Steven Liekens StevenLiekens http://www.team4talent.be/ Belgium https://linkedin.com/in/stevenliekens/

fork StevenLiekens/CheatSheetSeries

The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.

https://www.owasp.org/index.php/OWASP_Cheat_Sheet_Series

fork in 7 days

startedOWASP/CheatSheetSeries

started time in 7 days

push eventStevenLiekens/feature-master

Steven Liekens

commit sha 1345fa60feebe87d684b4ee3c27677080073b7e8

rename 'Simple' to 'Static' for clarity

view details

push time in 8 days

push eventStevenLiekens/feature-master

Steven Liekens

commit sha 825809f3a6ce6c2761de52bd9a482b5d28f7487b

rename 'Simple' to 'Static' for clarity

view details

push time in 8 days

push eventStevenLiekens/feature-master

Steven Liekens

commit sha 59a22fdd89e19ec44c8c19314bb80288a986dadc

Clarify smart toggles

view details

push time in 8 days

push eventStevenLiekens/feature-master

Steven Liekens

commit sha 7553207c6556db0e32f053fe6b8bc3e00358a09c

add nuget link

view details

push time in 10 days

push eventStevenLiekens/feature-master

Steven Liekens

commit sha 51ca36243626bcf55b3c26f65adfe73acc12aa75

Update README.md

view details

push time in 10 days

PublicEvent

issue commentStevenLiekens/shift-up

Use 2k API

@ryparker, you might be interested in this.

StevenLiekens

comment created time in 12 days

issue closedStevenLiekens/shift-up

Update redemption flow

The SHiFT website has received a makeover with the recent announcement of Borderlands 3. The code redemption flow is still the same, but redemption status checking is now broken.

closed time in 12 days

StevenLiekens

issue commentStevenLiekens/shift-up

Update redemption flow

This issue has now become irrelevant, see #6.

StevenLiekens

comment created time in 12 days

issue closedStevenLiekens/shift-up

Handle multiplatform codes

Usually codes are platform-specific but this one is not: C3W33-RZ6ZJ-TFJ6C-TTJ33-RFHX5

The entitlement_offer_codes service returns this:

      <form class="new_archway_code_redemption" id="new_archway_code_redemption" action="/code_redemptions" accept-charset="UTF-8" method="post"><input name="utf8" type="hidden" value="&#x2713;" /><input type="hidden" name="authenticity_token" value="WyV/7jFW7GYHjjo9oNseRoKndIWf9+ih5xelIT0lSotjhJ0Z4if4JEOx/JApKtuhLse0nlfquvoDC9Ry1qd1/w==" />
        <input value="C3W33-RZ6ZJ-TFJ6C-TTJ33-RFHX5" type="hidden" name="archway_code_redemption[code]" id="archway_code_redemption_code" />
        <input value="66cd26578a5f7d323a473ca4ddc6e441df9658b4c6ab6764cdcc3d3b54cc2300" type="hidden" name="archway_code_redemption[check]" id="archway_code_redemption_check" />
        <input value="xboxlive" type="hidden" name="archway_code_redemption[service]" id="archway_code_redemption_service" />
        <input type="submit" name="commit" value="Redeem for Xbox Live" class="submit_button redeem_button" data-disable-with="Redeem for Xbox Live" />
</form>      <form class="new_archway_code_redemption" id="new_archway_code_redemption" action="/code_redemptions" accept-charset="UTF-8" method="post"><input name="utf8" type="hidden" value="&#x2713;" /><input type="hidden" name="authenticity_token" value="mGEDAErry5fVVSFl+39Y16jD4OjirTI3nkk5cxTCLaagwOH3mZrf1ZFq58hyjp0wBKMg8yqwYGx6VUgg/0AS0g==" />
        <input value="C3W33-RZ6ZJ-TFJ6C-TTJ33-RFHX5" type="hidden" name="archway_code_redemption[code]" id="archway_code_redemption_code" />
        <input value="66cd26578a5f7d323a473ca4ddc6e441df9658b4c6ab6764cdcc3d3b54cc2300" type="hidden" name="archway_code_redemption[check]" id="archway_code_redemption_check" />
        <input value="steam" type="hidden" name="archway_code_redemption[service]" id="archway_code_redemption_service" />
        <input type="submit" name="commit" value="Redeem for Steam" class="submit_button redeem_button" data-disable-with="Redeem for Steam" />
</form>

Both forms are identical except for the archway_code_redemption[service]. I'm pretty sure only one form can be submitted and it will invalidate every other form.

Possible fix: add a platform flag to the redeem command.

redeem <user> <code> [<platform>]

It would be optional for most codes. Multiplatform codes should print a message with supported platforms and then exit.

$ shiftup redeem user@example.com C3W33-RZ6ZJ-TFJ6C-TTJ33-RFHX5
GET https://shift.gearboxsoftware.com/code_redemptions/new
GET https://shift.gearboxsoftware.com/entitlement_offer_codes?code=C3W33-RZ6ZJ-TFJ6C-TTJ33-RFHX5
Please specify a platform: xboxlive, steam

Example
- shiftup redeem user@example.com C3W33-RZ6ZJ-TFJ6C-TTJ33-RFHX5 xboxlive
- shiftup redeem user@example.com C3W33-RZ6ZJ-TFJ6C-TTJ33-RFHX5 steam

$ shiftup redeem user@example.com C3W33-RZ6ZJ-TFJ6C-TTJ33-RFHX5 xboxlive
GET https://shift.gearboxsoftware.com/code_redemptions/new
GET https://shift.gearboxsoftware.com/entitlement_offer_codes?code=C3W33-RZ6ZJ-TFJ6C-TTJ33-RFHX5
POST https://shift.gearboxsoftware.com/code_redemptions
Your code was successfully redeemed

$ shiftup redeem user@example.com C3W33-RZ6ZJ-TFJ6C-TTJ33-RFHX5 steam
GET https://shift.gearboxsoftware.com/code_redemptions/new
GET https://shift.gearboxsoftware.com/entitlement_offer_codes?code=C3W33-RZ6ZJ-TFJ6C-TTJ33-RFHX5
POST https://shift.gearboxsoftware.com/code_redemptions
Your code was successfully redeemed

closed time in 12 days

StevenLiekens

issue commentStevenLiekens/shift-up

Handle multiplatform codes

This issue has now become irrelevant, see #6.

StevenLiekens

comment created time in 12 days

issue openedStevenLiekens/shift-up

Use 2k API

The current implementation uses HTML scraping, which is "meh" at best. The good news is that there is now a JSON API that we can use.

APIs discovered so far:

Info

GET https://api.2k.com/borderlands/code/:code/info X-SESSION: (your JWT)

401 Unauthorized

{
    "errors": {
        "jwt": [
            "MISSING_TOKEN"
        ]
    }
}

200 OK

{
   "entitlement_offer_codes":[
      {
         "code": "string",
         "max_redeemable": "number",
         "amount_redeemed": "number",
         "start_date": "string",
         "end_date": "string",
         "offer_title_text": "string",
         "offer_description_text": "string",
         "offer_service": "string",
         "offer_title": "string",
         "offer_id": "number",
         "is_active": "boolean"
      }
   ]
}

created time in 12 days

push eventStevenLiekens/shift-up

Steven Liekens

commit sha 47fab470d924a10552768a5c0de7fcede55462e5

update dependencies

view details

Steven Liekens

commit sha a592c1ac96f68e62864ea4eb11f335b24cf7dbf6

disable ridiculous tslint rules

view details

push time in 20 days

issue commentStevenLiekens/shift-up

Handle multiplatform codes

The current behavior seems to be that the first form gets submitted. It's funny that it works at all because that was never intended.

StevenLiekens

comment created time in 22 days

issue openedStevenLiekens/shift-up

Handle multiplatform codes

Usually codes are platform-specific but this one is not: C3W33-RZ6ZJ-TFJ6C-TTJ33-RFHX5

The check service returns this:

      <form class="new_archway_code_redemption" id="new_archway_code_redemption" action="/code_redemptions" accept-charset="UTF-8" method="post"><input name="utf8" type="hidden" value="&#x2713;" /><input type="hidden" name="authenticity_token" value="WyV/7jFW7GYHjjo9oNseRoKndIWf9+ih5xelIT0lSotjhJ0Z4if4JEOx/JApKtuhLse0nlfquvoDC9Ry1qd1/w==" />
        <input value="C3W33-RZ6ZJ-TFJ6C-TTJ33-RFHX5" type="hidden" name="archway_code_redemption[code]" id="archway_code_redemption_code" />
        <input value="66cd26578a5f7d323a473ca4ddc6e441df9658b4c6ab6764cdcc3d3b54cc2300" type="hidden" name="archway_code_redemption[check]" id="archway_code_redemption_check" />
        <input value="xboxlive" type="hidden" name="archway_code_redemption[service]" id="archway_code_redemption_service" />
        <input type="submit" name="commit" value="Redeem for Xbox Live" class="submit_button redeem_button" data-disable-with="Redeem for Xbox Live" />
</form>      <form class="new_archway_code_redemption" id="new_archway_code_redemption" action="/code_redemptions" accept-charset="UTF-8" method="post"><input name="utf8" type="hidden" value="&#x2713;" /><input type="hidden" name="authenticity_token" value="mGEDAErry5fVVSFl+39Y16jD4OjirTI3nkk5cxTCLaagwOH3mZrf1ZFq58hyjp0wBKMg8yqwYGx6VUgg/0AS0g==" />
        <input value="C3W33-RZ6ZJ-TFJ6C-TTJ33-RFHX5" type="hidden" name="archway_code_redemption[code]" id="archway_code_redemption_code" />
        <input value="66cd26578a5f7d323a473ca4ddc6e441df9658b4c6ab6764cdcc3d3b54cc2300" type="hidden" name="archway_code_redemption[check]" id="archway_code_redemption_check" />
        <input value="steam" type="hidden" name="archway_code_redemption[service]" id="archway_code_redemption_service" />
        <input type="submit" name="commit" value="Redeem for Steam" class="submit_button redeem_button" data-disable-with="Redeem for Steam" />
</form>

Both forms are identical except for the archway_code_redemption[service]. I'm pretty sure only one form can be submitted and it will invalidate every other forms.

created time in 25 days

push eventStevenLiekens/shift-up

Steven Liekens

commit sha 66f96e5c3e9aa0be52f067268a45d2ecdb7d972a

use async/await

view details

Steven Liekens

commit sha 6942f1bb2087641b2c8c58460a644051921b7a4d

crash when status element is not found

view details

push time in 25 days

issue openedStevenLiekens/shift-up

Handle 5xx

The app should exit graciously when a server error occurs.

created time in a month

issue openedStevenLiekens/shift-up

Implement retries

Redeeming codes too fast can result in a 429 (Too Many Requests) response. This failure is safe to retry.

created time in a month

issue openedStevenLiekens/shift-up

Update redemption flow

The SHiFT website has received a makeover with the recent announcement of Borderlands 3. The code redemption flow is still the same, but redemption status checking is now broken.

created time in a month

pull request commentStevenLiekens/shift-up

Fixed some bugs and added support for reading a file of codes

Thanks for all the research. I'll create issues to track the work that needs to be done. I still want to improve support for lists of codes, but I also want to make sure we get it right. Timeouts and rate limiting can be handled with retries and back-off algorithms. I'm not sure what to do about the redemption limit.

ryparker

comment created time in a month

issue commentThreeMammals/Ocelot

Unhandled NullReferenceException at startup

Yes unfortunately I don't know which services are required... there are quite a few.

StevenLiekens

comment created time in a month

issue commentThreeMammals/Ocelot

Unhandled NullReferenceException at startup

Possible fix: replace occurrences of ApplicationServices.GetService<T>() with ApplicationServices.GetRequiredService<T>().

StevenLiekens

comment created time in a month

issue commentThreeMammals/Ocelot

Unhandled NullReferenceException at startup

By the way my error was forgetting to add Ocelot to the IServiceCollection, which was easy to fix on my side, but the point is that the exception should have told me what was wrong.

StevenLiekens

comment created time in a month

issue openedThreeMammals/Ocelot

Unhandled NullReferenceException at startup

I encountered an unhandled NullReferenceException when trying to set up a new gateway with Ocelot. I'm sure this is my fault, but it should be made explicit.

Expected Behavior

Throw a custom exception when the user configuration is wrong or missing.

Actual Behavior / Motivation for New Feature

app.UseOcelot().Wait() blows up

Object reference not set to an instance of an object.
   at Ocelot.Middleware.OcelotMiddlewareExtensions.<CreateConfiguration>d__4.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
   at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
   at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
   at Ocelot.Middleware.OcelotMiddlewareExtensions.<UseOcelot>d__2.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
   at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
   at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
   at Ocelot.Middleware.OcelotMiddlewareExtensions.<UseOcelot>d__0.MoveNext()

Steps to Reproduce the Problem

Program.cs

public static IWebHostBuilder CreateWebHostBuilder(string[] args)
{
    return WebHost.CreateDefaultBuilder(args)
                  .UseStartup<Startup>()
+                 .ConfigureAppConfiguration(
+                     (builderContext, config) =>
+                     {
+                         config.AddOcelot(builderContext.HostingEnvironment);
+                     });
}

Startup.cs

 public void Configure(IApplicationBuilder app)
 {
+    app.UseOcelot().Wait();
 }

Specifications

  • Version: 13.4.1
  • Platform: Windows 10
  • Subsystem: what?

created time in a month

push eventStevenLiekens/shift-up

Steven Liekens

commit sha 4f1d7a7cf97f069cdc9b1f3037dfacd3e1b014d7

log error messages not status messages

view details

push time in a month

pull request commentStevenLiekens/shift-up

Fixed some bugs and added support for reading a file of codes

My notes so far:

  • tsconfig was accidentally gitignored; I fixed that and pushed the config I used
  • I added mkdir to the login command

I still have to think about how I want to support redeeming a list of codes. My original intention was to keep the CLI limited to "login" and "redeem 1 code". You could use a scripting language like bash to automate redeeming codes.

$input = "shiftcodes.txt"
$user = "john@doe.com"
while read code
    do shiftup redeem $user $code
done < $input

My other concern is about having codes in source control. I don't intend to update the lists myself so they probably wouldn't get updated often.

My plan for now is to add retries to the "redeem" command when it sees a 429 response or exit gracefully when it sees a 504 response.

ryparker

comment created time in a month

push eventStevenLiekens/shift-up

Steven Liekens

commit sha c2d793a439395fb92a26aa6c2c77d2ce5a7b2362

use NPM as default

view details

Steven Liekens

commit sha a36143ae40718652102f59030c38fb29e577a840

make pkg executable with instructions

view details

push time in a month

push eventStevenLiekens/shift-up

Steven Liekens

commit sha 94caa93529e5b3c771c19eb8eda9e6af170dbf7b

ensure secrets dir exists

view details

Steven Liekens

commit sha cba5155963dbc36a2bd34feb12b9cd7889ad7398

only store identity cookie

view details

push time in a month

pull request commentStevenLiekens/shift-up

Fixed some bugs and added support for reading a file of codes

Hey thanks for the PR! It's rather large so I'll cherry-pick the parts that are good to go and then get back to you.

ryparker

comment created time in a month

push eventStevenLiekens/shift-up

Steven Liekens

commit sha a9da1d432a6d550270cfafd7da09e1653b6fc382

fix git config

view details

Steven Liekens

commit sha e12c0785f83388c6198b4d121025548f0192d48c

add missing tsconfig

view details

Steven Liekens

commit sha a23f711955c64be8663a803dccc1d07a2aeb7cc6

use local ts sdk

view details

push time in a month

issue closedRuhrpottpatriot/GW2.NET

How to iterate over pages with custom Items?

Hey, How can I get the item names of a custom list of item ids? I can not create pages to get the item names faster, item by item takes too long. I tried to extend the example in the wiki with LINQ queries to filter the items, but unfortunately I can not do it.

So, how can I create pages with my own itemids to iterate over the pages and items?

The wrapper is very useful and I use many things of it. But i do not get solved my problem described above 🤣

closed time in a month

Friesinator

issue commentRuhrpottpatriot/GW2.NET

How to iterate over pages with custom Items?

If you have 200 ids or less, you can just do this:

using System;
using GW2NET;

class Program
{
    static void Main(string[] args)
    {
        var items = GW2.V2.Items.ForCurrentUICulture();
        foreach (var item in items.FindAll(new[] { 24, 46, 56, ..., 200 }))
        {
            Console.WriteLine(item.Value.Name);
        }
    }
}

If you have more than 200, you have to split them into batches of max 200 ids.

Here's an example of how to do that with Interactive Extensions for .NET (https://www.nuget.org/packages/System.Interactive/)

using System;
using System.Linq;
using GW2NET;

class Program
{
    static void Main(string[] args)
    {
        var items = GW2.V2.Items.ForCurrentUICulture();
        var ids = new[] { 24, 46, 56, 200, 400 };

        // Buffer explained: http://reactivex.io/documentation/operators/buffer.html
        var batchesOf200 = ids.Buffer(200);

        foreach (var batch in batchesOf200)
        foreach (var item in items.FindAll(batch))
        {
            Console.WriteLine(item.Value.Name);
        }
    }
}

Hope that helps.

Friesinator

comment created time in a month

issue closedRuhrpottpatriot/GW2.NET

Mumble API is throwing NullReferenceException

I've recently started playing around with the Mumble API and every time I want to get the map name, it throws a NullReferenceException. I got my game running and I'm standing right in Lions Arch. Can this be caused by the "virtual" property in the wrapper? I'm relatively inexperienced as I'm learning C# by myself in my freetime, so I have no experience with virtuals.

Here is my code snippet: string mapname = avatar.Identity.Map.MapName;

closed time in a month

GHOSCHT

issue commentRuhrpottpatriot/GW2.NET

Mumble API is throwing NullReferenceException

@GHOSCHT this is actually not a bug, just a questionable design.

The idea is that the Mumble library can work independently from the Maps library. For that reason, it will not download map info for you. It only provides a placeholder property.

What you can do is install the entire GW2NET (https://www.nuget.org/packages/GW2NET/) and then update your code like this.

using System;
using System.Globalization;
using GW2NET;
using GW2NET.MumbleLink;

namespace GuildWars2Mumble
{
    class Program
    {
        static void Main(string[] args)
        {
            using (var mumbler = MumbleLinkFile.CreateOrOpen())
            {
                var avatar = mumbler.Read();

                if (avatar != null)
                {
                    var maps = GW2.V2.Maps.ForCulture(CultureInfo.GetCultureInfo("en"));
                    avatar.Identity.Map = maps.Find(avatar.Identity.MapId);
                    Console.WriteLine(avatar.Identity.Map.MapName);
                    Console.ReadKey();
                }
            }
        }
    }
}

PS: .NET Core is not supported. GW2.NET only runs on .NET Framework. Change your csproj file:

<Project Sdk="Microsoft.NET.Sdk">

  <PropertyGroup>
    <OutputType>Exe</OutputType>
-    <TargetFramework>netcoreapp2.1</TargetFramework>
+    <TargetFramework>net472</TargetFramework>
  </PropertyGroup>

  <ItemGroup>
+    <PackageReference Include="GW2NET" Version="1.4.0" />
    <PackageReference Include="GW2NET.MumbleLink" Version="1.4.0" />
  </ItemGroup>

</Project>

GHOSCHT

comment created time in a month

PR closed AzureAD/azure-activedirectory-library-for-cordova

Add maintenance warning

This project seems to have entered some kind of maintenance mode but issues and pull requests are left unanswered. The last commit was over a year ago even though there have been plenty of bug reports since then.

This PR adds a warning to protect devs from building integrations without support from the authors when things go wrong.

+1 -0

3 comments

1 changed file

StevenLiekens

pr closed time in a month

pull request commentAzureAD/azure-activedirectory-library-for-cordova

Add maintenance warning

I'll close this, all the code has been archived.

StevenLiekens

comment created time in a month

startedstaltz/comver

started time in a month

issue commentmguinness/syslog-framework-logging

Support IOptions framework

@mguinness I could add it as a breaking change, is that acceptable?

StevenLiekens

comment created time in a month

startedjchristn/WatsonSyslogServer

started time in a month

issue commentRuhrpottpatriot/GW2.NET

Mumble API is throwing NullReferenceException

Yeah that's fine. Unfortunately stacktraces are pretty much useless for debugging NullReferenceException, but the repro is very handy.

GHOSCHT

comment created time in a month

startedmguinness/syslog-framework-logging

started time in a month

starteddotnet/reactive

started time in a month

issue commentmguinness/syslog-framework-logging

Support IOptions framework

Hey @mguinness,

Ideally I'd like to just do this in my Startup.

services.Configure<SyslogLoggerSettings>(Configuration.GetSection("Syslog"));

I don't think the code supports this pattern right now?

StevenLiekens

comment created time in a month

issue commentRuhrpottpatriot/GW2.NET

Mumble API is throwing NullReferenceException

Hey @GHOSCHT, the Mumble implementation is pretty old at this point so it's possible that it is not up-to-date anymore with the current game client. Could you post a stacktrace?

GHOSCHT

comment created time in a month

issue openedmguinness/syslog-framework-logging

Support IOptions framework

We're trying to figure out how to make SyslogLoggerSettings configurable from appsettings.json. The Readme contains some sample code, but it uses ctx.Configuration.GetSection("SyslogSettings"); and Bind() instead of IServiceCollection.Configure and the IOptions framework.

Also this:

It is possible to setup Microsoft dependency injection, but that is outside the scope of this article.

Would it be possible to show how? Thanks.

created time in 2 months

startedvolak/eShopOnContainersDDD

started time in 2 months

issue commentaspnet/Docs

Add instructions for .NET Framework

See #11201

StevenLiekens

comment created time in 2 months

PR opened aspnet/Docs

Copy compatibility note from metapackage-app.md

This feature depends on Microsoft.AspNetCore.App, which has a compatibility note, so it makes sense to show the same note here.

<!--

Instructions

When creating a new PR, please reference the issue number if there is one:

Fixes #11164

The "Fixes #nnn" syntax in the PR description allows GitHub to automatically close the issue when this PR is merged.

NOTE: This is a comment; please type your descriptions above or below it. -->

+2 -0

0 comment

1 changed file

pr created time in 2 months

push eventStevenLiekens/Docs

Steven Liekens

commit sha 0dd3d1508742af8bbd1870bbee3e3fb62009b0d1

Copy compatibility note from metapackage-app.md This feature depends on Microsoft.AspNetCore.App, which has a compatibility note, so it makes sense to show the same note here.

view details

push time in 2 months

fork StevenLiekens/Docs

Documentation for ASP.NET and ASP.NET Core

https://docs.microsoft.com/aspnet

fork in 2 months

issue commentaspnet/Docs

Add instructions for .NET Framework

Thanks for the information. If you'd like, I can submit a PR to clarify that this topic only applies to .NETCoreApp 2.x.

StevenLiekens

comment created time in 2 months

issue openedaspnet/Docs

Add instructions for .NET Framework

Re: > The test project must: > - Reference the following packages: > - Microsoft.AspNetCore.App > - Microsoft.AspNetCore.Mvc.Testing

The Microsoft.AspNetCore.App package does not target .NET Standard so it cannot be installed in a project that targets .NET Framework. Please add instructions for testing ASP.NET Core on .NET Framework 4.7.


Document Details

Do not edit this section. It is required for docs.microsoft.com ➟ GitHub issue linking.

created time in 2 months

issue commentaspnet/AspNetCore

Define a JSON schema for appsettings.json

On topic: json schema doesn't work well with the way settings are merged. I found it's impossible to make a property required in appsettings.json but optional in appsettings.Development.json or vice versa.

natemcmaster

comment created time in 2 months

issue commentMicrosoft/azure-pipelines-tasks

Increase the size of inline powershell script

@bergmeister where? I don't see anything in Artifacts that lets me upload a script file.

tomap

comment created time in 2 months

issue commentMicrosoft/azure-pipelines-tasks

Increase the size of inline powershell script

There is no obvious place to store files besides source control. But this is is configuration for IIS that has very little to do with my code, so I'm trying to keep it out of source control.

tomap

comment created time in 2 months

issue commentMicrosoft/azure-pipelines-tasks

Increase the size of inline powershell script

See my previous comment. We removed the 500 limit in the v2 version of the task.

@bryanmacfarlane it was raised to 5000, not removed. https://github.com/Microsoft/azure-pipelines-tasks/blob/0d9896c58bbb9711a78fc117a5f05c3888aca62f/Tasks/PowerShellV2/task.json#L74

5000 is quite generous but still not enough for what I'm trying to do.

tomap

comment created time in 2 months

issue commentAzureAD/azure-activedirectory-library-for-js

Support error_subcode

I propose the following fix:

  • add a constant for the error_subcode parameter
/**
 * Enum for storage constants
 * @enum {string}
 */
this.CONSTANTS = {
    ERROR: 'error',
+   ERROR_SUBCODE: 'error_subcode',
    STORAGE: {
        ERROR: 'adal.error',
+       ERROR_SUBCODE: 'adal.error.subcode'
    },
    ...
};
  • Change isCallback to check for errors, not error descriptions
AuthenticationContext.prototype.isCallback = function (hash) {
    hash = this._getHash(hash);
    var parameters = this._deserialize(hash);
    return (
-       parameters.hasOwnProperty(this.CONSTANTS.ERROR_DESCRIPTION) ||
+       parameters.hasOwnProperty(this.CONSTANTS.ERROR) ||
        parameters.hasOwnProperty(this.CONSTANTS.ACCESS_TOKEN) ||
        parameters.hasOwnProperty(this.CONSTANTS.ID_TOKEN)
    );
};
  • Change getRequestInfo to check for errors, not error descriptions
-if (parameters.hasOwnProperty(this.CONSTANTS.ERROR_DESCRIPTION) ||
+if (parameters.hasOwnProperty(this.CONSTANTS.ERROR) ||
    parameters.hasOwnProperty(this.CONSTANTS.ACCESS_TOKEN) ||
    parameters.hasOwnProperty(this.CONSTANTS.ID_TOKEN)) {

    requestInfo.valid = true;
  • Change saveTokenFromHash to check for errors, not error descriptions
AuthenticationContext.prototype.saveTokenFromHash = function (requestInfo) {
    this.info('State status:' + requestInfo.stateMatch + '; Request type:' + requestInfo.requestType);
    this._saveItem(this.CONSTANTS.STORAGE.ERROR, '');
+   this._saveItem(this.CONSTANTS.STORAGE.ERROR_SUBCODE, '');
    this._saveItem(this.CONSTANTS.STORAGE.ERROR_DESCRIPTION, '');
    
    var resource = this._getResourceFromState(requestInfo.stateResponse);
    
    // Record error
-   if (requestInfo.parameters.hasOwnProperty(this.CONSTANTS.ERROR_DESCRIPTION)) {
+   if (requestInfo.parameters.hasOwnProperty(this.CONSTANTS.ERROR)) {
        this.infoPii('Error :' + requestInfo.parameters.error + '; Error description:' + requestInfo.parameters[this.CONSTANTS.ERROR_DESCRIPTION]);
        this._saveItem(this.CONSTANTS.STORAGE.ERROR, requestInfo.parameters.error);
+       this._saveItem(this.CONSTANTS.STORAGE.ERROR_SUBCODE, requestInfo.parameters[this.CONSTANTS.ERROR_SUBCODE]);
        this._saveItem(this.CONSTANTS.STORAGE.ERROR_DESCRIPTION, requestInfo.parameters[this.CONSTANTS.ERROR_DESCRIPTION]);

        if (requestInfo.requestType === this.REQUEST_TYPE.LOGIN) {
            this._loginInProgress = false;
            this._saveItem(this.CONSTANTS.STORAGE.LOGIN_ERROR, requestInfo.parameters.error_description);
        }
    }
  • Handle ERROR_SUBCODE in _handlePopupError
- AuthenticationContext.prototype._handlePopupError = function (loginCallback, resource, error, errorDesc, loginError) {
+ AuthenticationContext.prototype._handlePopupError = function (loginCallback, resource, error, errorSubcode, rrorDesc, loginError) {
    this.warn(errorDesc);
    this._saveItem(this.CONSTANTS.STORAGE.ERROR, error);
+   this._saveItem(this.CONSTANTS.STORAGE.ERROR_SUBCODE, errorSubcode);
    this._saveItem(this.CONSTANTS.STORAGE.ERROR_DESCRIPTION, errorDesc);

and so on and so on

StevenLiekens

comment created time in 2 months

issue closedMicrosoftDocs/azure-docs

Downstream API permissions not presented upfront during implicit flow

The doc states that:

In this scenario, the middle-tier service has no user interaction to obtain the user's consent to access the downstream API. Therefore, the option to grant access to the downstream API is presented upfront as a part of the consent step during authentication.

This isn't the case when the application uses the implicit flow. Only permissions for the middle-tier service are presented to the user. When the middle-tier service tries to redeem the resulting token, I get an error because the user did not consent to let the middle-tier application access the downstream API.

AADSTS65001: The user or administrator has not consented to use the application with ID 'xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx' named 'MiddleTierConfidentialApp'. Send an interactive authorization request for this user and resource.
Trace ID: da585dcc-ad65-489b-afcb-6ca0bf331600
Correlation ID: 454b335b-a47e-4920-be97-c4de44ccbd13
Timestamp: 2019-01-07 16:44:55Z

Document Details

Do not edit this section. It is required for docs.microsoft.com ➟ GitHub issue linking.

closed time in 2 months

StevenLiekens

pull request commentIdentityModel/oidc-client-js

remove duplicate dependency

Tested, the library still works and babel-polyfill is now gone from my dependency graph. 👍

StevenLiekens

comment created time in 2 months

issue commentIdentityServer/IdentityServer4

[Question] unexpected id_token from refresh token response

Not at all, just thought it was weird.

StevenLiekens

comment created time in 3 months

issue commentIdentityServer/IdentityServer4

[Question] unexpected id_token from refresh token response

So this works as intended, but then what's the point in issuing id_tokens for OIDC-grants only if all grant types can be used to obtain a refresh token? Maybe identity scopes should not be allowed for non-OIDC grant types?

StevenLiekens

comment created time in 3 months

issue commentgulpjs/gulp-cli

Typescript Task decorators

@phated I don't know if that's possible. This is module augmentation syntax, which is different from module declaration. I don't know if you can (or even should) put declare global {} in a @types package.

Kaffiend

comment created time in 3 months

issue commentIdentityModel/oidc-client-js

Remove babel-polyfill from optionalDependencies

The only way this could break someone's build is if they have a require('babel-polyfill') somewhere but no other references to babel-polyfill in their package.json.

In other words: if someone has taken a dependency on babel-polyfill without declaring so in package.json, that is normally an error. But your listing in optionalDependencies would cause babel-polyfill to be installed and require('babel-polyfill') would pick up the version installed by your package.

StevenLiekens

comment created time in 3 months

issue commentIdentityServer/IdentityServer4

[Question] unexpected id_token from refresh token response

So the question is: shouldn't the grant store remember which grant was used to obtain a refresh token? And then decide whether the refresh_token can be used to obtain an id_token.

StevenLiekens

comment created time in 3 months

issue openedIdentityServer/IdentityServer4

[Question] unexpected id_token from refresh token response

As stated in #89, an id_token can only be requested using a flow specified in OpenID Connect. I was surprised to learn that refresh_token flow does produce id_token responses.

created time in 3 months

more