We Keep Coding

Axios Authorization not working - VueJS + Django

I am trying to build an application using VueJS and Django. I am also using Graphene-Django library, as the project utilize GraphQL.
Now, The authentication works fine and i get a JWT Token back.
But when i use the token for other queries that need authentication, i got this error in Vue:
"Error decoding signature"
and the Django Log also returns this:
graphql.error.located_error.GraphQLLocatedError: Error decoding signature
jwt.exceptions.DecodeError: Not enough segments
ValueError: not enough values to unpack (expected 2, got 1)
the bizarre thing is that the same query when executed in Postman just works fine.
As i mentioned in the title is use Axios for my requests, here's an example of a request:
axios({
method: "POST",
headers: { Authorization: "JWT " + localStorage.getItem("token") },
data: {
query: `{
dailyAppoint (today: "${today}") {
id
dateTime
}
}`
}
});
Note: It uses 'JWT' not 'Bearer' because somehow 'Bearer' didn't work for me.

Ok, couple of questions, does you API work without Vue.js from curl. Generate token, check API from curl.
If it does, then check the Headers sent from the request, from Network Inspector, mozilla dev tools/chrome devtools. And update your Post with those RAW Headers.
This particular error arises when your public key is unable to decode the string[token] signed by your private key. Which ultimately means the access token has been tampered with. It could also mean you're sending values like 'unkown'-- JS state initialization error.
Check the RAW headers of the request. It'll help.

Use a request interceptor to set the Authorization header:
axios.interceptors.request.use(config => {
if (localStorage.getItem("token") != null)
config.headers["Authorization"] = "JWT " + localStorage.getItem("token");
return config;
});

Flask doesn't print to console (route)

There is already another post with the same question that has an answer, but it doesn't work for me. There is also no explanation given what causes the problem.
Flask version: 1.0.2., running locally.
Route:
#bp.route("/mailbox/get_mail_attachment", methods = ["GET"])
#token_auth.login_required
def get_mail_attachment():
print("it should print")
return error_response(400)
I'm getting back a response with status code 400, but the route doesn't print to the console (all other routes of my application do). It is the right route though, because if I change the url of the route I get back 404.
I guess it doesn't matter where the request comes from, but maybe I'm wrong: In my case it comes from an Angular application (version 5).
The request looks like this:
getAttachment(data) {
const url: string = `${this.BASE_URL}` + '/mailbox/get_mail_attachment';
const headers = new Headers({'Authorization': 'Bearer ' + localStorage.getItem('token')})
return this.http.get(url, {headers: headers, params: data, responseType: ResponseContentType.Blob})
}
I simplified code of the flask route, that's why it doesn't make any use of the request.args.

How To fire POST Request with params and token

I am new to API testing with jayway RestAssured.
my jmeter url : http://ip:8080/servelet?token=toekntext&methodname={jsontext}
above url is POST Request, i need to fire request in jayway RestAsseured.
url = http://ip:8080/servelet
Response r = given().contentType(CONTENT_TYPE).accept(CONTENT_ACCEPT).headers("user-agent", web).queryParam("token", tokentext).queryParam("methodname", jsonttext).expect().statusCode(200).when().post(url);
Is the above code correct to fire POST Request Here i am getting 500 internal server error, plz help me.

Yes that looks right given that it truly are query parameters that JMeter is sending. I suspect that it might not be since it's very unusual in my experience that include JSON (I assume jsontext is JSON) in the request path. Try switching from queryParam to formParam to see if it makes any difference.

Try restructuring your code,
FULL-URL - url/account?token=TOKEN&sync=TRUE, then you can try post request as below
given().
contentType(ContentType.JSON).body(payload).
queryParam("token", "TOKEN").
queryParam("sync", "TRUE").
when().post(url).then().
statusCode(200).extract().response();

Graph OAuthException 1500 : The url you supplied is invalid

As of today, almost all of my app's calls to share links on user's feeds are failing with the following error:
{
"message": "(#1500) The url you supplied is invalid",
"type": "OAuthException",
"code": 1500
}
Uisng PHP cURL, I'm posting to https://graph.facebook.com/{user_id}/feed and submitting a link parameter pointing to a valid, working URL (plus message params) etc.
Strangely, I can issue a command line cURL request and the request seems to work correctly (at least I haven't had an error yet).
I don't want to file a bug report yet incase I've missed something in a breaking migration. Any ideas as to what may be causing this?

http://developers.facebook.com/bugs/476666205677592
I have this problem too. it happened randomly. I'm sure the url I supplied is valid and can not reproduce it. So reported bug here..

Erro While FB Publish: {contents = "(#1500) The url you supplied is invalid"}
Solution:
1. Go to: https://www.facebook.com/
2. Click on Setting > manage app
3. Select "Edit App" button
4. Select "Permission" under the "Setting" panel at left side
5. Make Auth Token Parameter: To "URI Fragment(#access_token=…)"
6. Click "Save Changes" button.
Its fixed now!!!

The solution for me was:
1) I uploaded photo to my facebook user account
$fb->setFileUploadSupport(true);
$fb->setAccessToken('access token of my user (just to post an image)');
var_dump($fb->api('/me/photos', 'POST', ['image' =>'#F:\\fb\\fb_2.jpg','msg' =>'sss']));
2) After that set access for this picture to "For everyone" on my facebook page.
3) Then took var_dumped id to url https://www.facebook.com/photo.php?fbid={var_dumped id}
4) For every user, authorized my app, the following code started work normally $fb->api('/' . $fbuserid . '/feed', 'POST', [ 'link' => 'https://www.facebook.com/photo.php?fbid={var_dumped id}', 'message' => 'my post', 'type'=>'photo']);

Do all 404 pages share something in common?/Are 404 page distinguishable from regular pages?

Say I am running stumbleupon.com and users can submit sites to be added into the db of sites. Is there a way that I can write a program to see whether or not the site that was added by the user is actually a real website? Or if it bring me to a 404 that I can say "welp, that was some bugus" or maybe that the user made an error when submitting the url? Or do i need to put people on my payroll to see if the user submitted website bring me to a 404?

The response code from the request is a 404 not found, instead of a 200 success message that you get on a good response from the server. You can easily automate the check.

Since I don't know much about python, I offer a client side solution.
You could check if the URL is legit as soon as the user submits the page. Maybe throw up a 'verifying url' message or something.
Using this method you could make a cross domain call to see if that site is really there. Then you could pop up a message that asks them to fix their mistake or allow the URL to be submitted. This solution uses Yahoo as a proxy, but as you can see by my super simple function below it does work.
function doAjaxCheck(url){
// if the URL starts with http
if(url.match('^http')){
//add a 'loading message here, or something'
// assemble the YQL call
$.getJSON("http://query.yahooapis.com/v1/public/yql?"+
"q=select%20*%20from%20html%20where%20url%3D%22"+
encodeURIComponent(url)+
"%22&format=xml'&callback=?",
function(data){
if(data.results[0]){
alert('it is OK');
} else {
alert('not OK');
}
}
);
} else {
$.ajax({
url: url,
timeout:5000,
success: function(data){
alert('it is OK');
},
error: function(req,error){
if(error === 'error'){error = req.statusText;}
alert('not OK : ' + error );
}
});
}
}
However, all this being said, I would go with a server-side check for reliability-sake.