When I send this request using soap envelope over http UA asks for credentials. When I send it over https UA doesn't ask for credentials but returns 401 error.
I need user to enter credentials this way.
var wsUrl = config.identityServerURL + "/services/RemoteUserStoreManagerService.RemoteUserStoreManagerServiceHttpsSoap11Endpoint/";
namesToEnable.forEach(function (name) {
var soapRequest = '<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:ser="http://service.ws.um.carbon.wso2.org" xmlns:xsd="http://common.mgt.user.carbon.wso2.org/xsd"> ' +
'<soapenv:Header/> ' +
'<soapenv:Body> ' +
'<ser:setUserClaimValues>' +
'<ser:userName>' + name + '</ser:userName>' +
'<ser:claims> <!--Optional:--> ' +
'<xsd:claimURI>http://wso2.org/claims/identity/accountDisabled</xsd:claimURI> <!--Optional:--> ' +
'<xsd:value>false</xsd:value> </ser:claims> <!--Optional:--> ' +
'<ser:profileName></ser:profileName> </ser:setUserClaimValues> ' +
'</soapenv:Body></soapenv:Envelope>';
var xmlhttp = new XMLHttpRequest();
xmlhttp.open('POST',
wsUrl, true);
var sr = soapRequest;
xmlhttp.onreadystatechange = function () {
if (xmlhttp.readyState == 4) {
if (xmlhttp.status > 200 < 300) {
console.log('DONE');
sap.ui.getCore().byId("DialogOnEnableUser").close();
sap.m.MessageToast.show("User successfully enabled", {duration: 1000});
} else {
console.log('ERR soap req');
}
}
};
// Send the POST request
xmlhttp.withCredentials = true;
xmlhttp.setRequestHeader("SOAPAction", "urn:setUserClaimValues");
xmlhttp.setRequestHeader('Content-Type', 'text/xml');
xmlhttp.send(sr);
Sounds to me like a security restriction due to the ongoing fight on web lack of secure connectivity
https://superuser.com/questions/770897/firefox-does-not-prompt-for-password-for-http-authenticated-sites-how-to-make-i
I would try it with other browsers to discard it first.
Related
I want to check the status of some web pages and write the following codes. I use "phantomjs.exe --web-security=false test.js" under the terminal to run the following code. If the network status is normal, then everything goes well. If the network status is abnormal, the code will stop running and get an error message: "PHANTOM ERROR: NETWORK_ERR: XMLHttpRequest Exception 101: A network error occurred in synchronous requests."
I hope that when the network status is abnormal, the code can continue to detect the next web page instead of stopping. I have been searching on the Internet for a long time and I don’t know how to deal with it. I hope someone can help me.
var urls = new Array("www.good.com", "www.bad.com","www.good.com");
var fs = require('fs');
var request;
if (window.XMLHttpRequest)
request = new XMLHttpRequest();
else
request = new ActiveXObject("Microsoft.XMLHTTP");
request.onload = function (e) {
if (request.readyState === 4) {
console.log(request.status);
}
};
phantom.onError = function(msg, trace) {
var msgStack = ['PHANTOM ERROR: ' + msg];
if (trace && trace.length) {
msgStack.push('TRACE:');
trace.forEach(function(t) {
msgStack.push(' -> ' + (t.file || t.sourceURL) + ': ' + t.line + (t.function ? ' (in function ' + t.function +')' : ''));
});
}
console.log(msgStack.join('\n'));
};
for (i = 0; i < urls.length; i++) {
console.log(urls[i]);
request.open('GET', "https://" + urls[i], false);
request.send();
fs.write("result.txt", urls[i] + ',' + request.status + '\n', 'a');
}
phantom.exit();
I'm trying to create a SOAP request in JavaScript, but I get a wrong response.
Here's my request:
callSOAP() {
var xmlhttp = new XMLHttpRequest();
xmlhttp.open('POST', 'https://webapi.allegro.pl/service.php', true);
var sr =
'<?xml version="1.0" encoding="utf-8"?>' +
'<SOAP-ENV:Envelope ' +
'xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/" ' +
'xmlns:main="https://webapi.allegro.pl/service.php" ' +
'xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" ' +
'xmlns:xsd="http://www.w3.org/2001/XMLSchema">' +
'<SOAP-ENV:Body>' +
'<main:DoGetCountriesRequest>' +
'<main:countryCode>1</main:countryCode>' +
'<main:webapiKey>xxxxxxxx</main:webapiKey>' +
'</main:DoGetCountriesRequest>' +
'</SOAP-ENV:Body>' +
'</SOAP-ENV:Envelope>';
xmlhttp.onreadystatechange = function () {
if (xmlhttp.readyState == 4 && xmlhttp.status == 200) {
console.log(xmlhttp.response);
}
};
xmlhttp.setRequestHeader('Content-Type', 'text/xml');
xmlhttp.send(sr);
}
I try to call 'DoGetCountriesRequest' method but the response is status code 500 with a message 'Invalid XML'.
Is it the proper way to call a SOAP method in JavaScript? What's wrong with my request?
It looks like you're sending the request to the ?wsdl endpoint - remove that from the URL in your xmlhttp.open() method call to send it to the service itself.
It also seems your SOAP message is malformed - you've closed the SOAP-ENV:Envelope opening tag too early - it also needs to surround your xmlns:xsi and xmlns:xsd namespace definitions:
'<?xml version="1.0" encoding="utf-8"?>' +
'<SOAP-ENV:Envelope ' +
'xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/" xmlns:main="https://webapi.allegro.pl/service.php"' +
'xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" ' +
'xmlns:xsd="http://www.w3.org/2001/XMLSchema">' + ...
Follow up edit:
There are some double quotes in your in your countryCode and webapiKey opening tags that need removing and it looks like the message itself doesn't comply with the WSDL - the operation doGetCountries in the WSDL needs a DoGetCountriesRequest object. Try something like:
var sr =
'<?xml version="1.0" encoding="utf-8"?>' +
'<SOAP-ENV:Envelope ' +
'xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/" ' +
'xmlns:main="https://webapi.allegro.pl/service.php" ' +
'xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" ' +
'xmlns:xsd="http://www.w3.org/2001/XMLSchema">' +
'<SOAP-ENV:Body>' +
'<main:DoGetCountriesRequest>' +
'<main:countryCode>1</main:countryCode>' +
'<main:webapiKey>xxxxxxxx</main:webapiKey>' +
'</main:DoGetCountriesRequest>' +
'</SOAP-ENV:Body>' +
'</SOAP-ENV:Envelope>';
I can send an email with and without attachment using GMAIL API. My only problem is that it looks like when I want to send an attachment I need an accesstoken. This is not good as right after the user filled out the email form, attached the file and clicked the Send button, I need to somehow save all the data (like sending them in the state parameter?), load gmail's authentication link, reload the page on redirect, retrieve the accesstoken from the url that's now filled with a lot of things totally irrelevant for the user, retrieve my data from the url and send the email at last.
According to the docs the state parameter is used to retrieve data after the redirect so I need to send the to, cc, subject, base64 encoded msg, contenttype and filename variables.
What other options do I have?
function getAccessToken() {
window.location = 'https://accounts.google.com/o/oauth2/v2/auth?scope=' + scopes + '&state=' + 'hello' + '&redirect_uri=https://skeebdo.com/quickstart.html' + '&response_type=token' + '&client_id=' + clientId;
}
//Now when the page gets redirected and back I need to read the accesstoken and state parameter from the url.
var accesstoken = '';
var url = window.location.href;
if (url.indexOf("access_token=") > 0) {
var at_starts = url.indexOf("access_token=");
var tokentype_starts = url.indexOf("&token_type=");
accesstoken = url.substring((at_starts + 13), tokentype_starts);
if (url.indexOf("state=") > 0) {
//get to, cc, subject, msg, contenttype, filename, base64 encoded file
}
}
function sendEmail() { //Send email
var to = $("#compose-to").val();
var cc = $("#compose-cc").val();
var subject = $("#compose-subject").val();
var message = editor.getData();
if (contenttype != null && contenttype != "" && contenttype.length > 0) {
//we got an attachment!
var pngData = base64_image;
var mail =
'Content-Type: multipart/mixed; boundary="foo_bar_baz"\n' +
'MIME-Version: 1.0\n' +
'to: ' + to + '\n' +
'cc: ' + cc + '\n' +
'subject: ' + subject + '\n\n' +
'--foo_bar_baz\n' +
'Content-Type: text/html; charset="UTF-8"\n' +
'MIME-Version: 1.0\n' +
'Content-Transfer-Encoding: 7bit\n\n' +
message + '\n\n' +
'--foo_bar_baz\n' +
'Content-Type: ' + contenttype + '\n' +
'MIME-Version: 1.0\n' +
'Content-Transfer-Encoding: base64\n' +
'Content-Disposition: attachment; filename=' + filename + '\n\n' +
pngData + '\n\n' +
'--foo_bar_baz--';
$.ajax({
type: "POST",
url:"https://www.googleapis.com/upload/gmail/v1/users/me/messages/send?uploadType=multipart",
contentType: "message/rfc822",
async: true,
data: mail,
beforeSend: function (xhr){
xhr.setRequestHeader('Authorization', 'Bearer ' + accesstoken);
},
success:function(data){
ShowNotification("success", "Message Sent!");
},
error:function(xhr,err){
alert("readyState:"+xhr.readyState+"\nstatus: "+xhr.status)
alert(xhr.responseText)
if (xhr.status == "401") { //get or refresh accesstoken
alert("Ujra kell kerni az accesstokent");
getAccessToken();
}
}
});
} else {
//No attachment
sendTextMessage(
{
'To': to,
'Cc': cc,
'Subject': subject
},
message);
}
}
}
function sendTextMessage(headers_obj, message, callback) {
var email = '';
for(var header in headers_obj)
email += header += ": "+headers_obj[header]+"\r\n";
email += 'Content-Type: text/html; charset=UTF-8\r\n';
email += "\r\n" + message;
var sendRequest = gapi.client.gmail.users.messages.send({
'userId': 'me',
'resource': {
'raw': window.btoa(email).replace(/\+/g, '-').replace(/\//g, '_')
}
});
return sendRequest.execute(callback);
}
You need to get the Access Token only once, after which you can use the refresh token to regenerate access token once it has expired.
I'm trying to consume a SOAP (.net) WebService with JavaScript but the responseText and the responseXML are null. I tried running in another browser(chrome, firefox, IE) but that didn't solve it.
function MButton1Click(event) {
sendDataAsXML_SOAP();
}
function sendDataAsXML_SOAP() {
var req_params = "",
url = "",
number = 0,
type = "";
/* Configure Parameters */
url = "http://wp.art.br/FriendNet/Principal.asmx";
var user = document.getElementById("MTextArea1").value;
var ajaxRequest;
req_params = "<?xml version=\"1.0\" encoding=\"utf-8\"?>";
req_params = req_params + "<soap:Envelope xmlns:xsi=\"http://www.w3.org/2001/XMLSchema- instance\" xmlns:xsd=\"http://www.w3.org/2001/XMLSchema\" xmlns:soap=\"http://schemas.xmlsoap.org/soap/envelope/\">";
req_params = req_params + " <soap:Body>";
req_params = req_params + " <TesteDeTexto xmlns=\"http://tempuri.org/\">";
req_params = req_params + " <pTexto>" + user + "</pTexto>";
req_params = req_params + " </TesteDeTexto>";
req_params = req_params + " </soap:Body>";
req_params = req_params + "</soap:Envelope>";
/* Send XML/SOAP Request To Web Service Using Browser's Javascript DOM */
var xmlHTTP;
if (window.XMLHttpRequest) {
xmlHTTP = new window.XMLHttpRequest; //For browsers other than ie
} else {
try {
xmlHTTP = new ActiveXObject("MSXML2.XMLHTTP.3.0"); //for ie
} catch (ex) {}
}
xmlHTTP.open("POST", url, true);
xmlHTTP.setRequestHeader("Content-Type", "text/xml; charset=utf-8");
xmlHTTP.setRequestHeader("SOAPAction", "http://tempuri.org/TesteDeTexto");
xmlHTTP.onreadystatechange = receiveXML_SOAPData;
xmlHTTP.send(req_params);
}
function receiveXML_SOAPData() {
if (ajax_request.readyState == 4) {
if (ajax_request.status == 200 || ajax_request.status == 0) {
/* Parse The Response Data */
alert(ajax_request.responseText);
alert(ajax_request.responseXML);
alert("sucesso");
}
}
}
You try to use a ajax_request in your receiveXML_SOAPData function which is undefined. You should have gotten an exception from that, check your error console.
The ajaxrequest variable in the sendDataAsXML_SOAP function is a) not used and b) local to that function - it would not work.
Use the this keyword in the receiveXML_SOAPData function to reference the XHR object instead.
Receiving http 403 response error when trying to get a
request token.
I've checked my base string's singing process, and that's proper. If
I use the default keys on the Twitter dev site, it generates the same
result as they list on the site, so i'm pretty sure that's okay.
Any insight would be much appreciated!
var reqURL = 'https://api.twitter.com/oauth/request_token';
var reqNonce = getNonce();
var reqTimeStamp = getTimeStamp();
var reqSignatureMethod = 'HMAC-SHA1';
var reqOauthVersion = '1.0';
var reqConsumerKey = 'ySBPkqxaRlheQKFwejMpqg';
var reqConsumerSecret = '______________&' // note the & at the end..
var reqCallback = 'http%3A%2F%2Flocalhost%3A3005%2Fthe_dance%2Fprocess_callback%3Fservice_provider_id%3D11'
var reqQuery = 'oauth_callback=' + reqCallback + '&oauth_consumer_key=' + reqConsumerKey + '&oauth_nonce=' + reqNonce + '&oauth_signature_method=' + reqSignatureMethod + '&oauth_timestamp=' + reqTimeStamp + '&oauth_version=' + reqOauthVersion;
var reqBaseString = 'POST&' + reqURL + '&' + encodeURIComponent(reqQuery);
var reqSignature = b64_hmac_sha1(reqConsumerSecret, reqBaseString);
var reqSignature = reqSignature + '=';
var request = new XMLHttpRequest();
request.onreadystatechange = function(data) {
if (request.readyState == 4) {
// Good response, got the xml file
if (request.status == 200) {
alert ('good response');
}
}
};
// alert (reqURL);
// alert (reqBaseString);
var oauthParams = encodeURIComponent("OAuth oauth_callback=\"" + reqCallback + "\",oauth_consumer_key=\"" + reqConsumerKey + "\",oauth_nonce=\"" + reqNonce + "\",oauth_signature_method=\"" + reqSignatureMethod + "\",oauth_timestamp=\"" + reqTimeStamp + "\",oauth_version=\"1.0\",oauth_signature=\"" + reqSignature + "\"");
request.open("POST", reqURL, true);
request.setRequestHeader("Accept", "text/plain, */*");
request.setRequestHeader("Connection", "Keep-Alive");
request.setRequestHeader("Authorization", oauthParams);
request.send();
What I have found to be immensely helpful is to just get the raw HTTP request that does work with the Netflix OAuth Test that cnauroth suggested and then compare it to what you are sending with this code snippet here. OAuth is tricky and not fun so if you can just diff the two requests you should be able to find some improper encoding or a misplaced &.