MIcrosoft Teams Custom App store accessToken - javascript

I made a Microsoft Teams Custom App, I've already get the accessToken from my external api that athenticate the user.
My problem is: how I can I save the received accessToken into Teams context? If I can't do this, how can I pass it from my tab to my messageExtension?
Thanks.

finally I decided to use Table Storage for save and get the received accessToken.

Related

Active Directory access Azure Storage from browser

I want to use Azure Active Directory to allow users to read and write to Azure storage (specifically all Blobs and Tables) from a single-page web app.
I started like this:
import { InteractiveBrowserCredential } from '#azure/identity';
import { TableClient, TableServiceClient } from '#azure/data-tables';
const credentials = new InteractiveBrowserCredential({
clientId: myAuthConfig.clientId,
tenantId: myAuthConfig.tenantId,
});
const client = new TableServiceClient(
`https://${myAuthConfig.storageAccountName}.table.core.windows.net`,
credentials
);
client.listTables().byPage().next().then(console.log);
This works totally fine! I can see all the tables on the account. But then I wanted to list some of the data in on of the tables. So I did:
const client = new TableClient(
`https://${myAuthConfig.storageAccountName}.table.core.windows.net`,
'<table name>',
credentials
);
client.listEntities().byPage().next().then(console.log);
But this gives an error:
{
"odata.error": {
"code":"AuthorizationPermissionMismatch",
"message": {
"lang":"en-US",
"value":"This request is not authorized to perform this operation using this permission.\nRequestId:<uuid>\nTime:2021-10-28T18:04:00.0737419Z"
}
}
}
I'm very confused by this error. As far as I can tell I've done everything right. I followed every tutorial. I've set up active directory permissions for my app to use the storage API, my Microsoft account has permission to access the tables, OCRS is enabled, etc.
I'm not sure why I would have access to see a table but not see what's in it. I tried to use InteractiveBrowserCredential.authenticate to explicitly set scopes like this:
const scopes = ["User.Read"]
credentials.authenticate(scopes).then(console.log);
It works fine for User.Read but I couldn't figure out what scopes corresponded to Storage read/write access. If I added a scopy like "Microsoft.Storage" it told me that it didn't exist
Has anyone got an error like this before? What am I supposed to do here?
Thank you #gaurav mantri ,Posting your suggestion in comment as an answer.
From error it looks like your service principal does not have access permission to your table storage data. You should either grant permission using a RBAC role on the storage account resource (add to storage account contributors or readers) as below. Or use Storage Explorer to grant permission.
In your storage account please check, if you have Storage Table Data Contributer /Storage table data reader roles assigned as commented by #gaurav mantri
If not , you can add them
go into your storage account > IAM > Add role assignment, and add the special permissions
If roles are already assigned , the issue might be due to storage account being protected by firewall. Please try configure in Firewall and virtual networks of your storage account to add an existing virtual network or create a new vnet.If there is no issue you may allow access from all networks.
References:
Authorize access to tables using Active Directory - Azure Storage |
Microsoft Docs
Assign an Azure role for access to table data using powershell -
Azure Storage | Microsoft Docs

Firebase storage access token gets removed when passed as a parameter to firebase dynamic link

I've stored an audio file in firebase storage and I want to pass its url with access token as a parameter to the firebase dynamic link.
I wan to make my file.component,ts available for public share on whatsapp, FB etc and below is the code where I am getting the file parameters
this.activatedRoute.queryParams.subscribe(params => {
this.userName = params["user"];
this.audioPath = params["audio"]; //firebase storage audio with access token
this.docId = params["docId"];
this.docTitle = params["title"];
this.userId = params["userId"];
)
Now I want to pass all the above parameters as a link to the firebase dynamic link http.post call to get a short link.
The audio parameter consists of url to firebase storage access url along with the access token e.g
https://firebasestorage.googleapis.com/v0/b/<site>/o/audio%2Fsong1-min.mp3?alt=media&token=xxxx-xxxxx-xxxx-xxxxx
The moment I pass this audio variable to the dynamic link, it removes the token and reduces the path to
https://firebasestorage.googleapis.com/v0/b/<site>/o/audio%2Fsong1-min.mp3
Hence when I receive the short link it displays all other fields on UI along with the audio tag but the src has the token removed hence external user cannot play the audio if shared on whats app, FB etc.
Is there anyway I can send this firebase storage access url as it is inside the dynamic link so that the audio could play.
I don't believe this is possible in the way you are designing it, Firebase Dynamic Links will take out the token to shorten the link and there is no way to force it not to do it. What you could do is either:
1 - Make the File publicly readable;
2 - Have the file be fetched and processed separetly in your app without using Firebase Dynamic Links;
The problem may be linked to the method that you use to generate the Dynamic Links. The longDynamicLink method of the firebase REST API seems to exclude tokens, but the dynamicLinkInfo seems to keep them, so try that latter instead.
The following error message pops up when using the longDynamicLink approach with a token:
{
warningCode: 'UNRECOGNIZED_PARAM',
warningMessage: "Unrecognized param 'token'. [https://firebase.google.com/docs/dynamic-links/create-manually#ddl_parameters]"
}

Firebase Authentication: Where is the token stored in web?

I was curious about how firebase auth token works.
Then I found this answer saying that token is stored in local storage.
https://stackoverflow.com/a/62577638/7239472
However, when I checked local storage in Application tab of my Google Chrome inspector, there was nothing.
So from where does the Firebase Auth SDK get the token value?
I also checked that currentUser object contains token value but I'm not sure where that came from.
Token can be found in firebaseLocalStorageDB. Please refer to this path.
Firebase saves its connection-token on a storage called "indexedDB".
You can see it by doing: inspect->application->indexedDB then you will see a firebase "key-value table" called "firebaseLocalStorage".

How do i get the recent company updates from linkedin using OAuth2

I am creating a html page were am trying to get the recent updates about the company from following REST call :
http://api.linkedin.com/v1/companies/1441/updates?oauth2_access_token={access_token}
I am getting reply as invalid access token , I have created a new application on linkedin developer network obtained the accesstoken and i am supplying the same access token in the REST call to get company updates .
Can i please know how do i get recent company updates from linkedin using OAuth and bind the output data to some placeholder on html page.
The 'OAuth User Token' of the applicaiton in the LinkedIn Developer site is NOT the oauth2token. To get the oauth2token you have to authenticate (as a user) following this guide: https://developer.linkedin.com/documents/authentication
Good luck! :)

Facebook API - access token works for SOME requests

This is driving me totally crazy. I've set up an FB app and retrieved an access token by visiting: https://graph.facebook.com/oauth/access_token?grant_type=client_credentials&client_id=CLIENT_ID&client_secret=CLIENT_SECRET.
Now I want to grab a (publicly available) feed from this URL: https://graph.facebook.com/PAGE_OR_USER_ID/feed?access_token=ACCESS_TOKEN
It works fine when I try it with my own user ID or even when I try another random page but it DOESN'T work when I enter the PAGE_ID I need it to work with.
Here are some examples:
This works fine (a friend of mine's Facebook page):
https://graph.facebook.com/tatchit/feed?access_token=213451182120494|JgAwuCE74lh51t1pKMuRM2mz3GU&limit=10&offset=0
This also works fine (my own Facebook ID):
https://graph.facebook.com/al.dev.7/feed?access_token=213451182120494|JgAwuCE74lh51t1pKMuRM2mz3GU&limit=10&offset=0
This doesn't work (the client's Facebook page):
https://graph.facebook.com/142616539131188/feed?access_token=213451182120494|JgAwuCE74lh51t1pKMuRM2mz3GU&limit=10&offset=0
I don't get any errors but the result is empty.
If I try the Graph API Explorer it also works fine:
https://developers.facebook.com/tools/explorer/?method=GET&path=142616539131188%2Ffeed
But not if I enter my own access token. From what I understand the access tokens you get in the API Explorer are temporary so I don't want to use that.
How can this be?
Also. I've struggled to understand this whole access-token, client-id, app-id-business for ages now - is there a good tutorial where all this stuff is explained? I've never had this work without problems ever.
Thank you
You should be using user access token for all the above queries. App Access token is used when you want to do something like check the app insights so and so.
When the pages has age restrictions or something so, app token wont be able to get through, but since the user is already a member of the page, you can use the user access token to get the data.
Add : Quoting from the documentation,
Note that the **app access token** is for publishing purposes permitted by the publish_actions and publish_stream permissions. You will be **unable to retrieve information** about the status update post with the given ID using the app access token. Instead, you should use a **user access token** for such purposes.
Other Capabilities of an App Access Token
There is a limited set of information that can be retrieved from Facebook using an App Access Token.
Basic Profile Info of a User (ID, Name, Username, Gender)
A User’s Friends and their IDs
Permissions granted by the User to your App
Read : https://developers.facebook.com/docs/opengraph/using-app-tokens/
So you should be querying with the user_access token to access all the informations that you are looking for, not with an app access_token.
You are using an App Access token instead of a User Access token. Some of the pages you are viewing may have a country or age restriction set, so using an app token will not work.
See: http://developers.facebook.com/docs/concepts/login/access-tokens-and-types/

Categories