How to set the application domain in Heroku env var - heroku

Given an application URL on Heroru like app-123.herokuapp.com, how can I set this value into an environment variable?
I need to set an email template, with the correct links to the app, so there is no HTTP request information available, but I want to have the links with the correct URL.
I'm using Ruby on Rails and using an environment variable, but once I create review apps, with dynamic URL's I cannot rely on this.

Disclaimer: This works only for the review apps, as they are my concern when posting the question.
We can make use of the injected environment variables, as described in the documentation: https://devcenter.heroku.com/articles/github-integration-review-apps#injected-environment-variables
So, given that every application domain will be herokuapp.com we can guess the application address but concatenation of protocal, app and domain:
"https://#{HEROKU_APP_NAME}.herokuapp.com"

Related

look for assistance with the url rewrite module in IIS

I'm trying to set up a reverse proxy for single sign on to an application. the URL to reach my app and the defined authentication method is "http://servername.domain/app/main?authsource=sso_rp"
My current config just sends me to the application login prompt. I've tested my authentication source and confirmed its working. My question is, does my URL rewrite config look like it should? there are no conditions or variables defined. i know I'm missing something simple but this isn't documented on the vendor end so seeking your help.

aspnetboilerplate Shared cookie invalid with services.AddDataProtection()

I have the following scenario:
Server A:abpWeb;
Server B:abpWeb;
A and B are based on MyCompanyName.AbpZero template, abp. Net core version 3.1.1;aspnetboilerplate
Browser access A:abpWeb and B:abpWeb. But after logging in, cookie shared is invalid.
A:User.Identity?.IsAuthenticated equals true after Browser access A:Login;
But refresh B:/index on the browser,B:User.Identity?.IsAuthenticated equals false;
The same browser domain for A and B is the same.
I created two new ASP.NET Core 2.0 MVC apps with ASP.NET Core Identity, using AddDataProtection for the normal shared cookie is ok.
I referred to:
https://learn.microsoft.com/en-us/aspnet/core/security/cookie-sharing?tabs=aspnetcore2x
I am searching for a long time on net. But no use. Please help or try to give some ideas how to achieve this.
Thanks in advance.
The keys that encrypt/decrypt your cookies are probably trying to be written to an invalid folder.
By default AddDataProtection tries to write these keys to:
%LOCALAPPDATA%\ASP.NET\DataProtection-Keys
As long as there is an environment variable being used to create the keys path, you will need to set the following config file setting to true.
Please also see my other answer here:
IIS - AddDataProtection PersistKeysToFileSystem not creating
Fix: Within %WINDIR%\System32\inetsrv\config\applicationHost.config set setProfileEnvironment=true. I think you have to restart IIS as well.

Heroku Review Apps - separated backend and frontend

I started using Review Apps which works good. However I use separated backend and frontend (rails and ember) and I would like to set connection between new PR on backend and frontend. I think the easiest way is to create new env 'integration' in ember and set api host per each PR. It is possible to define environment of built ember app on new dynamic staging?
If your Review App needs a dynamic API host, you could set it get the host from Config Vars. I would imagine it would be something like ENV['API_URL']. This approach is more in line with Heroku's stated best-practices as embodied in http://12factor.net/.
Also, if you want to have a default for new review apps, so you don't have to set this var for each new one, you should look at using an app.json schema.

mod_rewrite and server environment variables

The setup I have is as follows:
I have one Apache server acting as a URL rewriting engine (SERVER1).
I have a second server (Apache too) which runs a web application (SERVER2). First tries to authenticate users. Part of the authentication protocol involves a lot of redirection between that application server and the authentication server.
My problem is that once the authencation is successfull, the authentication server needs to redirect the user back to the application server, which is only visible from SERVER1. Effectively, SERVER2 needs to be able to reconstruct a URL based on SERVER1's parameters.
Most of the environement variable are helpful i.e. I know the host name, script name, page called etcc but I can 't figure out wether the call was made through HTTP or HTTPS: that information is wiped in the rewrite process by SERVER1...
Anybody knows if/how I can get that information through environement variables? I am limited in that I can't use query string parameters...
Thanks all !
This may sound strange, but I have found part of the answer to my question.
The rewrite engine (at least in Apache 2, I haven't looked anywhere else) allows for writting extra request header.
The rule should look something like that.
RewriteRule .* -
[E=INFO_PATH_INFO:%{PATH_INFO},NE]
Put simple, it creates a new header called INFO_PATH_INFO and sets the value to PATH_INFO.
( For more info check out http://www.askapache.com/htaccess/crazy-advanced-mod_rewrite-tutorial.html )
Then it can be retrieved in any languages.
For info I am using Oracle's OWA which adds an extra layer of complication due to the fact that the default environment variables are limited to a few and additional variables need to be specified in thr dads.conf
Hope this will help anyone !

How should I store my api key on heroku so that it still stays secret instead of embedding in web page code

I have built a flak app, locally I have stored it as environment variable, but I do not know how should I store my api key on heroku so that it still stays secret instead of embedding in web page code ?
Any help will be greatly appreciated.
You can store your api-key as environment variables as these are perfectly secure:
go to you local folder and run heroku config:set key_one=value_one key_two=value_two and more.
Note: run above commands in the same folder which points to your repository.
once you set the environment variable you can access this key value pair in you code directly as:
var api_key = process.env.key_one;
You can also easily add or edit your config variables from your heroku app’s Settings tab, look here at Heroku's official documentation.

Resources