merge

fabio-looker · Dec 6, 2023 · acc0014 · acc0014
2 parents 535c961 + bff727a
commit acc0014
Show file tree

Hide file tree

Showing 2 changed files with 13 additions and 1 deletion.
diff --git a/index.html b/index.html
@@ -143,7 +143,10 @@ <h5>Embed Preview</h5>
 						"send_outgoing_webhook",
 						"see_sql", /* v4.10 */
 						"send_to_integration", /* v6.22 */
-						"create_alerts" /* v6.22 */
+						"create_alerts", /* v6.22 */
+						"embed_save_shared_space", /* v21.4 */
+						"clear_cache_refresh", /* v21.4 */
+						"create_custom_fields" /* v22.4 */
 						/* FYI - Signed Embed does not allow all permissions. If you add unsupported permissions, they will fail  */
 					]}}
 			},

diff --git a/signed-embed-troubleshooting.html b/signed-embed-troubleshooting.html
@@ -73,9 +73,18 @@ <h3>What's going on?</h3>
 				<p>Did you really generate a new URL to put into the validator? If so, is your code to generate URLs actually generating nonces?</p>
 				</details>
 			<details><summary>Embed URI is not valid: 'signature' param failed to authenticate: '...'</summary>
+<<<<<<< HEAD:signed-embed-troubleshooting.html
 				<p>The signature does not correspond to the passed parameters. Check if the <a href="https://fabio-looker.github.io/looker_sso_tool/" target="tool">Signed Embed Tool</a> is able to generate a working signature.<p>
 				<details><summary>The signatures generated by the Signed Embed Tool also fail to validate</summary>
 					<p>You are probably using an incorrect embed secret. Since there is no way to confirm the current secret, you will instead have to reset the embed secret. (Be careful if there are already other applications using Signed Embedding, as they will need to get the new secret.)</p>
+=======
+				<p>The signature does not correspond to the passed parameters. Check if the <a href="https://fabio-looker.github.io/looker_sso_tool/" target="tool">SSO Embed Tool</a> is able to generate a working signature.<p>
+				<details><summary>The signatures generated by the SSO Embed Tool also fail to validate</summary>
+					<p>You may be using an incorrect embed secret or incorrect signing algorithm.</p>
+					<p>Looker supports both HMAC-SHA-1 and HMAC-SHA-256 signing algorithms, and the choice of algorithm is bound to the secret. While the UI exclusively creates HMAC-SHA-1 bound secrets, the API defaults to HMAC-SHA-256 bound secrets.</p>
+					<p>You may wish to reset your embed secret, or try signing with each algorithm, if it is convenient.</p>
+					<p>If neither algorithm works and/or you elect to reset your embed secret, be careful - if there are already other applications using SSO Embedding, they will need to get the new secret too.</p>
+>>>>>>> bff727a35ab77f466163441640510060f5251e87:sso-embed-troubleshooting.html
 					</details>
 				<details><summary>The signatures generated by the Signed Embed Tool do validate</summary>
 					<p>Have your application log or dump the parameters it is using, and string that it is signing.</p>