
That's it.
I'm trying to integrate my bot too the Hangouts Chat API. I migrated from C# to node.js in order to be able to take advantage of the HangoutsAdapter: https://botkit.ai/docs/v4/platforms/hangouts.html
The problem is that the HangoutsAdapter expects a google token and when I go to the Hangouts Chat API configuration tab, I select Bot URL under Connection Settings section, but the only thing I get is a field to enter my bot's url endpoint. Nothing about the Verification Token I'm supposed to pass to the Hangouts Adapter.
Is there any other way to validate the connection to that API with HangoutsAdapter? Should I use something else rather than HangoutsAdapter? Or maybe I should use it in a different way?
Technically, this is an alternative solution (I think). In order to create Google Hangouts credentials a GSuite account is required, which I don't have. The Interface HangoutsAdapterOptions docs state the "Shared secret token [is] used" for validation and is found under the Configuration tab. As the fields are locked down, I can't test this.
However, the alternative is to use the built-in OAuth feature of the Bot Framework. I use this in my bot without a hitch. I did navigate to the Google Hangouts web site and it recognized me immediately. By using the OAuth login, a token is returned which you can use to pass into the Hangouts adapter.
I should add that the below implementation produces a sign-in magic code which some people don't like (it doesn't bother me). There may be a SSO option, but I haven't researched that.
First, you need to setup Google credentials which will provide you with a "Client id" and "Client secret". General instructions can be found here. Credentials can be created here. You can ignore any coding references as they aren't necessary (thanks to the BF OAuth feature).
From the Credentials Page, click on "Credentials" in the left menu. There are two areas you need to configure, once there: "OAuth consent screen" and "Credentials".
For OAuth consent screen, provide an app name. This doesn't need to match the associated requesting app and is just for reference when visiting the Credentials Page. Enter a support email, the scopes you will be using (email, profile, and openid). There may be other required scopes, but this worked for me when I visited the Hangouts web site. Lastly, enter in the Authorized Domains. The botframework.com domain is required. Others, if any, you will have to experiment with. Save and return to the Credentials Page.
Click the "Create Credentials" button and complete the form. Give your credentials a name (again, not referenced anywhere else for this project), enter any authorized origins, and enter https://token.botframework.com/.auth/web/redirect as the authorized redirect URI. Save the settings, copy the "Client id" and "Client secret" somewhere, and navigate to Azure and into your bot's settings page.
Here, you need to create your bot's OAuth connection. This is done in the Settings blade. At the bottom of the blade is the "OAuth Connection Settings" section. Click the "Add Setting" button to get started.
Once in, give your connection a name. This name will be referenced by your bot in the next step, so save the name somewhere. Then, select Google from the list of Service Providers and paste the "Client id" and "Client secret", that you saved earlier, into the respective fields. In "Scopes", you will want to enter the same scope values you selected in your Google credentials app ("email profile openid"). Be sure they are space-separated when you enter them.
Lastly, you will want to model your OAuth login off of sample 18.bot-authentication from the Botbuilder-Samples repo. This builds in the functionality you need for enabling a user to log in via your bot.
Add the connection name you assigned to your Google connection setting for your bot into a .env file as a variable, like this: connectionName=<CONNECTION_NAME>.
When setting up the OAuth prompt, you will pass this variable in:
this.addDialog(new OAuthPrompt(OAUTH_PROMPT, {
connectionName: process.env.connectionName,
text: 'Please Sign In',
title: 'Sign In',
timeout: 300000
}));
At this point, your bot and login process should be good to go. Assuming the flow is setup correctly, a user should be able to login via the OAuth prompt, by use of a magic code. A token is returned back to the bot which will be accessible via the context on the next step. The token can then be saved to state and passed to the adapter for use. In the below bit, I'm using a simple waterfall with an oauthPrompt step and a loginResults step. The token is captured in the second step where I console log it.
async oauthPrompt(step) {
return await step.prompt(OAUTH_PROMPT, {
prompt: {
inputHint: 'ExpectingInput'
}
});
}
async loginResults(step) {
let tokenResponse = step.result;
console.log('TOKEN: ', tokenResponse);
if (tokenResponse != null) {
await step.context.sendActivity('You are now logged in.');
return await step.prompt(CONFIRM_PROMPT, 'Do you want to view your token?', ['yes', 'no']);
}
// Something went wrong, inform the user they were not logged in
await step.context.sendActivity('Login was not successful please try again');
return await step.endDialog();
}
Hope of help!
I created an issue on https://github.com/howdyai/botkit/issues/1722
Basically hangouts adapter expects a token in order to compare it to the token gotten from the hangouts chat api. But given that the token is not provided anymore by google, the authentication mechanism needs to change
I am using Google Admin SDK Directory API to create users and using Service account I am able to perform CRUD operations on them.
I have a requirement whereby I have to check the credentials of users created using SDK.
When you fetch the users the password is not returned, hence comparison cannot be done.
I'll really appreciate if someone lets me know what would be effective way of approaching the checkCredentials function.
Thanks.
Google does not ever return the value of the password. That would be a monumental security risk.
See their documentation in regards to the user resource used in the directory API. It specifically states that the password field is never returned. It can only be used for setting the password.
If your requirement is too check creds on a newly created user, you should look into trying to login as the user with the password you just sent, using the google auth Apis
At the moment, the only solution I've found is to simulate the user login flow with a fake browser (Apache's httpcomponents-client for Java for example) pointing to Google Account ServiceLogin.