AccessToken from AWS Java SDK does not satisfy regular expression pattern - access-token

we are tring to create an access token from Java SDK and it throws the following error:
"com.amazonaws.services.cognitoidp.model.InvalidParameterException: 1 validation error detected: Value at 'accessToken' failed to satisfy constraint: Member must satisfy regular expression pattern: http://A-Za-z0-9-_=.+ (Service: AWSCognitoIdentityProvider; Status Code: 400; Error Code: InvalidParameterException; Request ID: 6e1d763a-b8c2-11e7-8bcc-fd6f3789064c)"
We have checked in the JWT Web page the access token is correct and has a proper value and also checked that it satisfies the regular expression http://A-Za-z0-9-_=.+.
We've generated the access token from command line and it is the same as above but the expiration time.
Any idea about what can it be wrong?

Related

Have issue login with passport in Laravel, getting `"error": "invalid_request",` error

We have an issue login with passport authentication in localhost.
{
"token": {
"error": "invalid_request",
"error_description": "The request is missing a required parameter, includes an invalid parameter value, includes a parameter more than once, or is otherwise malformed.",
"hint": "Check the `client_id` parameter",
"message": "The request is missing a required parameter, includes an invalid parameter value, includes a parameter more than once, or is otherwise malformed."
},
This is my error log
local.ERROR: The request is missing a required parameter, includes an invalid parameter value, includes a parameter more than once, or is otherwise malformed. {"userId":1,"exception":"[object] (League\\OAuth2\\Server\\Exception\\OAuthServerException(code: 3): The request is missing a required parameter, includes an invalid parameter value, includes a parameter more than once, or is otherwise malformed. at E:\\NaveenNayak\\wamp-projects\\SwagathamSai\\dmsv3\\backend\\vendor\\league\\oauth2-server\\src\\Exception\\OAuthServerException.php:126)
Using Laravel version: 6
Passport version: 7.5
Please help me to solve this issue.

JMeter - __Request Verification Token Failed for New user registration in MVC project

Request Verification Token is not identifying or getting assigned to a variable by JMeter for a new user registration
In GET, Request header - Request Verification Token is passed as Static one
In POST, Request header - Static request verification token is called and in PAYLOAD - Another dynamic Request Verification Token is displaying.
In POST url, I have used below Regular Expression Extractor:
Field to check: Request Headers
Name of created variable: Token
Regular Expression: input name="__RequestVerificationToken" type="hidden" value="([A-Za-z0-9+=/-_]+?)"
Template: $1$
Match no: 0
Queries:
Do I need to use Regular Expression Extractor in GET URL also, If yes what regular expression need to be used?
How to pass Static request verification token value in GET & POST URL?
Do we need to use 2 Regular Expression Extractor in GET & POST URL?
Could you please provide solution?
Field to check - needs to be Response Body
Using regular expressions for extracting data from HTML is not the best idea, consider switching to CSS Selector Extractor instead.
We don't know the answers to your questions because we're not familiar with the application you're testing, if you have doubts with regards to which values need to be correlated - record the same test scenario 2 times and compare the generated test plans. All parameters which differ are a subject to correlation.

How to use custom error messages for OpenAPI components validation?

Im using OpenAPI 3.0.1, and use components that have type/value validations. (i.e. type/enum/range).
When I access the relevant paths with wrong type/values, I get a default message which isn't human readable, such as:
"message": "request body has an error: doesn't match the schema: Error at <fieldName>: Doesn't match schema \"oneOf\"".
Instead I'd like to create a custom error message for each component, i.e.:
invalid argument: <fieldName>.

Correlated variable not getting evaluated

I have created an regular expression to extract CSRF token from the HTTP Headers and storing the value in the reference name CSRF_TOKEN by following this How to Load Test CSRF-Protected Web Sites
I using this variable in POST Parameters of another HttpRequest as below
csrfmiddlewaretoken=${CSRF_TOKEN}
Here ${CSRF_TOKEN} is not getting evaluated and the server is getting the middleware token as csrfmiddlewaretoken=%24%7BCSRF_TOKEN%7D
It got resolved. I identified that, if the regular expression is not matching any value and there is no default value specified, then JMeter is not treating as a dynamic variable. I corrected it by fixing regular expression. it starts working. Thank you.

Laravel 5.2 TokenGuard implementation

How to use token guard to create API? I tried it to implement it and I am getting error
call_user_func_array() expects parameter 1 to be a valid callback,
class 'Illuminate\Auth\TokenGuard' does not have a method 'attempt'
After dig into the source code of laravel, I found that the token guard is useless for now. All auth are passed to auth middleware, from there, you can see that it called Auth::guard($name)->guest() to check whether the user is logged in. The \Auth::guard will get the proper guard that you specified in route. Let's say here is the TokenGuard. In \Illuminate\Auth\TokenGuard, check the user function to see how TokenGuard get a user. First, it will get the input parameter named api_token. Then it will let the provider which may be eloquent as the default configuration to search a value in the database. If any value is found, a new user instance is created. If there is not a input value named api_token, then some other choices will be tried:
bearerToken, which the Authorization HTTP header value that starts with: bearer.
password, which passed through HTTP header: PHP_AUTH_PW.
which key to match in the model is specified by the protected property storageKey.
So the token guard is used to implemented third-party API access token, not a temporary access token that is stored in the session.

Resources