We started noticing we have two SignInMessages with the exact same id when authenticating using IdentityServer 3. Checking the code, I believe this happens because one gets created on method "CreateSignInRequest" when authenticating, and also here after identityServer3 calls "AuthenticateLocalAsync", if "IsPartialSignIn" is set to false, like in our case, then this line is executed "signInMessageCookie.Clear(signInMessageId);". This clear method, actually does a Cookie.Append, this is (I believe) why we have two SignInCookies.
Has anyone seeing something like this? If so, were you able to figure out how to make it 1. It's not a big deal, but would prefer to keep the headers smaller.
Related
I was playing with Postman Flows, and I was trying to learn by using the Trello API. All requests work on their own if executed manually. I've also debugged values using the terminal to understand where the problem lies. Before that, here's a summary of what I'm doing.
Get all boards for a given trello workspace
For each board, delete that board.
The complete flow looks like this:
I've checked that on the last block Send Request, the looped value of /variable/id outputs the proper board id. I've done this by checking with a terminal block and a string block. I started suspecting that this is caused by a failure of Postman to understand that the variable I'm trying to use is a path variable and not a query parameter. As such I tried to pass a static value to the Send Request and it 404'ed as well (tech aside: in theory for n ids it should give me one 200 and n-1 404s since the variable is static and the board would not be able to be deleted multiple times).
My suspicion comes from the fact that when configuring the block for this request:
You do not get prompted to add the board variable. I've tried to type it in anyway, and even use combinations like :board, with no avail. In fact like I said above, if I use these variables with static values, it still 404s.
ignore the parsing message on the right hand side...
As you can see, board doesn't show up. Did I end up hitting a bug, or is this user error? One thing I do not know how to do, but would help clarify that the issue is that a null value is being passed on to the DELETE would be to output the request itself. On a terminal block I can only see the response.
Thanks in advance.
UPDATE:
After checking the Postman console on the app, I've noticed that in fact the path variable being used is whatever is set on the collection request. It's like it takes the URL as a static field and disregards the path variables. Any thoughts?
Path variables won't be available in your Send Request. Instead, define your path variable with an environment/collection/global variable (i.e. {{board}}) in the value of the path variable. Then it will show up the relevant block of your flow.
I'm making a website right now and need to use django-tracking2 for analytics. Everything works but I would like to allow users to opt out and I haven't seen any options for that. I was thinking modifying the middleware portion may work but honestly, I don't know how to go about that yet since I haven't written middleware before.
I tried writing a script to check a cookie called no_track and if it wasn't set, I would set it to false for default tracking and if they reject, it sets no_track to True but I had no idea where to implement it (other than the middle ware, when I tried that the server told me to contact the administrator). I was thinking maybe I could use signals to prevent the user being tracked but then that would slow down the webpage since it would have to deal with preventing a new Visitor instance on each page (because it would likely keep making new instances since it would seem like a new user). Could I subclass the Visitor class and modify __init__ to do a check for the cookie and either let it save or don't.
Thanks for any answers, if I find a solution I'll edit the post or post and accept the answer just in case someone else needs this.
I made a function in my tools file (holds all functions used throughout the project to make my life easier) to get and set a session key. Inside the VisitorTrackingMiddleware I used the function _should_track() and placed a check that looks for the session key (after _should_track() checks that sessions is installed and before all other checks), with the check_session() function in my tools file, if it doesn't exist, the function creates it with the default of True (Track the user until they accept or reject) and returns an HttpResponse (left over from trying the cookie method).
When I used the cookie method, the firefox console said the cookie will expire so I just switched to sessions another reason is that django-tracking2 runs on it.
It seems to work very well and it didn't have a very large impact on load times, every time a request is made, that function runs and my debug tells me if it's tracking me or not and all the buttons work through AJAX. I want to run some tests to see if this does indeed work and if so, maybe I'll submit a pull request to django-tracking2 just in case someone else wants to use it.
A Big advantage to this is that you can allow users to change their minds if they want or you can reprompt at user sign up depending on if they accepted or not. with the way check_session() is set up, I can use it in template tags and class methods as well.
I'm looking for a way how to deal with a following problem:
Imagine you modify a resource and that subsequently causes update of other resources.
E.g. you issue a PUT to, say /api/orders/1234, which by definition changes state of all other Orders of given user. There may be UI clients that display the table of Orders and they should know that not only single item in the table was updated, but eventually other as well.
Now, is there any standard way how inform a clients about such a situation?
So far I can only think of sending back the 205 Reset Content HTTP status code to inform the client that he should refresh the state, as not just a single thing was changed.
There are multiple solutions.
You can define specific resources as non-cacheable, so the client does not cache them at all. (no-store)
You can try giving a max-age of 0, so the client will have to re-validate those resources always. In this case you might have to implement ETags and conditional GETs, but it will be easier on the server than option 1.
Some push method like WebSockets.
If you really want to "notify" potentially multiple clients of a change, then it sounds like you would need option 3.
However, correctly configured caching is normally good enough. For example you could mark not-yet-executed orders as not cached (max-age=0), but as soon as it is executed, you might mark it to be cached indefinitely, since it can not change anymore.
I have a function inside another function that is supposedly getting called, according to my expect(Parse.User.Login).toHaveBeenCalled() line, but there are some console statements inside the callback to that which aren't showing up.
Is there some type of dependency I'm missing on my unit test causing the callback not to have called? I think it is getting to the server, because it tells me I need a Parse.initialize with the application keys if that's not present.
How do I resolve it?
It just occurred to me, maybe that's something in Parse.js telling me I need the Parse.initialize(keys,keys). I changed the parse keys to nonsense, and its not telling me they're wrong, so it must be that parse isn't being touched at all. No request is being sent to the server.
I've been putting up a few questions about this, but now I guess this can't be done with Karma-jasmine -- at least the way the app is set up right now. It's depending on a web service to give the errors, instead of having an angular directive set up up front to detect the errors in the fields beforehand.
I'm a newbie at this obviously, or I would have recognized this sooner:
This type of testing, where you are depending on responses from the server and that's that, should be delegated to E2E tests.
Meaning, here what am I supposed to test that wouldn't be just hardcoding the desired response right into the jasmine Spy? What would that do to just set the rootScope to a user attribute? Maybe, if state.go changed the view to another page, and then acted on the $rootScope data, this would make sense. But for now, there's no point. I'm not designing the next step, nor do I know what it is at the moment, so I can only sit back.
I am writing a provider hosted SharePoint 2013 application. I'm using SharePoint online.
Since the people picker isn't supported in this scenario, I need to build my own. I found the SearchPrincipals method. That seems like exactly what I'm looking for, but no matter what I try, the method is returning with 0 results.
What little information I've found around this method suggests that the problem is usually a permissions issue, but the user that I'm logged in as is a Site Collection Administrator (ClientContext.Web.CurrentUser.IsSiteAdmin is true), so that shouldn't be the case with me.
I've tried passing in virtually every combination of PrincipalType and PrincipalSource, even ones that didn't make sense. I've also tried passing in ClientContext.Web.SiteUsers for the scope, and also null, both of which I've seen used in my searches, and that didn't turn up any results either.
Any help would be appreciated!
I figured it out. The ClientContext of the CSOM (Client Side Object Model) allows the developer to make multiple --unrelated -- queries. It queues up these queries and does not execute them until ExecuteQuery is called. Even though SearchPrincipals is a static method off of the Utility class, it still translates the method call into a query and queues it up. The method will always return an empty collection, but once you call ExecuteQuery on the ClientContext, that collection is then filled with the results of the search.
Also, another problem that I ran into immediately afterwards was that I was getting an error that seemed completely unrelated to my query when I called ExecuteQuery. It turns out that there was code that previously executed that queued up some queries, but it never executed them, so when I called ExecuteQuery, it executed those queries as well, and one of those was erroring. If you are getting an unexpected error, it's a good idea to see if there are other queued queries that haven't been executed yet. You can check the boolean property HasPendingRequest to help determine this.
Hopefully this answer saves other people a lot of time!