jwt1=`echo -n '{"alg":"RS256","typ":"JWT"}' | openssl base64 -e`
jwt2=`echo -n '{\
"iss":"...#developer.gserviceaccount.com",\
"scope":"https://www.googleapis.com/auth/userinfo.email https://www.googleapis.com/auth/datastore",\
"aud":"https://accounts.google.com/o/oauth2/token",\
"exp":'$(($(date +%s)+3600))',\
"iat":'$(date +%s)'}' | openssl base64 -e`
jwt3=`echo -n "$jwt1.$jwt2" | tr -d '\n' | tr -d '=' | tr '/+' '_-'`
jwt4=`echo -n "$jwt3" | openssl sha -sha256 -sign google.p12 | openssl base64 -e`
jwt5=`echo -n "$jwt4" | tr -d '\n' | tr -d '=' | tr '/+' '_-'`
curl -H "Content-type: application/x-www-form-urlencoded" -X POST "https://accounts.google.com/o/oauth2/token" -d \
"grant_type=urn%3Aietf%3Aparams%3Aoauth%3Agrant-type%3Ajwt-bearer&assertion=$jwt3.$jwt5"
I receive a token successfully but when I use it I get permission denied?
When I copy the oauth2 token from https://developers.google.com/datastore/docs/apis/v1beta1/datasets/blindWrite#try-it
it works?
curl -X GET "https://www.googleapis.com/oauth2/v1/tokeninfo?access_token=$1"
curl -X GET "https://www.googleapis.com/oauth2/v2/userinfo?access_token=$1"
curl -H "Content-type: application/json" -H "Authorization: Bearer $1" -X POST "https://www.googleapis.com/datastore/v1beta1/datasets/.../blindWrite" -d \
'{
"mutation": {
"upsert": [
{
"key": {
"path": [
{
"kind": "person",
"name": "gert"
}
]
}
}
]
}
}'
difference between the 2 tokens:
1) from jwt (permission denied)
{
"issued_to": "522156758812-u8hj8dhnk5br3vnpqqvuscievhbnl0gg.apps.googleusercontent.com",
"audience": "522156758812-u8hj8dhnk5br3vnpqqvuscievhbnl0gg.apps.googleusercontent.com",
"scope": "https://www.googleapis.com/auth/userinfo.email https://www.googleapis.com/auth/datastore",
"expires_in": 3588,
"email": "522156758812-u8hj8dhnk5br3vnpqqvuscievhbnl0gg#developer.gserviceaccount.com",
"verified_email": true,
"access_type": "offline"
}
{
"email": "522156758812-u8hj8dhnk5br3vnpqqvuscievhbnl0gg#developer.gserviceaccount.com",
"verified_email": true
}
2) from https://developers.google.com/datastore/docs/apis/v1beta1/datasets/blindWrite#try-it (works)
{
"issued_to": "292824132082.apps.googleusercontent.com",
"audience": "292824132082.apps.googleusercontent.com",
"user_id": "116469479527388802962",
"scope": "https://www.googleapis.com/auth/userinfo.email https://www.googleapis.com/auth/datastore https://www.googleapis.com/auth/plus.me",
"expires_in": 3568,
"email": "gert.cuykens#gmail.com",
"verified_email": true,
"access_type": "online"
}
{
"id": "116469479527388802962",
"email": "gert.cuykens#gmail.com",
"verified_email": true
}
What is wrong with my jwt received token?
How do I make jwt work also?
In order for service account to be properly configured with your Cloud Datastore instance you have to create them using the Cloud Console as described in the documentation.
Alternatively if you really want to use the service account you created using the [Google APIs console][3], you can do the following:
Go to cloud.google.com/console
Click on your project id
Click on APIs
Make sure Google Cloud Datastore API is ON
Click on the gear symbol (⚙) on the top right
Click on Teams
Click Add member
Add your service account as a Viewer
Related
I'm trying to use the new LinkedIn Posts API to make a post. I started by trying to duplicate the curl sample code at
https://learn.microsoft.com/en-us/linkedin/marketing/integrations/community-management/shares/posts-api?view=li-lms-2022-06&tabs=curl#text-only-post-creation-sample-request
curl -X POST 'https://api.linkedin.com/rest/posts \
-H 'Authorization: Bearer {INSERT_TOKEN}' \
-H 'X-Restli-Protocol-Version: 2.0.0' \
-H 'LinkedIn-Version: {version number in the format YYYYMM}' \
-H 'Content-Type: application/json' \
--data '{
"author": "urn:li:organization:5515715",
"commentary": "Sample text Post",
"visibility": "PUBLIC",
"distribution": {
"feedDistribution": "NONE",
"targetEntities": [],
"thirdPartyDistributionChannels": []
},
"lifecycleState": "PUBLISHED",
"isReshareDisabledByAuthor": false
}'
I replaced the bearer token with my own, and changed the author to urn:li:person:{my id}
I get the following error suggesting that I a have asked for a specific adContext:
{"errorDetailType":"com.linkedin.common.error.BadRequest","code":"MISSING_REQUIRED_FIELD_FOR_DSC","message":"Field /adContext/dscAdAccount is required when the post is a Direct Sponsored Content, but missing in the request","errorDetails":{"inputErrors":[{"description":"Field /adContext/dscAdAccount is required when the post is a Direct Sponsored Content, but missing in the request","input":{"inputPath":{"fieldPath":"/adContext/dscAdAccount"}},"code":"MISSING_REQUIRED_FIELD_FOR_DSC"}]},"status":400}
In the hope that that was the default, I added an adContext "adContext": {"isDsc": False}
and that gave me {"errorDetailType":"com.linkedin.common.error.BadRequest","code":"UNPROCESSABLE_ENTITY","message":"ReadOnly field present in a create request","errorDetails":{"inputErrors":[{"description":"ReadOnly field present in a create request","input":{"inputPath":{"fieldPath":"/adContext/isDsc"}},"code":"UNPROCESSABLE_ENTITY"}]},"status":400}
I also tried a blank adContext.
Has anyone had any luck using this API, or can anyone tell me what I'm doing wrong?
I'm trying to scrape an Amazon page with browserless:
curl -X POST \
"https://chrome.browserless.io/content?token=<token>" \
-H 'Cache-Control: no-cache' \
-H 'Content-Type: application/json' \
-d ' {
"url": "https://www.amazon.com/gp/your-account/order-details/?orderID=114-5444651-3149007",
"elements": [{
"selector": "a",
}],
"cookies": [
<many cookies>
],
}'
but I keep getting:
[{"message":"\"elements\" is not allowed","path":["elements"],"type":"object.unknown","context":{"child":"elements","label":"elements","value":[{"selector":"a","timeout":10000}],"key":"elements"}}]%
If I exclude the elements object, it works fine but returns the entire 6,000 lines of <html>.
(What I actually want is document.getElementsByClassName('shipment')[0].innerText)
When I try the examples (from the docs) they work fine.
Its because elements only available for /scrape API
You are using /content
The below is the code I use to give a certain set of users access to any indices that start with "custom-". But I want the users to be able to do whatever they want to ANY index (so "*"), EXCEPT for the system indices (which start with "."). Is there a way I can do this with the below code, perhaps with a regex? I tried "names": [ "a-zA-Z0-9" ]," but that didn't work.
curl -XPUT https://elasticsearch1:9200/_xpack/security/role/custom-users -u elastic -k -v -H "Content-Type: application/json" -d '
{
"indices": [{
"names": [ "custom-*" ],
"privileges": ["all"]
}],
"metadata": {
"version" : 1
}
}
'
This worked:
{ "names": ["#&~(^..+)"], "privileges": ["all"] }
According to https://developer.openstack.org/api-ref/container-infrastructure-management/#create-new-cluster all I would need to create the cluster is pass the parameters like:
curl --header "X-Auth-Token: blah" \
-X POST https://myopenstack:9511/v1/clusters -d name="Swarm-cluster-ansible" -d cluster_template_id="7402f9d3-4881-440f-8496-08d420935f58" -d node_count=2 -d keypair="k8s-gitlab-ci"
It is giving me:
{"errors": [{"status": 400, "code": "client", "links": [], "title": "Unknown argument: \"cluster_template_id, node_count, keypair, name\"", "detail": "Unknown argument: \"cluster_template_id, node_count, keypair, name\"", "request_id": ""}]}
If I try it this way:
curl --header "X-Auth-Token: blah" \
-X POST https://myopenstack:9511/v1/clusters -d cluster='{
"name":"swarm",
"master_count":1,
"discovery_url":null,
"cluster_template_id":"7402f9d3-4881-440f-8496-08d420935f58",
"node_count":1,
"keypair":"k8s-gitlab-ci",
"master_flavor_id":null,
"labels":{
},
"flavor_id":null
}'
{"errors": [{"status": 400, "code": "client", "links": [], "title": "Invalid input for field/attribute cluster", "detail": "Invalid input for field/attribute cluster. Value: '{\n \"name\":\"swarm\",\n \"master_count\":1,\n \"discovery_url\":null,\n \"cluster_template_id\":\"7402f9d3-4881-440f-8496-08d420935f58\",\n \"node_count\":1,\n \"keypair\":\"k8s-gitlab-ci\",\n \"master_flavor_id\":null,\n \"labels\":{\n },\n \"flavor_id\":null\n}'. unable to convert to Cluster. Error: __init__() takes exactly 1 argument (2 given)", "request_id": ""}]}
Any idea?
EDIT: I am able to do a GET and retrieve the list of existing clusters.
-H "Content-Type: application/json" is enough in this case so the body is interpreted as JSON.
I have multiple repositories in a BitBucket project.
I wish to automatically create a bitbucket repository, and enable pipelines (setting the pipeline configuration should be easy, with pushing a bitbucket-pipelines.yml file).
How can I do it using the REST API?
The other answer's "enable pipelines" request did not work for me.
This is what worked:
curl -X PUT -is -u '<username>:<password>' -H 'Content-Type: application/json' \
https://api.bitbucket.org/2.0/repositories/<username>/<slug>/pipelines_config \
-d '{
"enabled": true
}'
You can create a repository with the BitBucket REST API.
$ curl -X POST -H "Content-Type: application/json" -d '{
"scm": "git",
"project": {
"key": "Foo"
}
}' https://api.bitbucket.org/2.0/repositories/<username>/<repo_slug>
Push your bitbucket-pipelines.yml to your created repo.
curl https://api.bitbucket.org/2.0/repositories/<username>/<slug>/src \
-F /bitbucket-pipelines.yml=#bitbucket-pipelines.yml
Then enable pipeline for your project
curl -X PUT -is -u '<username>:<password>' -H 'Content-Type: application/json' \
https://api.bitbucket.org/2.0/repositories/<username>/<repo_slug> \
-d '{
"enabled": true,
"type": "repository_pipelines_configuration"
}'
Finally, you can trigger a pipeline for the branch like so.
$ curl -X POST -is -u <username>:<password> \
-H 'Content-Type: application/json' \
https://api.bitbucket.org/2.0/repositories/<username>/<slug>/pipelines/ \
-d '
{
"target": {
"ref_type": "branch",
"type": "pipeline_ref_target",
"ref_name": "<branch_name>"
}
}'
References:
Repository API
Pipelines API