In the server of cubejs, I generated a token by cubejs token -e "180 day".
Then I assign it to CUBEJS_API_SECRET in .env; and assign it to const cubejsApi = cubejs(.... Then I launched the backend and the frontend, I got the following error:
Invalid Token: {
"token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpYXQiOjE1ODg5MzQyOTYsImV4cCI6MTYwNDQ4NjI5Nn0.RVdHlpfubXDgwG1FRYbUm-UDLVBjnb-HSVTK5bEy-ZU"
}
JsonWebTokenError: invalid signature
at /Users/chengtie/Downloads/tmp20200414/cubejs/node_modules/jsonwebtoken/verify.js:133:19
at getSecret (/Users/chengtie/Downloads/tmp20200414/cubejs/node_modules/jsonwebtoken/verify.js:90:14)
at Object.module.exports [as verify] (/Users/chengtie/Downloads/tmp20200414/cubejs/node_modules/jsonwebtoken/verify.js:94:10)
at ApiGateway.defaultCheckAuth (/Users/chengtie/Downloads/tmp20200414/cubejs/node_modules/#cubejs-backend/api-gateway/index.js:551:28)
at ApiGateway.checkAuth (/Users/chengtie/Downloads/tmp20200414/cubejs/node_modules/#cubejs-backend/api-gateway/index.js:572:18)
at Layer.handle [as handle_request] (/Users/chengtie/Downloads/tmp20200414/cubejs/node_modules/express/lib/router/layer.js:95:5)
at next (/Users/chengtie/Downloads/tmp20200414/cubejs/node_modules/express/lib/router/route.js:137:13)
at Route.dispatch (/Users/chengtie/Downloads/tmp20200414/cubejs/node_modules/express/lib/router/route.js:112:3)
at Layer.handle [as handle_request] (/Users/chengtie/Downloads/tmp20200414/cubejs/node_modules/express/lib/router/layer.js:95:5)
at /Users/chengtie/Downloads/tmp20200414/cubejs/node_modules/express/lib/router/index.js:281:22
Regardless of this error, it seems that the data query worked. Does anyone know what happened?
CUBEJS_API_SECRET is generated by default when Cube.js project is created. Unless you want to redefine it you don't need to assign it in .env file. You should only pass it to cubejs() on client side. Please see https://cube.dev/docs/security#generating-token.
Related
I am generating a custom email address within the pre-request script and I set it as a global environment variable, i.e.
pm.environment.set('email', email)
My request body can be seen below:
{
"email": "{{email}}",
"country": "CH",
"password": "test",
}
However the server always returns me a 401 response, I am assuming that Postman is not resolving the variable for some reason, hence actually trying to post '{{email}}' as email parameter, which will be rejected by the server to prevent js injections.
First,
pm.environment.set('email', email) this set environmental variable not as global variable.
So if you are doing pm.environment.set('email', email) like this then make sure you have selected the correct envionment while sending the request.
Second,
You can set email as global variable using pm.globals.set("variable_key", "variable_value");
Also 401 response code means Unauthorized error which means authentication for the request is not correct.
When making a request to a flask route that requires a JWT to access using (#jwt_required decorator on flask-restful resources), I get a 422 UNPROCESSABLE ENTITY with the message: The specified alg value is not allowed.
When logging in and navigating to the (frontend) route that calls the request:
this.axios.get("/jobs").then(res => {
console.log(res.data);
this.jobs = res.data.jobs;
});
in the same go, it works as expected, however on refresh it then shows the 422 error.
I store the token in localstorage and load it into axios headers like so:
const api = {
init: function() {
Vue.use(VueAxios, axios);
Vue.axios.defaults.baseURL = DEV_URL;
},
setHeader: function() {
const token = `Bearer ${getToken()}`;
Vue.axios.defaults.headers.common["Authorization"] = token;
},
};
and call init() and setHeader() in my main.js so I am confused why this is causing an error only after a refresh.
I haven't be able to find any resources on how to remedy the The specified alg value is not allowed error. Any assistance would be appreciated! :)
I ran into same problem when the JWT token was created in my spring boot auth service but resource service was a flask micro service. I tried the following steps to sort it out,
I pasted the token in jwt.io Debugger.
On the right hand side I found the decoded header where the alg value was the following,
{
"alg": "HS512"
}
I put the alg in the app config in the flask resource server as follows,
app.config['JWT_ALGORITHM'] = 'HS512'
After that the error message was gone and I was able to parse information from the decoded token. So you need to find the algorithm by which the token was generated and set the appropriate algorithm in the flask app.config.
This can happen if the token was created using a different algorithm then app.config['JWT_ALGORITHM']
Using the Postman tool, I'm trying to query a Couchbase bucket. I'm getting an error response 1065 that there is an "unrecognized parameter in request". The query will work fine within the Couchbase workbench, but I need to be able to do this from Postman.
I'm making a POST request with this body:
{
"statement" : "SELECT * from `myBucketName` where id = "aaaaaaaa-bbbb-cccc-dddd-eeeeeeeeeeee""
}
There error message is:
"msg": "Unrecognized parameter in request: {\n\"statement\" : \"SELECT from `myBuckeyName` where _id "
I think this is just an issue with how my request body is formatted, I'm just new to this and not sure how it should be formatted based off the error I'm getting.
Here's how I did it:
Open Postman
Select POST
Use a URL of http://localhost:8093/query/service
Under "Authorization", use Basic Auth (with the username/password you've created for Couchbase)
Under "Body", select "x-www-form-urlencoded"
Add a KEY of statement and a value of your query
Click SEND
I got a 200 OK response with the results of the query. Screenshot:
You should definitely check out the Couchbase REST API documentation. It uses curl instead of Postman, but that's a translation you'll eventually get used to.
For reference: I am using the latest Facebook IOS SDK v4 and the latest Parse v1.7.4 and ParseFacebookUtilsV4 SDK.
So I am using PFFacebookUtils loginInBackgroundWithReadPermissions:block: method to have the user login with Facebook credentials and create a PFUser with those credentials.
And then proceeded to make a facebook graph request with FBSDKGraphRequest which from what i read, assumes a valid token has been set (there is no passing of a token parameter to it).
But the facebook graph request failed, and in tracing the issue, I noticed that the "access token" is never set by the loginInBackgroudnWithReadPermissions method. What this method only does is to create a PFUser and a Session instance in Parse, and store there the session token string, but it does not set the currentAccessToken . When I do a [[FBSDKAccessToken currentAccessToken] tokenString] call within the block, I get (null). But if I read the "token string" from the PFSession class I get the "token string" store in the Session class instance in Parse.
See the code below:
- (IBAction)fbLoginAction:(id)sender {
// Set permissions required from the facebook user account
NSArray *permissionsArray = #[ #"email", #"user_friends"];
// Login PFUser using Facebook
[PFFacebookUtils logInInBackgroundWithReadPermissions:permissionsArray block:^(PFUser *user, NSError *error) {
if (!user) {
NSLog(#"Uh oh. The user cancelled the Facebook login.");
} else if (user.isNew) {
NSLog(#"User signed up and logged in through Facebook!");
// Check if the current token has been set
NSLog(#"self.myCurrentToken string = %#", [[FBSDKAccessToken currentAccessToken] tokenString]); // returns (null)
// Get the token string from the PFSession
[PFSession getCurrentSessionInBackgroundWithBlock:^(PFSession *session, NSError *error) {
NSString *tokenString = session.sessionToken;
NSLog(#"Session token = %#", tokenString);
}];
}
And here is the debug console output
So I am not sure what is happening.
IF the PFSession token is set to something shouldn't the FBSDKAccessToken currentAccessToken not be returning this same PFsession token?
And if I were to set the accessToken manually, how can I convert the tokenstring that is stored in Parse to an FBSDKAccessToken instance? There seems to be no method to do this?
thanks
This is happening because you need to add the following code to the bottom of AppDelegate didFinishLaunchingWithOptions :
return [[FBSDKApplicationDelegate sharedInstance] application:application
didFinishLaunchingWithOptions:launchOptions];
By adding the code, your currentAccessToken will no longer be nil and you can make requests to FB right away.
FYI, I was able to discover the acccessToken was nil because I got the following error every time I tried to use FBSDKGraphRequest. So if anyone else gets the error below, make sure your accessToken is not nil even after you log in!
{"error":{"message":"An active access token must be used to query information about the current user.","type":"OAuthException","code":2500}}
#jhk:
Yes. I got an explanation from Facebook support. Login in through Parse is a two step process. First step, is the authorization step, where the user authenticates with Facebook. It switches to Facebook app, and the app receives Facebook access token when it completes successfully. And the second step is , the app authenticates with Parse (i.e your app) using the Facebook token. If it matches existing user/session, you are logged in successfully. However, I was deleting the PFSession manually from the parse backend, while testing every single time I tried to login, so that invalidated the session stored in the backend, and after the 1st step, when the app gets authorized and gets the accesstoken, the system realizes that the local session doesn't match the parsed stored session and invalidated the accesstoken, it sets it to nil. That is why I am seeing the token being set to nil.
I am trying to use soap-ui 5.0.0. to make a call to web service using spnego-kerberos authentication.
I have followed:
http://www.soapui.org/SOAP-and-WSDL/spnego-kerberos-authentication.html
My login.conf:
com.sun.security.jgss.login {
com.sun.security.auth.module.Krb5LoginModule required
client=true;
};
com.sun.security.jgss.initiate {
com.sun.security.auth.module.Krb5LoginModule required
debug=true
useTicketCache=true
useKeyTab=true
keyTab="C:\\kerberos\\testuser.keytab"
principal=testuser#XX1.AD.XX.COM
doNotPrompt=true;
};
com.sun.security.jgss.accept {
com.sun.security.auth.module.Krb5LoginModule required
client=true
useTicketCache=true;
};
However, when I make the call I get the following error:
ERROR:java.lang.SecurityException: Configuration Error:
Line 11: expected [option key], found [null]
This seems to point to line 11 in login.conf:
keyTab="C:\\kerberos\\testuser.keytab"
ISSUE:
This is caused by line principal=testuser#XX1.AD.XX.COM.
It does not like the #XX1.AD.XX.COM, with principal=testuser, it proceeds further and but now I get authentication 401 error instead.
Please advise.
Thanks,
B.
Wrap the principal value with double quotes as for the keyTab.
principal="testuser#XX1.AD.XX.COM"
And it will work as desired.
Cheers,
Piotr