Rails 6.0.0
Ruby 2.6.3
gem 'rspec-rails', '~> 3.8.2'
gem 'devise_token_auth', '~> 1.1.3' (Default setup)
Everything appears to be working fine with the exception of, my rspec request responses don't contain an access-token.
When inspect, I get
[1] pry> response.headers
=> {"X-Frame-Options"=>"SAMEORIGIN",
"X-XSS-Protection"=>"1; mode=block",
"X-Content-Type-Options"=>"nosniff",
"X-Download-Options"=>"noopen",
"X-Permitted-Cross-Domain-Policies"=>"none",
"Referrer-Policy"=>"strict-origin-when-cross-origin",
"Content-Type"=>"application/json; charset=utf-8",
"access-token"=>" ",
"token-type"=>"Bearer",
"client"=>"Vy7BgunZKjUcPq_Qe5IXRQ",
"expiry"=>" ",
"uid"=>"example1#example.com",
"ETag"=>"W/\"1ecd5da9ea592fde4b83f7ae6b6906ff\"",
"Cache-Control"=>"max-age=0, private, must-revalidate",
"X-Request-Id"=>"6cbc675a-f50c-4bf7-be0f-07ebf120285b",
"X-Runtime"=>"0.042266",
"Vary"=>"Origin",
"Content-Length"=>"28"}
Note, access-token header contains just a space (also expiry).
This is NOT the case in the development environment, all appears to be working as expected there. So, I feel like I'm missing something in my RSpec config or rails_helper.
A side-effect of this is, my API docs are just omitting the auth-token key (and expiry) when generated.
Any ideas?
Sample spec
# frozen_string_literal: true
require 'rails_helper'
RSpec.describe 'Api::V1::Clients', type: :request do
let(:user) { FactoryBot.create(:user) }
let(:client) { FactoryBot.create(:client) }
let(:headers) do
{
'Content-Type': 'application/json',
'Accept': 'application/json'
}
end
describe 'GET /api/v1/clients' do
before { client }
it 'returns a 200 status code', :dox do
get api_v1_clients_path, headers: headers.merge!(user.create_new_auth_token)
expect(response).to have_http_status(200)
end
end
end
Found it.
https://github.com/lynndylanhurley/devise_token_auth/blob/master/docs/conceptual.md#about-token-management
You don't get a new token in a response less than 5.seconds before the previous.
Related
I'm developing a Frontend using NextJS and Keycloak for auth-purpose. After adding Sentry, I'm facing this issue here, where the token endpoint of Keycloak is returning an error; So I can log in.
I've tried many things:
Change the web-origin config of Keycloak, which (obviously) doesn't change or solves the problem
Play with the Sentry client config, without success, because the denyUrls property still make the Sentry SDK send the sentry-trace into the request.
Now I don't have any more Idea, so I coming here for more help.
So after some investigations, I came across this tracingOrigins property that can be set using integrations like this:
integrations: [
new (Sentry.Integrations as any).BrowserTracing({
tracingOrigins: [
process.env.NEXT_PUBLIC_URL,
process.env.NEXT_PUBLIC_BACKEND_URL,
process.env.NEXT_PUBLIC_MATOMO_URL,
],
}),
],
This config is done inside the sentry.client.config.ts file. The downside is that, urls which are not included there, are simply not tracked.
Unfortunately, Keycloak has hardcoded list of allowed headers, so you can't configure Keycloak for sentry-trace header.
You can have some non ideal work arounds:
don't use sentry
compile own hacked Keycloak version, where you allow that header
add reverse proxy in front of Keycloak, which will add sentry-trace header to allowed headers
...
I've solved this issue on a nextJs application by adding the following header to the static sourcemap response.
'Access-Control-Allow-Headers' on next.config.js
const CONFIG = {
headers: () => [
{
source: "/_next/:path*",
headers: [
{ key: "Access-Control-Allow-Origin", value: SHOP_ORIGIN },
{ key: 'Access-Control-Allow-Headers', value: '*' },
],
},
],
}
I have a very simple request to make but it looks like HttpPoison isn't able to resolve this.
The request has attachments, so i'm using multipart/form-data content type.
When I send just the file, the request works fine, but I need to add some other props to my request and that's where the issue comes.
My request:
HTTPoison.post(
"path.com/api/anything",
{:multipart, [
{
:file,
"/path/file.xlsx",
{"form-data", [name: "file", filename: "file.xlsx"]}, []
},
{"taskName", "#{task.name}"},
{"taskLink", "#{task.link}"}
]},
)
I receive the file without problems but the taskName and taskLink never reach the server.
( I tried with postman and had no problems )
Some issues related to this:
https://elixirforum.com/t/httpoison-post-multipart-with-more-form-than-the-file/4222/4
https://github.com/edgurgel/httpoison/issues/237
We have a working example of the multipart list that we use to send zip files along with other attributes. Something equivalent to this might work for you.
[
{"id", to_string(order_id)},
{"file_size", to_string(file_size)},
{"attachment", file, {"form-data", [name: "file", filename: filename]},
[{"Content-Type", "application/zip"}]
}
]
I am working with the prometheus pushgateway library and am having trouble sending information to it. The examples use cURL which work well, but when I try to do the equivalent with AXIOS in my node program it throws an error.
I tried setting up an express server to send the same request to. I wanted to analyze the (REQ) and see how it was displayed. It was mangled by body parser and I am kind of lost.
cat <<EOF | curl --data-binary #- http://pushgateway.example.org:9091/metrics/job/some_job/instance/some_instance
# TYPE some_metric counter
some_metric{label="val1"} 42
# TYPE another_metric gauge
# HELP another_metric Just an example.
another_metric 2398.283
EOF
I have tried a few different things in axios, none of which have worked
- https://github.com/axios/axios#using-applicationx-www-form-urlencoded-format
request({
url: 'http://localhost:9091/metrics/job/interface_data',
method: 'POST',
body: 'datahere 10\n',
encoding: null
}, (error, response, body) => {
if (error) {
console.log(error)
} else {
console.log(response)
console.log('response, ', response.body)
}
})
Worked for me. The trick was encoding: null
This was working fine and suddenly stopped working. I'm not sure what exactly changed.
I need to download multiple images via URLs.
I'm using the following code:
https://plnkr.co/edit/nsxgwmNYUAVBRaXgDYys?p=preview
$http({
method:"GET",
url:"imageurl"
}).then(function(response){
saveAs(new Blob([response.data]), "image.jpg");
},function(err){
});
The files have different sizes, they are not 0 bytes.
For others coming here, check this solution.
What needed to be done was to add responseType: "blob" to the request:
$http({
method:"GET",
url:"imageurl",
responseType: "blob"
})
.then(...)
Here is the documentation for the responseType valid values, where it says the default is "" so the response is treated as text:
"": An empty responseType string is treated the same as "text", the default type (therefore, as a DOMString).
"blob:": The response is a Blob object containing the binary data.
Following code worked for me:
axios.get(`http://localhost:61078/api/values`, {
responseType: 'blob',
}).then(response => {
if (response) {
var FileSaver = require('file-saver');
FileSaver.saveAs(new Blob([response.data]), "image.png");
}
});
Whenever I call the below method (CoffeeScript) that is on the server I get "Scripts should use an informative User-Agent string with contact information, or they may be IP-blocked without notice" from Wikipedia. How do I include user-agent info in the call? Or does it grab this from Meteor Accounts (which I'm not using yet)? thank you for any help...
Meteor.methods
wpSearch: (queryStr) ->
result = Meteor.http.call "GET", "http://en.wikipedia.org/w/api.php",
params:
action: "query"
list: "search"
format: "json"
srwhat: "text"
srsearch: queryStr
To clarify the previous answer for future visitors, the syntax for Meteor.http.get is as follows:
result = Meteor.http.get("https://api.github.com/user", {
headers: {
"User-Agent": "Meteor/1.0"
},
params: {
access_token: accessToken
}
});
Note the curly braces around the headers option and the comma afterwards separating the headers and params options (it's a syntax error without these things). This is example is part of the EventedMind how-to to customize the loginButtons during the onCreateUser() callback.
Just set User-Agent in the headers parameter (see http://docs.meteor.com/#meteor_http)
Meteor.methods
wpSearch: (queryStr) ->
result = Meteor.http.call "GET", "http://en.wikipedia.org/w/api.php",
headers:
"User-Agent": "Meteor/1.0"
params:
action: "query"
list: "search"
format: "json"
srwhat: "text"
srsearch: queryStr