Elsa Workflow Testing - asp.net-core

I am currently implementing the ELSA Workflow designer into a ABP Framework Application template.
But I started with this ELSA tutorial (finally I downloaded the example code from git)
https://github.com/elsa-workflows/elsa-guides/tree/master/src/ElsaGuides.ContentApproval.Web
And I also followed the according tutorial
https://elsa-workflows.github.io/elsa-core/docs/next/guides/guides-document-approval
But I am not able to trigger the created workflow in the tutorial from postman. This is the reply I always got
I have already disabled the SSL Certificate on the request and on the general settings in the postman app.
POST https://localhost:50684/v2/documents%20HTTP/1.1
404
26 ms
Warning: Unable to verify the first certificate
POST /v2/documents%20HTTP/1.1 HTTP/1.1
Content-Type: application/json
User-Agent: PostmanRuntime/7.29.2
Accept: */*
Postman-Token: 12dba39e-940d-4e50-8899-93306b9cea52
Host: localhost:50684
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Content-Length: 157
Cookie: XSRF-TOKEN=CfDJ8P1vn7IgzNBHq4-LGLe9X6CedwKKMrXP_7FBGMRyx27jX20iFwhBeqRKdSUCNHVQ1yoYgVQk-IWDeW4BN9iWor6h2-PE_fc_EhLc4rvf-snJwitsrjJqRbwAt5H0s1YP9Iu9TWrm5X1dRlztC4PD4uI
{
"Id": "4",
"Author": {
"Name": "Hannah",
"Email": "hannah#gmail.com"
},
"Body": "This is another sample document."
}
HTTP/1.1 404 Not Found
Date: Fri, 11 Nov 2022 11:46:26 GMT
Server: Kestrel
Content-Length: 0
What have I missed or what I am doing wrong ? I am thankfully for any help

Related

Creating a user using the SonarQube API returns a 401

I'm trying to create a user using the SaonarQube API (version 6.2 or up).
I have setup a SoapUI project that contains a few test scripts. One of them is login in and creating a user. this one returns a 401 whe the user creation call is done.
The login is used for other calls as well and proves to work. Except for the create user call. The account used to login to SoarQube is member of the System Administror groups.
Below is the raw request.
POST http://localhost:9000/api/users/create HTTP/1.1
Accept-Encoding: gzip,deflate
Content-Type: application/x-www-form-urlencoded
Content-Length: 47
Host: localhost:9000
Connection: Keep-Alive
User-Agent: Apache-HttpClient/4.1.1 (java 1.5)
Cookie: JWT-SESSION=eyJhbGciOiJIUzI1NiJ9.eyJqdGkiOiJBV0ExaGFtX2hnNWdHUWtNNVRHSiIsInN1YiI6ImFkbWluIiwiaWF0IjoxNTEyNzI2NDQwLCJleHAiOjE1MTI5ODU2NDAsImxhc3RSZWZyZXNoVGltZSI6MTUxMjcyNjQ0MDM4MywieHNyZlRva2VuIjoicHRwcXRlYmtzYTR2MTlhaTk3anV0bnVlZW8ifQ.waHqOsMJ9P6FyIOUWuVODl5QcW-IJp10G6oUAvy1DWk; XSRF-TOKEN=ptpqtebksa4v19ai97jutnueeo
Cookie2: $Version=1
login=user01&name=name01&password=%21P%40ssw0rd
Below is the raw resoonse
HTTP/1.1 401 Unauthorized
Server: Apache-Coyote/1.1
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Length: 0
Date: Fri, 08 Dec 2017 09:47:20 GMT
Any suggestions are welcome.
BTW: I can create the user using the same values using the UI so there is no issue with he user information, at least it seams so.
Update 1:
Added raw request with querystring parameters
POST http://localhost:9000/api/users/create?login=user01&name=name01&password=%21P%40ssw0rd HTTP/1.1
Accept-Encoding: gzip,deflate
Content-Type: application/x-www-form-urlencoded
Content-Length: 0
Host: localhost:9000
Connection: Keep-Alive
User-Agent: Apache-HttpClient/4.1.1 (java 1.5)
Cookie: JWT-SESSION=eyJhbGciOiJIUzI1NiJ9.eyJqdGkiOiJBV0JHZkVGY0h3bW5UZ0V5QklJNyIsInN1YiI6ImFkbWluIiwiaWF0IjoxNTEzMDExMDM2LCJleHAiOjE1MTMyNzAyMzYsImxhc3RSZWZyZXNoVGltZSI6MTUxMzAxMTAzNjQyNCwieHNyZlRva2VuIjoibmIzdmlpcjAyZmZ1ODJnMzNtdW1hYWdkN3QifQ.ur8eZkW1CwNinx4tInFsbkGLQTHQ6yFjheRfup8Z4fQ; XSRF-TOKEN=nb3viir02ffu82g33mumaagd7t
Cookie2: $Version=1
It's not possible to use the generated cookie by a web request in a console request (it could be considered as an attack).
You need either to :
Specify a user token (recommended way)
Specify a login/password

Cannot generate an authorization code on API Explorer

I'm trying to collect and download my lifelog user data. The first step into doing this is getting a user-access token. I am encountering problems while requesting authorization.
From the sony developer authenticization page I am told to input the following code into my API explorer:
https://platform.lifelog.sonymobile.com/oauth/2/authorize?client_id=YOUR_CLIENT_ID&scope=lifelog.profile.read+lifelog.activities.read+lifelog.locations.read
I am supposed to receive the authorization code as such:
https://YOUR_CALLBACK_URL?code=abcdef
However, this is what the current situation is actually like:
I have replaced my actual client ID below with MY_CLIENT_ID for security reasons
INPUT:
GET /oauth/2/authorize?client_id=MY_CLIENT_ID&scope=lifelog.profile.read%2Blifelog.activities.read%2Blifelog.locations.read HTTP/1.1
Authorization:
Bearer kN2Kj5BThn5ZvBnAAPM-8JU0TlU
Host:
platform.lifelog.sonymobile.com
X-Target-URI:
https://platform.lifelog.sonymobile.com
Connection:
Keep-Alive
RESPONSE:
HTTP/1.1 302 Found
Content-Length:
196
Location:
https://auth.lifelog.sonymobile.com/oauth/2/authorize?scope=lifelog.profile.read+lifelog.activities.read+lifelog.locations.read&client_id=MY_CLIENT_ID
Access-Control-Max-Age:
3628800
X-Amz-Cf-Id:
HILH9w3eOm-6ebs_74ghegYQyWS4xyqA1l0gXPRJuuubsoZ6eiiS3g==
Access-Control-Allow-Methods:
GET, PUT, POST, DELETE
X-Request-Id:
76caccfc976d40259ef30415d10980e9
Connection:
keep-alive
Server:
Apigee Router
X-Cache:
Miss from cloudfront
X-Powered-By:
Express
Access-Control-Allow-Headers:
origin, x-requested-with, accept
Date:
Sun, 22 Jan 2017 03:00:42 GMT
Access-Control-Allow-Origin:
*
Vary:
Accept
Via:
1.1 dc698cd00b7ec82887573cfaba9ecca6.cloudfront.net (CloudFront)
Content-Type:
text/plain; charset=utf-8
Found. Redirecting to https://auth.lifelog.sonymobile.com/oauth/2/authorize?scope=lifelog.profile.read+lifelog.activities.read+lifelog.locations.read&client_id=MY_CLIENT_ID
Nowhere can I see the authorization code in the above code. I even tried copying and pasting the URL (on the last line) into my browser, it says "localhost.com took too long to respond"
This is where I input my request
I am not sure whether it is an issue with the callback URL. I don't have an actual website or app made, I just used the default localhost
I am a beginner in this and would really appreciate all help.

Add an API in Kong

New with REST and API Gateway.
I have installed Kong with Cassandra on a dev machine and I'm trying to add my API (spring-boot application) but reading the documentation I'm struggling to make it work.
My API:
http://ff-nginxdev-01:9003/fund-information-services/first-information/fund/{fundId}
when I run
http http://ff-nginxdev-01:9003/fund-information-services/first-information/fund/630
HTTP/1.1 200
Content-Type: application/json;charset=UTF-8
Date: Fri, 25 Nov 2016 14:47:30 GMT
Transfer-Encoding: chunked
X-Application-Context: application:9003
{
"assetSplit": {
"allocationHistories": [
{
"key": {
"asset": {
"description": "Other Far East",
"id": 18
},
"assetSplit": "09",
"effectiveDate": 1430348400000
},
......
......
Everything look fine and I'm able to retrieve the Json message.
Adding the API in Kong:
http POST http://ff-nginxdev-01:8001/apis/ name=fund-information upstream_url=http://ff-nginxdev-01:9003/ request_path=/fund-information-services
HTTP/1.1 201 Created
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Date: Fri, 25 Nov 2016 14:39:45 GMT
Server: kong/0.9.4
Transfer-Encoding: chunked
{
"created_at": 1480084785000,
"id": "fdcc76d7-e2a2-4816-8f27-d506fdd32c0a",
"name": "fund-information",
"preserve_host": false,
"request_path": "/fund-information-services",
"strip_request_path": false,
"upstream_url": "http://ff-nginxdev-01:9003/"
}
Testing Kong API Gateway:
http http://ff-nginxdev-01:8000/fund-information-services/first-information/fund/630
HTTP/1.1 502 Bad Gateway
Connection: keep-alive
Content-Type: text/plain; charset=UTF-8
Date: Fri, 25 Nov 2016 14:44:33 GMT
Server: kong/0.9.4
Transfer-Encoding: chunked
An invalid response was received from the upstream server
I know I'm missing something but it is not clear to me.
By default, Dynamic SSL plugin will binds a specific SSL certificate to the request_host in API.
You just define request_path in your API and that means SSL plugin does not apply when you use request_path.
You can read more to understand why it is like that in: this issue
To make your request works, I think you should read about how to proxy an API in: Proxy Reference
Here is my solution for your problem:
Method 1: Change "strip_request_path" to true
"strip_request_path": true
This method assume you didn't specify request_host first
Method 2: Using request_host instead
"request_host" : "your_api"
Then in your request header, you should add this request_host:
Example request:
curl -i -X POST --url http://ff-nginxdev-01:8000/fund-information-services/first-information/fund/630 --header 'Host: your_api'
and it will works
you missed the api name known by kong "fund-information", so if you do this
http POST http://ff-nginxdev-01:8001/apis/ name=fund-information upstream_url=http://ff-nginxdev-01:9003 request_path=/fund-information-services
your test url is
http http://ff-nginxdev-01:8000/fund-information/first-information/fund/630

How to test user registration api with paw?

What do I set in Paw to allow for a login? I have tried to use the allow cookies with to no avail.
I am working through this tutorial on Github to learn the MEAN stack. Sign up seems to be working but sign in is not.
Sign up request is:
GET /auth/success HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Cookie: connect.sid=s%3A6q22s9GpNRDITB3wKBoxS1emnKCcIR3B.pI3dzqqtSBSBVgkzl7Uib4aqNAf%2Bh5iszoWDMzWPpR8
Host: localhost:3000
Connection: close
User-Agent: Paw/2.2.2 (Macintosh; OS X/10.10.3) GCDHTTPRequest
and the result is:
HTTP/1.1 200 OK
X-Powered-By: Express
Content-Type: application/json; charset=utf-8
Content-Length: 121
ETag: W/"79-56130229"
Date: Thu, 18 Jun 2015 19:52:43 GMT
Connection: close
{"state":"success","user":{"username":"admin","password":"$2a$10$AD5NBc6c6iZ09/eXuYd9oOfTEZ6MnRNYWneLy.SNPFAWf/HX1V0.6"}}
The user is created. But the login request fails every time; the request is:
GET /auth/failure HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Cookie: connect.sid=s%3A6q22s9GpNRDITB3wKBoxS1emnKCcIR3B.pI3dzqqtSBSBVgkzl7Uib4aqNAf%2Bh5iszoWDMzWPpR8
Host: localhost:3000
Connection: close
User-Agent: Paw/2.2.2 (Macintosh; OS X/10.10.3) GCDHTTPRequest
the response is:
HTTP/1.1 200 OK
X-Powered-By: Express
Content-Type: application/json; charset=utf-8
Content-Length: 72
ETag: W/"48-ed4f121"
Date: Thu, 18 Jun 2015 19:53:03 GMT
Connection: close
{"state":"failure","user":null,"message":"Invalid username or password"}
What it comes down to is: Is there something in paw that needs to be enabled to allow sign in testing or is my code more likely to be the problem? My code is almost verbatim from the module three part of that Github repo linked above. Any and all help would be appreciated.
Note: I did not post code on purpose as to not clutter the question. If you need to see something I can add it just let me know.
While I was not sure of my exact error I had with more trouble shooting i saw that you need to make sure that you have follow redirects on and cookies being saved.

Google Drive OAuth Playground: Realtime Get API - Invalid Value Error

I trying to use the Google OAuth 2.0 playground to query for realtime updates on a Google Docs File ID. For every request using either the get or update Realtime api calls I receive an error and have tried sending in numerous file ids. Do you have any advice as to how to use this API?
Below is the URL I am sending along with the error returned:
https://www.googleapis.com/drive/v2/files/1IT1qIuM6QsqV7D--69uv0sn4OSQ24UQKos3x0P3BQjc/realtime
Error Returned:
GET /drive/v2/files/1IT1qIuM6QsqV7D--69uv0sn4OSQ24UQKos3x0P3BQjc/realtime HTTP/1.1
Host: www.googleapis.com
Content-length: 0
Authorization: Bearer ya29.LgDc0oNUU_4cuhoAAAAjT4pqiLwlIpoRV7ll_QEJp1QayB49KOwIYKHVK5rMww
HTTP/1.1 400 Bad Request
Content-length: 172
X-xss-protection: 1; mode=block
X-content-type-options: nosniff
Expires: Wed, 25 Jun 2014 10:08:21 GMT
Server: GSE
Cache-control: private, max-age=0
Date: Wed, 25 Jun 2014 10:08:21 GMT
X-frame-options: SAMEORIGIN
Content-type: application/json; charset=UTF-8
{
"error": {
"code": 400,
"message": "Invalid Value",
"errors": [
{
"domain": "global",
"message": "Invalid Value",
"reason": "invalid"
}
]
}
}
Thanks,
Michael
You need to provide your API key at the end. You can see what the requests should look like in the API explorer.
Note however that realtime documents are scoped to a particular app, so anything you've created in your app won't show up in the API explorer. You can update and the get it from that using the explorer app though.