I would like to allow third-party/crossdomain access to my Heroku api. Currently I have an xml file with crossdomain properties in my other websites... how do I open up access on Heroku to other sites?
Maybe the placement of the xml file is the issue... but I have it all redirected in routes so /crossdomain.xml will point to the correct file.. it just is not allowing access currently.
Related
I have this strange issue while pushing one of my application to PCF.
I wants to implement blue-green deployment for my service and I want to deploy app-v2 version with no-route and then add temp route after deployment done.
because I need to bind one marketplace service UAA Single Sign-on(Provides identity capabilities via UAA as a Service) service at application startup time.
This UAA service is causing issue while pushing.
cf command using for deployment
cf push -f manifest-dev.yml --no-route
Error screenshot:
PCF version 2.x
I have a couple ideas that might help to get around this.
Don't use --no-route. You said I want to deploy app-v2 version with no-route and then add temp route after deployment done, so just skip the --no-route part and put the temp route directly into your manifest-dev.yml file. If you already have a route in that file, you could make a copy and call it manifest-dev-v2.yml and put the route there.
Split this up. Remove your service from the manifest-dev.yml file. Run cf push -f manifest-dev.yml --no-route --no-start. Then map the temp route. Then bind the service. Then run cf start. You could alternatively drop the manifest all together, and just script your cf cli actions in a shell script or something like that.
You could look at using one of the blue/green plugins for the cf cli. There's a few and I can't recommend one over another. You can see them all here (search for blue/green).
http://plugins.cloudfoundry.org/
For a little background on the error that's being reported, the authorization code grant (Oauth2) cannot work without a redirect URL. For this flow, a user get's redirected to the login page and then get's redirected back to your redirect URL once login has occurred. Without that redirect URL, users can't complete the flow. It appears to be failing since you don't have any routes and thus cannot have a redirect URL.
Hope that helps!
I try do auto-deploy for some project, when somebody push to git, deploying occurred for the branch and jenkins setup project and do deploy stuff on a server. For example:
|Branch |URL (will be created) |
|--------|---------------------------------------|
|master |http://master.my-project.example.com/ |
|some |http://some.my-project.example.com/ |
|dev-2e |http://dev-2e.my-project.example.com/ |
all is fine, but project need use google OAuth2, and there is a key, client id, client secret.
So I need setup not just one or just five redirect URIs for google authorization, I need template:
http://*****.my-project.example.com/oauth2redirect
When I try do this, I have error without any reason or explanation. When I just omit all URIs, no one URI is work, but I even agree with turning off this restriction.
Is there any ability to do this? Or programmatic API for adding new URI?
I didn't found any standard way to solve this problem.
How do I add "authorized redirect URIs" to Google OAuth2 using an API?
Says: I need create own proxy server, that will be do redirects. And has the only allowed redirect URI in google console.
If a folder has a permission that allows anyone with the link the read, trying to download specific file from that folder using
https://googledrive.com/host/<<<folder_id>>>/<<<file_name>>>
will redirect to the Google service login page.
However if the folder has a permission that allows anyone to find it and read the file will be downloaded correctly without being redirected to the service login page.
Is this the intended behavior despite the UI claiming "... no login required"?
Yes, that is intended behavior. The URL you're trying to build is from Drive's hosting feature. That requires using the "Public on the web" permission to be accessible there.
Using the lesser permission, it is possible to download via the UI with the link from sharing.
If you're looking for programatic downloads, you can use the Drive API to download without authentication (https://www.googleapis.com/drive/v2/files/FILE_ID?alt=media&key=YOUR_KEY) although that requires at least an API key for the registered app.
Update:
Please note that the server only responds with the headers needed for CORS when a valid origin header is present (browsers normally include this, so don't typically need to do anything.) For example:
curl -vv 'https://www.googleapis.com/drive/v2/files/FILE_ID_HERE?key=YOUR_API_KEY&alt=media' > out.tmp
The above request will not yield access-control-* headers. Including an origin header as a browser would does:
curl -H 'origin: https://www.example.com' -vv 'https://www.googleapis.com/drive/v2/files/FILE_ID_HERE?key=YOUR_API_KEY&alt=media' > out.tmp
I'm trying out Heroku's new "Heroku Review Apps" feature. It creates a new Heroku App whenever you create a new pull request in github for a given project.
I'm trying to get Google OAuth2 support working with them, but each created app has a new URL. e.g. https://my-app-pr-124.herokuapp.com
The problem is that when a user tries to sign in on this new app, Google won't allow redirecting the user back to the app, since Google doesn't trust that URL yet.
I can include my own Google API key with my app, and run a script on deploy, but how can I inform Google that this new URL should be trusted for redirects?
You can't, unfortunately.
You might be able to bounce them off a Redirect Proxy (I made that name up) to achieve what you want. It would look something like:-
Declare a redirect URL of http://myredirectproxy.example.com
At http://myredirectproxy.example.com you have a simple http server which responds with an http 301 to https://my-app-pr-124.herokuapp.com
I am trying to set up google authentication for my local project. I run projects in python virtual environments and have different local domainnames set up for those. Names like projectname.dev. When i enter http://projectname.dev in browser the site opens up.
When i went to https://console.developers.google.com/project/< myprojectid >/apiui/credential?authuser=0 i could set values like javascript origin and authorized redirect uri there. I set javascript origins to http://projectname.dev and tried to put same domain for authorized redirect url too, but it did not work and i had to leave it to localhost.
When i tried to authenticate via django-allauth, i got such response from google:
**Error: invalid_request**
Invalid parameter value for redirect_uri: Non-public domains not allowed: http://projectname.dev/account/google/login/callback/
Now my questions are:
Can i develop this part of project locally with domainname like projectname.dev or do i need to set it up for localhost? Will local redirect from localhost -> projectname.dev work?
If i can do it with projectname.dev, then perhaps there is an error in the way i have this project set up in google developers console?
In any case, if you cannot set the redirect URI in the Cloud Console, Google will throw you our when you try to authorize the app.
My recommendation would be to choose either of those solutions :
Use "localhost" as you said, with some kind of redirection/NAT/proxy to projectname.dev
Replace projectname.dev with a domain with an actual tld such as projectname.thisdomaindoesnotexist.com . Then configure this domain name to map to your servers.
Or wait for ".dev" to be recognized as an actual TLD, and you'll be good :)