Access Django admin from Firebase - django

I have a website which has a React frontend hosted on Firebase and a Django backend which is hosted on Google Cloud Run. I have a Firebase rewrite rule which points all my API calls to the Cloud Run instance. However, I am unable to use the Django admin panel from my custom domain which points to Firebase.
I have tried two different versions of rewrite rules -
"rewrites": [
{
"source": "/**",
"run": {
"serviceId": "serviceId",
"region": "europe-west1"
}
},
{
"source": "**",
"destination": "/index.html"
}
]
--- AND ---
"rewrites": [
{
"source": "/api/**",
"run": {
"serviceId": "serviceId",
"region": "europe-west1"
}
},
{
"source": "/admin/**",
"run": {
"serviceId": "serviceId",
"region": "europe-west1"
}
},
{
"source": "**",
"destination": "/index.html"
}
]
I am able to see the log in page when I go to url.com/admin/, however I am unable to go any further. It just refreshes the page with empty email/password fields and no error message. Just as an FYI, it is not to do with my username and password as I have tested the admin panel and it works fine when accessing it directly using the Cloud Run url.
Any help will be much appreciated.

I didn't actually find an answer to why the admin login page was just refreshing when I was trying to log in using the Firebase rewrite rule, however I thought of an alternative way to access the admin panel using my custom domain.
I have added a custom domain to the Cloud Run instance so that is uses a subdomain of my site domain and I can access the admin panel by using admin.customUrl.com rather than customUrl.com/admin/.

Related

AWS Cognito + React Native Social Sign In Getting "An Error Has Occurred"

I am using React Native + Expo to do Social Sign in Via. Cognito.
Everything is configured correctly, I know this because it worked, and after no change, it stopped working prompting an error.
I find it intresting because when I am in Cognito and I click 'launch hosted UI', it still works, but using my app displays the following error:
My aws-exports.js looks like (cut only important info):
"oauth": {
"domain": "upliftXXXXXXXX.us-west-2.amazoncognito.com",
"scope": [
"phone",
"email",
"openid",
"profile",
"aws.cognito.signin.user.admin"
],
"redirectSignIn": "exp://127.0.0.1:19000/--/",
"redirectSignOut": "exp://127.0.0.1:19000/--/",
"responseType": "code"
},
and my cognito setup is:
also, i am using basic sign-up/sign-in calls, all followed by https://docs.amplify.aws/lib/auth/social/q/platform/react-native/#setup-frontend

Create datasource for Google BigQuery Plugin using the Grafana API

Issue:
I would like to steer clear of using the traditional.
authenticationType: jwt
clientEmail: <Service Account Email>
defaultProject: <Default Project Name>
tokenUri: https://oauth2.googleapis.com/token
And use a service account json file from GCP. Is there anyway of doing this?
Environment:
OpenShift running in GCP. ServiceAccount key is mounted.
So if understand your comments correctly, you want to create a BigQuery data source using the Grafana API.
This is the JSON body to send with your request:
{
"orgId": YOUR_ORG_ID,
"name": NAME_YOU_WANT_TO_GIVE,
"type": "doitintl-bigquery-datasource",
"access": "proxy",
"isDefault": true,
"version": 1,
"readOnly": false,
"jsonData": {
"authenticationType": "jwt",
"clientEmail": EMAIL_OF_YOUR_SERVICE_ACCOUNT,
"defaultProject": YOUR_PROJECT_ID,
"tokenUri": "https://oauth2.googleapis.com/token"
},
"secureJsonData": {
"privateKey": YOUR_SERVICE_ACCOUNT_JSON_KEY_FILE
}
}
So there is no way to avoid the code snippet you wanted to "steer clear of", however there is no need to take the JSON key file apart, just provide it to privateKey. You only have to provide the service account email additionally to clientEmail and the project id to defaultProject. Otherwise not different than using the UI.

Access denied for service account (permission issue?) when importing a csv from cloud storage to cloud sql

I'm trying to populate a mysql db with a csv that i have in cloud storage
I'm using the API Explorer to execute the request with the following request body:
{
"importContext": {
"csvImportOptions": {
"columns": [
"col1",
"col2",
"col3"
],
"table": "table_name"
},
"database": "db_name",
"fileType": "CSV",
"kind": "sql#importContext",
"uri": "gs://some_bucket/somecsv.csv"
}
}
When i hit the execute button i receive a 200 response with the following body
{
"kind": "sql#operation",
"selfLink": "https://www.googleapis.com/sql/v1beta4/projects/somelink",
"targetProject": "some-project",
"targetId": "some-tarjet",
"targetLink": "https://www.googleapis.com/sql/v1beta4/projects/somelink",
"name": "some-name",
"operationType": "IMPORT",
"status": "PENDING",
"user": "myuser#mydomain.com",
"insertTime": "somedate",
"importContext": {
...
}
}
But if i go to the detail instance page in the google console i see this message:
gs://link-to-csv: Access denied for account
oosyrcl32gnzypxg4uhqw54uab#somename.iam.gserviceaccount.com
(permission issue?)
I'm authenticated with the same account that created the bucket in cloud storage where the csv is and this also happens using the python sdk.
You are trying to do an import from your bucket to your Cloud SQL instance, but, said import is going to be made by a service account, one in particular, which can be seen in the “Service account” section while seeing the details of your Cloud SQL instance.
It might be that the CloudSQL service account does not have appropriate permissions to access the Cloud Storage bucket with the data to import.
In order to create a successful import between SQL instance and Storage buckets, proper permissions should be set first. You should give to the service account "oosyrcl32gnzypxg4uhqw54uab#speckle-umbrella-27.iam.gserviceaccount.com" the Storage Object Viewer role.
Go to: https://console.cloud.google.com/iam-admin/iam
Click Add, to add a new member.
Paste the gserviceaccount.com email address that was presented in the error message into the New Members field.
Add 2 roles:
Cloud SQL Viewer
Storage Object Admin
Click Save.

Actionable Message post to Azure Functions or Azure Logic Apps

If I want my Actionable Message to send a HttpPOST to an Azure Function or Azure logic app, how do I get this working?
I have tried the following two senario's with out any luck:
Azure function with Azure Active Directory Authentication. When I call it, I get the following response:
{
"innerErrorCode":"ProviderException",
"innerErrorMessage":null,
"authenticationUrl":null,
"displayMessage":"The action could not be completed."
}
This target URL is registered in the Actionable Email Developer Dashboard.
The function is not even triggered, so the error is coming from
/actions/userid/messages/.../executeAction
call.
Azure function with no authentication, I get the following response:
{
"innerErrorCode":"InvalidTargetUrlException",
"innerErrorMessage":null,
"authenticationUrl":null,
"displayMessage":"Target URL
'https://mysite.azurewebsites.net/api/ActionableMessage' is not allowed."
}
Thanks
Can you share the actionable message json which you are using to send mail?
you need to have a entry in potential action as a input along with followed action e.g. a options multi select represented as:
{
"#type": "ActionCard",
"name": "SelectResource",
"inputs": [
{
"#type": "MultichoiceInput",
"id": "<id_which_will_be_used_for_fetching_value>",
"isRequired": true,
"title": "Pick an option",
"style": "expanded",
"choices": $6
}
],
"actions": [
{
"#type": "HttpPOST",
"name": "Select one of the resource for booking",
"target": "your_azure_function_url",
"body": "{{<id_of_the_input>.value}}" //will be received in function
}
]
}

System.getenv() returning VCAP_SERVICES : "******"

System.getenv() is returning json with VCAP_SERVICES : "******". My cloud foundry java spring-boot app is bound to three services. If I give cf env app_name in CLI, its returning all bound services correctly. Also VCAP_APPLICATION and other fields in returned json are just fine except this one.
A Little background:
I need to get service name, label and plan for all the services bound to my app. I'm new to cloud foundry and spring-boot, so don't know how to use spring cloud connectors in my code.
The value in the VCAP_SERVICES environment variable will be a JSON string that you need to parse, and it will give you an object describing all the bound services, including data like name, label, and plan. If you Google "vcap services" or "cloud foundry environment variables" the first result is this doc, and it has a section on VCAP_SERVICES. Here's the example they provide of what this JSON object looks like (after parsing):
{
"elephantsql": [
{
"name": "elephantsql-c6c60",
"label": "elephantsql",
"tags": [
"postgres",
"postgresql",
"relational"
],
"plan": "turtle",
"credentials": {
"uri": "postgres://seilbmbd:ABcdEF#babar.elephantsql.com:5432/seilbmbd"
}
}
],
"sendgrid": [
{
"name": "mysendgrid",
"label": "sendgrid",
"tags": [
"smtp"
],
"plan": "free",
"credentials": {
"hostname": "smtp.sendgrid.net",
"username": "QvsXMbJ3rK",
"password": "HCHMOYluTv"
}
}
]
}
As you suggest wanting to try to to acces this info in your code you should consider the cloud foundry java client, good intro here and its really easy to get up and running. I've found that the api is somewhat limited but its worth looking at - http://docs.cloudfoundry.org/buildpacks/java/java-client.html