OrderCloud.io - Change Password issues - change-password

I'm developing a app where I need to change the password of the logged in user. where I don't need OrderCloud.PasswordResets() which will send email to my mail. I need to change the password without triggering email.
I followed below approach but I'm getting error:
OrderCloud.Me.Patch({"Password": "1234567889"});
Response:
{"Errors":[ {"ErrorCode":"IdExists","Message":"User already
exists.","Data":null} , {"ErrorCode":"InvalidRequest","Message":"User
already exists.","Data":null} ,
{"ErrorCode":"ServerError","Message":"An unknown error has occurred on
the server.","Data":null} ]}
Request URL:https://api.ordercloud.io/v1/me

Edit: Upon further investigation, this error would be thrown if somehow you have users with duplicate usernames under the same organization. If you remove the duplicate usernames and try again, your issue should be resolved.
You should format your request like this, without the quotes on Password:
OrderCloud.Me.Patch({Password: "1234567889"});

Related

[TOKEN_INVALID]: An invalid token was provided

I'm trying to host a discord bot on Heroku.
When it starts I get this error:
"UnhandledPromiseRejectionWarning: Error [TOKEN_INVALID]: An invalid token was provided".
But here is the weird part. It worked fine when I tested it first in Visual Studio Code. So in the process of me getting the files into Heroku, it got invalid.
Does anyone have a clue of how I can fix this?
Thx for any replies in advance.
Deploying app on heroku you have to change you client.login(token) to client.login(process.env.token) and add token to
as token - key and value - token copied from discord developers portal, remember (important note!) letters has to be the same, I mean, if you use capitals in process.env.TOKEN, the config var has to be now TOKEN.
I run into a similar problem, i encrypted the token so that i could store the encrypted token on heroku and decrypt it in the js to pass the actual token to the login method.
The weird part is, if i write the token directly as string into the js file or i use heroku and store it directly there, then it works. But if i store the encrypted token in heroku and decrypt it (and yes it is correctly decrypted) and give the decrypted token to the login method then it does not work.
I dunno if heroku make some weird stuff or discord.js doesnt support something i dont know...
So, what definitly works is:
You insert the token (client secret) on herokus config vars (settings from your dyno), then you use process.env.BOT_TOKEN and pass it to your Discord.Client().login().
I assume in your case its bot.login(process.env.BOT_TOKEN).
So for me it looks like the value i store in heruko and the value i send to discord must be the same...
You should enter a valid Discord bot token. You can obtain it by going to the Discord Developer Portal, then "Applications", select your bot, then go to "Bot" and click "Copy" under the token (it says click here to reveal).
I also encountered this situation.
I discovered that when using dotenv to read data from a .env file (Run on my computer), the names are not case sensitive. (could be wrong)
For example, TOKEN will be able to be treated as token, meaning when process.env.token can be returned with the value of TOKEN in the .env
file
But when I run on Heroku, what I just said will be gone (process.env.token will not return the value of TOKEN, but the token). Try double-checking that the name matches and correct it.
Like you've said, you logged into your bot with bot.login('TOKEN', () => { console.log; }
but bot.login doesn't support callback functions.
What I mean by this is, instead of the code before, you change it to bot.login('TOKEN').

Slack OAuth : Invalid permissions requested for local testing

For my local testing
I am trying to get and save the user's access token from slack.
The first step is to get user's permission, I am trying to redirect the user to the following URL -
https://slack.com/oauth/v2/authorize?scope=commands,bot&client_id=<MY_CLIENT_ID>&redirect_uri=https://localhost:3000/slack-verify/
The request then redirects the user(currently me) to
https://<MY-WORKSPACE>.slack.com/oauth?client_id=<CLIENT_ID>&redirect_uri=https%3A%2F%2Flocalhost%3A3000%2Fslack-verify%2F&state=&scope=commands%2Cbot&user_scope=&granular_bot_scope=1&team=&install_redirect=&single_channel=0&tracked=1
Ideally it should return with a code in GET parameters, but it displays an error on the screen -
<APP NAME> could not be installed. Error details
Invalid permissions requested
What is wrong here?
Edit : Replaced localhost with an ngrok URL as well, but that does not work as well.
steps to reproduce
https://slack.com/oauth/v2/authorize?scope=commands,bot&client_id=<MY_CLIENT_ID>&redirect_uri=https://localhost:3000/slack-verify/
just put your client id and redirect uri local if any.
Redirecting to your ngrok address generally works perfectly.
To make it work you need to
have the ngrok app running your your local machine and
include your personal ngrok address in the call the Slack.
It should look something link this:
https://slack.com/oauth/v2/authorize?scope=commands,bot&client_id=<MY_CLIENT_ID>&redirect_uri=https://12345678.eu.ngrok.io/slack-verify/
In my case, adding im:write permission to the user token scopes was causing this issue. Slack doesn't provide any helpful error message, hence debugging becomes harder.
Changing "User Token Scopes" back to identity.basic and identity.email, made it work.

Darn - that slash command didn't work (error message: `404_client_error`)

I am attempting to call a URI with my Slack slash command but I get the error:
https://pubsub.pubnub.com/v1/blocks/sub-key/sub-c-redacted/mypath
Darn - that slash command didn't work (error message: `404_client_error`). Manage the command at Freshdesk Field Update.
The URI I am trying to call works when I curl it (POST and GET) or just paste it in my browser address.
So I tried a webhook.site URI and it worked fine in the same slash command
https://webhook.site/404279dd-369b-4224-8672-94fa5c0a826c
And this works just fine. Unsure of why the PubNub URI is failing.
Unsure of why the error was occurring but seemed to have something to do with my PubNub Admin Dashboard account. I deleted it and created a new one and it started working with the new function in a new key set in a new account.
If anyone knows actual root cause (perhaps more generic issue than just PubNub account), please provide and I will review and approve as answer if I can verify it.
But for now, my answer is, try creating a new PubNub account.
You have to add template mapping in api gate way. In the integration section you can add it. So that the request from slack will properly map to json.
Find examples here : here and here.
I was also getting the same error, when I was using localhost as the url but after I deployed the server, where slack sends the post request to now and got the url from there. the error is gone.

Fail to confirm user. 400 Bad Request - Invalid app key

im am experiencing problems with the email validation in the appcelerator platform. I have everything configured right and the email arrive in my inbox when a new user is created, but, for some reason, the link to activate the account returns: Fail to confirm user. 400 Bad Request - Invalid app key
I checked in the tiapp.xml and checked if the api keys are properly configured and everything is alright. I have no idea of how appcelerator generate this link to verify what happen. In my template uses the link below:
https://cloud.appcelerator.com/users/confirmation?key={{key}}&confirmation_token={{confirmation_token}}
What im doing wrong? =[
Seems that the documentation is wrong. Only works if the link in the template is https://platform.appcelerator.com/#/users/confirmation/{{key}}/{{confirmation_token}}
I just encountered the same issue and can confirm the bug in the documentation. The correct url is indeed
https://platform.appcelerator.com/#/users/confirmation/{{key}}/{{confirmation_token}}
I'd like to add that there is probably a similar defect in the following documentation for password reset url:
http://docs.appcelerator.com/arrowdb/latest/#!/api/Users-method-request_reset_password
The documentation says the password reset url (if using Appcelerator instead of custom website) should be
https://dashboard.appcelerator.com/#/users/confirmation/{{key}}/{{confirmation_token}}
It seems wrong (copy-paste from email confirmation url perhaps).

Detect invalid login error for Parse user?

Is there any way to tell on the client side if a users credentials are invalid? When I intentionally break a users credentials (change username), they are getting an generic error 101 (kPFErrorObjectNotFound). How can I prompt a user to resolve a a legitimate account issue?
I get the security implications of oversharing with error codes, but even a general "something is wrong with authentication" would help. Maybe there's no harm is prompting after error 101, but I'm not when else that error is used.
You could add a cloud function that you call and it checks if it has a user. If the user is correctly logged in then the passed token is converted into a user for the cloud code to access. Your cloud code can then return a simple response code which indicates if the login is valid or not.

Resources