o-auth login with wykop.pl - laravel

Now I wish to build a login function with Wykop.pl API.
Can anybody help me to setup the thing?
As of now, I don't even have clue how to fill the
'scope' => array()
not to mention which privileges I should enable when connecting my app to wykop.pl
'Wykop' => array(
'client_id' => '423423',
'client_secret' => '0XMRI423423BfDFG',
'redirect_url' => 'http://www.appname.pl/dashboard',
'scope' => array('login', 'klucz_polaczenia','profile'),
),
This is a SDK for the site https://github.com/p1c2u/wykop-sdk
Unfortunately, as for now I am unable to translate the code into sth useful to me.
For the purpose of o-auth login, should scope include 'login' and 'klucz_polaczenia' ?
After the function is done, it would be a good idea to add the example to
this project repository of examples:
https://github.com/Lusitanian/PHPoAuthLib/tree/master/examples
Edit:
Wykop is not using o-auth... so the package I was trying to use is of no value.
Any help appreciated.
Edit 2:
The clostest I got to my goal is using this repo:
https://github.com/matiit/wkop

I did this recently. I'm using following workflow:
Display the login form to the user, with redirect set to callback.
Check the signature of callback, if correct then proceed.
Check, if I can login on Wykop.pl with received token, if so, then proceed.
Check, if user exists in my database, if so, I login him, if not, I create and login him.
Whole process of connecting with Wykop.pl API is available here: http://www.wykop.pl/dla-programistow/dokumentacja/#info6_7_5

Related

Laravel Passport; using OAuth2 for SSO with Freshdesk

I am trying to set up SSO from my Laravel 8.13 site to my related Freshdesk support portal.
What I want is for a user, who is logged into my site, then to be able to click a button and get seamlessly signed into my Freshdesk support portal so they can view the non-public documentation there and raise tickets if required.
Using Laravel Passport 10.1 I can create a token (tested using Postman) but get an error from Freshdesk when trying to authenticate.
An error occurred while attempting to retrieve the userinfo resource: could not extract response: no
suitable httpmessageconverter found for response type [java.util.map<java.lang.string,
java.lang.object>] and content type [text/html;charset=utf-8]
I have not used OAuth before and am having issues. It may of course be that my understanding of OAuth is just completely wrong but I am finding available documentation on Laravel Passport / Freshdesk OAuth connectivity hard to come by.
I have been through as many related SO questions as I have found but nothing so far seems to exactly fit my issue.
I have also got open tickets with Freshdesk and have had an online support session with a Freshdesk support member but they told me the issue was on my side and they couldn't help further.
I would have thought the client type to use was a Personal Access Client but I have tried that as well as a Password Grant Client and get the same message (as above) for both client types.
As far as the "User info URL*" field on Freshdesk goes,
I have tried
http://testsite.ngrok.io/oauth/tokens
and
http://testsite.ngrok.io/oauth/personal-access-tokens
and
http://testsite.ngrok.io/api/user
But no luck - same message regarding not finding userinfo resource as above.
If I browse directly to
http://testsite.ngrok.io/oauth/personal-access-tokens
I get the following returned:
[{"id":"e595f342722c1045e061f2f026fa7f07181b3d5c69016e9999c5640f1e65928ff6fe2621565ff666c5",
"user_id":43128,"client_id":7,"name":null,"scopes":"openid","email","profile"],"revoked":false,
"created_at":"2021-01-26 10:16:12","updated_at":"2021-01-26 10:16:12",
"expires_at":"2022-01-26T10:16:12.000000Z","client":
{"id":7,"user_id":null,"name":"freshworksPersonalAccessClient",
"provider":null,
"redirect":"https:\/\/testsite.freshworks.com\/sp\/OAUTH\/27402945223480041\/callback",
"personal_access_client":true,"password_client":false,"revoked":false,
"created_at":"2021-01-19T23:19:39.000000Z","updated_at":"2021-01-19T23:19:39.000000Z"}}]
so something is returned but I am not sure if that is in any way near what Freshdesk is looking for. The support documentation for Freshdesk states :
But I do not know where to create that info or in what format it needs to be sent to Freshdesk.
I have looked at this question and believe that (even though it is for older versions) there might be something in the code for "getUserEntityByUserCredentials" in the UserRepository.php file but I have put logger calls in that function and it doesn't seem to be called.
Any assistance would be absolutely great. If any further information is required please let me know.
Although I would prefer to keep it within the Laravel ecosystem, I am also open to any other way to set up SSO to Freshdesk without using a third party Identity Provider like ADFS, OneLogin, Okta, Azure and suchlike. I just need to get this done.
Solved it. Basically my issue was the format and content returned by the User info URL.
I set up a route for
/userinfo
to a function in a TestController. In that function I decoded the Bearer token to get the user_id and then used that to retrieve the user details.
Then I created an array and response as below:
$thisDecodedUser = User::query()->findOrFail($thisDecodedUserId);
if ($thisDecodedUser) {
$thisDecodedUserFirstName = $thisDecodedUser->first_name;
$thisDecodedUserLastName = $thisDecodedUser->last_name;
$thisDecodedUserEmail = $thisDecodedUser->email;
}
$user_info = array();
$user_info['sub'] = "$thisDecodedUserId";
$user_info['id'] = "$thisDecodedUserId";
$user_info['email'] = "$thisDecodedUserEmail";
$user_info['.id'] = "$thisDecodedUserId";
$user_info['.email'] = "$thisDecodedUserEmail";
$user_info['email_verified'] = "true";
return response(json_encode($user_info))
->withHeaders([
'Content-Type' => 'application/json',
]);
The code needs refactoring but at least it works for now.
Thank you for pointing me in the right direction in this answer : https://stackoverflow.com/a/65929987/920598
Even if the array you use contains unused keys.
Actually, the available fields and their format are described here https://support.freshdesk.com/en/support/solutions/articles/50000002088-configuring-custom-sso-policies-under-org
For example, if you want to sync the firstname, the lastname and the language, here's the keys you need to set :
<?php
$user_info = [
'sub' => (string)$user->id,
'unique_id' => (string)$user->id,
'email' => $user->email,
'FirstName' => (string)$user->firstname,
'LastName' => (string)$user->lastname,
'language' => $user->default_ln === 1 ? 'fr' : 'en'
];

Laravel - GET request download logout automaticlly

i have a download file link like this:
Download file
ROUTES
Route::group(['middleware' => ['web','auth','Admin','active'], 'prefix' => 'admin'], function(){
// USERS
Route::resource('user','UserController');
Route::post('user/permissions/update','UserController#update_permission')->name('update_user_permissions');
// MODULI
Route::resource('module','ModuleController');
// MODULISITICA
Route::resource('modulistica','ModulisticaController');
Route::post('modulistica_cliente','ModulisticaController#update_client_module')->name('modulistica_post_cliente');
Route::post('modulistica_prodotto','ModulisticaController#update_product_module')->name('modulistica_post_prodotto');
Route::get('modulistica/download/cliente/{file}','ModulisticaController#download_cliente')->name('modulistica_download_cliente');
Route::get('modulistica/download/{file}','ModulisticaController#download_module')->name('modulistica_download_module');
Route::get('modulistica/download/prodotto/{file}','ModulisticaController#download_prodotto')->name('modulistica_download_prodotto');
// UTILITY
Route::post('utility/become/client','UtilityController#become_client')->name('utility_become_client');
Route::resource('loan','LoanController');
Route::get('area_download/document/{file}', function ($file){
$path_file = storage_path().'/app/public/documents/'.$file;
return response()->download($path_file, $file);
})->name('download_document');
});
ERROR
Arrival at the "https://mysite.it/admin/loan" view without problems. When I click on the GET link it redirects me to the LOGIN, but being my user logged in by login redirects me to "https://mysite.it/home".
I did some tests getting the following information:
Request does not arrive at route "area_download / document / {file}"
The request does not arrive at the 'Admin', 'active' middlewares.
So my conclusions are that the problem is in the middleware "Web" or "Auth" but I can not understand why. Place the entire group of routes, if it can be useful. If you need more on the routes, I can attach screenshots!
I would appreciate your help thank you!
If you just allow downloading a file without any authentication then,
You can try this :
Blade File
Download file
From this user can directly download the file. Just need to add file path in href and download attribute.
or else remove the middleware AUTH if you don't want to Authenticate the user.
And you want to authenticate the user then need route:list and middleware details.
I found the solution! the problem was that my get request was made this way.
https://mysite.it/admin/area_download/document/example.pdf
the final PDF extension creates system error. Avoiding the final extension such as:
https://mysite.it/admin/area_download/document/example.pdf/go
Problem solved!

Magento API Call 503s

Everything in my Magento store is working ok, except for a route I created that calls the API:
$proxy = new SoapClient('SOAPCLIENTURL');
$sessionId = $proxy->login('USERNAME', 'PASSWORD');
$proxy->customerCustomerCreate($sessionId, array(
'email' => $email,
'firstname' => '',
'lastname' => '',
'password' => $password,
'website_id' => 7,
'store_id' => 7
));
When I comment out these lines, the route works fine. Any ideas why this 503s the page and how to fix it?
The code block that's causing your problem is a request to an external API that could fail for numerous reasons. The way you'd fix this is to monitor your server and Magento error and exception logs for errors, take a look at the error, and then fix the problem (or post the specific error to a site like this and ask for help).
You could also try running the above code snippet outside of a Magento context (in a stand along script) and see what sort of error you get.
If errors aren't showing up then you need to research how to setup your system for proper error handling.
Also, if you're setting up a Magento route and making an API call into the same system, there's no reason to use the SOAP or XML-RPC layer. Each Magento API section has a corresponding PHP object that contains all the logic. The above method is equivalent to
Mage::getModel('customer/customer_api_v2')->create(array(...));
With the real PHP class being at
app/code/core/Mage/Customer/Model/Customer/Api/V2.php
and the create method defined at
app/code/core/Mage/Customer/Model/Customer/Api.php

Why can Gibbon Gem access API but can't listSubscribe()?

I'm trying to get mailchimp integrated with my ruby-on-rails app using the Gibbon gem.
I've successfully accessed the API. I tested it by getting a list of all my mailchimp lists. However, I'm running into problems with the listsubscribe method. I'm not getting any errors, it just isn't working at all.
I have the following code in the controller for the page where users sign up, after the user is made and their information can be accessed.
gb=Gibbon::API.new
gb.listSubscribe({:id => "the-id-for-list", :email_address => user.email, :update_existing => false, :double_optin => false, :send_welcome => true, :merge_vars => {'FNAME' => user.first_name, 'LNAME' => user.last_name, 'MERGE3' => user.subscription, 'MERGE4' => DateTime.now}})
It does nothing. I've tried playing around with the parameter phrasing (à la this post:How do you use the Gibbon Gem to automatically add subscribers to specific interest groups in MailChimp?) I've tried structuring it more like in this tutorial: http://www.leorodriguez.me/2011/08/subscribe-member-into-mailchimp-using.html
I have no idea what's going wrong. As I said before, other API calls are going through to MailChimp. Do you have any suggestions? Thank you in advance.
It turns out I had the code in the wrong place. I was not putting it where users were actually being created, but in the code to generate the view to ask users to sign up. Once I moved it to where the user was actually created, it worked fine.

wwv_flow_custom_auth_std.login redirect to current page

I am building an apex app and using the wwv_flow_custom_auth_std.login() function . My current app's main page is page 102.
What I am trying to do is have a process run before the header that will validate the user and call the wwv_flow_custom_auth_std.login() method and redirect the user to the current page. Basically what I am going to do down the line is redirect to an error page if the user is not found but anyway my question is, I keep getting a redirect error when I redirect to the page that I am currently on. Is this not allowed? My function looks like this
wwv_flow_custom_auth_std.login(P_UNAME => :P102_USERNAME,
P_PASSWORD => :P102_PASSWORD,
P_SESSION_ID => v('APP_SESSION'),
P_FLOW_PAGE => :APP_ID||':102');
A much simpler approach would be to create an Authentication Scheme. This can be done in Shared Components -> Authentication Schemes.
The wwv_flow_custom_auth_std.login procedure is already called after submit on the default login page so there's probably no need for you to call it.

Resources