I'm developing a telegram bot for twitter, the source code is open sourced on github https://github.com/chenxsan/telegram-bot-for-twitter. But I want to protect the webhook by hiding it, so I'm reading the webhook from config:
scope "/api", TweetBotWeb do
pipe_through :api
post "/#{Application.get_env(:tweet_bot, :webhook)}", TwitterController, :index
end
And in prod.secret.exs:
config :tweet_bot, webhook: "${WEBHOOK}"
But after built with https://github.com/bitwalker/distillery/, the release won't read WEBHOOK from env, so i just got 404 error.
Is it possible to do it in PhoenixFramework? If yes, how can I make it?
Related
I have Azure Bot deployed with Virtual Assistant Template, which was working fine (And still working in Portal's Test In Web Chat feature) until I enabled Direct Line App Service Extension.
Primary objective to enable DL App Service extension is to isolate bot access and secure app service.
I have followed MS documentation https://learn.microsoft.com/en-us/azure/bot-service/bot-service-channel-directline-extension-net-bot?view=azure-bot-service-4.0 and ensured every step is configured correctly.
Primary step to make sure DL app service is working correctly is to check if https://xxx.azurewebsites.net/api/messages or https://xxx.azurewebsites.net/.bot/ url return correct json result f.x: {"v":"123","k":true,"ib":true,"ob":true,"initialized":true}
But instead i am getting Error Response 400 Bad Request and error message appeared in browser is : "Upgrade to WebSocket is required."
I couldn't even reach to a step where troubleshooting guide mentioned here : https://learn.microsoft.com/en-us/azure/bot-service/bot-service-channel-directline-extension-net-bot?view=azure-bot-service-4.0#troubleshooting could help to resolve.
As i said earlier Bot is still working and the url : https://xxx.azurewebsites.net loads site correctly , can be seen in below
Any help is appreciated
These are the changes I have done and it worked:
Refer Repo With sample code:
https://github.com/SSanjeevi/VirtualAssistantDirectlineExtn
Wrote detailed here.
Project file:
<PropertyGroup>
<TargetFramework>netcoreapp3.1</TargetFramework>
<AspNetCoreHostingModel>OutOfProcess</AspNetCoreHostingModel>
<NoWarn>NU1701</NoWarn>
<Version>1.0.3</Version>
BotController.cs
private readonly IBotFrameworkHttpAdapter adapter;
public BotController(IBotFrameworkHttpAdapter httpAdapter, IBot bot)
Startup.cs
Configure Services method:
// Register the Bot Framework Adapter with error handling enabled.
// Note: some classes use the base BotAdapter so we add an extra registration that pulls the same instance.
services.AddSingleton<IBotFrameworkHttpAdapter, DefaultAdapter>();
services.AddSingleton<BotAdapter>(sp => sp.GetService<BotFrameworkHttpAdapter>());
// Configure channel provider
Configure method:
using Microsoft.Bot.Builder.Integration.AspNet.Core;
app.UseHsts();
app.UseCors(x => x.AllowAnyOrigin()
.AllowAnyHeader()
.AllowAnyMethod());
// Allow the bot to use named pipes.
app.UseNamedPipes(System.Environment.GetEnvironmentVariable("APPSETTING_WEBSITE_SITE_NAME") + ".directline");
Webchat:
let directLineConnection = await window.WebChat.createDirectLineAppServiceExtension({
domain: domainUrl,
token
});
The attached repo code also contains serilog implementation to have logging in log stream in app service where you can see the error logs if you face any issues.
Follow this article and implement serilog in bot api and deploy .
https://www.lkgforit.com/2022/10/troubleshooting-by-writing-logs-at_15.html
I would like to test some real data with plaid and that's why i am using development environment now instead of sandbox. And I am confused what redirect uri should i use.
This is the error on my localhost:3000.
Unable to fetch link_token: please make sure your backend server is running and that your .env file has been configured correctly.
Error Code: INVALID_FIELD
Error Type: INVALID_REQUEST
Error Message: redirect_uri must use HTTPS
I understand that for development envrionment we should use https instead of http, but I wonder what uri should i redirect to if i am only testing the API?
Thank you
If you don't particularly care about using the Quickstart with OAuth redirect flows, and just want to use live data from Development, you should just be able to leave that field blank.
I am currently testing Stripe webhooks using the latest Laravel Spark. I've got a Stripe account working, meaning that I can add (fake) creditcards and charge subscriptions/single payments. Next, I am using a fake hook endpoint (ultrahook.com) to retrieve webhooks requests from Stripe.
My vanilla route file is from the Spark installation:
$router->post('/webhook/stripe', 'Settings\Billing\StripeWebhookController#handleWebhook');
And should handle all the webhooks fine. To test the webhooks, I checked the StripeWebhookController object and changed a method to log some info:
protected function handleInvoicePaymentSucceeded(array $payload)
{
Log::info('This is some useful handleInvoicePaymentSucceeded.');
}
However, nothing gets logged when I call run a Stripe test webhook of type: invoice.payment_succeeded.
I do see the request coming into the ultrahook console and it gets returned a 200. I can also copy paste the JSON Stripe test webhook and paste it into Postman after which it gets send to http://localhost:80/webhook/stripe ... again a 200 response but nothing logged.
Any advice?
Laravel Cashier instructs you to exclude the webhook routes from VerifyCsrfToken middleware as stated here:
https://laravel.com/docs/5.5/billing#handling-stripe-webhooks
Spark uses Cashier, I'd imagine you need to do the same then.
Well, it appears that I needed to add
CASHIER_ENV=testing
in the env file. Nice to see that in the documentation Laravel... not
stripe webhooks don't call localhost, it should have a domain name to call.
you may use ultrahook gem for that..
it will create a temporary binding url which you can provide in stripe dashboard as callback url
like this
ultrahook stripe 80
which would give you an url that you map it in stripe dashboard
http://stripe.somename.ultrahook.com -> http://localhost:80
NOTE: You can access this url on a browser, it is just a virtual binding
I was developing this app on Ruby On Rails where I created RESTFul json api hosted on subdomain "api". When testing locally with prax on a linux machine, I was able to test my endpoints by routing to various endpoints like
"api.app_name.dev/resources"
"api.app_name.dev/resources/1".
Now, I have been instructed to host the Rails application on free heroku account for the time being so that other developers can test the api.
However,I can't get it to work. The main application is already a subdomain to heroku app itself.The url for the main application is "app_name.herokuapp.com". I can't connect to "api.app_name.herokuapp.com" as it is the sub-subdomain of the application.
Is there any way I can test my api from heroku? Or possibly any workaround ??
It sounds like you need to set correct subdomain constraint in routes, something like
namespace :api, defaults: { format: :json },
constraints: { subdomain: 'api.app_name' }, path: '/' do
... thing
end
Also, if it helps, check this if of any help
I'm trying out Heroku's new "Heroku Review Apps" feature. It creates a new Heroku App whenever you create a new pull request in github for a given project.
I'm trying to get Google OAuth2 support working with them, but each created app has a new URL. e.g. https://my-app-pr-124.herokuapp.com
The problem is that when a user tries to sign in on this new app, Google won't allow redirecting the user back to the app, since Google doesn't trust that URL yet.
I can include my own Google API key with my app, and run a script on deploy, but how can I inform Google that this new URL should be trusted for redirects?
You can't, unfortunately.
You might be able to bounce them off a Redirect Proxy (I made that name up) to achieve what you want. It would look something like:-
Declare a redirect URL of http://myredirectproxy.example.com
At http://myredirectproxy.example.com you have a simple http server which responds with an http 301 to https://my-app-pr-124.herokuapp.com