For an html type google gadget with module pref:
<Require feature="osapi" />
initially defined in file gadget1.xml, it will properly execute RPCs. However, if you remove it from your calendar, change its filename to gadget2.xml and then add gadget2.xml to your calendar, you'll get 401 errors with description:
Malformed security token e=AEY54zciGYGPUeNVsaxlD19nATK4jqm6LqusewGP%2FFg4ILfkGu5bSh3ThxITog%2B3m6FVSy2HsVToSyQGDzXQxBgpM5LF%2F%2BRaw2FOswxfdpgm7GgK0zpGyC9BRI1KCsURqZM0%2F%2FYLhnEN&c=calendar
com.google.gadgets.auth.AuthTokenException: com.google.gadgets.gaia.GaiaConverterException:
Request for GaiaClientConst::INVALID_USERID
The RPC call doesn't require any additional authorization beyond Google Calendar's default Add Gadget dialog and this problem occurs even when any prior authorizations have been removed via https://myaccount.google.com/security#connectedapps. What does user ID refer to and how to change it?
Related
We are using Drive Picker widget to select files in user's Drive.
The app is configured to run as user.
The app works properly when running at https://scripts.google.com/... URL; if we embed the app in a New Google Sites instance (google.com URL), the drive picker shows an empty, white dialog only.
We have some errors in Chrome's Console:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://docs.google.com') does not match the recipient window's origin [...]
Invalid 'X-Frame-Options' header encountered when loading [...] 'ALLOW-FROM https://script.google.com' is not a recognized directive. The header will be ignored.
Uncaught Error: Incorrect origin value. Please set it to - (window.location.protocol + '//' + window.location.host) of the top-most page at new JJ (13808338-picker_modularized_opc.js:975) at _createPicker (13808338-picker_modularized_opc.js:977) at HTMLDocument.
Firefox says
Load denied by X-Frame-Options: https://script.google.com/ does not permit framing by https://sites.google.com/s/[...]/edit?authuser=0.
We cannot find any clue about restrictions and limitations in Drive Picker's docs.
Thank you.
I run App Maker on my bare domain and have picker widget working.
In App Settings: Check Allow embedding app
In Drive Picker's onPickerInit: pickerBuilder.setOrigin("https://example.com/");
I'm trying to setup my Google Identity Toolkit so users can reset their passwords. I'm following the documentation here: https://developers.google.com/identity/toolkit/web/required-endpoints#send_email_url
I'm using the PHP Gitkit Client outlined here: https://github.com/google/identity-toolkit-php-client/blob/master/src/GitkitClient.php
Specifically the function getOobResults() on line 307 seems to be unhappy for some reason. Here's where I'm at:
User sets up account and logs in successfully
User then logs out and starts to log back in, enters email in and clicks "Forgot password"
reCaptcha is shown, click check box and then hit continue
At this point my 'Send Email URL' endpoint (gitkitEmail.php) is successfully called and the following POST is set to it (dropping the full '&response' param since it goes on for a while):
action=resetPassword&email=xodfebefa%40nada.ltd&challenge&response=03ACgFB9tGlNt2KAGhrVY....
I then take that string and parse it using parse_str(); since getOobResults() is looking for an array. However, response I get back is always:
{
"response_body": {
"error": "CAPTCHA_CHECK_FAILED"
}
}
I searched around but can't find any details on this error. Any help would be appreciated. I don't have a reCaptcha setup anywhere on my site, unsure if this is expecting me to do that and that's why it's failing? Also, I did bump all my code to a production environment and got the same error there as I did on my localhost.
I tried to send the example request in the guide on Custom Route Extension API with my app_id and app_code inserted, shown below. I sent it by entering it in my google chrome browser.
http://cre.cit.api.here.com/2/overlays/upload.json?map_name=OVERLAYBLOCKROAD&overlay_spec=[{"op":"override","shape":[[50.10765,8.68774],[50.10914,8.68771]],"layer":"LINK_ATTRIBUTE_FCN","data":{"VEHICLE_TYPES":"0"}}]&storage=readonly&app_id={YOUR_APP_ID}&app_code={YOUR_APP_CODE}
Indented for readability:
http://cre.cit.api.here.com/2/overlays/upload.json?
map_name=OVERLAYBLOCKROAD&
overlay_spec=[{"op":"override",
"shape":[[50.10765,8.68774],
[50.10914,8.68771]],
"layer":"LINK_ATTRIBUTE_FCN",
"data":{"VEHICLE_TYPES":"0"}}]&
storage=readonly&
app_id={YOUR_APP_ID}&
app_code={YOUR_APP_CODE}
But I get this fault code:
{"faultCode":"s8c73866c-b4a0-4078-90b7-b4d7529c947d",
"responseCode": "403",
"message":"Feature level access has been denied"}
Is Custom Route Extension API not available for trial users?
On their website under "pricing" you will see that custom route extension is indeed a paid feature.
https://developer.here.com/plans#advanced_features
I have a PL/SQL application which has a log out button with following code being executed when log out button is clicked:
-- Open the HTTP header
owa_util.mime_header('text/html', FALSE, NULL);
-- Send a cookie to logout
owa_cookie.send('WDB_GATEWAY_LOGOUT', 'YES', path=>'/');
-- Close the HTTP header
owa_util.http_header_close;
-- Generate the page
htp.p('You have been logged off from the WEBSITE');
htp.p('click here to log in');
htp.p('<BR>bye');
It works perfect when using internet explorer, however when I use mozzila when I log back in I am still logged in as previous user. Has anyone else been in this situation? How can I make this work for mozilla as well?
I got this code from oracle documentation page:
https://docs.oracle.com/cd/B13789_01/server.101/b12303/secure.htm
Thanks in advance!
I've found it best to set and unset your own session cookie. Then use owa_custom to verify the cookie.
In the dad.config file add:
PlsqlAuthenticationMode CustomOwa
Then create a package in your schema: called owa_custom and add one function inside: owa_custom.authorize
owa_custom.authorize will be called before each web invocation. You can check your session cookie and if you want to allow the web call return true. To block, return false and the user will get a 403 forbidden.
Then if you like you can write a custom 403 forbidden page and redirect to your login page.
Just know that in 12C, mod_plsql is going away and you'll need to use the Oracle Rest Listener. The same functionality exists there. Things just have different names.
I'm trying to display a KMZ file which resides in a folder that is password protected and has a port different from 80. It looks like this:
http://localhost:8080/assets/data/3641
That will return a KMZ file with the valid MIME type, and I can save and open it in Google Earth if I access this link in the browser.
Google Earth's API has the following methods for displaying KMZ/KML:
KmlNetworkLink - you provide the URL of the KMZ/KML and then attach this object to the GE instance
parseKml() - you provide it a KML string, it gives you back a KmlFeature to attach
fetchKml() - you provide it a URL to a KML/KMZ, it attaches it for you
Another handy method is displayKml() from the Google Earth API Utility library, which uses fetchKml()
fetchKml()
My first attempt was to use fetchKml, but this gives no response - it fails silently. I'm surprised this is considered normal behaviour by the plugin (why doesn't it throw an exception, or provide a second callback to handle errors?). This method works fine if I provide it a sample kmz in the form:
http://localhost/somefile.kmz
I believe the issue is the fact that my first URL is password protected - it will redirect to a login screen if no login session is present, and I suspect that the Google Earth plugin doesn't share the same browser session as the browser - so it runs into a login screen and fails because it receives an HTML file instead of a KMZ/KML.
parseKml()
Pressing on undeterred, I made another API method to unzip the KMZ on the server side and return the KML string:
http://localhost:8080/assets/data/unzip/3641
The beauty of this method is that I write my own JavaScript to perform the GET request - it doesn't go through Google Earth, so the login session I have opened is used and the KMZ can be downloaded. The downfall is that KMZs can contain images and music which the KML file can reference. These can't be passed along with the KML string as far as the documentation is concerned.
KmlNetworkLink
My last attempt was to use KmlNetworkLink and KmlLink. This has the same effect as fetchKml - nothing happens.
UPDATE: Also, it will fail when using "https" without a valid certificate.
Yes the issue is that URL is password protected. You can get fetchKml() to give some indication of the error if you use it like so:
google.earth.fetchKml(ge, 'http://localhost:8080/assets/data/3641
', finishFetchKml);
function finishFetchKml(kmlObject) {
// check if the KML was fetched properly
if (kmlObject) {
// add the fetched KML to Earth
currentKmlObject = kmlObject;
} else {
// setTimeout prevents a deadlock in some browsers
setTimeout(function() {
alert('Bad or null KML.');
}, 0);
}
}
Kml is designed to be a free open format - if you wish to use it privately on a secure system then you should look at using the enterprise version of the Google Earth Plugin.