Search Results

Search found 1781 results on 72 pages for 'authenticity token'.

Page 10/72 | < Previous Page | 6 7 8 9 10 11 12 13 14 15 16 17  | Next Page >

  • problem Keyword token antlr

    - by batman_for
    If the 'for' is used both as a command and as "the English word": for_statement: 'for' ... id: 'for' | ID ; ID: ... right? My problem is how to differentiate the two cases. For example for_statement is only possible beginning of a line (only if preceded by ' ' or '\t'). Thanks.

    Read the article

  • jquery ui css not loading and creating poblems with asp.net mvc3 page (unexpected token error)

    - by giddy
    hi, So I suspect Im doing something silly, but first off, I can see that my mvc3 project already had jquery ui in it but no theme css files. I needed a date picked and as usual needed to override the EditorFor DateTime. I started off today by just using the default jquery ui js files supplied with the project under scripts. The date picker shows up fine, only with a completed messed up UI based on Site.css. So now I downloaded a build of jquery (with the start theme) and followed this page about how to put it together. Im using T4MVC so my page looks like this: Layout.cshtml : <script src="@Links.Scripts.jquery_1_4_4_js" type="text/javascript"></script> <link href="@Links.Content.Site_css" rel="stylesheet" type="text/css" /> <script src="@Links.Content.start.jquery_ui_1_8_7_custom_css" type="text/javascript"></script> Create.cshtml <script src="@Links.Scripts.jquery_validate_min_js" type="text/javascript"></script> <script src="@Links.Scripts.jquery_validate_unobtrusive_min_js" type="text/javascript"></script> <script src="@Links.Scripts.jquery_ui_1_8_7_custom_min_js" type="text/javascript"></script> And this is the result: Any ideas, Ive been googleing for a while now, I tried a couple combinations of where I put the script and css files tags in different places, but nothing seems to work.

    Read the article

  • Split with token info

    - by boomhauer
    I would like to split a string using multiple chars to split upon. For example, consider spin text format: This is a {long|ugly|example} string I would want to parse this string and split it on the "{", "|", and "}" chars myString.Split('|','{','}') Now I have tokens to play with, but what I would like is to retain the info about which char was used to split each piece of the array that is returned. Any existing code that can do something like this?

    Read the article

  • Security Token/Cross Domain Cookie in Classic ASP?

    - by jlrolin
    I have an interesting conundrum. We have a site that is a completely separate domain, we'll say http://www.x.com and our own site that is http://www.y.com. The y.com site is actually a classic ASP site, and we aren't converting it to .NET at this time. The problem is that there is a link on x.com that redirects to y.com from a members area. We want to "authenticate" the user to make sure they are a member from the other site. If they are, they are directed to a members area on y.com. If not, they have to provide login information on y.com. Cookies obviously don't work due to the cross domain security, but is there a way around this? I've also looked at a service for tokens, but I'm not sure exactly how that works in Classic ASP. Any ideas or suggestions?

    Read the article

  • Ant Tokenizer: Selecting an individual Token

    - by John Oxley
    I have the following ant task: <loadfile property="proj.version" srcfile="build.py"> <filterchain> <striplinecomments> <comment value="#"/> </striplinecomments> <linecontains> <contains value="Version" /> </linecontains> </filterchain> </loadfile> <echo message="${proj.version}" /> And the output is [echo] config ["Version"] = "v1.0.10-r4.2" How do I then use a tokenizer to get only v1.0.10-r4.2, the equivalent of | cut -d'"' -f4

    Read the article

  • lexer skips a token

    - by Eugene Strizhok
    I am trying to do basic ANTLR-based scanning. I have a problem with a lexer not matching wanted tokens. lexer grammar DefaultLexer; ALPHANUM : (LETTER | DIGIT)+; ACRONYM : LETTER '.' (LETTER '.')+; HOST : ALPHANUM (('.' | '-') ALPHANUM)+; fragment LETTER : UNICODE_CLASS_LL | UNICODE_CLASS_LM | UNICODE_CLASS_LO | UNICODE_CLASS_LT | UNICODE_CLASS_LU; fragment DIGIT : UNICODE_CLASS_ND | UNICODE_CLASS_NL; For the grammar above, hello. world string given as an input results in world only. Whereas I would expect to get both hello and world. What am I missing? Thanks.

    Read the article

  • Python/YACC Lexer: Token priority?

    - by Rosarch
    I'm trying to use reserved words in my grammar: reserved = { 'if' : 'IF', 'then' : 'THEN', 'else' : 'ELSE', 'while' : 'WHILE', } tokens = [ 'DEPT_CODE', 'COURSE_NUMBER', 'OR_CONJ', 'ID', ] + list(reserved.values()) t_DEPT_CODE = r'[A-Z]{2,}' t_COURSE_NUMBER = r'[0-9]{4}' t_OR_CONJ = r'or' t_ignore = ' \t' def t_ID(t): r'[a-zA-Z_][a-zA-Z_0-9]*' if t.value in reserved.values(): t.type = reserved[t.value] return t return None However, the t_ID rule somehow swallows up DEPT_CODE and OR_CONJ. How can I get around this? I'd like those two to take higher precedence than the reserved words.

    Read the article

  • Need to create a string token dynamically base on which method is calling it

    - by sa
    This is a minimal code. I have the string Str which is used by various methods. I want to in getId method be able to do 2 things Assign class="PDP" to it and Give it a value3 So the final string looks like <tr class='PDP' id='{2}'> <td {0}</td><td>{1}</td></tr> But please note that I will need different values for class in different methods so some Str will have PDP, another will have PTM etc. Is there a clean way to achieve this . private const string Str = "<tr><td >{0}</td><td>{1}</td></tr>"; public static string getId() { string field=string.Format(str, value1,value2, found=true? value3:""); }

    Read the article

  • Confusion with cookie session token and oauth2.0 don't know where to go anymore

    - by byte_slave
    Hi guys, I'm completely confused, frustrated and nothing seems to make sense and work any more. I' dev some iframe fb app and i've been using the javascript sdk (FB.Init()) to get the access_token, but doesn't always work, sometimes i'm already logged into FB and doesn't works... Did some reading, and read also that there is problems using cookies in iframes in Opera and IE, so I was thinking in use the OAuth 2.0 but i'm not sure how via facebook sdk c# and now I'm now completely lost, don't know if i still need to use the javascript FB.Init(). Documentation out there is poor and unclear, a lot of stuff refers to old code, and after hours of reading, jumping on examples, i'm completely messed up and confused. Can some, please, point/explain/enlightening me about this? Thanks a lot guys, appreciated! Merry christmas!

    Read the article

  • Unexpected token ILLEGAL with jQuery

    - by Bram Vanroy
    So, I have a website with an autoFontSize script (Got it from stackoverflow, but slightly edited it too loop over each div with that specific class) (function ($) { $.fn.textfill = function (options) { this.each(function () { var fontSize = options.maxFontPixels; var ourText = $('h2 a', this); var maxHeight = $(this).height(); var maxWidth = $(this).width(); var textHeight; var textWidth; do { ourText.css('font-size', fontSize); textHeight = ourText.height(); textWidth = ourText.width(); fontSize = fontSize - 1; } while ((textHeight > maxHeight || textWidth > maxWidth) && fontSize > 16); }); return this; }; })(jQuery); $(document).ready(function () { $('.fotonode.fotopagina').textfill({ maxFontPixels: 30 }); });? And a (simplified) HTML structure: <div class="fotonode fotopagina"> <h2><a href="#">Testing Title</a></h2> </div> For some reason this doesn't work (neither locally nor live) BUT it does work on JSfiddle: http://jsfiddle.net/Yb9yj/ I read somewhere that this can cause problems. I copied the code from jsfiddle to my file, so maybe I have (unintentionally) copied some white spaces that shouldn't be there or something. I don't know. But how can I solve this then?

    Read the article

  • expected ":" before "]" token + confused by earlier errors, bailing out

    - by Colby Bookout
    Ok so im at my wit's end here. I have tried every imaginable thing to get rid of these errors heres my code: - (void)tableView:(UITableView *)tableView didSelectRowAtIndexPath:(NSIndexPath *)indexPath { // Navigation logic may go here. Create and push another view controller. /* //<#DetailViewController#> *detailViewController = [[<#DetailViewController#> alloc] initWithNibName:@"<#Nib name#>" bundle:nil]; // ... // Pass the selected object to the new view controller. [self.navigationController pushViewController:detailViewController animated:YES]; [detailViewController release]; */ NSInteger row = [indexPath.row]; if (self.nameExcerptPage == nil) { NameOTWexcerpt *nameExcerptPageDetail = [[nameExcerptPage alloc] initWithNibName:@"NameOTWexcerpt" bundle:nil]; self.nameExcerptPage = nameExcerptPageDetail; [nameExcerptPageDetail release]; nameExcerptPage.title = [NSString stringWithFormat:@"%&", [TheBookNavTabs objectAtIndex:row]]; Rothfuss_ReaderAppDelegate *delegate = [[UIApplication sharedApplication] delegate]; [delegate.SecondTableViewController pushViewController:TheBookNavTabs animated:YES]; } } and the error appears where it says "NSInteger row = [indexPath.row]; please help! thanks!

    Read the article

  • Using a "white list" for extracting terms for Text Mining, Part 2

    - by [email protected]
    In my last post, we set the groundwork for extracting specific tokens from a white list using a CTXRULE index. In this post, we will populate a table with the extracted tokens and produce a case table suitable for clustering with Oracle Data Mining. Our corpus of documents will be stored in a database table that is defined as create table documents(id NUMBER, text VARCHAR2(4000)); However, any suitable Oracle Text-accepted data type can be used for the text. We then create a table to contain the extracted tokens. The id column contains the unique identifier (or case id) of the document. The token column contains the extracted token. Note that a given document many have many tokens, so there will be one row per token for a given document. create table extracted_tokens (id NUMBER, token VARCHAR2(4000)); The next step is to iterate over the documents and extract the matching tokens using the index and insert them into our token table. We use the MATCHES function for matching the query_string from my_thesaurus_rules with the text. DECLARE     cursor c2 is       select id, text       from documents; BEGIN     for r_c2 in c2 loop        insert into extracted_tokens          select r_c2.id id, main_term token          from my_thesaurus_rules          where matches(query_string,                        r_c2.text)>0;     end loop; END; Now that we have the tokens, we can compute the term frequency - inverse document frequency (TF-IDF) for each token of each document. create table extracted_tokens_tfidf as   with num_docs as (select count(distinct id) doc_cnt                     from extracted_tokens),        tf       as (select a.id, a.token,                            a.token_cnt/b.num_tokens token_freq                     from                        (select id, token, count(*) token_cnt                        from extracted_tokens                        group by id, token) a,                       (select id, count(*) num_tokens                        from extracted_tokens                        group by id) b                     where a.id=b.id),        doc_freq as (select token, count(*) overall_token_cnt                     from extracted_tokens                     group by token)   select tf.id, tf.token,          token_freq * ln(doc_cnt/df.overall_token_cnt) tf_idf   from num_docs,        tf,        doc_freq df   where df.token=tf.token; From the WITH clause, the num_docs query simply counts the number of documents in the corpus. The tf query computes the term (token) frequency by computing the number of times each token appears in a document and divides that by the number of tokens found in the document. The doc_req query counts the number of times the token appears overall in the corpus. In the SELECT clause, we compute the tf_idf. Next, we create the nested table required to produce one record per case, where a case corresponds to an individual document. Here, we COLLECT all the tokens for a given document into the nested column extracted_tokens_tfidf_1. CREATE TABLE extracted_tokens_tfidf_nt              NESTED TABLE extracted_tokens_tfidf_1                  STORE AS extracted_tokens_tfidf_tab AS              select id,                     cast(collect(DM_NESTED_NUMERICAL(token,tf_idf)) as DM_NESTED_NUMERICALS) extracted_tokens_tfidf_1              from extracted_tokens_tfidf              group by id;   To build the clustering model, we create a settings table and then insert the various settings. Most notable are the number of clusters (20), using cosine distance which is better for text, turning off auto data preparation since the values are ready for mining, the number of iterations (20) to get a better model, and the split criterion of size for clusters that are roughly balanced in number of cases assigned. CREATE TABLE km_settings (setting_name  VARCHAR2(30), setting_value VARCHAR2(30)); BEGIN  INSERT INTO km_settings (setting_name, setting_value) VALUES     VALUES (dbms_data_mining.clus_num_clusters, 20);  INSERT INTO km_settings (setting_name, setting_value)     VALUES (dbms_data_mining.kmns_distance, dbms_data_mining.kmns_cosine);   INSERT INTO km_settings (setting_name, setting_value) VALUES     VALUES (dbms_data_mining.prep_auto,dbms_data_mining.prep_auto_off);   INSERT INTO km_settings (setting_name, setting_value) VALUES     VALUES (dbms_data_mining.kmns_iterations,20);   INSERT INTO km_settings (setting_name, setting_value) VALUES     VALUES (dbms_data_mining.kmns_split_criterion,dbms_data_mining.kmns_size);   COMMIT; END; With this in place, we can now build the clustering model. BEGIN     DBMS_DATA_MINING.CREATE_MODEL(     model_name          => 'TEXT_CLUSTERING_MODEL',     mining_function     => dbms_data_mining.clustering,     data_table_name     => 'extracted_tokens_tfidf_nt',     case_id_column_name => 'id',     settings_table_name => 'km_settings'); END;To generate cluster names from this model, check out my earlier post on that topic.

    Read the article

  • What one-time-password devices are compatible with mod_authn_otp?

    - by netvope
    mod_authn_otp is an Apache web server module for two-factor authentication using one-time passwords (OTP) generated via the HOTP/OATH algorithm defined in RFC 4226. The developer's has listed only one compatible device (the Authenex's A-Key 3600) on their website. If a device is fully compliant with the standard, and it allows you to recover the token ID, it should work. However, without testing, it's hard to tell whether a device is fully compliant. Have you ever tried other devices (software or hardware) with mod_authn_otp (or other open source server-side OTP program)? If yes, please share your experience :)

    Read the article

  • Best place to check user authenticity in a back end module where all pages are only available to mem

    - by understack
    I've a backend module which could only be accessed by only authorized members. So I need to check authenticity for all actions and for all controllers. Currently I'm doing it inside preDispatch() functions inside controller classes. So it takes care of all the actions inside that controller. But still I've to do it for all controllers. Is there a place I could check it for all the controllers as well. So basically I want one place authenticity check for whole backend module. Can I do it in bootstrap?

    Read the article

  • Function to set an auth_token

    - by john mossel
    In my form I have a hidden field: <input type="hidden" name="auth_token" value="<?php echo $auth_token; ?>"> This value is also stored in a session and a variable: $_SESSION['auth_token'] = hash('sha256', rand() . time() . $_SERVER['HTTP_USER_AGENT']); # TODO: put this in a function $auth_token = $_SESSION['auth_token']; When the form is submitted the two values are compared. It's a basic form token. Should this be made into two functions or just one when refactored? set_form_token() and get_form_token(), get_form_token() returning the session value, then I can compare it in my main code. What is the proper way of doing this?

    Read the article

  • Anatomy of a .NET Assembly - CLR metadata 2

    - by Simon Cooper
    Before we look any further at the CLR metadata, we need a quick diversion to understand how the metadata is actually stored. Encoding table information As an example, we'll have a look at a row in the TypeDef table. According to the spec, each TypeDef consists of the following: Flags specifying various properties of the class, including visibility. The name of the type. The namespace of the type. What type this type extends. The field list of this type. The method list of this type. How is all this data actually represented? Offset & RID encoding Most assemblies don't need to use a 4 byte value to specify heap offsets and RIDs everywhere, however we can't hard-code every offset and RID to be 2 bytes long as there could conceivably be more than 65535 items in a heap or more than 65535 fields or types defined in an assembly. So heap offsets and RIDs are only represented in the full 4 bytes if it is required; in the header information at the top of the #~ stream are 3 bits indicating if the #Strings, #GUID, or #Blob heaps use 2 or 4 bytes (the #US stream is not accessed from metadata), and the rowcount of each table. If the rowcount for a particular table is greater than 65535 then all RIDs referencing that table throughout the metadata use 4 bytes, else only 2 bytes are used. Coded tokens Not every field in a table row references a single predefined table. For example, in the TypeDef extends field, a type can extend another TypeDef (a type in the same assembly), a TypeRef (a type in a different assembly), or a TypeSpec (an instantiation of a generic type). A token would have to be used to let us specify the table along with the RID. Tokens are always 4 bytes long; again, this is rather wasteful of space. Cutting the RID down to 2 bytes would make each token 3 bytes long, which isn't really an optimum size for computers to read from memory or disk. However, every use of a token in the metadata tables can only point to a limited subset of the metadata tables. For the extends field, we only need to be able to specify one of 3 tables, which we can do using 2 bits: 0x0: TypeDef 0x1: TypeRef 0x2: TypeSpec We could therefore compress the 4-byte token that would otherwise be needed into a coded token of type TypeDefOrRef. For each type of coded token, the least significant bits encode the table the token points to, and the rest of the bits encode the RID within that table. We can work out whether each type of coded token needs 2 or 4 bytes to represent it by working out whether the maximum RID of every table that the coded token type can point to will fit in the space available. The space available for the RID depends on the type of coded token; a TypeOrMethodDef coded token only needs 1 bit to specify the table, leaving 15 bits available for the RID before a 4-byte representation is needed, whereas a HasCustomAttribute coded token can point to one of 18 different tables, and so needs 5 bits to specify the table, only leaving 11 bits for the RID before 4 bytes are needed to represent that coded token type. For example, a 2-byte TypeDefOrRef coded token with the value 0x0321 has the following bit pattern: 0 3 2 1 0000 0011 0010 0001 The first two bits specify the table - TypeRef; the other bits specify the RID. Because we've used the first two bits, we've got to shift everything along two bits: 000000 1100 1000 This gives us a RID of 0xc8. If any one of the TypeDef, TypeRef or TypeSpec tables had more than 16383 rows (2^14 - 1), then 4 bytes would need to be used to represent all TypeDefOrRef coded tokens throughout the metadata tables. Lists The third representation we need to consider is 1-to-many references; each TypeDef refers to a list of FieldDef and MethodDef belonging to that type. If we were to specify every FieldDef and MethodDef individually then each TypeDef would be very large and a variable size, which isn't ideal. There is a way of specifying a list of references without explicitly specifying every item; if we order the MethodDef and FieldDef tables by the owning type, then the field list and method list in a TypeDef only have to be a single RID pointing at the first FieldDef or MethodDef belonging to that type; the end of the list can be inferred by the field list and method list RIDs of the next row in the TypeDef table. Going back to the TypeDef If we have a look back at the definition of a TypeDef, we end up with the following reprensentation for each row: Flags - always 4 bytes Name - a #Strings heap offset. Namespace - a #Strings heap offset. Extends - a TypeDefOrRef coded token. FieldList - a single RID to the FieldDef table. MethodList - a single RID to the MethodDef table. So, depending on the number of entries in the heaps and tables within the assembly, the rows in the TypeDef table can be as small as 14 bytes, or as large as 24 bytes. Now we've had a look at how information is encoded within the metadata tables, in the next post we can see how they are arranged on disk.

    Read the article

  • SINGLE SIGN ON SECURITY THREAT! FACEBOOK access_token broadcast in the open/clear

    - by MOKANA
    Subsequent to my posting there was a remark made that this was not really a question but I thought I did indeed postulate one. So that there is no ambiquity here is the question with a lead in: Since there is no data sent from Facebook during the Canvas Load process that is not at some point divulged, including the access_token, session and other data that could uniquely identify a user, does any one see any other way other than adding one more layer, i.e., a password, sent over the wire via HTTPS along with the access_toekn, that will insure unique untampered with security by the user? Using Wireshark I captured the local broadcast while loading my Canvas Application page. I was hugely surprised to see the access_token broadcast in the open, viewable for any one to see. This access_token is appended to any https call to the Facebook OpenGraph API. Using facebook as a single click log on has now raised huge concerns for me. It is stored in a session object in memory and the cookie is cleared upon app termination and after reviewing the FB.Init calls I saw a lot of HTTPS calls so I assumed the access_token was always encrypted. But last night I saw in the status bar a call from what was simply an http call that included the App ID so I felt I should sniff the Application Canvas load sequence. Today I did sniff the broadcast and in the attached image you can see that there are http calls with the access_token being broadcast in the open and clear for anyone to gain access to. Am I missing something, is what I am seeing and my interpretation really correct. If any one can sniff and get the access_token they can theorically make calls to the Graph API via https, even though the call back would still need to be the site established in Facebook's application set up. But what is truly a security threat is anyone using the access_token for access to their own site. I do not see the value of a single sign on via Facebook if the only thing that was established as secure was the access_token - becuase for what I can see it clearly is not secure. Access tokens that never have an expire date do not change. Access_tokens are different for every user, to access to another site could be held tight to just a single user, but compromising even a single user's data is unacceptable. http://www.creatingstory.com/images/InTheOpen.png Went back and did more research on this: FINDINGS: Went back an re ran the canvas application to verify that it was not any of my code that was not broadcasting. In this call: HTTP GET /connect.php/en_US/js/CacheData HTTP/1.1 The USER ID is clearly visible in the cookie. So USER_ID's are fully visible, but they are already. Anyone can go to pretty much any ones page and hover over the image and see the USER ID. So no big threat. APP_ID are also easily obtainable - but . . . http://www.creatingstory.com/images/InTheOpen2.png The above file clearly shows the FULL ACCESS TOKEN clearly in the OPEN via a Facebook initiated call. Am I wrong. TELL ME I AM WRONG because I want to be wrong about this. I have since reset my app secret so I am showing the real sniff of the Canvas Page being loaded. Additional data 02/20/2011: @ifaour - I appreciate the time you took to compile your response. I am pretty familiar with the OAuth process and have a pretty solid understanding of the signed_request unpacking and utilization of the access_token. I perform a substantial amount of my processing on the server and my Facebook server side flows are all complete and function without any flaw that I know of. The application secret is secure and never passed to the front end application and is also changed regularly. I am being as fanatical about security as I can be, knowing there is so much I don’t know that could come back and bite me. Two huge access_token issues: The issues concern the possible utilization of the access_token from the USER AGENT (browser). During the FB.INIT() process of the Facebook JavaScript SDK, a cookie is created as well as an object in memory called a session object. This object, along with the cookie contain the access_token, session, a secret, and uid and status of the connection. The session object is structured such that is supports both the new OAuth and the legacy flows. With OAuth, the access_token and status are pretty much al that is used in the session object. The first issue is that the access_token is used to make HTTPS calls to the GRAPH API. If you had the access_token, you could do this from any browser: https://graph.facebook.com/220439?access_token=... and it will return a ton of information about the user. So any one with the access token can gain access to a Facebook account. You can also make additional calls to any info the user has granted access to the application tied to the access_token. At first I thought that a call into the GRAPH had to have a Callback to the URL established in the App Setup, but I tested it as mentioned below and it will return info back right into the browser. Adding that callback feature would be a good idea I think, tightens things up a bit. The second issue is utilization of some unique private secured data that identifies the user to the third party data base, i.e., like in my case, I would use a single sign on to populate user information into my database using this unique secured data item (i.e., access_token which contains the APP ID, the USER ID, and a hashed with secret sequence). None of this is a problem on the server side. You get a signed_request, you unpack it with secret, make HTTPS calls, get HTTPS responses back. When a user has information entered via the USER AGENT(browser) that must be stored via a POST, this unique secured data element would be sent via HTTPS such that they are validated prior to data base insertion. However, If there is NO secured piece of unique data that is supplied via the single sign on process, then there is no way to guarantee unauthorized access. The access_token is the one piece of data that is utilized by Facebook to make the HTTPS calls into the GRAPH API. it is considered unique in regards to BOTH the USER and the APPLICATION and is initially secure via the signed_request packaging. If however, it is subsequently transmitted in the clear and if I can sniff the wire and obtain the access_token, then I can pretend to be the application and gain the information they have authorized the application to see. I tried the above example from a Safari and IE browser and it returned all of my information to me in the browser. In conclusion, the access_token is part of the signed_request and that is how the application initially obtains it. After OAuth authentication and authorization, i.e., the USER has logged into Facebook and then runs your app, the access_token is stored as mentioned above and I have sniffed it such that I see it stored in a Cookie that is transmitted over the wire, resulting in there being NO UNIQUE SECURED IDENTIFIABLE piece of information that can be used to support interaction with the database, or in other words, unless there were one more piece of secure data sent along with the access_token to my database, i.e., a password, I would not be able to discern if it is a legitimate call. Luckily I utilized secure AJAX via POST and the call has to come from the same domain, but I am sure there is a way to hijack that. I am totally open to any ideas on this topic on how to uniquely identify my USERS other than adding another layer (password) via this single sign on process or if someone would just share with me that I read and analyzed my data incorrectly and that the access_token is always secure over the wire. Mahalo nui loa in advance.

    Read the article

  • Auth problem on Facebook using Ruby/sinatra/frankie/facebooker

    - by user84584
    Hello guys, I'm using sinatra/frankie/facebooker to prototype something simple to test the facebook api, i'm using mmangino-facebooker the more recent version from github and I cloned the most recent version of frankie. I'm using sinatra 0.9.6. My main code is as simple as possible: before do ensure_application_is_installed_by_facebook_user @user = session[:facebook_session].user @photos = session[:facebook_session].get_photos(nil,@user.uid,nil) end get "/" do erb :index end get "/:uid/:image" do |uid,image| @photo_selected = session[:facebook_session].get_photos([image.to_i],nil,nil) erb :selected end The index page just renders a link to the other one (identified by regex "/:uid/:image") however I always get an error when it's trying to render the one identified by regex "/:uid/:image" Facebooker::Session::MissingOrInvalidParameter: Invalid parameter /Library/Ruby/Gems/1.8/gems/mmangino-facebooker-1.0.50/lib/facebooker/parser.rb:610:in `process' /Library/Ruby/Gems/1.8/gems/mmangino-facebooker-1.0.50/lib/facebooker/parser.rb:30:in `parse' /Library/Ruby/Gems/1.8/gems/mmangino-facebooker-1.0.50/lib/facebooker/service.rb:67:in `post' /Library/Ruby/Gems/1.8/gems/mmangino-facebooker-1.0.50/lib/facebooker/session.rb:600:in `post_without_logging' /Library/Ruby/Gems/1.8/gems/mmangino-facebooker-1.0.50/lib/facebooker/session.rb:611:in `post' /Library/Ruby/Gems/1.8/gems/mmangino-facebooker-1.0.50/lib/facebooker/logging.rb:20:in `log_fb_api' /System/Library/Frameworks/Ruby.framework/Versions/1.8/usr/lib/ruby/1.8/benchmark.rb:308:in `realtime' /Library/Ruby/Gems/1.8/gems/mmangino-facebooker-1.0.50/lib/facebooker/logging.rb:20:in `log_fb_api' /Library/Ruby/Gems/1.8/gems/mmangino-facebooker-1.0.50/lib/facebooker/session.rb:610:in `post' /Library/Ruby/Gems/1.8/gems/mmangino-facebooker-1.0.50/lib/facebooker/session.rb:198:in `secure!' ./config/frankie/lib/frankie.rb:66:in `secure_with_token!' ./config/frankie/lib/frankie.rb:44:in `set_facebook_session' ./config/frankie/lib/frankie.rb:164:in `ensure_authenticated_to_facebook' ./config/frankie/lib/frankie.rb:169:in `ensure_application_is_installed_by_facebook_user' I've no idea why, it seems to be related with the auth token I guess.. I logged the request made o the fb rest server: {:sig="4f244d1f510498f4efaae3c03d036a85", :generate_session_secret="0", :method="facebook.auth.getSession", :auth_token="9dae0d02c19c680b574c78d202b0582a", :api_key="70c14732815ace0ae71a561ea5eb38b7", :v="1.0"} {:call_id="1269003766.05665", :sig="194469457d1424dc8ba0678979692363", :method="facebook.photos.get", :subj_id=750401957, :session_key="2.lXL0z3s4_r573xzQwAiA9A__.3600.1269010800-750401957", :api_key="70c14732815ace0ae71a561ea5eb38b7", :v="1.0"} {:sig="4f244d1f510498f4efaae3c03d036a85", :generate_session_secret="0", :method="facebook.auth.getSession", :auth_token="9dae0d02c19c680b574c78d202b0582a", :api_key="70c14732815ace0ae71a561ea5eb38b7", :v="1.0"} The last one gives the error, it could be related with auth_token having the same value in the 1st and on the 3rd ? Cheers and tks, Ze Maria

    Read the article

  • How do I get bison/flex to restart scanning after something like token substitution?

    - by chucknelson
    Is there a way to force bison and/or flex to restart scanning after I replace some token with something else? My particular example would be with replacement for a specific word/string. If I want a word of hello to be replaced by echo hello, how can I get flex or bison to replace hello and then start parsing again (to pick up 2 words instead of just one). So it would be like: Get token WORD (which is a string type) If hello, replace token value with echo hello Restart parsing entire input (which is now echo hello) Get token WORD (echo) Get token WORD (hello) I've seen very tempting functions like yyrestart(), but I don't really understand what that function in particular really accomplishes. Any help is greatly appreciated, thanks!

    Read the article

  • How to automate login to Google API to get OAuth 2.0 token to access known user account

    - by keyser_sozay
    Ok, so this question has been asked before here. In the response/answer to the question, the user tells him to store the token in the application (session and not db, although it doesn't matter where you store it). After going through the documentation on Google, it seems that the token has an expiration date after which it is no longer valid. Now, we could obviously automatically refresh the token every fixed interval, thereby prolonging the lifespan of the token, but for some reason, this manual process feels like a hack. My questions is: Is this most effective (/generally accepted) way to access google calendar/app data for a known user account by manually logging in and persisting the token in the application? Or is there another mechanism that allows us to programmatically login to this user account and go through the OAuth steps?

    Read the article

  • Need Help on OAuthException Code 2500

    - by Deepak
    I am trying to develop an Facebook application (apps.facebook.com/some_app) using PHP where I need to present some information based on user's music interests. I found that its under "user_likes games". My problems are as follows: To gain access, I have implemented the oauth dialog method as suggested in API in my index page. $auth_url = "http://www.facebook.com/dialog/oauth?client_id=" . $app_id . "&redirect_uri=" . urlencode($canvas_page) ."&scope=user_likes"; After successful authorization I come back to index page with "code" as parameters. http://MY_CANVAS_PAGE/?code=some base64 encoded letters Firstly I don't know if I need access_token just to read user's music interests but I have tried all the methods suggested. I couldn't move forward from this point I have a code like this (in my index page), which redirects for authorization if code parameters is not set. if(empty($code) && !isset($_REQUEST['error'])) { $_SESSION['state'] = md5(uniqid(rand(), TRUE)); //CSRF protection echo("<script> top.location.href='" . $auth_url . "'</script>"); } Currently I am just trying to get user's public information here but with no success. I have tried the signed_request method as suggested but no success $signed_request = $_REQUEST["signed_request"]; list($encoded_sig, $payload) = explode('.', $signed_request, 2); $data = json_decode(base64_decode(strtr($payload, '-_', '+/')), true); echo ("Welcome User: " . $data["user_id"]); Also tried the code found in http://developers.facebook.com/blog/post/500/ but I am getting error when trying to get the debug info using print_r($decoded_response); stdClass Object ( [error] => stdClass Object ( [message] => An active access token must be used to query information about the current user. [type] => OAuthException [code] => 2500 ) ) To get user's public info, I have tried also the suggested example in PHP SDK $facebook = new Facebook(array( 'appId' => MY_APP_ID, //registered facebook APP ID 'secret' => MY_SECRET, //secret key for APP )); $fb_user = $facebook->getUser(); if($fb_user){ try { $user_profile = $facebook->api('/me'); echo $user_profile['email']; } catch(FacebookApiException $e) { $fb_user = null; } } But no success. Can somebody explain me why I am getting this error and how to access the user's music interest properly. Probably I misunderstood the API. Thanks Deepak

    Read the article

  • Skin Object Tokens for DotNetNuke 5 - 8 Videos

    In this tutorial we demonstrate how to use Skin Object Tokens in DotNetNuke v5 and above. Skin Object tokens are a new skinning method introduced in DotNetNuke 5 for adding tokens into a DotNetNuke skin. A Skin Object Token is a web user control, it covers skin elements such as the logo, menu, search, login links, date, copyright, languages, links, banners, privacy, terms of use etc. This new Object token method has been introduced into DotNetNuke with the idea of making it simpler to add a skin object into a DotNetNuke skin. The videos contain: Video 1 - Introduction to HTML Object Token Skinning Video 2 - Basic Styling of a Skin and Creating Multiple Content Panes Video 3 - Styling, Control Panel, Login and Register Skin Object Tokens Video 4 - Packaging, Installing, Testing and Viewing the ASCX Version of the Skin Video 5 - Viewing the Attributes for Skin Object Tokens, Logo Token, Search Token Video 6 - Breadcrumb Token, Text Token and Localization, Links Token Video 7 - More Skin Tokens and Token Replacement Video 8 - Demonstration of the Object Tokens and Bug Fixing Did you know that DotNetSlackers also publishes .net articles written by top known .net Authors? We already have over 80 articles in several categories including Silverlight. Take a look: here.

    Read the article

  • XML Parsing Error at 1:1544. Error 4: not well-formed (invalid token)

    - by Steve
    I have installed Joomla 1.5.22 on a new hosting account, which doesn't have a domain yet, so it's public URL is http://cp-013.micron21.com/~annimac/ A message saying: XML Parsing Error at 1:1544. Error 4: not well-formed (invalid token). The source code for this message is: <dl id="system-message"> <dt class="error">Error</dt> <dd class="error message fade"> <ul> <li>XML Parsing Error at 1:1544. Error 4: not well-formed (invalid token)</li> </ul> </dd> </dl> There is nothing in /logs to indicate what the problem is. I have uploaded the following folders from a freshly unzipped copy of Joomla 1.5.22: administrator components includes language\en-GB libraries modules plugins templates\ja_purity xmlrpc and the issue remains. I have no custom or additional plugins, modules, or components installed. If I change templates, the problem remains. What is the problem?

    Read the article

  • Spring Security and the Synchronizer Token J2EE pattern, problem when authentication fails.

    - by dfuse
    Hey, we are using Spring Security 2.0.4. We have a TransactionTokenBean which generates a unique token each POST, the bean is session scoped. The token is used for the duplicate form submission problem (and security). The TransactionTokenBean is called from a Servlet filter. Our problem is the following, after a session timeout occured, when you do a POST in the application Spring Security redirects to the logon page, saving the original request. After logging on again the TransactionTokenBean is created again, since it is session scoped, but then Spring forwards to the originally accessed url, also sending the token that was generated at that time. Since the TransactionTokenBean is created again, the tokens do not match and our filter throws an Exception. I don't quite know how to handle this elegantly, (or for that matter, I can't even fix it with a hack), any ideas? This is the code of the TransactionTokenBean: public class TransactionTokenBean implements Serializable { public static final int TOKEN_LENGTH = 8; private RandomizerBean randomizer; private transient Logger logger; private String expectedToken; public String getUniqueToken() { return expectedToken; } public void init() { resetUniqueToken(); } public final void verifyAndResetUniqueToken(String actualToken) { verifyUniqueToken(actualToken); resetUniqueToken(); } public void resetUniqueToken() { expectedToken = randomizer.getRandomString(TOKEN_LENGTH, RandomizerBean.ALPHANUMERICS); getLogger().debug("reset token to: " + expectedToken); } public void verifyUniqueToken(String actualToken) { if (getLogger().isDebugEnabled()) { getLogger().debug("verifying token. expected=" + expectedToken + ", actual=" + actualToken); } if (expectedToken == null || actualToken == null || !isValidToken(actualToken)) { throw new IllegalArgumentException("missing or invalid transaction token"); } if (!expectedToken.equals(actualToken)) { throw new InvalidTokenException(); } } private boolean isValidToken(String actualToken) { return StringUtils.isAlphanumeric(actualToken); } public void setRandomizer(RandomizerBean randomizer) { this.randomizer = randomizer; } private Logger getLogger() { if (logger == null) { logger = Logger.getLogger(TransactionTokenBean.class); } return logger; } } and this is the Servlet filter (ignore the Ajax stuff): public class SecurityFilter implements Filter { static final String AJAX_TOKEN_PARAM = "ATXTOKEN"; static final String TOKEN_PARAM = "TXTOKEN"; private WebApplicationContext webApplicationContext; private Logger logger = Logger.getLogger(SecurityFilter.class); public void init(FilterConfig config) { setWebApplicationContext(WebApplicationContextUtils.getWebApplicationContext(config.getServletContext())); } public void destroy() { } public void doFilter(ServletRequest req, ServletResponse response, FilterChain chain) throws IOException, ServletException { HttpServletRequest request = (HttpServletRequest) req; if (isPostRequest(request)) { if (isAjaxRequest(request)) { log("verifying token for AJAX request " + request.getRequestURI()); getTransactionTokenBean(true).verifyUniqueToken(request.getParameter(AJAX_TOKEN_PARAM)); } else { log("verifying and resetting token for non-AJAX request " + request.getRequestURI()); getTransactionTokenBean(false).verifyAndResetUniqueToken(request.getParameter(TOKEN_PARAM)); } } chain.doFilter(request, response); } private void log(String line) { if (logger.isDebugEnabled()) { logger.debug(line); } } private boolean isPostRequest(HttpServletRequest request) { return "POST".equals(request.getMethod().toUpperCase()); } private boolean isAjaxRequest(HttpServletRequest request) { return request.getParameter("AJAXREQUEST") != null; } private TransactionTokenBean getTransactionTokenBean(boolean ajax) { return (TransactionTokenBean) webApplicationContext.getBean(ajax ? "ajaxTransactionTokenBean" : "transactionTokenBean"); } void setWebApplicationContext(WebApplicationContext context) { this.webApplicationContext = context; } }

    Read the article

< Previous Page | 6 7 8 9 10 11 12 13 14 15 16 17  | Next Page >