Fastlane is getting provisioning profiles with wrong account - xcode

This is my output on console:
+---------------+---------------------------------------------------+
| Summary for cert 2.96.1 |
+---------------+---------------------------------------------------+
| development | false |
| force | false |
| username | correctappleid#gmail.com |
| team_id | CSCORRECTTEAMID |
| keychain_path | /Users/bartek/Library/Keychains/login.keychain-db |
| platform | ios |
+---------------+---------------------------------------------------+
[09:01:23]: Starting login with user 'correctappleid#gmail.com'
[09:01:27]: Successfully logged in
[09:01:28]: Certificate 98TLCZS7BR (iOS Distribution) can't be found on your local computer
[09:01:29]: Found the certificate 6K5C2MFHUL (iOS Distribution) which is installed on the local machine. Using this one.
[09:01:30]: Verifying the certificate is properly installed locally...
[09:01:30]: Successfully installed certificate 6K5C2MFHUL
[09:01:30]: Use signing certificate '6K5C2MFHUL' from now on!
[09:01:30]: --------------------------------------
[09:01:30]: --- Step: get_provisioning_profile ---
[09:01:30]: --------------------------------------
+-------------------------------------+-------------------------------------------+
| Summary for sigh 2.96.1 |
+-------------------------------------+-------------------------------------------+
| adhoc | false |
| development | false |
| skip_install | false |
| force | false |
| app_identifier | my.app.identifier |
| username | wrongname#company.com |
| team_id | CSTEAMID |
| ignore_profiles_with_different_name | false |
| cert_id | 6K5C2MFHUL |
| skip_fetch_profiles | false |
| skip_certificate_verification | false |
| platform | ios |
| readonly | false |
+-------------------------------------+-------------------------------------------+
[09:01:30]: Starting login with user 'wrongname#company.com'
-------------------------------------------------------------------------------------
Please provide your Apple Developer Program account credentials
The login information you enter will be stored in your macOS Keychain
You can also pass the password using the `FASTLANE_PASSWORD` environment variable
See more information about it on GitHub: https://github.com/fastlane/fastlane/tree/master/credentials_manager
Why fastlane try to fetch provisionings with wrong user account?
How can I force it to change it?
Where it is defined?

Have you tried setting the user account directly?
https://docs.fastlane.tools/actions/upload_to_app_store/#parameters
https://docs.fastlane.tools/actions/sigh/#parameters

Related

how to use pywinauto to get checkbox in treeview

some UI list like this have some button or check box in treeview
| | GroupBox - '' (L807, T366, R1257, B746)
| | ['GroupBox']
| |
| | TreeView - '' (L815, T382, R1249, B732)
| | ['TreeView']
| | child_window(auto_id="1176", control_type="Tree")
| | |
| | | CheckBox - 'Intrusion Prevention' (L839, T384, R957, B402)
| | | ['CheckBox', 'Intrusion PreventionCheckBox', 'Intrusion Prevention', 'CheckBox0', 'CheckBox1']
| | | child_window(title="Intrusion Prevention", control_type="CheckBox")
| | |
| | | CheckBox - 'USB Malware Protection' (L874, T402, R1010, B420)
| | | ['USB Malware ProtectionCheckBox', 'CheckBox2', 'USB Malware Protection']
| | | child_window(title="USB Malware Protection", control_type="CheckBox")
| | |
| | | TreeItem - 'Network Virus Protection' (L858, T420, R996, B438)
| | | ['Network Virus Protection', 'Network Virus ProtectionTreeItem', 'TreeItem', 'TreeItem0', 'TreeItem1']
| | | child_window(title="Network Virus Protection", control_type="TreeItem")
I can use TreeView to see Treeitems like this
dlg = app.top_window()
a = dlg.TreeView
b = a.print_items()
i can see b have tree item (ex:Network Virus Protection) but no checkbox (ex:Intrusion Prevention) so how can i get checkbox ele from treeview?
i know can use child_window("title") to get check box , but i need get this ele and check it text, so use title are not better
you can try this extension,
https://marketplace.visualstudio.com/items?itemName=ClickCorp.clicknium
it includes one automation library, and can recorde the checkbox and do check or uncheck operation:
ui(locator.notepad.checkbox).check()

Force HTTPS using Namecheap and Heroku

I am using Heroku Automated Certificate Management and Namecheap Basic DNS.
My problem is that my non-SSL domains are still reachable.
Here is how they map in practice:
|---------------------|------------------------------|
| Entered Domain | Result Domain |
|---------------------|------------------------------|
| name.tld | https://www.name.tld/ |
|---------------------|------------------------------|
| www.name.tld | http://www.name.tld/ |
|---------------------|------------------------------|
| http://www.name.tld | http://www.name.tld/ |
|---------------------|------------------------------|
|https://www.name.tld | https://www.name.tld/ |
|---------------------|------------------------------|
| http://name.tld | https://www.name.tld/ |
|---------------------|------------------------------|
| https://name.tld | error: does not resolve |
|---------------------|------------------------------|
My Heroku Domains settings are:
|---------------------|-------------------|
| Domain Name | DNS Target |
|---------------------|-------------------|
| name.tld |name1.herokudns.com|
|---------------------|-------------------|
| www.name.tld |name2.herokudns.com|
|---------------------|-------------------|
My Namecheap Redirect Domain settings are:
|---------------------|---------------------|
| Source URL | Destination URL |
|---------------------|---------------------|
| name.tld |https://www.name.tld/|
|---------------------|---------------------|
| www.name.tld |https://www.name.tld/|
|---------------------|---------------------|
And my Namecheap Host Records settings are:
|---------------------|---------------------|---------------------|
| Type | Host | Value |
|---------------------|---------------------|---------------------|
| CNAME Record | www | name1.herokudns.com.|
|---------------------|---------------------|---------------------|
| URL Redirect Record | # |https://www.name.tld/|
|---------------------|---------------------|---------------------|
Something to note is I do not put name2.herokudns.com into Namecheap because it would conflict, I think.

Should I explicitly verify Keycloak token or this is done by Keycloak adapter?

There is a Spring-boot REST API, that needs to be secured by Keycloak, the application is using Keycloak-Spring-Security adapter (6.0.1).
A call to an API endpoint, carries along the bearer token, obtained from Keycloak (currently through postman).
I'm able to perform a successful REST endpoint call, but other thing is troubling me - should I explicitly verify the token against the public key?
1 - Is the adapter performing verification of the token against the public key, or should I implement it?
2 - If the adapter is doing this - can you point out in which classes is this getting done?
3 - If - not - how should this verification be implemented? Are there any Keycloak libraries that I can use to verify the token?
Well, after a few days of searching the web for answer - I got it.
I looked into the code of Keycloak-spring-security-adapter and found it.
First of all I got the logging lever for keycloak to DEBUG:
logging.level.org.keycloak=DEBUG
Then I tried to access my endpoint with bad token (I expected that this is going to produce an exception, i.e. more visible trace; and it did):
2019-10-17 10:18:57,905 | 30860 | http-nio-8081-exec-2 | | | | | DEBUG | | org.keycloak.adapters.PreAuthActionsHandler | adminRequest http://localhost:8081/error
2019-10-17 10:18:57,906 | 30860 | http-nio-8081-exec-2 | | | | | DEBUG | | org.keycloak.adapters.springsecurity.filter.KeycloakAuthenticationProcessingFilter | Request is to process authentication
2019-10-17 10:18:57,906 | 30860 | http-nio-8081-exec-2 | | | | | DEBUG | | org.keycloak.adapters.springsecurity.filter.KeycloakAuthenticationProcessingFilter | Attempting Keycloak authentication
2019-10-17 10:18:57,906 | 30860 | http-nio-8081-exec-2 | | | | | DEBUG | | org.keycloak.adapters.BearerTokenRequestAuthenticator | Found [1] values in authorization header, selecting the first value for Bearer.
2019-10-17 10:18:57,906 | 30860 | http-nio-8081-exec-2 | | | | | DEBUG | | org.keycloak.adapters.BearerTokenRequestAuthenticator | Verifying access_token
2019-10-17 10:18:57,908 | 30860 | http-nio-8081-exec-2 | | | | | DEBUG | | org.keycloak.adapters.BearerTokenRequestAuthenticator | Failed to verify token
2019-10-17 10:18:57,908 | 30860 | http-nio-8081-exec-2 | | | | | DEBUG | | org.keycloak.adapters.RequestAuthenticator | Bearer FAILED
2019-10-17 10:18:57,908 | 30860 | http-nio-8081-exec-2 | | | | | DEBUG | | org.keycloak.adapters.springsecurity.filter.KeycloakAuthenticationProcessingFilter | Auth outcome: FAILED
2019-10-17 10:18:57,925 | 30860 | http-nio-8081-exec-2 | | | | | DEBUG | | org.keycloak.adapters.springsecurity.filter.KeycloakAuthenticationProcessingFilter | Authentication request failed: org.keycloak.adapters.springsecurity.KeycloakAuthenticationException: Invalid authorization header, see WWW-Authenticate header for details org.keycloak.adapters.springsecurity.KeycloakAuthenticationException: Invalid authorization header, see WWW-Authenticate header for details
at org.keycloak.adapters.springsecurity.filter.KeycloakAuthenticationProcessingFilter.attemptAuthentication(KeycloakAuthenticationProcessingFilter.java:158)
at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:212)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
.....
From then on it is clear that the token is being verified, if you look into the classes that take part, you'll see that it is getting verified against the public key in certain situations.
Classes that take part in this authentication & verification are, in my case (bearer-only) are:
org.keycloak.adapters.springsecurity.filter.KeycloakAuthenticationProcessingFilter
org.keycloak.adapters.BearerTokenRequestAuthenticator
Hopefully this can help other people like me to find their way in Keycloak.

How do I make Fastlane Deliver work for tvOS?

Upload to iTunesConnect fails with the following error:
"Invalid Provisioning Profile. This provisioning profile is not compatible with iOS apps."
+-----------------------+---------------------------------------+
| deliver 2.26.1 Summary |
+-----------------------+---------------------------------------+
| username | iosdev#inspirato.com |
| ipa | /Users/vagrant/deploy/InspiratoTV.ipa |
| skip_screenshots | true |
| skip_metadata | true |
| force | true |
| app_identifier | com.inspirato.travel.InspiratoTV |
| screenshots_path | ./screenshots |
| metadata_path | ./metadata |
| app_version | 1.0 |
| edit_live | false |
| platform | ios |
| skip_binary_upload | false |
| submit_for_review | false |
| automatic_release | false |
| overwrite_screenshots | false |
+-----------------------+---------------------------------------+
It appears that the platform is stuck on "ios" even though I don't have an iOS related app for this bundle ID. I've tried adding "--platform tvOS" to the end of the $ fastlane deliver ... command with no luck.
Deliver uses the notation "appletvos" for the tvOS platform.
Add that to the end of the $ fastlane deliver command:
$ fastlane deliver ... ... "--platform" "appletvos"
Or add it to your .Deliver file like so:
deliver(platform: "appletvos")
If you use upload_to_testflight, please, specify appletvos as an app platform
upload_to_testflight(app_platform: "appletvos")
And don't forget to set build(include_bitcode: true) during the build.
If you use match for signing specify a platform parameter:
match(platform: "tvos")
If you use a repository for match add a _tvos suffix to your provisioning profile name. For example, file
profiles/appstore/AppStore_com.yourcompany.youproject.mobileprovision
must be renamed to
profiles/appstore/AppStore_com.yourcompany.youproject_tvos.mobileprovision
This is necessary to avoid an error with match/sigh.

Moving dev site to production on new account AWS

I am in the process of moving and testing a development site on the actual domain name now and I just wanted to check if I was missing anything and also get some advice.
It is a Magento 1.8.1 install from Turnkey Linux running on an m1.medium instance.
What I have done (so far) is, create an image of the development instance, made a new account and copied it over to there. I then made an elastic IP and associated it with the new instance. Next I pointed the A name record of the production domain to the elastic IP.
Now, if I go to the production domain I get redirected to the development domain. Is there a reason for this?
Ideally I would like to have two instances, one dev one that is off unless needed and of course the production on which is going to be live 24/7. However if I turn the development domain off it stops the other too.
I have a feeling it's just because I need to change instances of the dev domain in the Magento database / back-end however I wanted to get a more knowledgable answer as I don't want to break either of the instance.
Also, I should probably mention that the development domain is a subdomain i.e. shop.mysite.com and the live one is just normal i.e. mysite.com. Not entirely sure this is relevant but thought it worth a mention.
Thanks in advance for any help.
The reason your URL on your new instance is getting redirected to the old URL is because in the core_config_data table of your magento database the web/unsecure/base_url and web/secure/base_url paths point to your old URL.
So if you are using mysql you can query your database as follows:
mysql> use magento;
Reading table information for completion of table and column names
You can turn off this feature to get a quicker startup with -A
Database changed
mysql> select * from core_config_data;
+-----------+---------+----------+-------------------------------+-------------------------------------+
| config_id | scope | scope_id | path | value |
+-----------+---------+----------+-------------------------------+-------------------------------------+
| 1 | default | 0 | web/seo/use_rewrites | 1 |
| 2 | default | 0 | admin/dashboard/enable_charts | 0 |
| 3 | default | 0 | web/unsecure/base_url | http://magento.myolddomain.com/ |
| 4 | default | 0 | web/secure/use_in_frontend | 1 |
| 5 | default | 0 | web/secure/base_url | https://magento.myolddomain.com/ |
| 6 | default | 0 | web/secure/use_in_adminhtml | 1 |
| 7 | default | 0 | general/locale/code | en_US |
| 8 | default | 0 | general/locale/timezone | Europe/London |
| 9 | default | 0 | currency/options/base | USD |
| 10 | default | 0 | currency/options/default | USD |
| 11 | default | 0 | currency/options/allow | USD |
| 12 | default | 0 | general/region/display_all | 1 |
| 13 | default | 0 | general/region/state_required | AT,CA,CH,DE,EE,ES,FI,FR,LT,LV,RO,US |
| 14 | default | 0 | catalog/category/root_id | 2 |
+-----------+---------+----------+-------------------------------+-------------------------------------+
14 rows in set (0.00 sec)
and you can change it as follows:
mysql> update core_config_data set value='http://magento.mynewdomain.com' where path='web/unsecure/base_url';
mysql> update core_config_data set value='https://magento.mynewdomain.com' where path='web/secure/base_url';

Resources