I am trying to run an HTTPS request which is
I was facing an issue with ACL privileges which I solved by running this proc
begin
dbms_network_acl_admin.create_acl (
acl => 'networkacl.xml',
description => 'Allow Network Connectivity',
principal => 'PUBLIC',
is_grant => TRUE,
privilege => 'connect',
start_date => SYSTIMESTAMP,
end_date => NULL);
dbms_network_acl_admin.assign_acl (
acl => 'networkacl.xml',
host => '*',
lower_port => NULL,
upper_port => NULL);
commit;
end;
after running this I was able to request HTTPS URLs but when I am trying to access any URLs now
such as the below one
select utl_http.request('https://myappname.scm.azurewebsites.net') from dual;
I am getting this error
ORA-29024: Certificate validation failure
ORA-06512: at "SYS.UTL_HTTP", line 380
ORA-06512: at "SYS.UTL_HTTP", line 1534
after reading some blogs on the internet I understood I need to get the certificate from the browser and need to add it to the wallet but the problem is I am using an Autonomous cloud database from oracle and everyone on the blog is talking about adding those cert locally so I am not sure where it needs to be added and I am even not sure whether I am on right track to solve this issue if anyone can guide me what needs to be done it would be great
Related
I am working on Laravel 7 and for social login I am using Socialite package.
I am following this article for reference and did exactly the same but I am getting
an unauthorized response with a message - "Bad Credentials". I have also tried resetting the secret key.
This is my Github settings
Thanks for the response.
Aside from making sure that your client_id and client_secret are set correctly, you also need to ensure that your redirect value in your config/services.php:
'github' => [
'client_id' => env('GITHUB_CLIENT_ID'),
'client_secret' => env('GITHUB_CLIENT_SECRET'),
'redirect' => 'http://yourapp.test/login/github/callback'
],
Is identical to what you set under your Github app:
I am on Laravel 5.6 and my application working well.
I am using Gmail SMTP for mail services.
here is my .env file.
MAIL_DRIVER=smtp
MAIL_HOST=smtp.gmail.com
MAIL_PORT=587
MAIL_USERNAME=username#gmail.com
MAIL_PASSWORD=password
MAIL_ENCRYPTION=tls
I have already Turned ON Less secure apps in Gmail also turned ON 2 step verification.
From localhost, the mail system working like charm and I am getting all emails from Gmail SMTP.
But From Live Server, I am not getting any Emails and even there is no error popup.
My Host is a 000webhost free account because I am testing my Application.
so I read forums in 000webhost and change "SET MX RECORD " to "GOOGLE'S MX RECORD".
Now I am getting this error while sending any mail.
Expected response code 250 but got code "530", with message "530-5.5.1
Authentication Required. Learn more at 530 5.5.1
https://support.google.com/mail/?p=WantAuthError k142sm4568022ywa.67 -
gsmtp "
Please help!
Thanks in advance.
try changing your config/mail.php to your current credentials:
'driver' => env('MAIL_DRIVER', 'smtp'),
'host' => env('MAIL_HOST', 'smtp.gmail.com'),
'port' => env('MAIL_PORT', 587),
'encryption' => env('MAIL_ENCRYPTION', 'tls'),
'username' => env('MAIL_USERNAME', 'username#gmail.com'),
'password' => env('MAIL_PASSWORD', 'password'),
Please allow access to less secure app from your google account following these steps:
Go to your Google Account.
On the left navigation panel, click Security.
On the bottom of the page, in the Less secure app access panel, click Turn on access.
If you don't see this setting, your administrator might have turned off less secure app account access.
I am building laravel project, I used mailgun to send emails. Locally it worked just fine. After deploying on heroku it does not send any emails.
services.php
'mailgun' => [
'domain' => env('sandbox.....'),
'secret' => env('key-.......'),
mail.php
driver' => env('MAIL_DRIVER', 'mailgun'),
'host' => env('MAIL_HOST', 'smtp.mailgun.org'),
'port' => env('MAIL_PORT', 587),
'from' => [
'address' => env('MAIL_FROM_ADDRESS', 'example#example.com'),
'name' => env('MAIL_FROM_NAME', 'shop'),
],
'encryption' => env('MAIL_ENCRYPTION', ''),
Tried looking at heroku logs but cannot see anything about mail so I dont really understand it. What could I be missing?
I had the same issue when deploying my app. I came up with following checkpoints so it works on production with Heroku. My bet for your issue is number 4.
Make sure you have set verified domain correctly (mailgun -> domains -> verified domains & dns - all green).
Make sure you updated env variables in Heroku to work with verified domain (heroku -> settings -> reveal config vars) should have fields: MAILGUN_API_KEY, MAILGUN_DOMAIN, MAILGUN_SMTP_PASSWORD, MAILGUN_SMTP_LOGIN, MAILGUN_SMTP_SERVER, MAILGUN_SMTP_PORT with proper values.
Make sure you have cleared the list of authorized recipients (mailgun -> domains -> authorized reciepients) - so everyone can receive your emails.
Make sure you have cleared the list of IP whitelist (mailgun -> account overview -> account settings -> security -> IP whitelist) or included ip of your Heroku app. Note this point is not about IP management for domain but for your mailgun account.
In my case the only ip there was my localhost ip (for dev) and it was blocking Heroku deployed app for sending emails.
I have read below article and it is just awesome. Everything from that article is clear however I have one major doubt.
https://stormpath.com/blog/the-ultimate-guide-to-mobile-api-security
The article author said that in 'OAuth2 password grant' while logging into the mobile application, just need to send email and password in order to get the access token from the API server, but I have read at many places that you also need to send client_id and client_secret in that request. I'm going to build my API using Laravel:
https://laravel.com/docs/master/passport#password-grant-tokens
Here you can see it forces me to send client_id and client_secret in that request.
I'm really confused about this. If I have to send client_id and client_secret in that request, first I need to get it from the authorization server by creating a client on it. So at which event, I should create that client? When a user tries to log in from the mobile application? I just need to know the exact flow.
Any help would be appreciated.
Thanks
A client gets created for the developers who need to integrate with the OAuth2 server. It has nothing to do with the specific users' login flow.
ex. I want to integrate with Facebook login; I create a client on Facebook and incorporate that into my service, its Facebooks way of knowing who my service is.
So, a user logs in through your application; your application then sends that username and password to a backend server. The backend server then adds the client_id and secret so the OAuth server can verify the authenticity of the request.
So in your case, a user logs into your mobile application, you send that login request (username and password, with SSL) to your backend server. Your backend server then forwards that request to the OAuth2 service looking like the request below.
'form_params' => [
'grant_type' => 'password',
'client_id' => 'client-id',
'client_secret' => 'client-secret',
'username' => 'user#email.com',
'password' => 'user-password',
'scope' => '',
],
This directly returns an access_token and a refresh token that you can safely store in your mobile application.
I create the grant client in a migration called ConfigurePassport and set the key i want the app to use. You do not need a client per user.
public function up()
{
/*
* This command will create the encryption keys needed to generate secure access tokens.
* In addition, the command will create "personal access" and "password grant"
* clients which will be used to generate access tokens
*/
Artisan::call( 'passport:install', array('-n' => true) );
// Set Password Grant Client secret to known key
DB::table( 'oauth_clients' )->where( 'password_client', 1 )->update(
['secret' => env( 'GRANT_CLIENT_SECRET', 'dfhsdfhbtg545fdf45yedh5f5blahblah' )]
);
}
The above migration runs the artisan command passport:install as per the documentation to install the client. https://laravel.com/docs/master/passport#password-grant-tokens
Now your mobile app can request a token like so: the unique per user params are username and password.
You can find the client id in the oauth_clients table where password_client is true. It will likely be 2.
$http->post('http://your-app.com/oauth/token', [
'form_params' => [
'grant_type' => 'password',
'client_id' => 2,
'client_secret' => 'dfhsdfhbtg545fdf45yedh5f5blahblah',
'username' => 'taylor#laravel.com',
'password' => 'my-password',
'scope' => '',
],
]);
There are two different concepts:
Client: is the piece of software that's intended to communicate with your server. Usually, you will have 3 main clients which are your iOS, Android and web apps.
User: Which is the end-user that will interact with one of your clients, then the client will be communicating with the Oauth server on behalf.
So you will need to generate a client_id & client_secrete only one time. Then you can use these keys to be the authorized middle-man between your Oauth Server & the end-users.
In the case of Password Grant, The client_key & secrete_key are used to obtain the access_token for every user of each client you have.
Once the client obtains the access_token of a particular user (usually upon logging-in), the client will not need to send the client_key & secrete_key anymore, only the access_token.
However, if that user's access_token has expired, you will have to use those keys to exchange a new access_token with the refresh_token you already received from the login process.
I get: The security token included in the request is invalid
Where do I get a session token? The current documentation is confusing. On the one hand it says:
If you make a request using AWS::DynamoDB with long-term credentials a request is made to Amazon STS for temporary session credentials. These will be cached in the process and re-used.
and next it says:
Amazon DynamoDB requires that all requests are made with short-term credentials (e.g. requires a session token).
so exactly where does the session_token come from if I don't provide it? And if the call provides it, why would it be invalid?
requires 'aws-sdk'
cred = {:access_key_id => 'xxxx',
:secret_access_key => 'yyyy'}
#:session_token => ''}
ddb = AWS::DynamoDB.new(cred)
items = {...}
ddb.batch_write do |batch|
batch.put('my_mappings', items)
end
The documentation is incorrect/old (its been changed on the master branch in GitHub). You no longer require session credentials to use DynamoDB. You should be able to configure just your :access_key_id and :secret_access_key.
If you do want session credentials, you can get them from AWS::STS.
After some trial and error, I found that the following works.
cred = {:access_key_id => 'xxxx',
:secret_access_key => 'yyyy', :session_token => nil}
ddb = AWS::DynamoDB.new(cred)
In my original example, the ddb handle would work for certain operations but not for batch_write. Passing the 'nil' works. The documentation is unclear and the API is inconsistent in the current version.