FAQ Database Discussion Community


RESTful API: how to securely store bearer API tokens?

api,rest,github,oauth,token
I am building a RESTful API. The only problem I have is how to do the authentication, since I want a stateless approach where the only information the server has is in the request itself. So I thought I would look how the big boys do it. I see most...

using strtok function to tokenize a sentence

c++,token,tokenize,strtok
I am having a little trouble using the strtok() function. What I am trying to do is grab a sentence from a keyboard, then create tokens for every space in the sentence, and then finally print every word that is separated by a space . My current output is blank...

One time created Web Api token is working on all request

asp.net-mvc,security,asp.net-web-api,token
I want to ask Web Api token based authentication. As a user, I am creating a token on a web api. Token link is http://mydomain/token This request is returning a long token string. I am using this token to get secured data like this: http://mydomain/orders Accept:application/json Content-type:application/json Authorization: Bearer lksKaBgTgNT06LAWzHeLHiwMUI6nBHNvE2qen9...............

Attempting to get authentication from server using Json token in Swift

json,swift,token,nsurlsession
I'm adding a Login process in my Swift app and have added the following code to handle the Json token authentication class func getValidationFromServer(success: ((svrData: NSData!) -> Void)) { var usrName = ViewController.gVariables.gUser var pwd = ViewController.gVariables.gPwd var postData = NSMutableData(data: "username=\(usrName)".dataUsingEncoding(NSUTF8StringEncoding)!) postData.appendData("&password=\(pwd)".dataUsingEncoding(NSUTF8StringEncoding)!)...

How to protect against CSRF

token,csrf
How can I protect my website against Cross-Site Request Forgery attack? I am visiting a "normal" website. (f.e. normal.php) In the background it loads another website (f.e. victim.php/send_comment) where I'm already logged in. The website fills the comment boxes of the victim.php with JS and automatically send the request. In...

What is the most secure method of logging someone into a website? [closed]

php,security,token,login-control
I am trying to ascertain the best way to keep someone logged into my website after I have verified the log in is correct. I tried to have a look at "Keep Me Logged In" - the best approach where the most upvoted answer said that I should generate a...

does authentication_token for simple_token_authentication expires?

ruby-on-rails,api,devise,token,restful-authentication
i have an api feeding mobile apps and im using simple_token_authentication for users login and register. The thing is i want to keep the user logged in as long as he doesn't himself close the app or log out. I guess there might be something on devise initializer, but considering...

AngularJS “localStorage.getItem” is null in $resource

javascript,angularjs,local-storage,token
I have an angular $resource for login and getting user's info. The login sends the username and password to server and gets a Bearer token. In the success function of User.login the token is stored in localStorage. In getEmail, I'm including the token in header to the user's email address....

REST API with token based authentication

angularjs,codeigniter,api,rest,token
I want to develop a web site with AngularJS. On the backend side I will use Codeigniter REST framework. I have some security issues and I don't want to start developing without fixing them on my mind. I don't want to use something like api key because it will be...

Bearer token identity webapi - fine grained security

security,asp.net-web-api,token,identity
we are developing AngularJS/SPA application of e.g. 500 forms, that connects to ASPNET WebAPI. Any form has "read", "write", "query" and "additional custom" access privileges. Access privileges can be grouped together in "roles". Each user can have defined one or more roles and/or specific privilege on a specific form. I...

When do DockerHub auth tokens expire?

authentication,login,docker,token,dockerhub
When docker login succeeds an auth token is put in ~/.dockercfg. We are considering deploying a .dockercfg file to EC2 instances to all running of containers against private repository images. The alternative would be to run docker login on the instances, but I would prefer to give instances an auth...

First authentification in order to get token

php,android,ssl,https,token
I am writing mobile client for online store. I have written REST API for accessing data on the server. Now I need to authentificate the user. I have read a lot about this,and came to the simple solution. Firstly, when user run application first time, he must enter exactly password...

How are REST services authenticated using tokens

rest,token
I have been through various blogs explaining the use of Tokens for authentication. But none of the sites have explained how the token authentication works at the REST service side. For eg: I have a token T1 which is given to my app by the authentication server. I will send...

PHP: Secure a Rest Service with a Token mixed with Timestamp

php,rest,security,amazon-web-services,token
I have a rest service that my website calls it and I want to secure it from calling outside of my website as much as possible. I want to create a token mixed with timestamp, so the user can only call the service in 10 minutes (for example) with the...

Oauth 2.0 issues with refresh token PHP

php,oauth,token
i dont seem to get the refresh token when i call the access token? Here is the code: $client = new Google_Client(); $client->setClientId($OAUTH2_CLIENT_ID); $client->setClientSecret($OAUTH2_CLIENT_SECRET); $client->setScopes('https://www.googleapis.com/auth/youtube'); $redirect = filter_var(URL, FILTER_SANITIZE_URL); $client->setRedirectUri($redirect); $client->setApprovalPrompt("force"); $client->setState('offline'); var_dump($client->getAccessToken()); And this is what i get from it: string(163)...

How should I store a token generated by a RESTful API?

node.js,api,rest,authentication,token
I have built an API that generates an authentication token for the users that log in. At this time I also have a client application written in Node.JS. When I make the request with the user credentials from the client application to the API I get the authentication token: how...

OR operator inside OR operator - RegEX

python,regex,string,python-3.x,token
I'm trying to create a compiler in python and I'm using the re module to create tokens. The language will be very similar to Assembly. Almost everything is working, but I'm having trouble with a token. Let me give an example of what would be this token: mov [eax], 4...

express-jwt handling specific secret passphrase by routes

node.js,express,token,jwt,express-jwt
Here is my use case. In my express app using express-jwt module, I have 2 mains routes. I would like to secure my routes with 2 distincts passphrase. app.use('/api/v1/admin', jwt({secret: "blabla1"}).unless({path:['/api/v1/admin/login']})); app.use('/api/v1', jwt({secret: "blabla2"}).unless({path: ['/api/v1/login']})); In this case, it doesn't work as I was expecting to... Is there a way...

take a part of a string in java

java,regex,string,token
I have a string which includes 4 attributes with 3 spaces between them(name,surname,email,tel). For example: "Mike Tyson [email protected] 0 999 999 99 99" I need to take e-mail from this string. I searched for regex and tokens but can't find anything. Thank you....

What is the use of token tag in Struts2 and how does it work?

jsp,struts2,token
I came across this <s:token /> tag and it is enclosed in a <s:form></s:form> tag in a JSP Page. Some other StackOverflow link discusses its usage in maintaining session and prevention of double submission of forms. What exactly is the use of this tag? If it prevents double submission of...

oauth2 reload user authorities

spring,token,spring-security-oauth2
I am wondering what's the best way to this. My scenario is the following: I have separate oath2 server and resource server sharing the auth information via database. The user authentication is being made by a provider that extends from AbstractUserDetailsAuthenticationProvider. Whenever I build UserDetails object, I attach the authorities...

Ember Simple Auth (with token plugin) won't add the Authorization header with the token

ember.js,http-headers,token,ember-cli,ember-simple-auth
I had a simple and working application with Ember CLI 0.1.12. I use the Ember Simple Auth addon with the Token authenticator and authorizer. https://github.com/jpadilla/ember-cli-simple-auth-token First, I wasn't able to authenticate, because I had no idea what the server was supposed to return. After a lot of googling, I was...

Why is a defined token not recognized during syntax analysis in C using Bison?

c,syntax,compiler-construction,token,lexical
I'm currently working on a simple infix-to-postfix compiler for a given grammar. I'm currently at the stage of syntax analysis. I have already written a lexical analyzer, using Flex library, however I'm stuck on a seemingly simple problem. The information below might seem like a lot to process, but I...

Parsing tokens with PLY

python,regex,parsing,token,ply
I've been trying to parse some given text with PLY for a while and I haven't been able to figure it out. I have these tokens defined: tokens = ['ID', 'INT', 'ASSIGNMENT'] And I want to classify the words I find into these tokens. For example, if the scanner is...

Sending token query string parameter from webpage url in POST request

php,http,post,request,token
I'm trying to send a POST request with part of the webpage URL as the parameter. For instance, in this url: http://testsite.com/confirmEmail/?token=abcdefg I want to be able to send the input token with the value abcdefg. I want to make this responsive to different token values. Any ideas? Thanks...

iOS Handling requests with refreshed authentication tokens

ios,cocoa,oauth,token,google-plus-signin
Working on an iPhone app, I'm using the Google Plus SDK (GPPSignIn) for getting and refreshing authentication tokens. These tokens last for 1 hour. When I make a request with an expired token the web service that I am using returns a specific http response code so that I know...

Play Framework: How to Add a Header to Every Response

scala,playframework,http-headers,token
In the following Controller, Authenticated extracts the token from the request headers and invokes a given action if and only if the token is valid (the code has been simplified for clarity): object MyController extends Controller { def Authenticated(action: Token => EssentialAction) = EssentialAction { requestHeader => val jwt =...

Using Magento as an SSO provider

php,magento,single-sign-on,token
I have two sites I want to be connected with SSO. One is a store, using Magento, and I would like this to be the "source of truth" that holds all the members and will handle the authentication. The other is a marketing site using a CMS (SilverStripe), and I...

Visual Basic how to get

Dynamic operator tokens in ANTLR4

java,parsing,token,antlr4
I'm trying to make a calculator in ANTLR4 that can use almost every possible symbol as mathematical operator. Concrete: - The user defines operations consisting of an operator and a precedence. The operator can be any combination of symbols except for some system symbols (parentheses, commas, ...). Precedence is a...

How to use openssl_random_pseudo_bytes function ? php

php,cryptography,token,php-openssl
I want to generate token , to use it as sign in auth, so I want to assure that the token algorithm is cryptographically strong ! I am using this block of code to to achieve that : $crypto_strong = false; while($crypto_strong !== false) $openssl =openssl_random_pseudo_bytes(128,$crypto_strong); $token = bin2hex($openssl); is...

c++ function returning template type checking

c++,templates,types,return,token
I have read through some questions here and cant find anything specific to my problem so I don't know if I am doing it completely wrong or just am missing something specific. What I am trying to do is tokenize some data and input that into a function and return...

Unexpected token else, but in “if” there's no semicolon

javascript,if-statement,token
I'm sure everything is right, but error exists. I don't know why... Here's a part of my code. Error points the string with "else", and this "else" were highlighted by me by double asterisk in both sides. This "highlighting" isn't exist in the real code. The real code isn't working...

How can i spit the input into 2?

java,input,user,token
i have an input that consists of any 2 numbers on a single line and there can be an unlimited number of lines, ex. 30 60 81 22 38 18 I want to split each line into 2 tokens, first token is the number on the left and the second...

SyntaxError: Unexpected token if

javascript,if-statement,token
I'm currently learning javascript and I keep having this error!!! This is my script: var compare = function(choice1, choice2) if (choice1 === choice2) { return "The result is a tie!"; } else if (choice1 === "rock") if (choice2 === "scissors") { return "rock wins"; } else { return "paper wins";...

Best way to store private crypto key in browser?

javascript,web-applications,cryptography,rsa,token
I would like to encrypt some user data before it's sent to the server. That is, the data will be encrypted on the client side in browser using JavaScript. My question is, what options are available for storing private keys on the client side (it will be used for decrypting...

OAuth2 Password Grant Type with Client_Id & Client_Secret

authentication,oauth-2.0,token
I am developing an app to access its own resources via Rest endpoints. Users are required to acquire access token via email/password. After completed Authentication server configuration, I had this observation: With: curl client:[email protected]:9999/uaa/oauth/token -d grant_type=password -d username=user -d password=password I am getting the correct response: {"access_token":"7541a4f6-e841-41a0-8a54-abf8e0666ed1","token_type":"bearer","refresh_token":"d3fdd7e3-53eb-4e7b-aa45-b524a9e7b316","expires_in":43199,"scope":"openid"} However With:...

search with filter by token count

elasticsearch,token
Fields in documents are analyzed, to create token. {"message":"hello world"} -> token: ["hello", "world"] {"message":"hello"} -> token: ["hello"] {"message":"world"} -> token: ["world"] {"message":"hello java"} -> token: ["hello", "java"] {"message":"java"} -> token: ["java"] Is there a possibility to search all documents in which a specific field contains a given token and...

Best way to store a user token in Ruby script

ruby,windows,unix,token,credentials
I am developing a Ruby script designed for CLI which is based on a REST API. This API needs a token as credentials in order to recognize the user and allows him to retrieve his informations. For now, this scripts asks the 30-length token in the console every time it...

Need clarification on the definition of C tokens

c,token
From the K&R's "The C Programming Language" book: There are six classes of tokens: identifiers, keywords, constants, string literals, operators, and other separators. Blanks, horizontal and vertical tabs, newlines, formfeeds, and comments as described below (collectively, "white space") are ignored except as they separate tokens. What does it mean by...

How to find the source location of a dynamic token in JMeter?

authentication,dynamic,jmeter,token
I've been using Fiddler tool to capture the HTTP request-responses, then manually finding out the source location of a dynamic token (in a recorded page). I'd then use regular expression extractor on that source page to extract and store the value of that dynamic token in a variable, and use...

Devise Token Auth error: Devise.secret_key was not set

ruby-on-rails,ruby,devise,token,config
I am currently using the Devise Token Auth (https://github.com/lynndylanhurley/devise_token_auth) gem and have it working well in development. However, in my production environment, when I run rake db:migrate, I get the following error: rake aborted! Devise.secret_key was not set. Please add the following to your Devise initializer: config.secret_key = 'my secret...

Is there any safe way to keep rest auth token on the client side for SPA?

rest,authentication,cookies,xss,token
If we get token from the rest server and use AuthorizationToken header in every request for authorization, we still need to keep it when the browser's page is closed. The only universal way to do it is to put the token to cookies. But in such way even if the...

JAX-WS adds namespace in Signature of token

namespaces,jax-ws,token,signature
I am accessing a third party web service using JAX-WS generated client (Java) code. A call to a service that initiates a client session returns a Token in the response which, a.o., contains a Signature. The Token is required in subsequent calls to other services for authentication purposes. I learned...

token in line doesn't work fail c++

c++,loops,line,token
The following function works on text file called "_filePath" and tries to cut it to little tokens separate by ";" and "," like this: [Mickey M;12034;911416313;M;01a;9001;NULL;0;13;12;0;CPP,C;MSC,3D;FEND,BEND,SEC;] When trying to separate CPP,C into little token, it doesn't reach the next token which is MSC,3D and so on. I notice that the...

Get access to REST API using JWT security token

java,rsa,token,jwt
I have RSA key in format <RSAKeyValue> <Modulus> ..</Modulus> <Exponent>..</Exponent> ... </RSAKeyValue> I need to get connection to REST API using java. I should use JWT security token with schema “TokenIssuer”. Nimbus library provide following example for doing it. Will it help me or I need something else? If yes,...

Simple token-like authentication

php,authentication,token
Does the following authentication system seem reasonable: Client calls the login end point with a user name and password to the main server. The main server sends this off to another authentication server (which will receive no further mention), which returns a yes/no if this is valid and a user...

How JSON Web Tokens work? Not sure what is different from cookies

security,cookies,login,token,jwt
When using cookies they are stored on the server and compared to the ones coming in the request from a client. What are the JWTs compared to? are they being decoded into their components?

Sagepay token system delete token

api,token,sagepay
I'm using Sage Pay token system, evrithyng is working fine I store the tokens on my side. The question is if I want to remove a token is it fine to remove it only from my side, and then if some one wants to add tha card again to create...

TERADATA - How to split a character column and keep the last token?

sql,substring,token,teradata,strtok
I have a table with article names and I would like to select the last word of each article of the table. Right now I'm doing it in SAS and I my code looks like: PROC SQL; CREATE TABLE last_word as SELECT scan(names,-1) as last_w FROM articles; QUIT; I am...

token to unsigned printing odd values

c,struct,token,strtol,strtoull
As the title suggested I am getting some weird returns from strtoul, I have tested just by using strcpy to store the data as a string and it is giving the correct value, but as soon as I try and change it to an unsigned int by using strtoul() I...

Split string into tokens using 2 or more spaces

c#,string,token
I have a text file that I am trying to parse. As of right now I am using the String.Split Method to get tokenize a string. Here is some sample text: GP71011N Sign 1.00 each 4298.96000 4298.96 H50 ENGINE* Sign 1.00 each 9027.65000 9027.65 JR70883* Sign 1.00 each 10674.24300 10674.24...

Uncaught SyntaxError: Unexpected token < in HTML - can't solve

html,console,syntax-error,token
Can anyone help me find this unexpected token? I've been looking at this code for a while so maybe i need a fresh pair of eyes to solve this. see HTML code below: <div class="list-view hide"> <table class="custom-reports-table"> <script id="custom-reports-table" type="text/javascript"> <tbody> {{#each listItem}} <tr class="row" id="{{itemId}}"> <td class="select-container"> <div...

Paypal PHP How to check validity of refresh token for future payments

php,paypal,authorization,token
I am working on an iOS app where I am getting user's consent for future payments via Paypal iOS SDK. I get the authorization token, send it to the PHP server that gets the refresh token via Paypal PHP SDK and stores it in database. Then for any future payments,...

Using jwt-go Library - Key is invalid or invalid type

parsing,go,token,jwt
I am trying to pass in a token to the "Parse(token String, keyFunc Keyfunc)" GO routine defined in this GO-library (http://godoc.org/github.com/dgrijalva/jwt-go) for JWT-token parsing/validation. When I pass the token to this function - token, err := jwt.Parse(getToken, func(token *jwt.Token) (interface{}, error) { return config.Config.Key, nil }) I get an error...

(Python) Breaking an output text file into tokens

python,io,token
Short story: I have an output file that comes from a system, broken into tokens divided by "| |;", on which I need to get the content between the pipes "|" and write them on another file. This is how the output file looks like:...

Is there an equivalent to the rewind function, but for one token only?

c,loops,token
In the C language, the rewind function is used to set the position of a stream to the very beginning. I'd like to ask if there's an equivalent function that moves the stream position to the left by one token only. For example, I have a file called FooFile.txt that...

Replace tokens in large array

java,arrays,replace,token
i have this code in main class String slangOutput = msglower; for (String[] replacement : sd.replacements){ if (slangOutput.length() == replacement[0].length()){ slangOutput = slangOutput.replace(replacement[0], replacement[1]); } } and have this > 5000 arrays in slangDictionary class: String [][] replacements ={ {"*4u","kiss for you"}, {"*67"," unknown"}, {"*eg*","evil grin"}, {"07734","hello"}, {"0day","software illegally obtained...

How to recognize token with quote inside of double quotes

c,token
Is there any library method or universally recognized method to recognize a token with a quote inside of a double quote, while still recognizing single quotes without double quotes as tokens? For example, the string: "Bill's Pot" 'Roast' should result in the tokens: Bill's Pot Roast ...

How to pinpoint and use the last token per line in FOR /F Batch file

csv,batch-file,token,tokenize
I am using FOR /F to read the lines of a .csv file to perform XCOPY of various files from one location to another. The columns in the .csv file contain the information of the source and destination folders and filenames. COL1 COL2 COL3 COL4 COL5 1234 From1 Out1 Out2...

long to int conversion exception with ASP.NET MVC4 WebSecurity.ConfirmAccount(string token)

c#,asp.net,asp.net-mvc,asp.net-mvc-4,token
This seems to be a confusion to me. I'm working with MVC4 Simple membership just to help automate my Account process. all seems ok except when i invoke the WebSecurity.ConfirmAccount(string token) and WebSecurity.ResetPassword(string token, string newPassword) methods. both method throw and exception of long to in conversion error when passed...

Using devise_token_auth with form auth

ruby-on-rails,ruby,devise,token,rails-4-2-1
I'm trying to allow using on mobile devices to be authenticated using a token, while still using the webforms for the web application. I decided to use devise_token_auth. Whenever I try and start the application I get an error because a session path is already defined. error ArgumentError: Invalid route...

Google+ getToken() throws UserRecoverableAuthException: NeedPermission

android,unity3d,oauth-2.0,google-plus,token
I want to get authorisation code to enable server-side API access for my app. I do this process in Unity3D with google play games services plugin for Unity. I have function that calls native getToken() function from GoogleAuthUtils class: public string GetToken() { string token = null; Debug.Log("Before RetrieveUserEmail"); string...

LinkedIn Rest API, State token doesn't match

android,android-webview,token,linkedin,state
I am referring this to authorize, authenticate and login to LinkedIn account using Rest API, but now i am facing problem, the WebView where i am displaying the LinkedIn Rest API call url view, is returning blank with message as "State token doesn't match" It was working fine earlier, but...

How to build our own tokens in acejs editor [closed]

token,ace-editor
In acejs editor, we have a lot of build-in tokens, like string, command, and keyword. We can give different color and event handler according to tokens. Here, I wonder it's possible to create our own customer tokens.

jQuery throwing up “Unexpected token for” as an error

jquery,loops,for-loop,token
I have absolutely no idea what the problem is, but the following throws up "Unexpected token for" on the for loop below. Removing the for loop causes the closing }; to be called an unexpected token. $.fn.appExt = function() { $(data).find('a').each(function() { fileExt = this.href.replace(window.location, '').replace('localhost/Program/Code', '').split('.')[1]; if ($.inArray(fileExt, ext)...

How to generate a unique token that is valid until it's manually reset, in PHP?

php,mysql,token,reset
I need some way to generate a unique token that can be passed to a MySQL database, and stored there until it's manually reset. So it needs to be a random token that will be displayed to a user which should stay valid, but also have some function that can...

Incompatible types; String cannot be converted to double : JAVA TOKEN

java,file-io,token
[EDIT] to clarify this is a different question: My question is about parsing String to double for a token to accept it and none of the answers to this question Java Double to String conversion without formatting match my criteria. I have got a file in the following format: A...

LinkedIn: Exchange JSAPI token to REST's OAuth token

ruby-on-rails,oauth,token,linkedin,jwt
I'm working on a website which has the api (Ruby on Rails) and the client (Angular JS) on separated servers. As of that, I authenticate the user on the client with LinkedIn, I post the received data to the API's authentication method and I get JWT back from it. Then...

JWT: How send authorization in header?

php,rest,laravel,token,jwt
I'm using the JWT (https://github.com/tymondesigns/jwt-auth) to generate session tokens in my API. I made all relevant settings to work as the author's documentation. After connecting the session, I make use of a URL to return data of my categories. When I pass the token directly in the URL, it works....

expected identifier or '(' before '~' token

c,debugging,token,getopt,pagerank
I encountered a problem while working on a project. I know there are many simillar questions that are answered, but regarding this special one I could not find any help. I am getting the following error: Compiling main.c main.c:42:1: error: expected identifier or '(' before '~' token ~ ^ Makefile:47:...

take charecters after spaces in java

java,regex,string,token
I have a string and it has two words with 3 spaces between them. For example: "Hello Java". I need to extract "Java" from this string. I searched for regex and tokens, but can't find a solution.

Laravel 5 ignore Authentication specific route

php,authentication,laravel,token
I am new in laravel 5. I have a dashboard page and a login page. whenever I go to localhost:8080/dashboard it always redirect me to localhost:8080/auth/login. I wanted to show my dashboard localhost:8080/dashboard to be viewed without logging in first. Here is my code in VerifyCsfrToken namespace App\Http\Middleware; use Closure;...

Getting new token on retry before retrying old request with Volley

authentication,queue,token,android-volley,priority
I have a simple authentication system implemented using Volley. It goes like this: Get a token from server on login -> an hour later, this token expires -> when it expires, we will find that out on a failed API call, so we should (on retry) -> fetch a new...

Can't get ng-hide & ng-show to work with tokens

angularjs,token,jwt,ng-show,ng-hide
My problem is similar to this : ng-show and ng-hide with jwt Although i modified as instructed by user3735441, i still can't make them work properly: Service : 'use strict'; /** * @ngdoc service * @name ToDoManagerApp.authToken * @description * # authToken * Factory in the ToDoManagerApp. */ angular.module('ToDoManagerApp').factory('authToken', function($window)...

Paypal Payflow Transparent Redirect, SecureToken with AJAX?

ajax,paypal,asp.net-ajax,token,payflowpro
I'm working on a C# VS2012 Framework 4.5 MVC application that is trying to become PCI compliant using Payflow Pro (https://pilot-payflowpro.paypal.com). We've been using PayflowPro for years, and this is what I have to use. From my reading it seems that I should use the Transparent Redirect so I'm not...

Bash, how to modify all the rows of a file after a placeholder?

bash,shell,token,bash-completion
I have a table file that I would like to modify this way: when I found a particular placeholder, I want the next lines to be modified according to it, before meeting the new placeholder, after which the next lines will be modified in another way, etc. This is my...

Getting correct Token from session id

c++,winapi,token,sid,windows-security
What I'm trying to achieve is the actual Token handle from the session ID when the process runs as admin under non admin user(windows logged in user). DWORD dwSessionId = 0; if (false == ProcessIdToSessionId(dwProcessId, &dwSessionId)) { LOG_ERROR(L"Failed obtaining session id"); return false; } HANDLE hToken if (false == WTSQueryUserToken(dwSessionId,...

What causes APNS token to change?

ios,apple-push-notifications,token
Is there a difference between token lifetime on sandbox vs production? I am locked into using a sandbox environment at the moment and am wondering what is causing my token to expire/reset. I am not uninstalling the app nor updating the iOS version between apparent token expirations. I do force...

Vimeo API invalid token when making request

oauth-2.0,token,vimeo-api
I am trying to make a request to the Vimeo api v3 using this request URL: https://api.vimeo.com/videos?query=elvis&client_id=XXXXXXXXXXXXXXXXX&token=XXXXXXXXXXXXXXXXXXXX The token I am sending is copy and pasted from the web interface. I generated it there. I'm trying it from the browser and receiving this response: { "error": "A valid user token...

PHP token security

php,security,login,token
I wrote a PHP application which requires a login. This application is private so no new users can register. First I used sessions to identify the users but it lead to problems on tablets because they lost their sessions. I think this is because of energy saving operations. Now I...