I have some Web API applications that uses OWIN for authentication. Currently they are hooked up to Google and Facebook. I have them installed in multiple environments (local, dev, test, etc). Recently ALL of my applications in my development environment started failing. When trying to authenticate I would get a response back "access_denied". The URL would look like this:
https://{mydevserver}/{mywebapiapp}/#error=access_denied
The same code base works locally as well as in my test environment.
I tried using the same project (just adding redirect uris and orgins) as well as creating a new project.
I also updated my test environment to use the dev project (id and secret).
Nothing seems to have changed on the server recently. But it seems to be environment specific (because multiple applications are affected as well as multiple providers).
Are there any logging techniques I can use to drill down to a more detailed error message? Any tips or hints for what to try next?
The fix was a bit of an odd one. I had to log into my server, open up a browser and connect to a web page (any page). After doing so it started working again.
Related
Our cloud-deployed app is composed of (simplified):
A web front-end
Some back-end services
A database
When developing the front-end, I can easily debug by running the front-end locally, and redirecting its back-end calls to the actual services, since their endpoint routes are public.
However, I also want to debug back-end service code, together with the front-end. I can run back-end services locally, but they can't access the database, since the database doesn't have any publicly-accessible endpoint.
Question: How can I conveniently develop the service code? I can think of these options:
Expose the database publicly, maybe just the dev env's database. This doesn't sound like a good practice security-wise, and I haven't found a way to do it in my cloud platform (CloudFoundry).
Test everything using local unit- and component- tests. We do this, but can't cover everything, and certainly not the integration with the front-end.
Deploy my code changes to a dev environment, and test that way. This is what we do now, but:
It's a much slower development turn-around that running locally
I can't connect a debugger to the deployed app, so I must debug using logs, which again is slow
We have a limited number of dev environments, and this creates contention for them.
Somehow deploy a replica of the database locally as well, using some kind of test data.
Tech details: For cloud we use CloudFoundry over AWS. My back-end services are written in C# + .NET core 5. Locally, we develop them using Visual Studio 2019 on Windows.
For now, I managed to expose my database locally using an SSH tunnel. Specifically, by running cf ssh [AppName] -L [local_port]:[db_hostname]:[port], with [db_hostname]:[port] taken from the app's configuration, taken by running cf env [AppName].
In Google's latest docs, they say to test Go 1.12+ apps locally, one should just go build.
However, this doesn't take into account all the routing etc that would happen in the app engine utilizing the app.yaml config file.
I see that the dev_appserver.py is still included in the sdk. But it doesn't seem to work in Windows 10.
How does one test their Go App Engine App locally with the app.yaml. ie: as an actual emulated app engine app.
Thank you!
On one hand, if your application consists of just the default service I would recommend to follow #cerise-limón comment suggestion. In general, it is recommended for the routing logic of the application to be handled within the code. Although I'm not a Go programmer, for single service applications that use static_files and static_dir there shouldn't be any problems when testing the application locally. You might also deploy the new version without promoting traffic to it in order to test it as explained here.
On the other hand, if your application is distributed across multiple services and the routing is managed through the dispatch.yaml configuration file you might follow two approaches:
Test each service locally one by one. This could be the way to go if each service has a single responsibility/functionality that could be tested in isolation from the other services. In fact, with this kind of architecture the testing procedure would be more or less the same as for single service applications.
Run all services locally at once and build your own routing layer. This option would allow to test applications where services needs to reach one another in order to fulfill the requests made to them.
Another approach that is widely used is to have a separate project for development purposes where you could just deploy the application and observe it's behavior in the App Engine environment. As for applications with highly coupled services it would be the easiest option. But it largely depends on your budget.
Right now, I am running a Vue app within a phoenix app. I first created a phoenix project and then started a Vue app with the name of assets.. for running it in the development environment. I have added
watchers: [npm: ["run", "build", cd: Path.expand("../assets", __DIR__)]]
which each time creates a build which is being used in app.html.eex from priv/static..
and For deployment, I am using phoenix static build pack.. which in production before deploy creates a build before ahead and then run phoenix app. everything is working fine. but its wrong way due to which..
overall benefits of Vue application is not being availed. e.g code splitting/loading code chunk on-page request only. and many other webpack features which we can avail within a Vue app are all not being availed as we just creating the build and putting it in production.
My issue is that. I have seen in may tutorials that run a Vue app with your API as a proxy. and so that the main app will be Vue and Phoenix API will work behind a proxy.
Right now I have this setup to deploy and work in development mode. My question is how I can achieve the opposite to that?
Starting Vue application which will automatically start the phoenix app as well. Also for deploying on Heroku. API will run simply but Vue app will for more functional than just a JS or CSS file static files?
Update: Is it possible to make an umbrella application in which one is Vue and one is phoenix?
This is more of an extended comment, but it was getting really big so I moved it to an answer.
To start two or more apps you will need something like foreman (in heroku, I think there's a buildpack with it) or systemd, or even start a nodejs server from your elixir app (not sure this is doable in heroku).
You can also split manually your components through the webpack config used by phoenix, this can be a bit more involved than just serving a single js file. The reason to split it into two separate services needs to be thought of, but this is usually achieved (if I'm not mistaken, it's been a while since I used it in this way) with having different entry points. For webpack to work the best with splitting assets (css&others) you'll need to also write your vue components in a way that webpack can then understand the dependencies (at least this was the case - and there might be some complexities with the webpack chunking and phoenix digest when using dynamic components, etc).
Other option is to, for instance, use an independent nuxt app, which bundles up a VueJS app with everything you need, webpack, server, vuex, a sensible config and "structure" etc. Now you have two distinct applications, running each an http server, you use asyncData & fetch to populate/hidrate your front-end with data from the phoenix app, you can use async components and all that stuff. Then you deploy the front-end (nuxt app) to one heroku instance and the phoenix server on other instance or somewhere else.
At that point your phoenix app is basically an api for the front-end. So the vue app has to be built with that in mind, and now you've got 2 applications to deploy&take care of. It does help in a lot of fronts but it's also more complexity (authorization, cookies, etc), hence why it needs to be weighted if it's worth doing it. The major benefit is that since they're now 2 apps, styling and things related to the front-end can be deployed without needing to re-deploy the back-end.
Depending on the type of front-end you can also deploy the nuxt app as a static website to something like s3/cloudfront or any other cloud storage engine. For instance if you have like, X public pages that are all mostly static content and everything that is dynamic data is behind a login wall or something, then that is a solution that works fine too.
All 3 ways are valid depending on what you need/reason to do it.
I have basically two URL's http://xyzwebsite.com (for Development Testing) and http://abcwebsite.com (For Production). I have a simple Login mechanism where a user can click on Google Plus icon to log in rather than using their Username and Password. I created one Project for Development with obviously different Client ID and different for Production with a separate client ID.
But I tested both the URL's above with the client ID of Development project and it worked fine. I am wondering why there is a need ot having multiple projects in Google API console?
There is no particular need. A single project can have several URLs and client IDs for use.
Some reasons you might use multiple projects include:
Changing project settings in dev without worrying about breaking production
If you have a development script that gets into an endless loop or something it might use up all of the quota and the production app might start throwing errors
You might want clear branding on the dev app that explicitly identifies as not production.
Some unknown reason I can't think of.
I've published my project on my VPS server (MVC 3 project). Now, is it somehow possible to debug the code during the project is being runned on the server ? The same way when it's running on the localhost.
There might be but I believe the fact that you're trying to is a bad sign. By the time you deploy your app you should have proper logging and error handling which should allow you to track down any bugs that occur and reproduce them in your development environment.