I have a Kotlin class, its task is to push a jar file to codeartifact, i do get a token successfully but i keep on getting a 401 back from codeartifact service, i am reading the following doc[1]
The documentation does not show examples other than curl and maven plugin, which is not what i use, so i am trying to mimic this behavior with a javax.ws.rs.client.HttpClient:
val authTokenReq = GetAuthorizationTokenRequest.builder()
.domain(domainName)
.domainOwner(domainOwner)
.durationSeconds(1000)
.build()
val token = CodeartifactClient.create().getAuthorizationToken(authTokenReq).authorizationToken()
val authString = "aws:$token"
val encodedAuth = Base64.getEncoder().encode(authString.toByteArray(Charsets.UTF_8))
val upload = client.target(to)
.request()
.header("X-Checksum-Sha1", sha1)
.header("Authorization", "Basic " + encodedAuth.toString(Charsets.UTF_8))
.put(Entity.entity(packageVersionAssetAsBytes.asInputStream(), "application/java-archive"))
Unfortunatelly i get:
"exception":"java.lang.RuntimeException: Upload failed, status=401
Does anyone has a tip about how i should properly use codeartifact token?
[1]: https://docs.aws.amazon.com/codeartifact/latest/ug/maven-curl.html
Related
var url = "https://web-site_name/page/?format=json&var_data-organization_dates&xlsexport=true";
var payload =
{
"login" : "login",
"password" : "pass",
};
var options =
{
"method" : "post",
"payload" : payload,
"followRedirects" : false
};
var login = UrlFetchApp.fetch("https://web-site_name/page/" , options);
var sessionDetails = login.getAllHeaders()['Set-Cookie'];
Logger.log(login.getAllHeaders());
here is the part of the code I try to use, to automate export of the data from web-site, i do have proper login and password and able to download file in json (opened in xsl) manually, I've got the address to the downloaded file in network in developer tools, but i have a problem on the first stage - when trying to authorize to the web-site - access denied. I've tried the code, given in answers on stackoverflow, but it still doesn't work.
How to make an url fetch request correctly, depends on the website you want to access and the authentication they uses
In the simplest case, your website requires HTTP basic authentification, in this case the correct syntax would be
var authHeader = 'Basic ' + Utilities.base64Encode(login + ':' + pass);
var options = {
headers: {Authorization: authHeader}
}
If your website uses a different authentication form, you might need to provide an access token.
In any case: the authentication credentials go into headers, not into payload!
payload is the data that you want to post = upload to the website.
If you want export data from the website - that is download data - you do not need a payload and the correct method would be get, not post. Btw., if the method is get, you do not need to specify it.
Please see here for more information and samples.
I get refused access to my GitHub organisation's repos when trying to access the API using a personal token:
(Python)
GITHUB_API_TOKEN = 'XXX'
GITHUB_HEADERS = {
'Authorization': GITHUB_API_TOKEN,
}
issues = 'https://api.github.com/repos/my_org_name/my_repo_name/issues?state=all&page=1&per_page=100'
request = requests.get(issues, headers=GITHUB_HEADERS)
[{'message': 'Not Found'}]
Accessing a personal repo works.
I have full access to my org's repos.
What's the best way around this?
You need to set the Authorization header to token YOUR_TOKEN :
import requests
GITHUB_API_TOKEN = 'YOUR_TOKEN'
GITHUB_HEADERS = {
'Authorization': "token " + GITHUB_API_TOKEN,
}
issues = 'https://api.github.com/repos/my_org_name/my_repo_name/issues?state=all&page=1&per_page=100'
request = requests.get(issues, headers=GITHUB_HEADERS)
print(request.text)
Note that Bearer YOUR_TOKEN also works
Also you need the repo scope on your personnal access token
I have Karate Tests for the APIs which are on Amazon API Gateway. As such, in my Karate Tests I have to provide client_id and client_secret for authentication. I was wondering if there is a way I could store the credentials outside my github repository and use it at run time. Is it possible to do that in Karate ?
Here is how my tests look like:
Feature: API Test all endpoints using Karate
Background:
* configure ssl = true
* url baseUrl
* def res = (env == 'qa'? 'classpath:endpoints/user-login.feature' : 'classpath:endpoints/user-login-dev.feature')
* def token = call read(res)
* def headerData = {Authorization: #(token.nextGen),Accept: 'application/json;v=1'}
* headers headerData
Here is the user-login.feature file
Feature: API Test using Karate
Background:
* configure ssl = true
Scenario: Get authorization header
Given url 'https://api.cloud.xyz.com/oauth2/token?client_id=****&client_secret=****&grant_type=client_credentials'
When method get
Then status 200
And def tokenType = response.token_type
And def accessToken = response.access_token
* def nextGen = tokenType + ' '+ accessToken
* def headerData = {Authorization: nextGen,Accept: 'application/json;v=1'}
Any pointers on how I can have the client_id and client_secret passed to the tests at run time and not stored in github.
Thanks in advance!
The easiest way would be to pass them as Java system properties via the command-line, which you can very easily do from a test or from a CI triggered run.
Refer to the documentation here: https://github.com/intuit/karate#dynamic-port-numbers
An example of how it could look like in your case:
Given url 'https://api.cloud.xyz.com/oauth2/token'
And param client_id = karate.properties['client.id']
And param client_secret = karate.properties['client.secret']
And param grant_type = 'client_credentials'
And on the command-line:
mvn test -DargLine="-Dclient.id=**** -Dclient.secret=**** -Dkarate.env=qa"
Just finished breakfast and already hit a snag. I'm trying to call the salesforce REST api from my google sheets. I've written a working script locally in python, but converting it into JS, something went wrong:
function authenticateSF(){
var url = 'https://login.salesforce.com/services/oauth2/token';
var options = {
grant_type:'password',
client_id:'XXXXXXXXXXX',
client_secret:'111111111111',
username:'ITSME#smee.com',
password:'smee'
};
var results = UrlFetchApp.fetch(url, options);
}
Here is the error response:
Request failed for https://login.salesforce.com/services/oauth2/token
returned code 400. Truncated server response:
{"error_description":"grant type not
supported","error":"unsupported_grant_type"} (use muteHttpExceptions
option to examine full response) (line 12, file "Code")
Mind you, these exact parameters work fine in my local python script (putting the key values inside quotations).
Here are the relevant docs:
Google Script: Connecting to external API's
Salesforce: REST API guide
Thank you all!
Google's UrlFetchApp object automatically defaults to a GET request. To authenticate, you have to explicitly set in the options the method "post":
function authenticateSF(){
var url = 'https://login.salesforce.com/services/oauth2/token';
var payload = {
'grant_type':'password',
'client_id':'XXXXXXXXXXX',
'client_secret':'111111111111',
'username':'ITSME#smee.com',
'password':'smee'
};
var options = {
'method':'post',
'payload':payload
};
var results = UrlFetchApp.fetch(url, options);
}
I am trying to create an Unmanaged ApplicationMaster and having issues with creating AMRMtokens right. I peeked into the TestAMRMtokens.java test cases and here is what I have come up with. (This is scala code)
def getNextAttemptid() : ApplicationAttemptId = {
val t = java.lang.System.currentTimeMillis()
ConverterUtils.toApplicationAttemptId(ConverterUtils.APPLICATION_ATTEMPT_PREFIX + "_" + t.toString() + "_0001" + "_0001")
}
appAttemptId = getNextAttemptid()
UserGroupInformation.setConfiguration(yarnConf)
val ugi = UserGroupInformation.getCurrentUser()
val tokenIdentifier = new AMRMTokenIdentifier(appAttemptId)
val secretManager = new AMRMTokenSecretManager(yarnConf)
val token: Token[_ <: TokenIdentifier] = new Token[AMRMTokenIdentifier](tokenIdentifier, secretManager)
ugi.addToken(token)
amClient = AMRMClient.createAMRMClient()
amClient.init(yarnConf)
amClient.start()
val appMasterResponse = amClient.registerApplicationMaster("localhost", 0, "")
Yarn does not like this request and says:
2014-01-27 10:47:10,938 WARN SecurityLogger.org.apache.hadoop.ipc.Server: Auth failed for 127.0.0.1:63085:null (DIGEST-MD5: IO error acquiring password)
2014-01-27 10:47:10,938 INFO org.apache.hadoop.ipc.Server: IPC Server listener on 8030: readAndProcess from client 127.0.0.1 threw exception [org.apache.hadoop.security.token.SecretManager$InvalidToken: Password not found for
ApplicationAttempt appattempt_1390848430314_0001_000001]
I am sure I am doing something wrong. Is there documentation or example code that shows how to create the tokens right? Do I have to setup these users somewhere in Yarn/Hadoop configuration.
Configuration:
hadoop 2.2.0
All services are listening on localhost interface Just
using out of the box configuration. No special changes.