Newbie working on a Salesforce project for a job interview. I'm trying to build a Django form that will submit a case ticket to the Salesforce backend. Using django-salesforce django-salesforcelibrary, and I'm at the point where I'm creating the a new connected app. How do I deal with the callback URL if I'm testing on localhost? The callback url needs to be an https secure connection. Can I just set the callback as http://localhost:8000? Having a hard time figuring it out and on a strict time limit so no time to learn the salesforce API.
No you cannot do that. Because they will try to redirect you to that site also few oauth providers need it a valid url to do so.
You can use https://ngrok.com to publicly expose your local server.
ngrok exposes your local server and port to a publicly accessible url. Internally it created a tunnel from the generated url and your machine. So you can expose your local django server to world using it.
Then pass on the generated link to the OAuth app.
Related
I'm in the process of connecting my React Native UI to Python Django backend using REST framework and unsure of how to go about fetching the data from backend.
I used the fetch(URL) as you can see in the SS below:
The error I get:
I also added my phone as an adb device and connected it through a USB cable before running the app, but same issue. Any suggestions as to how to go about React Native UI and Python Django REST API integration?
A bit late but I hope it will help the next ones.
You cannot use a regular url when connecting DRF (or any other API framework) to a react native app so you need to tunnel it through a reverse proxy such as ngrok. Short answer is, download ngrok, put it in your environment variable then in your shell type :
ngrok http 8000
You will receive an https to replace your localhost:8000 in your API url. Good thing to do is to register to ngrok not to have to replace this new url too often, I think it is only stable for an hour or two if not registered.
Last but not least, in your CORS config whitelist (CORS_ALLOWED_ORIGINS), don't forget to put this new url or you'll get a 404.
Good luck
I have a Python script that should download data from a web resource using link. It so happened that resource is in Azure App Service protected by Active Directory. My user account is allowed to access the link and download data (I can do it from web browser manually, but want to automate this process). The Python script uses requests library. I can't figure out how to authenticate properly, cause when I'm trying to run the script, I get:
Error 403 - Forbidden
The web app you have attempted to reach has blocked your access.
Usual authentication with requests doesn't work (using auth parameter or session.auth or with HttpNtlmAuth).
I know one can use VS Code to authenticate to Azure and then use DefaultAzureCredential, but I can't get where you should use this DefaultAzureCredential object (cause it doesn't work with requests).
I don't need the whole Python app to be registered or somehow else recognizable by Azure resource. It's just a script to download data, that is not supposed to be productionized.
Any ideas how I can scrap the data from Azure?
Note: I'm not an admin or creator of this Azure App, so can't change any restriction settings.
In short, the part of script making request looks like:
params = {"param1": param1,
"param2": param2}
session = requests.Session()
session.auth = HttpNtlmAuth(USERNAME, PASSWORD)
url = "my-app.azurewebsites.net/the-rest-of-the-path"
response = session.get(url, params=params, verify=False)
If you want to access the Azure App Service, you have to authenticate the Azure App Service. If you don't have access for Azure App Service, we cannot access the Azure resources.
Genereally, when a web server stops you from accessing the page you're trying to open in your browser, you'll get a 403 Forbidden Error. There isn't much you can do most of the time. However, occasionally the issue is on your end.
Here are some points that can cause this error.
If you have an open public API and public access is not allowed on Azure App Service.
Your app's IP address, which you're using to call the app service, isn't whitelisted.
If you have a gateway in the middle, it's possible that it's also blocking your calls.
Here are the possible solutions that you can try:
Remove the access restrictions from your web app's Networking page.
Try adding 0.0.0.0/0 to give access to all. You can later add restrictions based on your needs.
The order of the restrictions is important, so double-check it. It may have an impact if you have a blocked call before an approved call.
You can also have restrictions based on http-headers like X-Forwarded-For. Please double-check that. This can also happen in code, depending on how you handle errors.
Protocol support for HTTP headers in Azure Front Door | Microsoft Docs
Chech this, if your API is behind the Gateway Application Gateway integration with service endpoints
I don't know why I can't find confirmation in the docs, maybe I am not navigating them correctly, although MSAL seems to have options to fit it into any application. This is my first time integrating a SAML sso procedure into any of my web-apps. I am just looking for some clarity on the correct, and secure way to verify the person attempting to login, is actually logged in with the IDP.
I am confused at the part after confirmation of login is given to my redirect API, I currently have it all happening on the front-end, then submitting the response to my back-end. Which is a RESTful API built with Django, and postgres database. At this point, I am thinking I need to verify my accessToken for authenticity, but I am unsure if I should be creating another PublicClient instance in python, and then sending the same commands to the IDP.
To guess at this point, I'm thinking this is wrong, as I need to verify the token, rather than get another Access and Refresh token. I'm thinking I just need to verify there is a session open with the IDP, and that the Access Token matches. Can anyone shed some light on this, possibly provide even just some direction.
The client Python Django Web App uses the Microsoft Authentication Library (MSAL) to sign-in and obtain an Access Token from Azure AD.
The access token is used as a bearer token to authorize the user to call the Python Flask Web API protected by Azure AD.
The Python Flask Web API then receives a token for Azure Resource Management API using the On-Behalf-Of flow.
To learn more about handing access token validation at the API layer, look into this sample walkthrough: https://github.com/Azure-Samples/ms-identity-python-on-behalf-of#about-the-code
https://learn.microsoft.com/en-us/azure/active-directory/develop/access-tokens#validating-tokens
My app needs to retrieve user's dropbox data in both frontend when user is present(js) and backend when user is away(python/django)
I understand after authorization I will receive a token code. Does that mean I should use this token code for both JS and Python when communicating with Dropbox? or should I use my python backend as a proxy when communicating with Dropbox?
I am worried by using a proxy it will add unnecessary delay to the user experience.
I cannot see how I could authenticate a server with vs GAE.
Let's say I have an application on GAE which have some data and I somehow need this data on another server.
It is easy to enable OAuth authentication on GAE but here I cannt use this since there is no "account" binded to my server.
Plus GAE doesn't support client certificate.
I could generate a token for each server that needs to access the GAE Application, and transfe them on the server. It would then use it to access the GAE Application by adding it in the URL (using HTTPS)...
Any other idea?
That is exactly what you need to do. On the server, generate a key (you choose the length), and store it in the datastore. When the other server makes a request, use HTTPS and include the key. Its like an API key (it is actually).