Is there a way to change the scope/permission when using Microsoft.Web.WebPages.OAuth? The most logical place is when registering the client with OAuthWebSecurity.RegisterClient. I thought that the adding scope to the extraData parameter would possibly work, but I didn't have success with that.
Microsoft.Web.WebPages.OAuth does not expose the scope when authorizing with a client. I ended up adding custom DotNetOpenAuth clients to include my necessary scope.
The extradata is something you can pass about the provider and use it in tehe UI layer. For eg. extra data could be the icon to display when listing the provider to use for login.
Following post shows how you can write your own provider and plug it into your site
http://blogs.msdn.com/b/webdev/archive/2012/08/23/plugging-custom-oauth-openid-providers.aspx
Related
I want to add "Weather: 24C" to the rental-listing component of the super-rentals tutorial app.
Where would be the "best-practices" place to put this ajax request?
Ember.$.getJSON(`http://api.openweathermap.org/data/2.5/weather?q=${location}&APPID=${apiKey}`)
.then(function(json) {
return JSON.parse(json).main.temp;
});
Do I need to add a component, add a model, add a service, add a second adapter, modify the existing adapter? Something else? All of these? Is the problem that the tutorial uses Mirage? I ask this because when I think I'm getting close, I get an error like this:
Mirage: Your Ember app tried to GET
'http://api.openweathermap.org/data/2.5/weather?q=london&APPID=5432',
but there was no route defined to handle this request.
Define a route that matches this path in your
mirage/config.js file. Did you forget to add your namespace?
You need to configure mirage to allow you making calls to outside in case mirage is active; what I mean is using this.passthrough function within mirage/config.js, that is explained in api documentation quite well.
Regarding your question about where to make the remote call is; it depends:
If you need the data from the server to arrive in case a route is about to open; you should prefer putting it within model hook of the corresponding route.
If you intend to develop a component that is to be reused from within different routes or even from within different applications with the same remote call over and over again; you can consider putting the ajax remote call to a component. Even if that is not a very common case usually; it might be the case that a component itself should be wrapped up to fetch the data and display it by itself for reusing in different places; there is nothing that prevents you to do so. However by usually applying data-down action-up principle; generally the remote calls fall into routes or controllers.
Whether using an ember-data model is another thing to consider. If you intend to use ember-data; you should not directly use Ember.$.ajax but rather be using store provided by ember-data and perhaps providing your custom adapter/serializer to convert data to the format ember-data accepts in case the server do not match to the formats that ember-data accepts. In summary; you do not need to use models if you use pure ajax as you do in this question.
I'm trying to use express-flash in a standard web express js app. I don't want to use session, because I want to do the app as stateless as possible, but when I try to use without session, the app show me this error:
req.flash() requires sessions
Can I use express-flash without session? Can I use other alternatives for this kind of messages?
Thanks.
Note: A flash message is a variable stored within a session that is only available once, for the next request. That is if we put a flash variable and renders a page, the flash variable is available but if we render the same (or other) page again the flash variable is not present (it is destroyed).
-- acanimal
Based on this premise, you need to have sessions to use message flashing.
One way I think you can accomplish what you want is to add an item to the request (req) object in your middleware, and then in your controller, check if the key exists. You can then pass a specific message to your template, assuming you're using a template engine or pass it as part of your response.
Hope this helps.
To update the resource i have exposed following reset web api url -
http://server.com/api/v1/{companyid}/resources/{resourceid}
and request body contains the resource to be updated.
I have also exposed a seperate API to update a property of same resource. From business rule perspective this is special property and cannot be updated/retrieved along with normal resource api.
So using following url to expose separate api as below -
http://server.com/api/v1/{companyid}/resources/{resourceid}/property?propertyKey=propertyValue
this does not sound good. Is there better approach?
Answer from the comments for others
PUT api/v1/{companyid}/resources/{resourceid}/{property} with the Body containing the value of the property is one way.
PUT api/v1/{companyid}/resources/{resourceid}/{property}/{propertyvalue} is another way if you want the value entirely in the URL.
Of course, http://server.com/api/v1/{companyid}/resources/{resourceid}/property?propertyKey=propertyValue is also probably fine.
As #David-Brabant mentioned don't version your API's in the URL
I am currently implementing SSO with DotNetOpenAuth. However, when working locally, I need to send requests via a proxy. I am happy to do this programatically or via config setting but I am struggling to find where to add it to the TwitterConsumer class supplied in the application block.
Any help much appreciated
So the easiest way is probably to set the proxy in your .config file or programmatically using WebRequest.DefaultWebProxy.
Alternatively, just set the proxy properties on the HttpWebRequest objects like any other .NET request. For those request objects you don't see because DotNetOpenAuth creates and issues them automatically, you can implement IDirectWebRequestHandler and pass that into DNOA so you get to intercept each outgoing HttpWebRequest, but that is considerably harder and probably not necessary considering your other options.
I'd like to be able to access some HTTP GET parameters directly in a JSP, without having to pass them through a Controller+Model, but at the same time still use the dispatcher/controller/model/view mechanism for other parameters and logic.
This is because I have many HTTP GET parameters that are generated by Javascript and used also only in Javascript. My Controllers don't need them at all.
I tried ${arg}, ${request.arg}, ${requestScope.arg}, nothing seems to work.
If I bypass the dispatcher, ${requestScope.arg} works.
But is there a way to make it work with the dispatcher?
Thanks!
If that's request parameters that you want to access (and not request attributes like the title says), then the syntax is ${param.parameterName}.
If it's request attributes, then it's ${requestScope.attributeName}.
See http://java.sun.com/products/jsp/syntax/2.0/syntaxref207.html#1010522 for a quick reference.