I'm working with WSO2 am and I'm customising a subscription workflow to send an email at the user who are subscribing.
But to send an email, I should get the subscriber's email.
When I call the method to get this email (subs.getEmail()), I have nothing :
Subscriber subs = apiMgtDAO.getSubscriber(username);
System.out.println(subs.getEmail());
So, I watch in the WSO2_AM database, in the table AM_SUBSCRIBER and I discover that a column for email exit but it's empty for all my users.
TENANT_ID | EMAIL_ADDRESS | DATE_SUBSCRIBED
-1234 | | 2015-03-17 14:49:24.028
-1234 | | 2015-03-20 12:33:01.084
-1234 | | 2015-03-27 16:56:23.264
-1234 | | 2015-03-27 17:04:41.459
-1234 | | 2015-04-02 14:19:46.889
it's the good way to get the user email ? It's a bug ?
If someone can help me to get the user email in a custom workflow, will be really good.
Thanks a lot
all the details of that user will be stored as user profile(which is a feature of IS used in apimanger). So by admin service call you can get the user profile of a particular user and from there you can get the email address of that user.
here[1] you can find a sample User profile management service client.
1 .https://svn.wso2.org/repos/wso2/carbon/platform/trunk/platform-integration/test-automation-framework/org.wso2.carbon.automation.api/src/main/java/org/wso2/carbon/automation/api/clients/identity/UserProfileMgtServiceClient.java
actually what they have done is, they have used the UserProfileMgtService in UserProfileMgtService.java. So you can write your own client for that service.It is an admin service with in apimager .You can find the wsdl of that service by following this doc[2]. 'https://:8280/services/UserProfileMgtService?wsdl' using that wsld create the stub and invoke the service as you want. you can find the endpoints in the url l.username and password will be the username and password of the supper admin of apimager.
2. docs.wso2.com/display/AM160/WSO2+Admin+Services
Related
I'm trying to create a user using Googles Directory API and a service account. However I'm getting the error
googleapiclient.errors.HttpError: <HttpError 403 when requesting https://admin.googleapis.com/admin/directory/v1/users?alt=json returned "Not Authorized to access this resource/api". Details: "Not Authorized to access this resource/api">
I've created a service account on the Google Console and allowed Domain wide delegation. It also says the Admin SDK API is enabled for my project. However I can't seem to create a user. The documentation is confusing me slightly. Here is my implementation
def create_googleuser(content, randpass):
''' This function creates a Google Apps account for a user passing webhook contents and password as arguments '''
# Get User info from Webhook and store them in variables
firstname = get_firstname(content)
secondname = get_secondname(content)
emailaddress = firstname + "." + secondname + "#example.com"
# Connect to google API
userscope = ['https://www.googleapis.com/auth/admin.directory.user']
service_account_credentials = ('serviceaccountcredentials.json')
credentials = service_account.Credentials.from_service_account_file(service_account_credentials, scopes=userscope)
userservice = googleapiclient.discovery.build('admin', 'directory_v1', credentials=credentials)
# Create a user dictionary with user details
userinfo = {"primaryEmail": emailaddress,"name":{"givenName":firstname,"familyName":secondname},"password":randpass}
print (emailaddress)
# Create user through googleAPI
userservice.users().insert(body = userinfo).execute()
I'm thinking that my implementation is wrong rather than the permissions as the serviceaccountcredentials.json should have the correct permissions. Any suggestions?
There are two possibilities for getting this error.
If the API method requires an impersonated user to be used.
If the impersonated user has not the relevant service enabled.
Solution for case 1:
Follow the documentation to impersonate a user account.
Solution for case 2:
In the Admin console, open user information and check that the user is not suspended.
Open the "Apps" panel and check that the relevant service is "On".
May be caused by a user not having a license which allows access to the service (Cloud Identity instead of Google Workspace), or a user being in an organizational unit which has the service disabled.
Also this link might be helpful.
Thanks for the input. You were both correct to a point. Basically there were two issues. The service account user needs to be delegated domain administrator privileges that require domain admin actions, domain wide delegation isn't enough. Also the domain scope needed to be broader in the Admin console and the scope definition within the code. There is github issue open which helped here:
https://github.com/googleapis/google-api-nodejs-client/issues/1884
My working code looks like this
def create_googleuser(content, randpass):
''' This function creates a Google Apps account for a user passing webhook contents and password as arguments '''
# Get User info from Webhook and store them in variables
username = get_username(content)
firstname = get_firstname(content)
secondname = get_secondname(content)
emailaddress = firstname + "." + secondname + "#example.com"
# Connect to google API
userscope = ['https://www.googleapis.com/auth/admin.directory.user', 'https://www.googleapis.com/auth/admin.directory.user.security']
service_account_credentials = ('serviceaccountcredentials.json')
credentials = service_account.Credentials.from_service_account_file(service_account_credentials, scopes=userscope)
delegated_credentials = credentials.with_subject('domain.admin#example.com')
userservice = googleapiclient.discovery.build('admin', 'directory_v1', credentials=delegated_credentials)
# Create a user dictionary with user details
userinfo = {"primaryEmail": emailaddress,"name":{"givenName":firstname,"familyName":secondname},"password":randpass}
# Create user through googleAPI
userservice.users().insert(body = userinfo).execute()
I have configured google provider via cognito user pool and I am able to login through google and get user information. And I have added many attributes on the attribute mapping page as shown in below screenshot.
The endpoint I am using to get user info is https://docs.aws.amazon.com/cognito/latest/developerguide/userinfo-endpoint.html.
The response data for user info is always:
data: {
identities: '[{"userId":"xxxx","providerName":"Google","providerType":"Google","issuer":null,"primary":true,"dateCreated":1587772412295}]',
email_verified: 'true',
email: 'xxxx#gmail.com',
username: 'Google_1xxxx'
}
Regardless how I update the attribute mappings, I always see above response. Why can't I get additional attributes like picture, given_name, birthday etc. Do I need to set any permission on google side?
In app client setting, I have below configuration:
In authorized scope, I have set: email openid profile
I am integrating Keycloak with Djnago
https://github.com/Peter-Slump/django-keycloak/issues
Keycloak Server
This is what my keycloak User Screen looks like
BUT when I log within django,
user.email is proper (whats present in keycloak)
user.username is getting set as ID from keycloak.
Is there a way to retain djnago username as keycloak username?
https://github.com/Peter-Slump/django-keycloak/issues/39
In general user.username is actually the username in keycloak, unless the framework you use has a custom mapping to change the values (most probably with sub value from token in your case). If it is the case, you can add a duplicate property in token to get username as follows:
Login to Keycloak Server with admin credentials
Go to Clients section and click on the application client you are working on
Select Mappers subsection in your client page
Click on Add Bultin, select username checkbox and Save the settings
After you have added the token, you use it to get the username. In case the name conflicts(when mapping of username shares same syntax as to get property username from token), add a custom mapper where you can rename the property name for same username value. Custom mapper should look something like:
i'm currently using the following api of FB Login integration in my Mobile Website : FB.api('/me', function(response){...} . In the resposnse i am only getting an id field and a name field. Is there any way where i can retrieve the actual email of the user who logs on to the site using FB Login pop up.
I read in the documentations about another URL /{id} , but it also returns only id and name.
Please suggest
To get the email of a user, you have to autorize the user with the email permission, and you have to add the field parameter to the API call:
FB.api('/me?fields=name,email', function(response){...}
or:
FB.api('/me', {fields: 'name,email'}, function(response){...}
Check out the changelog, about "Declarative Fields": https://developers.facebook.com/docs/apps/changelog#v2_4
I want to know is there any way to get user subscrition / unsubscrition to email campaign ?
Is it saved in one of databases/tables in MSSQL ?
If you use the approach with opting in and out being determined on the fact if user is in role, then it is stored in the aspnet_UsersInRoles table in your core database. This table does not keep the information when role was assigned to the user. That's why you cannot get information when user subscribed or unsubscribed to email campaign.
The only thing you can check is if user is in the role:
user.IsInRole(roleName)
The user's subscription is driven by the users role, but It is possible to get the users subscriptions in ECM, You just have to use the api.
You can get the contact from the email address:
string fullName = commonDomain + "\\" + Util.AddressToUserName(username);
var contact = Contact.FromName(fullName);
var subscriptions = contact.GetSubscriptions();
Once you have a contact you can call the GetSubscriptions() method which will return the recipient lists the user is signed up to. There are a host of other methods you can call on a contact and if there is a a way to get the date unsubscribed/subscribed it will be here.
If not reflect Sitecore.EmailCampaign.dll and keep looking! There might be some extra information in the automation states table in the Analytics database. More info on automation state here:
https://www.sitecore.net/learn/blogs/technical-blogs/sitecore-magnified/posts/2013/09/ecm-automation-states-magic.aspx
Also noticed there is a method GetUnsubscribersStatistics on the Sitecore.Modules.EmailCampaign.Core.Analytics.AnalyticsHelper class. This will have the date of unsubscription.