so I got my Identity Server project up and running, and am setting up my project to publish. Now, when I define my client in the config for IS4, I suppose I will have to set my redirect urls to my publish domain, something like this:
new Client{
...
RedirectUris = { "localhost:5002/signin-oidc", "myclient.com/signin-oidc" }
...
}
Is including the localhost and domain the right way to do this?
I am thinking it would be ok since an attacker would have to have my client secret in order to login. Or is it better to set up two separate clients (eg. 'client' and 'client_local'), and request the appropriate client at startup?
There are two ways:
1) Use Configuration File: You can store the clients in a JSON file and load them during startup. Use different JSON files for different environments.
Example. clients.Development.json for Development and clients.Production.json in Production environment; However, The clients will be In Memory Clients and any changes in clients configuration will require a reboot of your application.
2) Use Persistent Storage: Use a database server to store configuration and operational data. A local database for development and a database for production use.
See this docs, The example uses Entity Framework for persistent storage but you're bound to Entity Framework or any ORM. You can opt to write your own Data Access Layer for IdentityServer. This will allow you to change client configurations without restarting your application as the data will be retrieved from a database.
Related
I have a problem with OCN-client.
When I call POST http://host/ocpi/2.2/credentials, response:
Role with party_id=ABC and country_code=ES not listed in (truncated)...
Means that I have to register our company?
How I can do it?
Yes, the client will not accept the credentials handshake if you are not already listed in the registry. Running the registry locally will create a new network only existing on your local development environment. To do this, you would also need to point the OCN client to your local network in its configuration. This is good during development, though there will be no other MSPs/CPOs to interact with out of the box (see https://bitbucket.org/shareandcharge/ocn-tools for how you could do that yourself). Once you are ready, you could then access our public test environment via your local OCN client (the default configuration values point to it), or connect to one remotely.
my plan of setup is to make the local database accessible to the local computers because of heavy manipulation of data and it needs a fast response, but at the same time, I wanted to access it via internet when I'm away from the local network. is this possible?
Currently Using MERN stack
I tried MLAB but the response of data is pretty slow
Thank you in advance
it looks like you're going down a dangerous path. MongoDB comes with local authentication and a standard 27017 port. To make it available online you need to
remove authentication (which is not on by default)
change or remove the bindIp option
ensure the port is not blocked by firewall
This can be done in the config file.
https://docs.mongodb.com/manual/reference/configuration-options/
However, what you really want to do, probably to create routes within express so that users can communicate with your mongo is a structured and safe manner. More information in this here http://mean.io/2017/10/31/getting-started-mean-io/
I am working on an webApp whose backend is in Scala and frontend is in Angularjs, backend configuration is driven by application.conf, which contains all info of services, host and port configuration.
The current implementation of frontend takes the config from applicaton.conf in a manner
echo "xstream {
service {
host = 0.0.0.0
port = 9090
SSL = false
yarnPort = 8088
metricsPort = 8082
}
" > assets/json/application.conf
via network call, which exposes the application.conf in the network call.
I am looking for the solution where the single application.conf can be shared between the frontend and backend without, application.conf being exposed in the network call as that would lead to risk of sharing sensitive info.
From your description it seems that you are sending data from the server to the web application on an unencrypted channel. This is a bad idea for all sorts of reasons, so you should really consider fixing that first. Worrying about the security of the Application.conf seems a minor issue compared to all the other data you are going to be exposing on the wire.
If you absolutely have to use an insecure channel, then there are two options open:
Implement your own encryption within the data on that channel
Create a second secure channel for passing the sensitive data
For the first option there are a number of Scala encryption libraries to choose from.
For the second option you can (theoretically) create a separate TLS connection using an SSL library without the server certificate checking (which is, I presume, the reason for not using https in the first place)
Stackoverflow is not the place to ask for recommendations, so you need to do your own research to find suitable libraries for whichever option you choose.
I have this admin panel template that's built in nodejs, jquery and angular.
I am trying to connect it to a mongodb to make simple CRUD operations.
I've installed mongojs via npm for this purpose but how do I take it from here? The Datebase itself is already set up and ready for use.
I tried to follow the instructions but I am not quite sure where to put the code that connects to the database.
var databaseUrl = "mydb"; // "username:password#example.com/mydb"
var collections = ["users", "reports"]
var db = require("mongojs").connect(databaseUrl, collections);
I've understood that it has to be on the server side as the client side won't run the require('mongojs') part. But in what file should it preferably be placed? And if it's put in the server side code how do I reach the 'db' object from the client side when making the CRUD operations?
Thanks in advance!
The server and the clients are different devices that interact by HTTP. Consider them as different projects that can luckily execute same chunks of code just because they are written in the same language. DB connection is not this kind of chunk.
Client doesn't connect to the database. You can't give db access to all your clients. Actually db should not be accessible from the Internet at all for security reasons.
Client makes HTTP requests to the server. Server fetches the db data and returns it back to the client. It is the main purpose of almost all servers.
This data updates the state of the models in your controller code.
Is it possible to use a local database file with html5 without using a server. I would like to create a small application that depends on information from a small database. I do not want to host a server just to pull information. Is it possible to create a database file and pull information from the local files ?
Depends on the following:
The type of application you want to build:
Normal website with some data being pulled from a local storage;
Special purpose hosted website / application with data generated by the user;
Special purpose local application with a dedicated platform (a particular browser) and with access to the browser's non-web API -- in order to access the browser's own persistent storage methods (file storage, SQLite etc.);
Special purpose local application with a dedicated environment -- in order to deploy the application with a local web server and database;
Available options:
Indexed DB
Web Storage
XML files used for storing data and XSLT stylesheets for translating the data into HTML;
Indexed DB and Web Storage ar available in some browsers but you need to make sure the targeted browsers have it. Their features aren't quite as complete and flexible as SQL RDBMSs but they may fit the bill if your application doesn't need all that flexibility.
XML files can contain the data you want to be shown to the user and they can be updated manually (not by the user) or dynamically (by a server script).
For dynamic updating the content of the XML is kept in JavaScript and manipulated / altered (using the XML DOM) and when the session is over the XML content is sent to the server to entirely replace the previous XML file. This works OK if the individual users have a file each and they never write to each other's files.
Reading local files:
Normal file access is prohibited (for security reasons) to all local (JavaScript) code, which means that "having" a file locally implies either downloading it from a known source (a server) or asking the user to offer access to a local file.
Asking the user to offer access to a local file which implies offering the user a "file input" -- like for uploads but without actually uploading the file.
After a file has been selected using FileAPI to read that file should be fairly simple.
This workflow would involve the user "giving" you the database on every page refresh -- but since it's a one page thing it would mean giving you the data on every session as long as your script does not refresh the page.
You can use localstorage but you can run a server from your own computer. You can use Wamp or Xampp. Which use Apache and mysql.
What i'm looking for is a little more robust than a cookie. I am making a web application for a friend that will be 1 page, and have a list of names on the page. The person wants to be able to add names to the list, however they do not want to use a web server. Just want the files locally on a computer so a folder called test-app , with index.html, and possibly a database file that can be stored in the web browser or a way to save information to the web browser for repeated use.