I have created AccessTokenClientCredential and RefreshAccessToken in OAuth proxy through Apigee tool.
When I tried to access "https://damuorgn-prod.apigee.net/oauth/client_credential/accesstoken?grant_type=client_credentials&client_id=07VoDotbGhyl3aG8GxjkyXivoTNH9oiQ&client_secret=fb8ZOrAUUSGp3FAv" URL after mentioning client Id and client secret ID, page is empty. It does not displays any error or displays with Token value.
Steps followed to create token from below URL
"http://apigee.com/docs/gateway-services/content/secure-calls-your-api-through-oauth-20-client-credentials".
Please advise.
Regards,
Damodaran
I tried both Test and Prod environment but there was no luck.
I have requested for Curl software installation. Is there any other way to test this URL without Curl software. Your immediate reply is appreciated. Thanks!
Curl https://damuorgn-test.apigee.net/oauth/client_credential/accesstoken?grant_type=client_credentials -X POST -d 'client_id=qnYUqb6j3uGraRAh7JF9d651nUXNwMCC&client_secret=mjHIFMcTDCa3YQ6f'
Could you please check on this link from Curl software ?
It looks like there may be a couple of issues:
When I try your URL, I get a "CLASSIFICATION_FAILURE" error - which means the proxy can't be found. I noticed that you're using "damuorgn-prod.apigee.net" when you might have deployed your proxy to the test environment, and meant to use: "damuorgn-test.apigee.net".
In step 5.2 of the document you referenced, it says to use POST instead of GET. So you might try this:
curl https://damuorgn-test.apigee.net/oauth/client_credential/accesstoken?grant_type=client_credentials -X POST -d 'client_id=07VoDotbGhyl3aG8GxjkyXivoTNH9oiQ&client_secret=fb8ZOrAUUSGp3FAv'
(When I try this, I get an "invalid client id" error, but maybe that client_id is no longer valid?)
Hope that helps,
Scott
Related
Please help me. How I can get a file from Google Drive via HTTP GET request (using wget/curl/postman/etc)?
What I need? File ID, access token and what? How correctly write this HTTP request?
Thanks!
Thank you, #pinoyyid!
Instructions are at developers.google.com/drive/v3/reference/files/get
You can use the form on the right to try it, and use the Chrome Dev
Console to capture the http request to a curl command
I am using Softlayer Object Storage REST API.
I was told that below command line using CURL has been successful.
$ curl -i -XPUT -H "X-Auth-Token: AUTH_tkabcd" --data-binary "Created for testing REST client" https://dal05.objectstorage.softlayer.net/v1/AUTH_abcd/container2/file10.txt
I wish to upload files using Javascript so I have no clue how do I wrap the file in my request.
Anyone please provide an example? A lot of thanks.
Here some ideas and examples that can help you:
CORS
How to consume a RESTful service using
jQuery
JavaScript REST client Library
[closed]
https://ricardo147.files.wordpress.com/2012/08/image001.png
However, there is a customer who was not able to make rest request through Javascript. I will investigate about it, I will let you know any news.
(Softlayer, Open Stack Swift) How to solve cross domain origin with
object storage
api?
I am able to download the file from Sonatype Nexus using HTTP Basic Authentication Credentials in the HTTP Header.
But I am not able to achieve this by putting in the credentials as part of the url - something like this:
http://admin:admin123#nexus.example.com/nexus/service/local/artifact/maven/content?g=com.test&a=project&v=1.0&r=test_repo_1_release
Does anyone know why or how I can achieve the same thing without using auth in headers?
PS: this is a test environment - hence no SSL.
You have to use the authorization header, so you need to use a client that can set the authorizaiton http header. If you have curl or wget available you can do this as:
curl -u admin:admin123 http://nexus.example.com/nexus/service/local/artifact/maven/content?g=com.test&a=project&v=1.0&r=test_repo_1_release
wget --user=admin --password=admin123 http://nexus.example.com/nexus/service/local/artifact/maven/content?g=com.test&a=project&v=1.0&r=test_repo_1_release
Code that was previously working to get the logged in user is now failing. For the default role I have a few permissions including this one (in the list at /roles/xxx/permissions):
"get:/users/me"
To verify I didn't break something in the API, I logged in from Curl (names modified to protect the guilty):
curl -X POST "https://api.usergrid.com/xxx/xxx/token" -d '{"grant_type":"password", "username":"test", "password":"xxx"}'
This gets a valid response with an access token:
{"access_token":"YWMxxxNnAHCEeSEEUF6k0-adAAAAUcaO_3R5IcK1ftFnDt0x52NVSoHEATWD6Q","expires_in":604800,"user":{"uuid":"a2517xxx-d3dc-11e3-b4fb-17caf255a670","type":"user","name":"Test User","created":1399243032076,"modified":1399243032076,"username":"test","email":"test#test.com","activated":true,"picture":"http://www.gravatar.com/avatar/b64xxx217b34b1e8d3bd915fc65c4452"}}
Using this access token, compose the Curl request to get /users/me:
curl -X GET https://api.usergrid.com/xxx/xxx/users/me?access_token=YWMxxxNnAHCEeSEEUF6k0-adAAAAUcaO_3R5IcK1ftFnDt0x52NVSoHEATWD6Q
Now instead of working as I believe it used to, I get this:
{"error":"unauthorized","timestamp":1404289792782,"duration":0,"exception":"org.apache.shiro.authz.UnauthorizedException","error_description":"Subject does not have permission [applications:get:d5e9e5a0-d310-11e3-a524-df009e0fbc2f:/users/a25174ca-d3dc-11e3-b4fb-17caf255a670]"}
Have I broken something and just missing it? I tried deleting the permission and recreating it but that didn't help either. Thanks!
To my knowledge, you cannot use 'me' as the entity to retrieve self. You would need to specify the actually username or uuid of the user entity. Luckily when you retrieve a token, that info is passed back in the response, so you can save it.
See getting a user in the Apigee docs.
#remus question prompted me to find an example on the security page to show where I had gotten the permission from. However, the page http://apigee.com/docs/app-services/content/managing-access-defining-permission-rules now shows this example:
GET,PUT,POST,DELETE:/users/me/**
I'm fairly certain that wasn't the case earlier as this code had been working for weeks with the prior permission. Maybe I bumped my head :-) hopefully anyone else having this problem will find this. The curl examples posted in the question now work fine with this permission set (although I only added GET permission in my case).
When a server allows access via Basic HTTP Authentication, what is the experience expected to be in a web browser?
Ignoring the web browser for a moment, here's how to create a Basic Auth request with curl:
curl -u myusername:mypassword http://somesite.example
But what about in a Web Browser? What I've seen on some websites, is I visit the URL, and then the server returns response code 401. The browser then displays a username/password prompt.
However, on somesite.example, I'm not getting an authorization prompt at all, just a page that says I'm not authorized. Did somesite not implement the Basic Auth workflow correctly, or is there something else I need to do?
To help everyone avoid confusion, I will reformulate the question in two parts.
First: "how can make an authenticated HTTP request with a browser, using BASIC auth?".
In the browser you can do a HTTP basic auth first by waiting the prompt to come, or by editing the URL if you follow this format: http://myusername:mypassword#somesite.example
NB: the curl command mentionned in the question is perfectly fine, if you have a command-line and curl installed. ;)
References:
https://en.wikipedia.org/wiki/Basic_access_authentication#URL_encoding
https://en.wikipedia.org/wiki/Uniform_Resource_Locator#Syntax
https://www.rfc-editor.org/rfc/rfc3986#page-18
Also according to the CURL manual page https://curl.haxx.se/docs/manual.html
HTTP
Curl also supports user and password in HTTP URLs, thus you can pick a file
like:
curl http://name:passwd#machine.domain/full/path/to/file
or specify user and password separately like in
curl -u name:passwd http://machine.domain/full/path/to/file
HTTP offers many different methods of authentication and curl supports
several: Basic, Digest, NTLM and Negotiate (SPNEGO). Without telling which
method to use, curl defaults to Basic. You can also ask curl to pick the
most secure ones out of the ones that the server accepts for the given URL,
by using --anyauth.
NOTE! According to the URL specification, HTTP URLs can not contain a user
and password, so that style will not work when using curl via a proxy, even
though curl allows it at other times. When using a proxy, you _must_ use
the -u style for user and password.
The second and real question is "However, on somesite.example, I'm not getting an authorization prompt at all, just a page that says I'm not authorized. Did somesite not implement the Basic Auth workflow correctly, or is there something else I need to do?"
The curl documentation says the -u option supports many method of authentication, Basic being the default.
Have you tried?
curl somesite.example --user username:password
You might have old invalid username/password cached in your browser. Try clearing them and check again.
If you are using IE and somesite.example is in your Intranet security zone, IE may be sending your Windows credentials automatically.
WWW-Authenticate header
You may also get this if the server is sending a 401 response code but not setting the WWW-Authenticate header correctly - I should know, I've just fixed that in out own code because VB apps weren't popping up the authentication prompt.
If there are no credentials provided in the request headers, the following is the minimum response required for IE to prompt the user for credentials and resubmit the request.
Response.Clear();
Response.StatusCode = (Int32)HttpStatusCode.Unauthorized;
Response.AddHeader("WWW-Authenticate", "Basic");
You can use Postman a plugin for chrome.
It gives the ability to choose the authentication type you need for each of the requests.
In that menu you can configure user and password.
Postman will automatically translate the config to a authentication header that will be sent with your request.