App engine channel deploy - google-app-engine

I created an application that has ~50 users.
I am trying to use channel API but I've run into a problem while testing with message send.
I am saving the token into the database so i can use the same token if an user opens multiple tabs with the same interface and i have a servlet that resets my token when it expires.
It works fine until I redeploy my application or change the version of my app. I stop receiving messages. If I try to open a channel with the old app version token it doesn't throw an error or anything, it opens it but I still don't receive messages on that channel.
If I reset my token it works OK again.
Does anyone know of a solution to this bug, or has anyone had it before? I deploy often while people are working so I can't ignore it.
My best guess is that ChannelServiceFactory.getChannelService() returns a different instance of ChannelService so when I call channelService.sendMessage("id","message"); it sends it to a different channel.

I can't explain why stored tokens wouldn't work on re-deploying your app (they should), but I can explain why they don't work when you change versions. Briefly, tokens are specific to an app version.
First, the reason for this: we want to ensure that applications that send different data or change message formats or whatever in different versions don't send messages across version boundaries. In the same way that you don't want your javascript bundle from v1 rendering against servlets on v2, you wouldn't want v1 your javascript message handlers receiving messages from v2 servlets (or vice versa).
So, to hopefully make it clear what's going on:
A channel is identified by a combination of your appid, your app version, and the clientid that you provide when you call createChannel or sendMessage. The implementation of the Channel API doesn't store any mapping of appid/clientid -> token. To greatly simplify, you can think of createChannel as doing something like this:
public String createChannel(clientid) {
// obviously we don't really just append strings to each other for actual implementation.
return encryptStringSomehow(clientid + globalAppInfo.version + globalAppInfo.appid);
}
and sendMessage is like this:
public void sendMessage(clientid, message) {
// identify the JID used for this channel.
JID xmppJid = new JID(mutateString(clientid + globalAppInfo.version + globalAppInfo.appid),
CHANNEL_XMPP_DOMAIN); // some domain used for channel messages
// send the <message> stanza to that jid with the application message as the body
xmppService.sendMessage(xmppJid, encodeSomehow(message));
}
and on the client side, the servlet responsible for the channel decrypts the token and binds to the endpoint identified by a JID created by the same method as the sendMessage function.
The upshot is that tokens are only valid for messages sent from the same version of the app that created them.

Related

Not able to create events using Microsoft Graph SDK

I am trying to create an Event using Microsoft Graph SDK, as following the document #
https://learn.microsoft.com/en-us/graph/api/user-post-events?view=graph-rest-beta&tabs=csharp
1.Created "authProvider"
2.Created GraphClient with above AuthProvider
3.Creating Event using
The event is not creating also no exception/error is throwing, Could any one help me here?
This is happening because this call is being made with same transactionId frequently. It avoids unnecessary retries on the server.
It is an optional parameter , just comment out this property and try again. It should work.
Note : This identifier specified by a client app for the server , to avoid redundant POST operations in case of client retries to create the same event and also useful when low network connectivity causes the client to time out before receiving a response from the server for the client's prior create-event request.
More info is required here, as the reply from Allen Wu stated. without any details I would focus my efforts on the authprovider piece and azure app registration piece. as the rest of the example is just sending a post request to graph api.
but what is recommended really depends on what type of application you are trying to build. eg. is it a service daemon, a web app, mobile app, desktop app, single page app, etc.

How to use generated clientid with Google cloud endpoints for authenticating 3rd party users without redeploying app

In my case we work with other companies which would consume our APIs along with our internal javascript client. I think we need to create a web client id for javascript client. But when exposing APIs externally, is it correct to generate new web client id per company? If so do we have to update clientid each time and redeploy application?
I'm following this documentation and in their example client ids are hardcoded, if I need to give access to new 3rd party users, then I need to generate new client id for them but I'd expect to not redeploy application.
Update: I've created a feature request as per #Alex's suggestion below.
Unfortunately the docs at https://cloud.google.com/appengine/docs/python/endpoints/auth very specifically say, and I quote,
Because the allowed_client_ids must be specified at build time, you
must rebuild and redeploy your API backend after adding or changing
any client IDs in the authorized list of allowed_client_ids or
audiences
so it appears that your perfectly-reasonable use case is very explicitly not covered at this time.
I recommend you visit said page and enter a feature request via the "Write Feedback" link (around the upper right corner of the page) as well as entering a feature request on the Endpoints component of the App Engine feature tracker, https://code.google.com/p/googleappengine/issues/list?can=2&q=component=Endpoints&colspec=ID%20Type%20Component%20Status%20Stars%20Summary%20Language%20Priority%20Owner%20Log -- we monitor both, but with different processes, so trying both is best.
Sorry to be a bearer of bad news. For now, it seems the only workaround is to distribute to the other companies one of a bunch of client ids generated in advance (you can only change the valid bunch when you re-deploy, sigh) and perhaps add some extra, app-layer authorization check of your own -- exactly the kind of work endpoints should be doing on your behalf:-(.
You can use an asterisk as the client ID, that will allow any client to call it without redeploying your API backend. Not sure if this is a documented feature or not, but it works (at least) with both Python and Java.
#Api(name = "myapi",
version = "v1",
scopes = {"https://www.googleapis.com/auth/userinfo.email"},
description = "My flashy API",
clientIds = {"*"})
public class MyAPI { ... }

Channel API channel gets disconnected without onclose or onerror calls. JavaScript console has logs of failed HTTP calls to talkgadget.google.com

I have implemented Google App Engine's Channel API feature in my application. Everything runs smoothly. I create new channels every one hour for every user. I have managed to maintain one channel per session (same channel for different tabs in a browser). I have implemented the onerror and onclose methods in such a way that every time they are invoked, a call is made to the server requesting for a valid token.
Sometimes, after the channel's been alive for a while, it gets disconnected. I can see failed HTTP calls to talkgadget.google.com on the JavaScript console. The URLs are something like this:
https://129.talkgadget.google.com/talkgadget/dch/bind?VER=8&clid=.....
These calls have responses like "401 (Token timed out)" or "401 (Token invalid)".
Which is indeed true, the token used by the client is invalid. It should get updated with the new token but the onerror or onclose methods aren't invoked. How am I supposed to figure out when this would happen or how to handle it? There is no real way to say if a client is disconnected or not except for the onerror or onclose methods. This issue is resolved if I refresh the page (I get the valid token from database every time the user refreshes).
I checked the socket objects's "readyState" property and it had the value 1. There are many who face this issue and as of date, there seems to be no valid solution offered by the folks at GAE.
Edit: I'm a premium account holder and this issue is holding back our deployments.
Edit 2: Having one channel per tab reduces the frequency of this happening. But it doesn't solve the problem completely.
It has been six days since I posted the question and there has been no response from the AppEngine team or any other users.
The workaround I applied was to have a button on the site that would fetch the (valid) token from the database, close the channel and then open it again with the token received.
Sometimes its a new token which should've been received before, sometimes its the same token that had been valid all along.
This issue cannot be replicated often I agree, but when it happens, it causes a lot of damage. I hope I find a solution soon.
Edit: Having one channel per tab reduces the frequency of this happening. But it doesn't solve the problem completely.

Auto update feature in passbook ios 7

How does automatic updates work in passbook available in backfield of the pass, how to use webserviceURL key to get update from the server.
in webserviceURL key i have provided remote path from where updated pass can be downloaded, but even after content changed in server, it does not reflects in pass.
This question has been asked so many times, in so many ways, in so many forums; mostly by people that are too lazy to read the manual, or are too inexperienced / incompetent to understand it.
The first paragraph of the Passbook Web Service Reference explains why simply adding a link to an updated pass will not work.
A REST-style web service protocol is used to communicate with your server about changes to passes, and to fetch the latest version of a pass when it has changed. The endpoints always begin with the web service URL, as specified in the pass, followed by the protocol version number. For example, a request for the latest version of the pass of type com.apple.pass.example and serial number ABC123 might look like the following:
The Passbook web service is an integral part of the Passbook eco system. Anyone wishing to issue passes that change their content (either in response to a push message or in response to a user requesting fresh content by pulling down on the back of the pass), needs to implement their own Passbook web service.
This entails building a server capable of responding to the following to authenticated requests from each device that has installed your pass.
There are 5 methods that your web service should respond to:
1. Registering a Device to Receive Push Notifications for a Pass
POST request to https://webServiceURL/v1/devices/deviceLibraryIdentifier/registrations/passTypeIdentifier/serialNumber
2. Getting the Serial Numbers for Passes Associated with a Device
GET request to https://webServiceURL/v1/devices/deviceLibraryIdentifier/registrations/passTypeIdentifier?passesUpdatedSince=tag
3. Getting the Latest Version of a Pass
GET request to https://webServiceURL/v1/passes/passTypeIdentifier/serialNumber
4. Unregistering a Device
DELETE request to https://webServiceURL/v1/devices/deviceLibraryIdentifier/registrations/passTypeIdentifier/serialNumber
5. Logging Errors
POST request to https://webServiceURL/v1/log
In order to have a pass respond to a manual refresh or push request you need to implement at least the first 3 methods. This is because the device will not issue any further requests until it has received a valid response to the registration request.
Furthermore, the web service must be available over https. An unsecured http service can be used for development, but production devices will only recognise a webServiceURL key that begins with https.

GAE: Only one channel to a page? How is this enforced?

This may be a naive question but I was planning to create a new channel just before the existing channel timed out to make sure that my client was never without a channel. I thought I was being pretty clever until I read this caveat in the google channel api docs:
One Client Per Channel Per Page
A client can only connect to one channel per page. If an application needs to send multiple types of data to a client, aggregate it on the server side and send it to appropriate handlers in the client’s socket.onmessage callback.
I'm new to this, but it's not obvious to me how the channel unique identifies the page to which it is connected. Is there something in the javascript for channel.open() call that identifies the page it is being called in?
Thanks.
The channel javascript creates a hidden iframe with a given id (on production). The communications takes place within the iframe. The javascript code will always access that iframe (and hence channel).
When you close the socket and channel, the hidden iframe will be destroyed. Afterwards you can create a new channe for the page.

Resources