I would like to know if there is an event that fired in the IdentityServer 4 framework when token cleanup job runs?
I have wrapped a third party system into the IdentityServer framework and need to notify the third party system to cleanup user sessions when the tokens in IdentityServer are no longer valid... mostly due to token is expired.
Any suggestions or examples?
Thanks
Greg
This feature does not exist right now. Open a feature request on the github issue tracker please.
For future references, you need to implement IOperationalStoreNotification and include it in the DI
public class MyOperationalStoreNotification : IOperationalStoreNotification
{
public Task PersistedGrantsRemovedAsync(IEnumerable<PersistedGrant> persistedGrants)
{
// ... put your code here
}
}
Related
I am trying to create an Event using Microsoft Graph SDK, as following the document #
https://learn.microsoft.com/en-us/graph/api/user-post-events?view=graph-rest-beta&tabs=csharp
1.Created "authProvider"
2.Created GraphClient with above AuthProvider
3.Creating Event using
The event is not creating also no exception/error is throwing, Could any one help me here?
This is happening because this call is being made with same transactionId frequently. It avoids unnecessary retries on the server.
It is an optional parameter , just comment out this property and try again. It should work.
Note : This identifier specified by a client app for the server , to avoid redundant POST operations in case of client retries to create the same event and also useful when low network connectivity causes the client to time out before receiving a response from the server for the client's prior create-event request.
More info is required here, as the reply from Allen Wu stated. without any details I would focus my efforts on the authprovider piece and azure app registration piece. as the rest of the example is just sending a post request to graph api.
but what is recommended really depends on what type of application you are trying to build. eg. is it a service daemon, a web app, mobile app, desktop app, single page app, etc.
I have few leads in my Salesforce and when I update a lead, I want to notify the change to a third party REST API end-point-address. If the response returned from end-point-address is incorrect or the third party API server is down, I want the Salesforce to retry notifying the end-point until a proper response is received.
Can somebody please tell me, how can I configure Salesforce to retry the 3rd party REST API until a proper response is received?
Thank you,
Abhilash
I think it depends which tools do you want to use.
You can integrate 3rd party APIs for your declarative tools in SF using "External Services" tool. You can read and learn more about it here:
https://trailhead.salesforce.com/en/content/learn/modules/external-services
This simple solution will allow you to build flows and trigger external services for get and post methods.
In general, you wouldn't want to retry a notification to the end-point until a proper response is received, since it can cause an infinite action. It is better to receive and handle the response, according to the error message.
I'm new to Google Cloud Endpoints and I am currently looking for an alternate way to receive the User method parameter.
In the documentation on Authenticating Users, the only way of receiving information about the user that is shown is to receive an instance com.google.api.server.spi.auth.common.User as a method parameter.
There appears to be no annotation I can use to request this principle elsewhere other than directly on the endpoint method. This can obviously be made to work, but I am very interested in the following scenario:
/*
* in an injection provider
*/
CustomUserClass getUser(#EndpointsUser User user) throws UnauthorizedException{
if(user == null) throw new UnauthorizedException("If we're requesting the user be injected, we should reject unauthenticated requests");
//datastore code to lookup and return my representation of a user
}
/*
* in the endpoint class
*/
#Inject
CustomUserClass userProfile;
//endpoint methods here
Does anyone know how to do the above? I realize I could simply move this logic into my endpoint class, but this is a case of cross-cutting concerns and is not only bad programming, but less easily tested.
Yes, I know I can role my own solution (pun intended), but cloud endpoints is supposed to make this kind of thing easy, isn't it?
This is currently not possible, as Guice use cases weren't common when the frameworks were written. You can file a feature request.
From my salesforce application, I need to connect to quickbook api and create vendors by a batch job.
For this Do I need to add whole Oauth process (add 'Connect to quickbooks' button and there will be a auth page, which when successfull will redirect me to the application).
Or there are other ways in which I can do this.
Can I use connection ticket. If yes, the how ?
Reall stuck here. Any help is appreciated.
Thanks,
You can have a look at IPP's docs. - https://developer.intuit.com/docs/0025_quickbooksapi
The only way to make a call to QBO endpoints is through 3-legged OAuth (using consumerKey, consumerSecret, accessKey and accessSecret). If you have desktop application then you need to have a web component/embedded browser for the first time users. Once you have the end-user tokens, you can store and reuse those for all future API calls.
If you create an app in appcenter, you'll get consumerKey and consumerSecret.
https://developer.intuit.com/Application/Create/IA
Using the above two tokens, you can generate accessToken and accessSecret using the OAuthPlayground.
https://appcenter.intuit.com/Playground/OAuth/IA
Devkit Download link - https://developer.intuit.com/docs/0025_quickbooksapi/0055_devkits
You need to plugin the above 4 tokens with java devkit code to make any QBO V3 REST call.
https://developer.intuit.com/docs/0025_quickbooksapi/0055_devkits/0201_ipp_java_devkit_3.0/0001_synchronous_calls/0001_data_service_apis
Re - Can I use connection ticket. If yes, the how ?
No, OAuth is the only process here.
Vendor API doc - https://developer.intuit.com/docs/0025_quickbooksapi/0050_data_services/030_entity_services_reference/vendor
Hope it will be useful.
Thanks
I have the beginnings of a standard Silverlight/ RIA/ EF application that is just working straight away as expected.
I wanted to restrict my entire DomainService to only authenticated users, as the application will eventually live on the public internet, and all data access needs to be user authenticated.
The problem I have, is that I cannot use the auto-generated DomainContext class in my Silverlight app unless I wrap all of its Load methods inside a custom class that verifies the authentication status of the user before attempting to retrieve data - which seems like a long and tedious coding task.
Surely there must be a simple solution that Ive missed ?
This stuff was easy in ASP.NET because the moment you lost (or never had) authentication you were redirected to a login page (as configured in web.config).
Im really suprised theres no similar mechanism in Silverlight, as it seems to be to be a standard business application requirement.
Requiring authentication in your DomainService is easy. Just add a [RequiresAuthentication] or [RequiresRole] attribute to either the class (applies to all operations) or operation you want to authorize. You might find these links helpful.
How to: Enable Authentication in RIA Services
RequiresAuthenticationAttribute
I am not 100% sire if this is the answer you want and if it's a good practice to do it like this but you could implement a message inspector that inspects whether the user is authenticated like this:
public class ClientCustomHeadersDispatchMessageInspector : IDispatchMessageInspector
{
public object AfterReceiveRequest(ref Message request, IClientChannel channel, InstanceContext instanceContext)
{
if (!HttpContext.Current.User.Identity.IsAuthenticated) {
throw new SecurityException("User not authenticated");
}
return null;
}
public void BeforeSendReply(ref Message reply, object correlationState)
{
}
}