Is it possible to connect to an API with windows Credentials?
I need to connect on an API witch uses Windows AD authentication.
I thought thats works with auth_basic but it's not the good way...
Thanks by advance for your answers
$httpClient = HttpClient::create([
'auth_basic' => ['username', 'password']
]);
$response = $httpClient->request('GET', 'https://apiURL', [
'headers' => ['accept' => 'text/plain'],
]);
dump($response->getStatusCode());
dump($response);
Yes, it's possibile using the auth_ntlm option. But this option is supported only by the cURL client, so you must have the cURL PHP extension installed and enabled in your system.
Here's the code:
$httpClient = new CurlHttpClient(['auth_ntlm' => "username:password"]);
$response = $httpClient->request('GET', 'https://apiURL', [
'headers' => ['accept' => 'text/plain'],
]);
dump($response->getStatusCode());
dump($response);
Related
In the Symfony Panther docs it states:
Even if Chrome is the default choice, Panther can control any browser
supporting the WebDriver protocol. It also supports remote browser
testing services such as Selenium Grid (open source), SauceLabs and
Browserstack.
But, there are no other documentation on how to do this.
How do you implement BrowserStack as a remote browser for Panther?
This is how to create a new Panther client using a BrowserStack remote browser:
use Facebook\WebDriver\Remote\DesiredCapabilities;
use Symfony\Component\Panther\Client;
$capabilities = array(
"os" => "OS X",
"os_version" => "Monterey",
"browser" => "Chrome",
"browser_version" => "latest",
"name" => "Test",
"build" => "Build 1.0",
"browserstack.debug" => true,
"browserstack.console" => "info",
"browserstack.networkLogs" => true,
"disableCorsRestrictions" => true,
"wsLocalSupport" => true,
"geoLocation" => "US"
);
$caps = DesiredCapabilities::chrome();
foreach ($capabilities as $key => $value) {
$caps->setCapability($key, $value);
}
$client = Client::createSeleniumClient('https://[YOUR_BROWSERSTACK_USERNAME]:[YOUR_BROWSERSTACK_ACCESS_KEY]#hub-cloud.browserstack.com/wd/hub', $caps);
$client->request('GET', 'https://stackoverflow.com/');
You can see a list of capabilities here: https://www.browserstack.com/automate/capabilities
You can also refer to this -
https://github.com/symfony/panther/blob/main/examples/basic.php
https://stefanoalletti.wordpress.com/2018/07/02/symfony-docker-behat-browserstack-testing-your-app-like-a-boss/
https://symfony.com/blog/introducing-symfony-panther-a-browser-testing-and-web-scrapping-library-for-php
If you face any issue, please create a support ticket with them.
We are starting to use Cloudflare on a few Wordpress client accounts and notice in the CDN settings that my email address and API key are visible to the client.
Is this a potential security issues where others can see my Cloudlflare email address and API key? Should I be using 1 Cloudflare account per client account?
Here is a screenshot (i have blurred the API key and deleted the email input box in the console) but both these values are visible to the customer.
What is the worse thing they could do with these 2 pieces of data?
you have to use tokens instead of global api key. you strict token to certain zone only
This only will NOT solve the problem, you have to manually modify wp fastest cache plugin to modify the request to match API tokens usage.
the requests can be found in inc\cdn.php
The modified file:
https://gist.github.com/ahmed-abdelazim/7c8170f7fc4e821c6b015d770fcbf14a
so
$header = array("method" => "DELETE",
'headers' => array(
"X-Auth-Email" => $email,
"X-Auth-Key" => $key,
"Content-Type" => "application/json"
),
"body" => '{"purge_everything":true}'
);
is converted to
$header = array("method" => "DELETE",
'headers' => array(
//"X-Auth-Email" => $email,
"Authorization" => "Bearer ".$key,
"Content-Type" => "application/json"
),
"body" => '{"purge_everything":true}'
);
and this occured five times in the plugin in the cdn.php file
simply creating API Token worked for me. There are some pre made template. There was for wordpress one as well. Just selected and created and added it to wp fastest cache and that worked.
According the docs for the Messenger Platform 1.4, the Upload API returns an attachment_id for the uploaded attachment:
{
"attachment_id":"1854626884821032"
}
How do we use this attachment_id to send attachments? Or does simply sending another message with an attachment from the same URL result in messenger using the uploaded attachment?
You should use
$imageAttachment = array('type' => 'image'``, 'payload' => array('attachment_id' => '1854626884821032'));
$params = array('message' => array('attachment' => $imageAttachment), "recipient" => array("id" => $senderId));
and the make a Curl as specified here
https://developers.facebook.com/docs/messenger-platform/send-api-reference/image-attachment
I create my first app with silex. Only logged in users can use the app. In the first page i create a login form, so the user can authenticate. My security provider look like:
$app->register(new Silex\Provider\SecurityServiceProvider(), array(
'security.firewalls' => array(
'secure_area_edison' => array(
'pattern' => '^/admin/',
'form' => array('login_path' => '/', 'check_path' => '/admin/login_check'),
'logout' => array('logout_path' => '/admin/logout', 'invalidate_session' => true),
'users' => function () use ($app) {
return new App\Services\UserProvider($app['db']);
},
),
)
));
Every url after '/admin' require that the user was successfull authenticated. Everything works fine and now i want to extend my app with an API. I create a new controller which retrieves data from database and return a JSON reponse, this work also fine.
But how can the user authenticate for this API? Should i create a new column in my user table like "hash" or "token"? Users which will retrieve the JSON Response must send the token in every get request, is this the correct way?
The url can look:
/admin/api/allProducts/token/<TOKEN>
you should use token base authentication instead of passing token in every get request.
refer : https://github.com/thcolin/silex-simpleuser-jwt
I'm currently stuck with some of Zend's methods, im trying to make a simple Zend_Service_Twitter request through a proxy, however i keep getting:
Unable to Connect to tcp://api.twitter.com:80. Error #0:
php_network_getaddresses: gethostbyname failed.
I am able to do http calls with the Zend_Http_Client library by itself, so I believe my problem is with the code where I pass the httpClient instance to the Zend_Service_Twitter... But enough rant i guess, basically I have the following:
$config = array(
'adapter' => 'Zend_Http_Client_Adapter_Proxy',
'proxy_host' => self::PROXY_HOST,
'proxy_port' => self::PROXY_PORT,
'timeout' => 240,
);
$httpClient = new Zend_Http_Client(self::TWITTER_API_URL, $config);
$token = new Zend_Oauth_Token_Access;
$token->setParams(array(
Zend_Oauth_Token_Access::TOKEN_PARAM_KEY => self::TWITTER_OAUTH_TOKEN,
Zend_Oauth_Token_Access::TOKEN_SECRET_PARAM_KEY => self::TWITTER_OAUTH_TOKEN_SECRET
));
$twitter = new Zend_Service_Twitter(array(
'username' => 'MYUSERNAME',
'accessToken' => $token
));
$twitter->getHttpClient($httpClient);
$response = $twitter->account->rateLimitStatus();
Any pointers would be appreciated!
While taking a closer look at the Zend_Service_Twitter class, all you need to do in order to set up the proxy parameters is this:
$twitter = new Zend_Service_Twitter(array(
'username' => 'MYUSERNAME',
'accessToken' => $token
));
$twitter->setLocalHttpClient($twitter->getHttpClient($httpClient));
($httpClient being an instance of Zend_Http_Client which contains your proxy configuration)