I have a problem with telegram webhooks: it don't send me any HTTPS POST info.
Telegram Bot API's setWebhook method answer is positive:
{
ok: true,
result: true,
description: "Webhook was set"
}
My doPost method doesn't depend of any POST params, but it not called when i send some messages to my bot.
When i execute this servlet via RestClient chrome extension, all works fine.
I read about possible problems in certificates SSL, but I think that should be ok with openshift.
Any ideas?
In a case of Openshift you can do just simple setup Webhook with passing only URL, but not a certificate. Openshift has a certificate already on a host, so you do not need to generate it by yourself and pass. Moreover, webhook won't work at all with your certificate in case of Openshift.
Related
As per my API testing, I had to first login to two ssh hosts through terminal(mac machine) then we use curl command for requests. I am asked to automate this using RestAssured.
To login hosts, I have used jcraft.jsch.JSch java library which i am able to access to hosts successfully but after this when I use below rest assured code, I am getting error "Connection refused"
Response response = RestAssured.given().header(<header>).body(<payload>).relaxedHTTPSValidation().when().post(<url>);
Is there any way to connect ssh hosts through Rest Assured framework or any other solution ? Please help.
i'm trying to integrate java application with azure ad .
i have registered an app in azure and added redirect url's , after successful login , it was redirected to my java application where i am fetching authorization code using msal library.
Getting the below exception
com.microsoft.aad.msal4j.MsalServiceException: AADSTS500112: The reply address
'http://testUrl' does not match the reply address 'https://testUrl
the only difference i see in the above url's is http and https, even though i mentioned https in both redirect url in the app registrations as well as redirect_uri in the microsoft login url.
btw, it was working with my local environment, not working when i hosted it on the server .
We had the same issue after it was deployed in production environment. The reason the https became http is since I was in a load-balanced environment, the outside URL differed from the inside URL (The load balancers off-loaded the SSL processing). When the http request from azure reached our web filter, the httpRequest.getRequestURL().toString() get the http instead of https. What we did is, ask devops team to add a header in httprequest with the original url sent to load balancer, and in our code, we extract the http header instead of the http request itself.
Specifically, change
String currentUri = httpRequest.getRequestURL().toString();
to
String currentUri = httpRequest.req.getHeader(HEADER_PROXY_URL);
The HEADER_PROXY_URL is the header name that devops inject the original url.
According to my research, the redirect URL for web apps and services must begin with the scheme https. If you want to use the scheme http, you just can use http:\\localhost. For more details, please refer to https://learn.microsoft.com/en-us/azure/active-directory/develop/azure-ad-endpoint-comparison#restrictions-on-redirect-urls
I have a front end application in digitalOcean with domain name testDO. This domain has SSL certificate. So all request origin are from https://testDO.com.
I have a backend server sitting in AWS created by deploying war file into beanstalk. It has the name testAWS.us-east-2.elasticbeanstalk.com
When I call API directly from the url for example http://testAWS.us-west-2.elasticbeanstalk.com/myAPI/getName it works. When I call the same API from my front end I get blocked:mixed-content. Is this because its http and not https? what is the workaround?
Yes this is because, your HTTPS site tries to access content through HTTP which is blocked by the browser. You need to either both HTTPS or proxy the request at frontend server and terminate SSL there and forward it to your API Server in Beanstalk.
Note: Since the frontend and backend are in two different environments it will be preferred to use both HTTPS than the proxy approach for security.
You can create a CloudFront Distribution and take it with https to http. You also need to enable CORS in your response to access cross origin domain requests.
Client --> CloudFront --> Your http API (Response with CORS).
Hope it helps.
You need to setup your AWS Elastic Beanstalk environment with your domain or you can use HTTPS with a self-signed certificate for development and testing purposes.
You can use upload your front end in AWS S3, In AWS static webpage Endpoints are http, so you wan't get this mixed-content problem.
Reference:
https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/configuring-https.html
We have a Client Server Based Java Product, I need to integrate google OAuth in server dashboard where our client can sign in and allow access to gmail API. After that, server will use REFRESH TOKEN and ACCESS TOKEN to send Email reports to some emails Ids using client gmail Via Java Mail API.
We need to implement sign in only once and send mails forever i.e. Offline Access (Means REFRESH TOKEN is compulsory).
Our product is deployed as in premise as well as cloud based (At a time only one). Thus in client environment we can have private ip or public ip or public ip mapped to dns.
I know there are two way in which this can be done:
1) server side authentication
2) client side authentication
In Both cases you need public dns mapped REDIRECT URI ie a url where google will redirect the user after sign in. But in our case, we dont have
always a public domain mapped to client server machine. Also we cannot provide localhost in redirect uri as well.
SO
PROBLEM I: What should be used in place of REDIRECT_URI
PROBLEM II: We have many clients so should we use one application for each client or we should deploy a single application on cloud, where each client dashboard will be redirected while sign in and in response we will get token.
Any other alternatives for above problem will be appreciated.
Ok i got the architecture.
Google apps give the flexibility to add multiple java script origins and redirect uri's.
So we need to create only one app in developer console. For each client, we will add a authorized java script origin and redirect uri in google app online. And when sign in button will be pressed in client's server we will give redirect uri accoring to that client which is already added in google app. For private ip there is no solution, but localhost can be used with the restriction to sign in from browser on server system.
I'm simulating an HTTPS process with Google App Engine's URL fetch API. The process has 2 steps: first, a GET request will return an URL with URL-encoded session information and a cookie; and second, a POST with some payload to the returned URL.
I have used Firebug to capture the headers of the 2 requests, e.g User-agent, Keep-alive, Connection, Cookie. I used these same headers in my code (the cookie value is updated according to the response). Testing on my computer is successful but the code always fails at the POST step on Google's server. On my development box, the remote .NET app website replies to the POST request with a 200-OK with the information that I want, but on Google side, the remote .NET app website also give a 200-OK response but with a "Session timeout" message (which I don't want). So what have I missed?
Are you connectiong to the GAE applictation through appspot.com domain or a custom domain? SSL is supported only on appspot.com, so maybe this the reason?