Is it possible to use a private video link from a cloud provider storage or from Slack (using user token) and upload them to cloudflare steam the same as this sample public link?
Based on Cloudflare documentation, (but this is for a public link)
If you have videos stored in a cloud storage bucket, you can simply pass a HTTP link for the file. Stream will fetch the file and make it available for streaming.
By using webhooks you can receive a notification when the video is ready to be played or if it errors.
Step 1: Make an API call with the link
Make a HTTP request to the Stream API with the URL of the video.
curl -X POST -d '{"url":"https://storage.googleapis.com/zaid-test/Watermarks%20Demo/cf-ad-original.mp4","meta":{"name":"My First Stream Video"}}'
\ -H "Authorization: Bearer <API_TOKEN>"
\ https://api.cloudflare.com/client/v4/accounts/<ACCOUNT_ID>/stream/copy
Ah, seems public is the only way.
Here it said the server must be publicly routable and support HTTP HEAD requests and HTTP GET range requests. The server should respond to HTTP HEAD requests with a content-range header that includes the size of the file.
"https://example.com/myvideo.mp4"
Cloudflare API only accepts a URL for source, and there is no way as far as I see in the linked documentation to send token and access a private file.
Solution is to have a server you own, download from source and upload it to Cloudflare using their file upload API which reads from local directory.
So the answer is no, you can not directly download from a private server and upload to cloudflare. :/
Related
I am trying to test Amazon Connect Rest API in Postman. The API name is GetMetricData. In Postman, I have provided all the required information that is mentioned in the documentation. I have provided the JSON body, URL, and Header, although API is responding 200 OK status but in the response, it is throwing the following errors that you can see in the following screenshots.
I have set AWS signature with proper credentials such as access key and secret key
In the second error it is suggesting me to enable Javascript in the browser which is already enabled in my browser.
Can someone please help me here, I don't know where I am doing wrong. As I am totally new in this field, any help would be appreciated.
Thanks
You are submitting the POST request to the UI distribution endpoint for your Amazon Connect instance, not an API endpoint. You are getting HTML and javascript response body back from the UI distribution because this is meant to be consumed by a browser.
Your API request should be sent to a URL that looks like https://connect.us-west-2.amazonaws.com/metrics/historical/<instanceId>. In this example, my Amazon Connect instance is located in the us-west-2 region so I'm using the connect.us-west-2.amazonaws.com endpoint. You can find all available Amazon Connect API endpoints in the documentation here
I maintain a private repository but want to make one file publicly available.
GitHub documentation states that the CURL command below can retrieve a file:
curl -u username:token https://api.github.com/user
But I would like to provide access through a URL. E.g.
https://username:token#raw.githubusercontent.com/me/repo/master/README.md
This always return a 404. Am I missing something?
From "How can I download a single raw file from a private github repo using the command line?", you wouldneed to use a PAT (Personnal Access Token) without the username:
curl -s https://$TOKEN#raw.githubusercontent.com/....
But I would not recommend making that token visible in any way: it would give access to that file and the rest of the repository.
Putting that file in a separate location (be it a separate public repository, or any other online text storage service) would be safer.
For those of you wondering the "why" on 404 vs 401, it's basically a security measure on GitHub's part to output 404 instead of 401: https://docs.github.com/en/github-ae#latest/rest/overview/other-authentication-methods#basic-authentication
For those wondering why we get a 404 in the browser while cURL gives us a success response, you might've assumed that providing the username and password in the URL like https://username:password#somesite.com would pass the credentials along in the initial request. That is not the case - the browser steps in and sees if the page you are requesting returns a WWW-Authenticate response header, and only then does it send your credentials. In the case of your GitHub url, the resource doesn't send back a WWW-Authenticate. If it did return WWW-Authenticate, then you obviously wouldn't run into this problem.
And then there's cURL. cURL assumes Basic Authentication by default and automatically sets the Authorization header to your username and password (either from the url like my previous example, or set through CLI options like in your example), and it sends it regardless of whether or not the server returns a WWW-Authenticate response header.
Unfortunately for us, there's no way to force the browser to send it with the initial request. As to why GitHub doesn't send a WWW-Authenticate response header, it's probably because they don't want to promote the least secure way of authentication - they no longer allow account passwords to be sent this way, after all. However, they do realize its ease of use and have mitigated some of its weaker points by allowing users to use oAuth access token, GitHub App installation access token, or Personal Access Token in its place that can limit its scope of access. So really, it's the browser that is following standards, and GitHub allowing a form of Basic Authentication with some alterations, and cURL immediately passing our credentials into the Authorization header. I believe the below is what's happening behind your requests:
cURL sends a request along with Authorization header → GitHub: "Well, I didn't ask, but yeah, your creds check out" → GitHub: Authorized and redirects to resource
Browser sends request and waits for WWW-Authenticate response before handing credentials → GitHub: "Umm, you don't have permission to access this resource but I can't let you know whether it actually exists") → GitHub: Returns 404 (instead of 401 with WWW-Authenticate header) stopping the browser short from receiving the WWW-Authenticate header response and sending out an Authorization header with the credentials on hand.
I am trying to make API call to Akamai dataStream source from command line. I have headers client_secret ,host ,access_token ,client_token,base url. Akamai developer doc,https://developer.akamai.com/legacy/introduction/Client_Auth.html does not have good example.
Solid example to make API call to Akamai dataStream source form Linux systems would be highly appreciated.
You can find clients with authentication already implemented on their website
https://developer.akamai.com/legacy/introduction/Open_Source.html
Take a look at egcurl, a curl wrapper handling authentication.
Once configured following instructions on that page, you can call DataStream APIs.
I have an endpoint on API Gateway that I want to make it work with requests from Strip.com only. I have tried adding stripe.com on Access-Contril-Allo-Origin* as it shown below but does not seem to be working at all.
How do I set CORS on API Gateway?
CORS only applies to requests made from a browser. It doesn't apply if you're trying to protect, for example, a webhook URL that you want Stripe to send data to. The typical approaches here are either to include a shared secret in your webhook URL, or to configure a username & password, both of which Stripe support. Examples:
https://yourdomain.com/admin/webhook/6f637faa33a2116f410cfb12af2028a85d22fcf5
https://user:pass#yourdomain.com/admin/webhook/
The other protection here is that you can verify any event received by sending an API request to Stripe to retrieve that event:
https://stripe.com/docs/webhooks#verifying-events
I think you need to have the schema on the header, like, https://stripe.com as Access-Control-Allow-Origin
I have created an api in amazon api gateway service with s3 proxy, and created a method post to upload a file to s3 using the document. Deployed the API and then using that url i tried to call the api from postman. But i couldn't post the file and it returns an error 'missing authentication token'.
I set authorization as NONE.
Then it returns an Unexpected "<" error.
Ah, okay. S3 only supports POST from an HTML form, which is why you see the error where it is expecting multipart formdata.
The method you need to use is PUT, instead of POST. PUT requires an item path, so you'll need to change the resource path to have a bucket and key, or get those from other places.
I have some more info on how to set this up in upload binary from api gateway to S3 bucket
It sounds like the document you're uploading isn't JSON. By default, API Gateway expects UTF-8 encoded JSON.
What content type are you sending with your Postman request?