oauth 1.0 -invalid signature GetRequestToken for Google - javascript

I could not find any active Oauth 1.0 support by Google as it has already been deprecated.
But as I want to access Gmail data,I am bound to use Oauth 1.0
So I have been trying since 2 days to get the RequestToken for my Google Application and I am getting the invalid signature error.
My base-string matches with the debug-string returned by google.
I have tried using both HMAC-SHA1 and RSA-SHA1 and my keys are correct.
(I have even tried using both token and secret as anonymous which Google recommends for non-registered applications.)
Could it be something due to wrong nonce or due to some percent-encoding issue.
The same method worked fine for Twitter.
I am also pasting my code below and would be glad if someone could help or point me to the right forum.
$('#GMAIL_BUTTON').click(function () {
//oauth1 approach similar to twitter
var requestUrl = "https://www.google.com/accounts/OAuthGetRequestToken";
var scope = "https://mail.google.com/";
var clientID = "anonymous";
var clientSecret = "anonymous";
var rsakey = "MIICblahblahblah";
var timestamp = Math.round(new Date().getTime() / 1000.0);
var nonce = Math.random();
var sigBaseStringParams = "oauth_consumer_key=" + clientID;
sigBaseStringParams += "&" + "oauth_nonce=" + nonce;
sigBaseStringParams += "&" + "oauth_signature_method=HMAC-SHA1";
sigBaseStringParams += "&" + "oauth_timestamp=" + timestamp;
sigBaseStringParams += "&" + "scope=" + encodeURIComponent(scope);
var sigBaseString = "GET&";
sigBaseString += encodeURIComponent(requestUrl) + "&" + encodeURIComponent(sigBaseStringParams) + "\n" + "\n";
requestUrl += "?scope=https://mail.google.com/";
var keyText = encodeURIComponent(clientSecret) + "&";
//var keyText = rsakey;
var keyMaterial = Windows.Security.Cryptography.CryptographicBuffer.convertStringToBinary(keyText, Windows.Security.Cryptography.BinaryStringEncoding.Utf8);
var macAlgorithmProvider = Windows.Security.Cryptography.Core.MacAlgorithmProvider.openAlgorithm("HMAC_SHA1");
var key = macAlgorithmProvider.createKey(keyMaterial);
//var keyMaterial = Windows.Security.Cryptography.CryptographicBuffer.decodeFromBase64String(rsakey);
//var macAlgorithmProvider = Windows.Security.Cryptography.Core.AsymmetricKeyAlgorithmProvider.openAlgorithm("RSASIGN_PKCS1_SHA1");
//var key = macAlgorithmProvider.importKeyPair(keyMaterial);
var tbs = Windows.Security.Cryptography.CryptographicBuffer.convertStringToBinary(sigBaseString, Windows.Security.Cryptography.BinaryStringEncoding.Utf8);
var signatureBuffer = Windows.Security.Cryptography.Core.CryptographicEngine.sign(key, tbs);
var signature = Windows.Security.Cryptography.CryptographicBuffer.encodeToBase64String(signatureBuffer);
var dataToPost = "OAuth oauth_consumer_key=\"" + clientID + "\", oauth_nonce=\"" + nonce + "\", oauth_signature_method=\"HMAC-SHA1\", oauth_timestamp=\"" + timestamp + "\", oauth_signature=\"" + encodeURIComponent(signature) + "\", oauth_version=\"1.0\"";
var response = sendGetRequest(requestUrl, dataToPost, null);
});
And the SendGetRequest method is -
function sendGetRequest(url, authzheader, params) {
try {
var request = new XMLHttpRequest();
request.open("GET", url, false);
request.setRequestHeader("Authorization", authzheader);
request.send(params);
return request.responseText;
} catch (err) {
WinJS.log("Error sending request: " + err, "Web Authentication SDK Sample", "error");
}
}

I couldn't find any glaring errors in your code, but you'll probably have a much easier time using Google's OAuth 2 for client-side apps library at https://developers.google.com/accounts/docs/OAuth2UserAgent. Further, you may want to use the atom feed scope (https://mail.google.com/mail/feed/atom)--you can give it and other scopes a try at https://code.google.com/oauthplayground/.

Related

How to generate SharedKeyLite for Azure Table Storage REST request

I'm trying to call Azure Table Storage using Postman but keep getting :
Server failed to authenticate the request. Make sure the value of
Authorization header is formed correctly including the signature.
The code I am using for the pre-call script in Postman is as follows:
var storageAccount = "**mystorageaccount**";
var accountKey = "**mystoragekey**";
var date = new Date();
var UTCstring = date.toUTCString();
var data = date + "\n" + "/**mystorageaccount**/**mytable**"
var encodedData = unescape(encodeURIComponent(data));
var hash = CryptoJS.HmacSHA256(encodedData, accountKey);
var signature = hash.toString(CryptoJS.enc.Base64);
var auth = "SharedKeyLite " + storageAccount + ":" + signature;
postman.setEnvironmentVariable("auth", auth);
postman.setEnvironmentVariable("date", UTCstring);
The headers in Postman are as follows:
Authorization : {{auth}}
date : {{date}}
version : 2015-12-11
I am guessing the issue may be with the data variable, but running out of ideas.
The reason you're getting this error is because you're not converting your account key to a buffer. Please change the following line of code:
var hash = CryptoJS.HmacSHA256(encodedData, accountKey);
to
var hash = CryptoJS.HmacSHA256(encodedData, Buffer.from(accountKey, 'base64'));
And you should not get the error.
UPDATE
I also got the same error. Please try the following code:
var storageAccount = "**mystorageaccount**";
var accountKey = "**mystoragekey**";
var date = new Date();
var UTCstring = date.toUTCString();
var data = UTCstring + "\n" + "/**mystorageaccount**/**mytable**"
var encodedData = unescape(encodeURIComponent(data));
var hash = CryptoJS.HmacSHA256(encodedData, CryptoJS.enc.Base64.parse(accountKey));
var signature = hash.toString(CryptoJS.enc.Base64);
var auth = "SharedKeyLite " + storageAccount + ":" + signature;
postman.setEnvironmentVariable("auth", auth);
postman.setEnvironmentVariable("date", UTCstring);
I just tried the code above and was able to list entities in my table.

Ionic 3, encodeURI with firebase

I need to send a http request to firebase that has this shape
https://db.firebaseio.com/0.json?&orderBy="name"&startAt=query&endAt=query+"\uf8ff"&limitToLast=1&print=pretty&auth=auth_token
My problem is that when I call this request I've a 400 error in console because it replace %22 to question marks and other symbols for \uf8ff and I think firebase doesn't recognize that.
let name = '"name"';
let cod = '"\uf8ff"';
let url = ('https://db.firebaseio.com/0.json?&orderBy=' + encodeURIComponent(name) + '&startAt=' + encodeURIComponent(birraName) + '&endAt=' + encodeURIComponent(birraName) + '+' + encodeURIComponent(cod) + '&limitToLast=1&print=pretty&auth=' + encodeURIComponent(this.idToken));
let response = this.http.get(url).map(res => res.json());
return response;
And then in console
400 Bad Request
Do you have any thougths?
You're missing quotes in your target string to mark string values. If you're searching for nodes starting with Marco, it should be https://db.firebaseio.com/0.json?&orderBy="name"&startAt="Marco"&endAt="Marco\uf8ff"&limitToLast=1&print=pretty&auth=auth_token. Note the double quotes around "Marco" and "Marco\uf8ff".
To build these in your JavaScript:
var url = 'https://db.firebaseio.com/0.json';
url = url + '?orderBy="' + encodeURIComponent(name) + '"';
url = url + "&startAt="' + encodeURIComponent(birraName) + '"';
url = url + "&endAt="' + encodeURIComponent(birraName) + '\uf8ff"';
url = url + '&limitToLast=1&print=pretty';
url = url + '&auth="' + encodeURIComponent(this.idToken))+'"";
Template literals might also be useful to keep this readable:
let url = (`https://db.firebaseio.com/0.json?orderBy=${encodeURIComponent(name)}&startAt=${encodeURIComponent(birraName)}&endAt=${encodeURIComponent(birraName)}${encodeURIComponent(cod)}&limitToLast=1&print=pretty&auth=${encodeURIComponent(this.idToken))}`;

Azure Account Shared Access Signiture

I am trying to construct an Account level Shared Access Signiture so my client can access all containers in a storage account. I am following these docs Account SAS. It seems straight forward enough but I keep getting the following error message:
"Signature did not match. String to sign used was accountname\nrl\nb\nsc\n\n2016-10-09\n\n\n2015-04-05\n".
My parameters are identical so I suspect it has something to do with how I am hashing the String to Sign. Below is how I construct the token.
var crypto = require('crypto');
var accountName = 'accountname';
var accountKey = 'tH37FTlG3TUT86caMrt2y5kOzof8nFqqA6spzg6r7HPRojE1zDiLJD/xE4oLFDh4RNqAmymvlV7fm8W4SF8cJg==';
var signedPermissions = "sp=rl";
var signedServcies = "ss=b";
var signedResourceType = "srt=sc";
var signedExpiry = "se=2016-10-09";
var signedVersion = "sv=2015-04-05";
var stringToSign = accountName + "\n" + signedPermissions + "\n" + signedServcies + "\n" + signedResourceType + "\n" + signedExpiry + "\n" + signedVersion + "\n";
var hmacsha256 = crypto.createHmac('sha256', accountKey).update(stringToSign).digest('base64');
var token = signedPermissions + "&" + signedServcies + "&" + signedResourceType + "&" + signedExpiry + "&" + signedVersion + "&sig=" + hmacsha256;
I have tried using crypto-js as well but to no avail. The final URL used to access a blob in a container is...
"https://accountname.blob.core.windows.net/containername/blobName?srt=sc&se=2016-10-09&api-version=2015-04-05&sp=rl&ss=b&sv=2015-04-05&sig=IFD2wyfRAsHGU5IFg3RbwSJW6tRE0m0%2FxgAYvJ%2FmnEk%3D"
I have been trying for days and really would appreciate knowing what I'm doing wrong. Thanks.
Benzene, for stringToSign, the value should NOT has the parameter name?
var signedPermissions = "rl";
var signedServcies = "b";
var signedResourceType = "sc";
var signedExpiry = "2016-10-09";
var signedVersion = "2015-04-05";
Please try the following (code shamelessly taken from Azure Storage Node.js library):
var hmacsha256 = crypto.createHmac('sha256', new Buffer(accountKey, 'base64')).update(stringToSign, 'utf-8').digest('base64');

getting XMLHttpRequest cannot load (URL) Response for preflight is invalid (redirect)

here am trying to get reccurring events from calendar list for sharepoint Online app and there am using code as like
hostWebUrl = decodeURIComponent(manageQueryStringParameter('SPHostUrl'));
function GetListData() {
var webUrl = hostWebUrl;// = "http://server/sitewhereyourlistexists";
var listGuid = "{2000da75-8663-42d9-9999-ad855c54b4e0}"
// An XMLHttpRequest object is used to access the web service
var xhr = new XMLHttpRequest();
var url = webUrl + "/_vti_bin/Lists.asmx";
xhr.open("POST", url, true);
xhr.setRequestHeader("Content-Type", "text/xml; charset=utf-8");
xhr.setRequestHeader("SOAPAction", "http://schemas.microsoft.com/sharepoint/soap/GetListItems");
// The message body consists of an XML document
// with SOAP elements corresponding to the GetListItems method parameters
// i.e. listName, query, and queryOptions
var data = "<?xml version=\"1.0\" encoding=\"utf-8\"?>" +
"<soap:Envelope xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\" xmlns:xsd=\"http://www.w3.org/2001/XMLSchema\" xmlns:soap=\"http://schemas.xmlsoap.org/soap/envelope/\">" +
"<soap:Body>" +
"<GetListItems xmlns=\"http://schemas.microsoft.com/sharepoint/soap/\">" +
"<listName>" + listGuid + "</listName>" +
"<query>" +
"<Query><Where>" +
"<DateRangesOverlap>" +
"<FieldRef Name=\"EventDate\"/>" +
"<FieldRef Name=\"EndDate\"/>" +
"<FieldRef Name=\"RecurrenceID\"/>" +
"<Value Type=\"DateTime\"><Today/></Value>" +
"</DateRangesOverlap>" +
"</Where></Query>" +
"</query>" +
"<queryOptions>" +
"<QueryOptions>" +
"<ExpandRecurrence>TRUE</ExpandRecurrence>" +
"</QueryOptions>" +
"</queryOptions>" +
"</GetListItems>" +
"</soap:Body>" +
"</soap:Envelope>";
// Here we define what code we want to run upon successfully getting the results
xhr.onreadystatechange = function () {
if (xhr.readyState == 4) {
if (xhr.status == 200) {
var doc = xhr.responseXML;
// grab all the "row" elements from the XML results
var rows = doc.getElementsByTagName("z:row");
var results = "Today's Schedule (" + rows.length + "):\n\n";
var events = {};
for (var i = 0, len = rows.length; i < len; i++) {
var id = rows[i].getAttribute("ows_FSObjType"); // prevent duplicates from appearing in results
if (!events[id]) {
events[id] = true;
var allDay = rows[i].getAttribute("ows_fAllDayEvent"),
title = rows[i].getAttribute("ows_Title"),
start = rows[i].getAttribute("ows_EventDate");
var index = start.indexOf(" ");
var date = start.substring(5, index) + "-" + start.substring(2, 4); // get the date in MM-dd-yyyy format
start = start.substring(index, index + 6); // get the start time in hh:mm format
var end = rows[i].getAttribute("ows_EndDate");
index = end.indexOf(" "); end = end.substring(index, index + 6); // get the end time in hh:mm format
results += date + " " + (allDay == "1" ? "All Day\t" : start + " to " + end) + " \t " + title + "\n";
}
}
alert(results);
} else {
alert("Error " + xhr.status);
}
}
};
// Finally, we actually kick off the query
xhr.send(data);
}
after calling this function in decument. ready section it is not retrieving any data but there is ine error which i can see in console of browser that is as below
You will click on the correct request in the left hand side panel, then select "Inspectors" in the right hand side top panel. Then choose between the different request and response options.

How to execute Report in Dynamics CRM 2013 to generate PDF in Online mode and offline

Could some one help me out !!!
I have got a custom button in the Entity Quote to generate a PDFs file from a report .
It work perfectly if the CRM is on-line , but once I switch in to outlook as offline mode
it is not working . Because it is not getting a Session id and Control Id
var pth="";
if(IsOnline)
{
pth= Xrm.Page.context.getServerUrl() + "/CRMReports/rsviewer/reportviewer.aspx";
}
else
{
pth= " http://localhost:2525/crmreports/viewer/viewer.aspx";
}
var retrieveEntityReq = new XMLHttpRequest();
var Id = Xrm.Page.data.entity.getId();
var quotationGUID = Id.replace('{', ""); //set this to selected quotation GUID
quotationGUID = quotationGUID.replace('}', "");
var reportName = "Quote"; //set this to the report you are trying to download
var reportID = "6A39D18F-2EC6-E344-8986-F49D6765A723"; //set this to the guid of the report you are trying to download
var rptPathString = ""; //set this to the CRMF_Filtered parameter
var strParameterXML = "<fetch version='1.0' output-format='xml-platform' mapping='logical' distinct='false'><entity name='quote'><all-attributes /><filter type='and'><condition attribute='quoteid' operator='eq' uitype='quote' value='" + quotationGUID + "' /> </filter></entity></fetch>";
retrieveEntityReq.open("POST", pth, false);
retrieveEntityReq.setRequestHeader("Accept", "*/*");
retrieveEntityReq.setRequestHeader("Content-Type", "application/x-www-form-urlencoded");
rptPathString = "id=%7B" + reportID + "%7D&uniquename=" + Xrm.Page.context.getOrgUniqueName() + "&iscustomreport=true&reportnameonsrs=&reportName=" +
reportName + "&isScheduledReport=false&p:CRMAF_Filteredquote=" + strParameterXML;
//remove the part starting from &p:salesorderid if your report has no parameters
retrieveEntityReq.send(rptPathString);
var x = retrieveEntityReq.responseText.indexOf("ReportSession=");
var ret = new Array();
ret[0] = retrieveEntityReq.responseText.substr(x + 14, retrieveEntityReq.responseText.indexOf("&", x) - x - 14); //the session id
x = retrieveEntityReq.responseText.indexOf("ControlID=");
ret[1] = retrieveEntityReq.responseText.substr(x + 10, retrieveEntityReq.responseText.indexOf("&", x) - x - 10); //the control id
return ret;

Categories