I played around with endpoints and noticed that after the deployment of a new appengine version and making that one the default all existing logged in clients started to get unauthorized exceptions.
What am I missing? Is this the way it is supposed to work?
Related
We just started having lots of 502 errors out of the blue, without deploying anything new. Somehow 99% of all requests to the endpoints don't get through to appengine (as seen in the appengine log). The service status of google app engine and endpoints seems to be green.
We tried deploying a new endpoints api description and a new appengine version using it, also stopping respective versions.
We can also no longer look at the api explorer.
web requests via the gapi js library return "Error 502 (Server Error)!!1" when trying to initialize and load the "_ah/api/static/proxy.html" page
What could be the problem here? Is there a way to "restart" endpoints?
OK, its just magically started working again after around 50min of downtime. I guess it would still be interesting to know if there is anything we could do in cases like this.
I have had a Python-based Google App Engine app working great using Cloud Endpoints 1.0 for several years without incident. I have had nothing but trouble migrating to Cloud Endpoints 2.0.
Currently I'm in the following state after already clearing many previous hurdles described in other similar questions:
I have one version of my service called gce1 which uses Endpoints 1.0 and is set as the default service receiving 100% of my traffic. I can point API clients and the APIs Explorer to both gce1-dot-myservice.appspot.com and the default myservice.appspot.com and everything works fine. I can verify in the logs that anything that goes through here is using GCE 1.0.
I have a second version of my service called gce2 which is not receiving any traffic by default, but if I point an API client or the APIs Explorer to gce2-dot-myservice.appspot.com it works just fine, and I can verify in the logs that anything that goes through here is using GCE 2.0.
Great, right? So it would seem that all I need to do is migrate all my traffic to gce2 and I'm done.
But... when I do that everything breaks! The default myservice.appspot.com serves up 405 POST Method Not Allowed responses to my existing clients, and if I look at the APIs Explorer, suddenly it now shows a bunch of obsolete methods that I think are from years ago and are no longer used in my current API. I can't tell where those are coming from (they are nowhere in my code, and haven't been for years), and I can't get the default service to serve the GCE 2.0 API no matter what I do.
The biggest problem is that I have thousands of users in the wild that all point to the default API URL, so it isn't so easy to just have them start pointing to gce2-dot-myservice, and besides, it doesn't make sense that I can't make the new default the new default. I've been working on this migration to GCE 2.0 for months, the deadline for getting off GCE 1.0 is getting closer by the day, and Google Support has not responded since late last year on this topic.
I should also mention I have tried:
Pushing a new service with the GCE2.0 code directly to default
Pushing a new service with no API at all (to maybe clear a cache or something)
Pushing services with all different sorts of version names
None of these have worked, although I haven't done any of them allowing a long delay since I'm working on a live service with real users.
This issue is now resolved, so for most people it should no longer occur. However, in my specific case, I had a legacy API that was getting in the way and had to be deleted, which did require specific attention from a Google engineer.
If you have similar issues, visit issuetracker.google.com/issues/76031966 and comment there.
Thanks to #saiyr for help tracking this down.
I've picked up Angular and am now developing two separate applications, the frontend, Angular app, and the backend, the Laravel app.
As of now my backend app is just an API endpoint that handles requests, database interaction, logic, validation, etc.
However, what stops someone from requesting /api/users/1 and getting that data?
Right now there is nothing in place that prevents this from occurring.
What's the best way to prevent this from occurring and verify the request is sent through the application and not through something like http://hurl.it from some random user?
You should first evaluate what routes need to be protected, and who should have access. Sometimes it might be fine to leave them open to the public.
Once you've figured that out you have a few options. I personally lean towards the oAuth 2.0 protocol. Some people find it to be over kill. Then there is also WSSE, I personally feel like today there is far better resources explaining the use of oAuth and would probably be easier to follow.
You can google around for oAuth server libraries for laravel. One such is: https://github.com/lucadegasperi/oauth2-server-laravel
You will also probably want to enable CORS if your angular app is on a different domain from your api. IE: api.example.com (holds api). And example.com is where your app lives.
For CORS laravel also has some packages, one such being: https://github.com/barryvdh/laravel-cors
As soon as I figured out how to invoke my app as a Backends app, my log messages stopped appearing.
I found this helpful post which says the Backends logs are kept separately and that I need to switch to Backends view by selecting the named backend from the dropdown at the top of the admin console, but I don't see anything Backends specific in that list to select.
Perhaps this is a clue... when I invoke my app via myapp.appspot.com/dostuff, in the log I see I'm getting the DeadlineExceededError after 60 secs, indicating it's not running as a Backends app. But when I invoke it via mybackend.myapp.appspot.com/dostuff, it continues running as needed, but no log entries!
Seems like I'm missing something. Thanks.
Somehow my app wasn't fully recognized by GAE as a Backend app. And therefore my backend instances weren't available in the drop-list. Seeing that others had similar trouble with a Python 2.7 app (ex.) that had been initially uploaded as a 2.5 app, I created a new app in GAE and uploaded to there and it worked. Sorry I don't have a more definitive answer.
Before all was working well, I also ended up creating an empty /_ah/start handler as suggested by someone in this thread. Also if you're deploying a multi-threaded backend, make sure to check this post out -- there's some important stuff I didn't run across in the docs.
I am new to silverlight. I have been trying to patch up a silverlight app that makes a get request to some site over the net, say google. However, I keep getting the system.security exception again nd again. I read various other posts and what i gathered is that for these things to work u need to choose HOST APPLICATION IN A NEW WEBSITE option while creation of the project, i have done that, but still get the same exception. I downloaded the app from http://www.shinedraw.com/data-handling/flash-vs-silverlight-simple-http-post-request/ and ran it by clicking debug in VS2010, still it gave the same exception.
Please tell me what i am doing wrong, i know its cross domain issues, but dont know what else to do.
The second answer at this post - WebClient.DownloadStringAsync throwing Security Exception in Silverlight, I think, offers a workaround, but does this means there is no way to access such services from silverlight directly?? -
Experienced users please explain.
You cannot call a web service other than from your own domain directly from a Silverlight application. If you want to to this, you would have to install a cross-domain policy on the server that hosts the service. But you can always install a web service within your own web application (that hosts the Sivlerlight app) and call the other service from that service. It's one sercie call more but it works also with services you don't own.