Develop Reference

Can't reset user's password in Google Identity Toolkit: "CAPTCHA_CHECK_FAILED"

I'm trying to setup my Google Identity Toolkit so users can reset their passwords. I'm following the documentation here: https://developers.google.com/identity/toolkit/web/required-endpoints#send_email_url
I'm using the PHP Gitkit Client outlined here: https://github.com/google/identity-toolkit-php-client/blob/master/src/GitkitClient.php
Specifically the function getOobResults() on line 307 seems to be unhappy for some reason. Here's where I'm at:
User sets up account and logs in successfully
User then logs out and starts to log back in, enters email in and clicks "Forgot password"
reCaptcha is shown, click check box and then hit continue
At this point my 'Send Email URL' endpoint (gitkitEmail.php) is successfully called and the following POST is set to it (dropping the full '&response' param since it goes on for a while):
action=resetPassword&email=xodfebefa%40nada.ltd&challenge&response=03ACgFB9tGlNt2KAGhrVY....
I then take that string and parse it using parse_str(); since getOobResults() is looking for an array. However, response I get back is always:
{
"response_body": {
"error": "CAPTCHA_CHECK_FAILED"
}
}
I searched around but can't find any details on this error. Any help would be appreciated. I don't have a reCaptcha setup anywhere on my site, unsure if this is expecting me to do that and that's why it's failing? Also, I did bump all my code to a production environment and got the same error there as I did on my localhost.

Error During PingFederate Agentless Sequence

Some of our users are encountering the following error page during the sequence of redirects after authenticating at their IdP.
"Unexpected exception occurred in Response Handling: null"
Partner: ...
Target: ...
This is what I believe is the corresponding info from the the server log.
2015-07-16 07:48:53,458 DEBUG [com.pingidentity.jgroups.MuxInvocationHandler] invocation of saveState on InterReqStateMgmtMapImpl state map size:215 attributes map size4 w/args: [ZkyN3LwNSjurZyfIewu1Kgjbgl7HrB, State(1437050933419){
inMsgCtx=null
outMsgCtx=OutMessageContext
XML: <samlp:AuthnRequest Version="2.0" ID="E6_0yldGrt0iqNKfUpArog6DG8G" IssueInstant="2015-07-16T12:48:53.419Z" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol">
<saml:Issuer xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">#issuer%</saml:Issuer>
<samlp:NameIDPolicy AllowCreate="true"/>
</samlp:AuthnRequest>
entityId: <Id> (IDP)
Binding: urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect
relayState: ZkyN3LwNSjurZyfIewu1Kgjbgl7HrB
Endpoint: <endpoint>
SignaturePolicy: DO_NOT_SIGN
parameters=null}] returned null
Is there an obvious place to look for more details? This happens for around 10% of our users and seems to follow them from device to device.

I figured out what the issue was. We are using account linking using the SAML Subject from the IdP. It turned out that a number of accounts at the IdP didn't have the LDAP attribute mapped to the NameID populated. So we were receiving SAML assertions without any data in the Subject.
Understanding where to look is the key. The audit.log file shows a general "failure". Then you look up corresponding activity details in the server.log file. Then you examine the corresponding SAML assertion in the log to determine what the problem was. The difficult part is noticing omissions in the data. That's harder for the eye/brain to catch imho.
It would be useful if we had an option for directing users to a custom page rather than a Ping-specific error page when this occurs.

IBM Worklight adapter using security tests

I'm using Workilight version 6.0 and I'm trying to use a security test with Workilght's adapter.
First of all, I developed a login page and home page where I'll display some informations after the user will be authenticated.
The authentication seems to be OK because I'm getting the user information and session Id which I'll sent in the cookie of the next HTTP adapter using the security test.
The problem is that I'm getting NullPointerException from the specified adapter but when I execute the request with RestClient, I get the response so the WS is OK.
Any body have an idea about how to that ?
PS: my code was working on worklight V5.0 but not with V6.0

I resolved this issue by deleting non useful Security Test like "MobileSecurityTest".
So before testing your adapter make sure that your declaration in the "authenticationConfig.xml" file is well done.
For more information about that, you can visit this URL :
http://public.dhe.ibm.com/software/mobile-solutions/worklight/docs/v600/08_03_Adapter_based_authentication.pdf
In addition, you have to figure out the root response in the adapter response to see first how looks your received data, otherwise you may be will receive a "NullPointerException" as response if you attempt to get for example "response.result" and the attribut "result" doesn't exist.
Hope that help you for future issues like I got.

Payment Gateway Integration error solving

I have a windows application that requires Payment Gateway Integration.
All these stuff i have done.
The process includes the following...
-Creating Xml Request header
-Encoding it as Url
-send the url encoded data to a Rest API with link being provided in the documentation.
-The test server performs the transaction and sends response back to the application.
What I have done to achieve these functionality...
1) I have used 'HttpWebRequest' class to create request to the URL : I am not going to share it since it security and confidential.
2) I have generated xml header and send it as url encoded.
3) The Server is even responses back to the application. but with Status not success
I am going to post the request formate and response formate.
<?xml version="1.0" encoding="UTF-8"?>
<payment xmlns="http://www.elastic-payments.com/schema/payment">
<merchant-account-id>!#-merchant-account-id-#!</merchant-account-id>
<request-id>!#-request-id-#!</request-id>
<transaction-type>purchase</transaction-type>
<requested-amount currency="AUD">!#-requested-amount-#!</requested-amount>
<account-holder>
<first-name>!#-first-name-#!</first-name>
<last-name>!#-last-name-#!</last-name>
<email>!#-email-#!</email>
<phone>!#-phone-#!</phone>
<address>
<street1>!#-street1-#!</street1>
<street2>!#-street2-#!</street2>
<city>!#-city-#!</city>
<state>!#-state-#!</state>
<country>!#-country-#!</country>
<postal-code>!#-postal-code-#!</postal-code>
</address>
</account-holder>
<card>
<account-number>!#-account-number-#!</account-number>
<expiration-month>!#-expiration-month-#!</expiration-month>
<expiration-year>!#-expiration-year-#!</expiration-year>
<card-type>!#-card-type-#!</card-type>
<card-security-code>!#-card-security-code-#!</card-security-code>
</card>
<notifications>
<notification url="!#-notification-url-#!" transaction-state="failed" />
<notification url="!#-notification-mail-#!" />
</notifications>
<custom-fields>
<custom-field field-name="order no" field-value="!#-order no-#!" />
</custom-fields>
<ip-address>!#-ip-address-#!</ip-address>
</payment>
The following is the response coming back from the server.
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<payment xmlns="http://www.elastic-payments.com/schema/payment" self="http://sandbox-engine.thesolution.com/engine/rest/merchants/null/payments/null">
<merchant-account-id ref="http://sandbox-engine.thesolution.com/engine/rest/config/merchants/null"/>
<transaction-state>failed</transaction-state>
<completion-time-stamp>2012-11-28T08:19:31.024Z</completion-time-stamp>
<statuses>
<status code="400.1018" description="The same Request Id for the Merchant Account is being tried a second time. Please use another Request Id. " severity="error"/>
<status code="400.1009" description="The Transaction Type is invalid. Please check your input and try again." severity="error"/>
</statuses>
<requested-amount/>
<api-id>elastic-api</api-id>
</payment>
I have cross checked twice with the request header,Each time i do have unique Request id which is 'hiren-'+GUID+DATETIMEWITHTIME
I even have cross checked with the documentation of the gateway for the transaction-type and it's valid but even then it's giving the same error.
To encode url i have used the following code
string sendString = "param=" + HttpUtility.UrlEncode(xmlData);
I'm thinking that the above code may be having the error but it's giving reply back...
so need help to solve the problem.
Please don't ask for the document file but you can ask for extra information.

Report-bulk-objects in Adobe Connect

I would like to get a list of meetings on the server however when i do a https://example.com/api/xml?action=report-bulk-objects&filter-type=meeting replacing the domain with my connect domain i get an access denied response. I am signed in to the connect work space and I am in the admin group. What could be the cause of this?
response:
<results>
<status code="no-access" subcode="denied"/>
</results>

This should work if you're in the admin group, logged in, and submitting the request from the same browser that's logged in. You might try adding the session parameter to your request ("&session=breez123abc456def")
The value of the parameter must be that of the BREEZESESSION cookie set by the Connect server on your authenticated session. One of several ways to discover that is with the common-info API method: https://connect.example.com/api/xml?action=common-info It'll be in the /results/common/cookie element.
If this still isn't working, check the debug.log on the server(s) for the failing request; there should be additional information there.