influxdb2.4.0 set auth error authorization not found - authentication

i'm a new influxdb user and i want to deploy influxdb2 on a linux server without root authority
so i use influxd from influxdb2-2.4.0-linux-amd64.tar.gz as influxdb and influx from influxdb2-client-2.4.0-linux-amd64.tar.gz as influx-cli.
my influxdb use command
./influxd
to start with config.yaml in the same path, the yaml config is
bolt-path: mypath/.influxdbv2/influxd.bolt
engine-path: mypath/.influxdbv2/engine
http-bind-address: ":18088"
instance-id: ":18088"
sqlite-path: mypath/.influxdbv2/influxd.sqlite
log-level: debug
after start influxdb I connect it by influx with command
./influx config create --active -n test_config -u http://localhost:18088 -t test1234 -o test-org --config-path "mypath/.influxdbv2/config"
(becasue i dont have root authority so i have to save my cli config into another path instead of default)
but after I create config and try to view auth list with command
./influx auth list --config-path "mypath/.influxdbv2/config
I got an Error "Error: could not find authorization with given parameters: 401 Unauthorized: unauthorized access"
and see the text below in the influxdb log
2022-09-30T09:02:51.147998Z info Unauthorized {"log_id": "0dFLgdmW000", "error": "authorization not found"}
2022-09-30T09:02:51.148198Z debug Request {"log_id": "0dFLgdmW000", "service": "http", "method": "GET", "host": "localhost:18088", "path": "/api/v2/authorizations", "query": "", "proto": "HTTP/1.1", "status_code": 401, "response_size": 55, "content_length": 0, "referrer": "", "remote": "[::1]:18370", "user_agent": "influx", "took": "0.263ms", "error": "unauthorized", "error_code": "unauthorized", "body": ""}
I tried ./influx with flag -t "test1234" bug get same return and I wonder how can I handle this problem
Could anyone help me :)

Related

How to setup Adyen acquirer account

I have a problem with testing MB WAY for API only payment method on Adyen https://docs.adyen.com/payment-methods/mb-way/api-only
After I send request as described here https://docs.adyen.com/payment-methods/mb-way/api-only#make-payment
curl https://checkout-test.adyen.com/v68/payments \
-H 'x-api-key: YOUR_API_KEY' \
-H 'content-type: application/json' \
-d '{
"merchantAccount": "YourCompanyECOM",
"reference": "My first Adyen test payment",
"amount": {
"value": 1000,
"currency": "EUR"
},
"paymentMethod": {
"type": "scheme",
"encryptedCardNumber": "test_4111111111111111",
"encryptedExpiryMonth": "test_03",
"encryptedExpiryYear": "test_2030",
"encryptedSecurityCode": "test_737"
}
}'
I receive this response
{
"status": 500,
"errorCode": "905_1",
"message": "Could not find an acquirer account for the provided txvariant (mbway), currency (EUR), and action (AUTH).",
"errorType": "configuration",
"pspReference": "GBSGRNJVSBLZNN82"
}
I did not found a way to set up an acquirer account on Adyen dashboard so far. Is that option there, or I need to do something else to make it work?
This kind of error can have as origin one of the following reasons:
The currency is not configured or supported
The minimum amount is set too low
The payment method is not configured on your account
The payment type (shopperInteraction) is not supported.
The full documentation of this error is here

How can assign permission to user for specific folder in nuxeo using rest api

I upload many files to Nuxeo server using rest API. Now I need to add permission to users. I use http://localhost:8080/nuxeo/api/v1/id/file-id/#acl endpoint with payload:
{
"username": "username",
"permission": "ReadWrite"
}
But it is not working. The error is:
{
"entity-type": "exception",
"status": 405,
"message": "javax.ws.rs.WebApplicationException"
}
How can I do it? Is there any endpoint for that?
Permission can be added by the Document.AddPermission operation available on the http://localhost:8080/nuxeo/api/v1/automation/Document.AddPermission endpoint.
Here is a curl example call used to add ReadWrite permission for editor user to the document with ID 2d28e87f-0753-4cfc-9f9b-b17d424aa6a7:
curl -X POST -u Administrator:Administrator \
http://localhost:8080/nuxeo/api/v1/automation/Document.AddPermission \
-H "Content-Type: application/json" \
-d '{"params":{"users":["editor"],"permission":"ReadWrite"},"input":"2d28e87f-0753-4cfc-9f9b-b17d424aa6a7"}'
And here is an example payload when you want to add permission for external user:
{
"params": {
"users":[],
"email": "some-external#user.com",
"permission": "Read",
"begin": "2020-06-01T00:00:00+02:00",
"end": "2020-06-30T00:00:00+02:00",
"notify": true,
"comment": "notify#me.com"},
"context": {},
"input": "2d28e87f-0753-4cfc-9f9b-b17d424aa6a7"
}

OpenShift Service Account Permissions to Read Pod and Deployment Status

I would like to use the OpenShift REST api to make queries from a separate portal. We first created a service account using the following steps (where my-id is an admin in the project):
C:\openshift>oc login
Authentication required for https://openshift-test.foo.com:8443 (openshift)
Username: my-id
Password:
Login successful.
You have access to the following projects and can switch between them with 'oc project <projectname>':
* datalake-replication-consumers
datalake-replication-demo
Using project "datalake-replication-consumers".
C:\openshift>oc create serviceaccount gmi-registry
serviceaccount "gmi-registry" created
C:\openshift>oc policy add-role-to-user admin system:serviceaccounts:datalake-replication-consumers:gmi-registry
role "admin" added: "system:serviceaccounts:datalake-replication-consumers:gmi-registry"
C:\openshift>oc serviceaccounts get-token gmi-registry
<token here>
I then pasted that token as a bearer token into Postman to make a few api calls. Since I added my service account to the admin role within my project, I assumed this would work, but instead we're getting back a 403.
GET pods:
https://openshift-test.foo.com:8443/api/v1/namespaces/datalake-replication-consumers/pods
Response:
{
"kind": "Status",
"apiVersion": "v1",
"metadata": {},
"status": "Failure",
"message": "User \"system:serviceaccount:datalake-replication-consumers:gmi-registry\" cannot list pods in project \"datalake-replication-consumers\"",
"reason": "Forbidden",
"details": {
"kind": "pods"
},
"code": 403
}
GET specific deployment:
https://openshift-test.foo.com:8443/oapi/v1/namespaces/datalake-replication-consumers/deploymentconfigs/entity-65869977-9d56-49a5-afa2-4a547df82d5c
Response:
{
"kind": "Status",
"apiVersion": "v1",
"metadata": {},
"status": "Failure",
"message": "User \"system:serviceaccount:datalake-replication-consumers:gmi-registry\" cannot get deploymentconfigs in project \"datalake-replication-consumers\"",
"reason": "Forbidden",
"details": {
"name": "entity-65869977-9d56-49a5-afa2-4a547df82d5c",
"kind": "deploymentconfigs"
},
"code": 403
}
What are we missing for service account permissions here?
UDPATE: I should also add that I pulled my own bearer token out of the CLI and used that for both calls. That worked.
Not a very exciting answer, but our problem was solved when we installed a v3.7 instance. My initial tests were on v1.5, which I think corresponds to 3.5 or 3.6 in the enterprise offering?

My AKS Cluster was brought down, how can I recover?

I have been playing around with load-testing my application on a single agent cluster in AKS. During the testing, the connection to the dashboard stalled and never resumed. My application seems down as well, so I am assuming the cluster is in a bad state.
The API server is restate-f4cbd3d9.hcp.centralus.azmk8s.io
kubectl cluster-info dump shows the following error:
{
"name": "kube-dns-v20-6c8f7f988b-9wpx9.14fbbbd6bf60f0cf",
"namespace": "kube-system",
"selfLink": "/api/v1/namespaces/kube-system/events/kube-dns-v20-6c8f7f988b-9wpx9.14fbbbd6bf60f0cf",
"uid": "47f57d3c-d577-11e7-88d4-0a58ac1f0249",
"resourceVersion": "185572",
"creationTimestamp": "2017-11-30T02:36:34Z",
"InvolvedObject": {
"Kind": "Pod",
"Namespace": "kube-system",
"Name": "kube-dns-v20-6c8f7f988b-9wpx9",
"UID": "9d2b20f2-d3f5-11e7-88d4-0a58ac1f0249",
"APIVersion": "v1",
"ResourceVersion": "299",
"FieldPath": "spec.containers{kubedns}"
},
"Reason": "Unhealthy",
"Message": "Liveness probe failed: Get http://10.244.0.4:8080/healthz-kubedns: net/http: request canceled while waiting for connection (Client.Timeout exceeded while awaiting headers)",
"Source": {
"Component": "kubelet",
"Host": "aks-agentpool-34912234-0"
},
"FirstTimestamp": "2017-11-30T02:23:50Z",
"LastTimestamp": "2017-11-30T02:59:00Z",
"Count": 6,
"Type": "Warning"
}
As well as some Pod Sync errors in Kube-System.
Example of issue:
az aks browse -g REstate.Server -n REstate
Merged "REstate" as current context in C:\Users\User\AppData\Local\Temp\tmp29d0conq
Proxy running on http://127.0.0.1:8001/
Press CTRL+C to close the tunnel...
error: error upgrading connection: error dialing backend: dial tcp 10.240.0.4:10250: getsockopt: connection timed out
You'll probably need to ssh to the node to see if the Kubelet service is running. For future you can set Resource quotas from exhausting all resources in the cluster nodes.
Resource Quotas -https://kubernetes.io/docs/concepts/policy/resource-quotas/

GitHub API File Update : "Not Found"

I am attempting to update a file in one of my repos via the API.
Here is my get of that file (works nicely):
curl -XGET 'https://git.fake.local/api/v3/repos/jsmith/repo_version/contents/version.html?ref=gh-pages'
{
"name": "version.html",
"path": "version.html",
"sha": "b1b716105590454bfc4c0247f193a04088f39c7f",
"size": 5,
"url": "https://git.fake.local/api/v3/repos/jsmith/post_version/contents/version.html?ref=gh-pages",
"html_url": "https://git.fake.local/jsmith/post_version/blob/gh-pages/version.html",
"git_url": "https://git.fake.local/api/v3/repos/jsmith/post_version/git/blobs/b1b716105590454bfc4c0247f193a04088f39c7f",
"type": "file",
"content": "aW5pdAo=\n",
"encoding": "base64",
"_links": {
...
}
}
Here is my attempt to update that file via PUT:
curl -XPUT 'https://git.fake.local/api/v3/repos/jsmith/repo_version/contents/version.html?ref=gh-pages' -d '{
"message": "update from api",
"committer": {
"name": "Joe Smith",
"email": "jsmith#fake.com"
},
"content": "bXkgdXBkYXRlZCBmaWxlIGNvbnRlbnRz",
"sha": "b1b716105590454bfc4c0247f193a04088f39c7f"
}'
RESULT:
{
"message": "Not Found"
}
Okay... I think I got it.
From the github doco:
Authentication
There are three ways to authenticate through GitHub API v3. Requests
that require authentication will return 404 Not Found, instead
of 403 Forbidden, in some places. This is to prevent the
accidental leakage of private repositories to unauthorized users.
I was expecting a 403 if Auth was a problem but they are throwing a 404, so basically I probably need to make sure I am auth'd correctly and all will be well.
SOLVED:
I created a personal oauth token (under settings/applications) and add to curl request in header and it all works great.
curl -XPUT -H "Authorization: token MYSECRETTOKEN"