• anna wang 1
  • NEWBIE
  • 5 Points
  • Member since 2016

  • Chatter
    Feed
  • 0
    Best Answers
  • 0
    Likes Received
  • 0
    Likes Given
  • 0
    Questions
  • 3
    Replies
Hello all,

I'm trying to complete Understand SOQL Injection trailhead and getting right result, but I cannot complete the challenge.

Simulate a SOQL Injection Attack

For this challenge, perform a SOQL injection on the search box to see information that is unintentionally exposed. Navigate to the SOQL Injection Challenge tab within the SOQL Injection application. You will see a search tool for the supply__c object. Use the search box to perform a SOQL injection which returns supplies meant for Nobles only. Hint: If you’ve done this successfully, your query should return one result containing Venison.

I have 4 correct soultions for this:
%' and Nobles_only__c=true and name != '%123
%' and Nobles_only__c=true and name = '%
%' and Nobles_only__c=true and Storage_Location__r.Name != '%
%' and Nobles_only__c=true and Storage_Location__r.Castle__r.Name != '%

All of them are giving only one record containing Venison(what is the requirement). 

Can someone help me? What I'm doing wrong?

Thank you
Hi,

I am trying to complete the topic Creating a data model under the module 'Build a Conference Management App' in Trailhead. However, even after doing everything right with the speaker object. The challenge still throws an error. Did anyone else complete the challenge. 

Thank you,
Satyanarayana
How to authenticate google service account for google adword api. By using this document. 
https://developers.google.com/accounts/docs/OAuth2ServiceAccount
My code Is as following :
public class GoogleAdWordApi{
     public Static String getAccessToken(){
        String accesstoken = '';
        
        String headerStr64 = EncodingUtil.base64Encode(Blob.valueOf('{"alg":"RS256","typ":"JWT"}'));
        headerStr64 = headerStr64.split('=')[0];

        String str = '{"iss":"965360208690-a6qbrksf61b5dl7punv126ntb5aspu93@developer.gserviceaccount.com",';
        str += '"scope":"' + 'https://www.googleapis.com/auth/prediction' + '",';
        str += '"aud":"' + 'https://accounts.google.com/o/oauth2/token' + '",';
        str += '"exp":' + system.now().addminutes(30).gettime()/1000 + ',';
        str += '"iat":'+system.now().gettime()/1000;
        str += '}';
        
        System.debug('@@@ str==>'+str);
        
        String claim_set64 = EncodingUtil.base64Encode(Blob.valueOf(str));
        claim_set64 = claim_set64.split('=')[0];
        System.debug('@@ claim_set64==>'+claim_set64);
        
        //make signature
        String sigInputstr =   headerStr64 + '.' + claim_set64 ;
        Blob signInputByteData = Blob.valueOf(sigInputstr);
        Blob signByteData = System.Crypto.signWithCertificate('RSA-SHA256',signInputByteData,'privatekey');
        String sigStr64 = EncodingUtil.base64Encode(signByteData);
        System.debug('@@@ sigStr64==>'+sigStr64);
        sigStr64 = sigStr64.split('=')[0];
        System.debug('@@@ sigStr64==>'+sigStr64);
        
        String jwtStr = headerStr64 + '.' + claim_set64 + '.' + sigStr64;
        
        System.debug('@@@ jwtStr==>'+jwtStr);
        
        HttpRequest req = new HttpRequest();
        req.setEndpoint('https://accounts.google.com/o/oauth2/token');
        req.setMethod('POST');
        req.setHeader('Host','accounts.google.com');
        req.setHeader('Content-Type','application/x-www-form-urlencoded');
        String body = 'grant_type='+ EncodingUtil.urlEncode('urn:ietf:params:oauth:grant-type:jwt-bearer','UTF-8');
        body += '&assertion=' + jwtStr;
        req.setBody(body);
        System.debug('@@ body==>'+body);
        Http http = new Http();
        HTTPResponse res = http.send(req);
        System.debug(res.getBody());    
        
        return accesstoken;
    }
}
--------------------------
Please tell me what is going worng with it.