We are trying to use pretender.io to our application which developed in AngularJS, Spring and Hibernate konnectnow.com which hosted at amazon server.
Here are the steps I followed:
Signup at prerender.io and got token: cFeRZcsv3JnAftreuhMO
Checked documentation and understood that I need to install middleware and decided to use Spring one.
In web.xml added pom added as mentioned https://github.com/greengerong/prerender-java
Added !# to the URL in all the pages.
Restarted tomcat server.
Logged into pretender.io with login details and found that nothing getting crawl.
For testing purpose the url konnectnow.com/#!/planpage changed to konnectnow.com/?_escaped_fragment_=/planpage
Nothing comes up, got error page isn’t working.
Checked Crawl Stats at pretender.io and found that as:
Status Code: 505, Cache Hit: Miss, Response Time(sec): 1.51sec, URL:
http://localhost:8080/#!/planpage
Not sure why it takes local host.
Can some one help me how to make this work.
We recommend using html5 push state instead of the #! in your URLs if possible. Html5 push state is better since nothing after a # is sent to the server, which can lead to issues for the crawlers that are checked by their user agent (Facebook, Twitter, etc).
You should set the forwardedURLHeader in order to have the Prerender Java middleware use a different host for your website instead of your proxy URL.
https://github.com/greengerong/prerender-java#forwardedurlheader
I also see that you posted your prerender token publicly so we regenerated your token to prevent someone else from using it. Please find your new token when you log into your Prerender.io account. I've also emailed you there.
Related
We are developing a Java application that is supposed to show models from users store.
initially, I'm trying to allow users to login using their autodesk account, and check if they are entitled to access my app.
I couldn't find any good example to show how it is done, I just want to confirm that what I will be doing is the recommended thing or if there is better options.
First, on app start, I will show an embedded webbrowser that will open
"https://developer.api.autodesk.com/authentication/v1/authorize?response_type=code&client_id=XXX&redirect_uri=XXX&scope=XXX"
the app will get the url from our server (so not saved locally) and the call back is pointing to an api on our server. then as user login and consent, will get the code from the url, close the login dialog and continue to get the bearer token using plain rest apis to /authentication/v1/gettoken.
As I said, not 100% sure if this is approved way or not or even if it is doable or not. so thought to check before we implement it.
After that I will just use rest apis to browse and get the model.
any thoughts or complains ?
Thanks in advance
Rest assured that the workflow being proposed here is actually orthodoxical and well “approved” by our official tutorials:
https://forge.autodesk.com/en/docs/oauth/v2/tutorials/get-3-legged-token/
http://learnforge.autodesk.io/#/oauth/3legged/
Unfortunaly the code sample for that bit is in node and we are still working on a Java equilvalent
Some of our endpoints require 3-legged oauth to access personal data - see here for an example and you can always refer to the authentication context section of each endpoint for the oauth flow required.
Following this post: http://android-developers.blogspot.com/2016/01/play-games-permissions-are-changing-in.html I have obtained a single use authorization code for use on my backend server as follows:
import com.google.android.gms.games.Games;
//later
Games.GetServerAuthCodeResult result = Games.getGamesServerAuthCode(gameHelper.getApiClient(), server_client_id).await();
if (result.getStatus().isSuccess()) {
String authCode = result.getCode();
// Send code to server...
This seems to works fine, but it presents a question:
1) getGamesServerAuthCode and GetServerAuthCodeResult are marked as deprecated. Why? Should I be using something else instead?
2) How would I do something equivalent in an non-Android installed Java application? I am able to obtain a token on the client application, but I also need to obtain a single use code to pass to my backend server like above. I can't find an equivalent function to get a Server Auth Code. (using com.google.api.client.extensions.java6.auth.oauth2)
I am basically trying to follow this flow: https://developers.google.com/games/services/web/serverlogin but in Java, NOT Javascript. I am attempting to do this in an Android app and a desktop Java app.
1) Yes, in Android use GetServerAuthCodeResult although it is still marked as deprecated. It is the recommended way from Google and it seems they have only forgot to remove the deprecation annotation when releasing to general public.
2) For desktop applications you can follow the instructions here: https://developers.google.com/identity/protocols/OAuth2InstalledApp
Basically from your app you open the system browser (embedded webviews are discouraged) and make a https request to the https://accounts.google.com/o/oauth2/v2/auth endpoint. In the request you supply a local redirect URI parameter i.e. http://127.0.0.1:9004 (you should query your platform for the relevant loopback IP, and start a HTTP listener on a random available port). The authorization code will be sent to your local HTTP listener when the user has given consent or an error such as error=access_denied if the user declined the request. Your application must be listening on this local web server to retrieve the response with the authcode. You also have the option to redirect to a server URI directly claimed by your app, see docs on link above. When your app receives the authorization response, for best usability, it should respond with an HTML page, instructing the user to close the browser tab and return to your app. Also, if you want the Games-scope make sure you are using the https://www.googleapis.com/auth/games as scope in the request, example below, with line breaks and spaces for readability.
https://accounts.google.com/o/oauth2/v2/auth?
scope=https://www.googleapis.com/auth/games&
redirect_uri=http://127.0.0.1:9004&
response_type=code&
client_id=812741506391-h38jh0j4fv0ce1krdkiq0hfvt6n5amrf.apps.googleusercontent.com
Please note that I think you'll have to create and link an app of type other, in the Google Play Developer Console linked-app, for the localhost redirection to work. Use type Web if you plan to redirect to server URI directly, add your server URI to Authorized redirect URIs in the API Manager under section Credentials.
Browser screenshot:
There is finally a proper answer to part 1) of this question!
In the release notes of gms 10.2.0
https://developers.google.com/android/guides/releases#february_2017_-_v102
the new method of obtaining a server code is described. A good example of how to do this is provided here:
https://github.com/playgameservices/clientserverskeleton
I ended up updating Google's baseGameUtils to follow the example above.
Still not sure the proper way to do this for part 2) of the question, at the moment I am sending the token to the server which works but is probably unsafe.
I have started to write a webApp in Eclipse where ECMAScript6 on the client (testing mostly on chrome on Win7) communicates with the server side written in Java7 on Jetty+GAEplugin via xmlHttpRequest (1 get request, user edits data, 1 post requests ). if it gets more I will move to webSockets).
The client code does not know anything about logins and provides neither user name nor password because as I understand, the browser and the user handle that. On the server side I response with 401 if basic authentication is missing.
But when testing, the browser does not ask the user for any password and does not send a second request (FF the same effect). No errors. Chrome development console claims that my
response.addHeader("WWW-Authenticate","Basic realm=\"bus driver\"");
did not reach it.
A subset of my targeted user baser does not have a google account nor FB nor twitter. So OpenId nor OAuth are of no use for that subset. OAuth doc says: " The user signs in using her Google account, .." . Any way I try to search, directs me to ways to store user data, but I have problems with the communication between browser and servlet.
I have read that I should edit web.xml, but I cannot see how to plug my home-built authentication into that. Web.xml would be okay for me because there will be about 3 pages sharing the same (*3roles=9pages).
My software should be up to date. Oracle claims that I should stop using Java 7, but I cannot get local GAE to run on Java 8 ...
Just testing on FF and looking for stupid errors I may have made last night. FF claims: InvalidStateError: An aatempt was made to use an object that is not, or is no longer, usable. Hmm seems that there is at least something wrong with my XMLhttpRequest (it worked in chrome at least without authentication). I could test GET with authentication but without ECMAscript... Still my main question remains, where is the example with old school authentication on the new kid, the cloud?
Logcat is empty. I have seen the logs getting filled in TomCat or for Android. I may have to dig into this.
i have an application running on Tomcat 7.0.27 which is our organization network and second application which is running on Amazon Web services( which is nothing but Tomcat 7.0.42). The application that is running on amazon is inside the iframe of the first application. The application running on the Amazon is self contained i.e all the files that it needs resides inside of the same tomcat container and don't communicate with the first application.I see that entire site works fine in FireFox and chrome. But having problems in safari. In Safari the launch of the second application is Successful( which is nothing but a POST) but the subsequent Request( which is GET) fails. So in code what we are doing is that after the POST we are putting a Java Object in the session like this
SessionData result = new SessionData(request,oauthCredentials);
request.getSession().setAttribute(SESSION_ATTR_TC_DATA, result);
So after the POST the first request that come is GET, when this request come in we try to get the Java object that we put in the session like below.
SessionData result = (SessionData) request.getSession().getAttribute(SESSION_ATTR_TC_DATA);
request.setAttribute(SESSION_ATTR_TC_DATA, result);
But in Safari i see that the session id(JSESSIONID) in POST is different From that in GET and the soSessionData=null; I see that the Session Id is same in case of FIREFOX/CHROME.
I see that from a URL/IPAddress
http://one.roses.flowers.org/ #IpAddress=141.21.19.87
http://test-dev.elasticbeanstalk.com/ #IpAddress=64.261.831.97
I am not creating any sessions by writing the code. Tomcat is handling it.
But this Whole Thing work across all the browsers when the First tomcat/second tomcat running inside our organization Network. I see that from a URL/IPAddress
http://one.roses.flowers.org/ #IpAddress=141.21.19.87
http://five.oranges.flowers.org/ #IpAddress=141.21.19.88
Why would Safari behaves indifferently in this case?
What made it work in Safari is by turning off cookie restriction to accept from Third party. Same is true for the IE as well.The default setting is not to acccept 3rd party cookie. For FF/Chrome the default option is to accept 3rd party cookies.
I have used Webscarab tool to debug this issue.
The application that was inside of the iframe was on AmazonWebservices the URL pattern was totally different from the origination Site. so that made browser think that these calls are made from/to some external site. So based on the Browser cookie setting the browser severed up the Application inside of the iframe.
Also, the 2 URL look like this to the browser.
http://one.roses.flowers.org/
http://test-dev.elasticbeanstalk.com/
We added the Alias/cname to the project on the AmazonWebservice(AWS) server in the higher environment(QA/PROD) something shown below. By adding alias to the url browser don't consider the URL coming from 3rd party as both has same domain name. Now the solution is independent of the browser cookie settings.
http://test-dev.elasticbeanstalk.com/ ---> http://aws.newsite.flowers.org
I get the following error from following piece of code. I am trying to login to Google sites service through GAE apps.
"The page you requested is invalid. "
String authenticationUrl = userService.isUserLoggedIn()
? userService.createLogoutURL(MainServlet.MAIN_URL)
: userService.createLoginURL(MainServlet.MAIN_URL+"?close=1");
googleData.setAuthenticationUrl(authenticationUrl);
The complete url for login
https://www.google.com/a/example.com/ServiceLogin?service=ah&passive=true&continue=http://myapp.appspot.com/_ah/login?continue=http://myapp.appspot.com/main%3Fclose%3D1<mpl=ga&ahname=Myapp+Google+Sites&sig=7cbc9f7c9e6ca443ed49f7ce9465e775
I think that you may have misunderstood the use and purpose of createLoginURL. This method is intended to provide a URL that allows someone to log in to your application and your application alone. It does not provide a means to log in to other Google services such as Sites.
It is possible to have your application log on to and access Sites or any other secured web application, but Google AppEngine does not provide a canned means of doing so. You will need to write the code to do it yourself.
Generally, what will happen is that you will request a URL and the response will have an HTTP status code of 302 with the URL of the login page located in the Location header field. You would then send a request to that page which should come back with a 200 response and somewhere inside the body of the response would be a username and password field that you would need to provide and POST back. If the credentials were valid, the server might then return an authentication cookie which you would pass on each subsequent request.
If you are versed at all in Python, you can see an example of how this works in some code from my AppEngine MVC framework project. Look at this file:
http://code.google.com/p/gae-mvc-engine/source/browse/trunk/MVCTests.py and check out the ActiontestCase.run_action method. It handles making a request to an AppEngine application that requires authentication. It is not yet terribly-well commented -- and for that I aplogize -- but I hope that it will provide a useful example. If, indeed, I have understood the nature of your problem correctly.