Trying to figure out how to use Google's play-integrity api to verify nonces.
I've hit this roadblock and am unsure what other things I could try to debug and get more information out of this API. Below is a series of steps I've taken to get to the point I'm currently at.
What I've done:
Created a service account within the Google Cloud project with the grants:
Service Account User and Service Usage Consumer
Setup Google Auth Default Credentials
Set environment variable:GOOGLE_APPLICATION_CREDENTIALS by pulling down imported json from service account.
Where I'm at now:
Used google-api-client to build and call playintegrity, resulting in the response:
Code snippet:
response = service.v1().decodeIntegrityToken(
packageName='com.myapp.package',
body={
'integrityToken':'superLongString'
}
).execute()
raise HttpError(resp, content, uri=self.uri)
googleapiclient.errors.HttpError: <HttpError 400 when requesting
https://playintegrity.googleapis.com/v1/com.myapp.package:decodeIntegrityToken?alt=json
returned "Integrity token cannot be decoded due to invalid arguments.".
Details: "Integrity token cannot be decoded due to invalid arguments.">
What I'm trying to do:
I'm trying to better understand how to call decodeIntegrityToken with the right parameters or configurations to retrieve a 200. It is not immediately clear to me which of it is is and what the next steps to debug are.
Resources used:
https://developer.android.com/google/play/integrity/verdict#returned-payload-format
Decode integrity token using Google PlayIntegrity API
If you are receiving an INTEGRITY_INVALID_ARGUMENT check one of the following:
arguments in body_request are incorrect.
integrity_token, which is retrieved by google upon sending over a nonce. Note that this integrity_token needs to be correct or else it will still send the same error message above.
Related
I'm following this tutorial here to attempt to authenticate using Token Based Authentication with Netsuite:
through postman using Netsuite's Postman environment, but I continue to receive "401 Invalid login attempt".
When I check the Login Audit Trail, I see that there is no role being assigned to my authentication attempts -- it's just blank. To me, this indicates that the token is not properly assigned to the User/Role, but I've walked through the directions several times and everything appears to be setup properly.
I've seen other similar posts about this, but those seem to boil down to the Netsuite Account ID formatting. However, my Netsuite Account ID is all numbers, so I don't think this is a factor.
This should work fine assuming you have created an integration and an access token. Configure Oauth 1.0 in postman with the following fields filled out correctly:
signature method (should be HMAC-256)
consumer key (from the integration you created in netsuite)
consumer secret (from the integration you created in netsuite)
access token (from the access token created in netsuite)
token secret (from the access token created in netsuite)
realm (your account id, if using a sandbox, make sure the realm looks like 1234567_SB1, with an _ and not a -)
You won't be able to complete TBA using postman because using netsuite TBA requires a callback URL that netsuite will redirect you to with the necessary credentials (access token and & token secret).
I'm having this exact same issue. I have custom code written in Salesforce APEX that is connecting to NetSuite just fine. We also have a Workato integration that is connecting to NetSuite just fine.
No matter what I do in Postman, I get a 401 Invalid Login response. I'm losing my mind...
I finally got this to work for me. Postman had a request header of "Connection"="keep-alive". Once I removed that it worked fine! Wow.. I've been trying to get this to work for weeks, looking at it every few days for an hour or two. What a frustrating error message "Invalid Login".
I am new to informatica. I am trying to create a swagger file to call rest API.
I have given following information and getting error. The same information I am passing in postman and getting resulsts. Not sure what mistake I have done. Could anyone help
Looking at the Screen shot and error highlighted, I can suggest to check the authentication.
In your screenshot, AuthenticationType is set to None, however the error clearly states that authentication required and is failing with 401 (Unauthorized Access) error.
To double check, you can try connecting the same url in postman and I am sure you will get same error.
So, choose Authentication Type to relevant one. Basic is the most common which works on username / password combination.
I have an IOT thing on my AWS account. Using python code I can easily get status and update device shadow via REST api but when I try to use postman to get or update device shadow it gives me an error saying "credential should be scoped to correct service".
I am 100% sure that credentials and permissions are correct because using python code I can make successful requests. I used this link https://docs.aws.amazon.com/apigateway/latest/developerguide/how-to-use-postman-to-call-api.html but its not giving me device updates.
Here is the screenshot for request.
Error message
I got this error when the Service Name was set to 'execute-api' (as indicated by the documentation you point to) instead of 'lambda'.
I'm trying to use WSO2 API Manager 1.10.0 on an existent micro-services project with REST APIs following WSO2 tutorial.
I have installed it on my computer as well as a copy of my application and configured AM to manage requests (GET, POST and DELETE) to my resource but I always obtain a "Response code 0" with Response Header
{
"error": "no response from server"
}
Trying to contact my application using Advanced REST Client I obtain 200 with the correct result.
My APIs use a token inside the header to authenticate the user passed so I have implemented a dummy API without authentication but I still have the same issue.
I have tried also the Cloud version with our test server but still obtaining the same result.
I found this guide http://wso2.com/blogs/cloud/video-setting-up-custom-url-for-api-store-and-gateway/ but I don't know if this can be a solution for the problem in localhost.
Setting up the custom url in WSO2 API Cloud wont help. Thats there for a different purpose. There are two things you can do.
If you are interested in going ahead with the cloud version, you can get help from them. You can send a support request and the cloud team will help.
You can troubleshoot your local instance. When doing so, first, try to invoke your api via curl and see whether it gets a response. Sometime, your api can work fine, but due to some reasons, the result might not reach the api console.
If the curl works fine or not, you can check the logs to see whether there are any errors printed. Some more questions:
Is your backend service exposed via http or https?
If it is https, then if its certificate is not a CA signed one, API Manager will fail during the handshake. If so, you will have to add the cert to api managers client-truststore.jks
In the cloud scenario, your backend should be accessible from internet and the certificate story is valid for cloud too.
Are you trying to access the api using swagger console (or any web application). There are couple of reasons you could encounter this issue. one could be certificate not installed in the browser.
If this happens you should see some error log in the api manager console (something related to CA not found). for that first you can copy the backend url (swagger console shows the url it used to send the request) and paste it on a new browser window and install the certificate to the browser.
also you can get an idea about the issue by using a tool like firebug and check the request. (it will show the error for not connecting the AM)
Finally I have found the issue: the API Manager does not accept plain text response, responding using a JSON solves the problem.
Using other mediatype such as XML or TEXT/HTML it reports 406, with text plain it returns Error 0.
I am using wso2 1.10.0 api manager for first time. I need to access the http backend with simple query parameter. I published the api and tried either by setting as queryparam or json object, it's not giving me the expected result. I will get binary response or method not allowed. When tried setting only http endpoint I never got response its just keeping processing for long time. Please suggest me how do I access simple http backend. Need to show demo in a week.
Please help to solve this.
You get 'method not allowed' when you try to access a resource which was not defined for that method (say backend has POST method supporting resource only and you try to do a GET request)
I guess the issue is with the way you have defined the resources for the api from the publisher application. (invalid HTTP methods for resources)
If you think you have defined them correctly, then the next step to identify the issue is wirelogs. wirelogs provide all the info in request passing through the api manager gateway (request headers, body etc)
Follow this article http://mytecheye.blogspot.com/2013/09/wso2-esb-all-about-wire-logs.html on how to enable and read them
You can then directly call the backend (say curl -v to the backend) and compare the request from the direct call vs the one going out from
gateway to the backend and check the difference. This would help you start finding the issue
Since you are new to API manager, I would recommend you to do following first
Try out a simple scenario similar to your one. You can google it. This is from official documentation. would recommend to try out a simple scenario first. say https://docs.wso2.com/display/AM1100/Convert+a+JSON+Message+to+SOAP+and+SOAP+to+JSON
Then use SOAP UI or similar app to directly call the backend web service (not the api manager) and get the SOAP request and SOAP response for the backend.
Then create the api in API manager. you need to do the same thing in the sample i provided. only difference is the soap payload. use the previously collected SOAP messages.
Enable wire logs. for that see the comments in the previous answer. In wirelogs you will see >> and << signs
To read the wire log, first we have to identify message direction.
DEBUG - wire >> - This represent the message coming into API manager from the wire (will notice two set of these. one coming in to the
gateway from the rest client and response coming in to the api manager from the backend. )
DEBUG - wire << - This represents the message going to the wire from API manager (again two sets. request going from api manager to the
backend service and the response sent to the rest client from the api manager.)
the soap message will be printed in this log. check for the request going from api manager to the backend and the response coming from the
backend to the api manager. you can compare that to the onces you collected in the step 2 and do modifications if needed to the sequnces.
the wirelogs will also print the http headers. so check that as well.
hope you could set up a working sample using these steps