OAuth 2(Pinterest) - Query Param in callback URL? - authentication

My OAuth 2 callback URL is:
https://www.my-site.com?fixed=value
Where I have a query param that's fixed and does not change(and it unfortunately needs to be there for unrelated reasons). When Pinterest does the redirect call after user logs in, they add the ? again. So something like:
https://www.my-site.com?fixed=value?code=122343
Where my API is interpreting the value of the fixed param as value?code=122343 and breaks down. Is there any around this ?

You have to change callback url from https://www.my-site.com?fixed=value to https://www.my-site.com/fixed/value or you can try to add a custom parser to parse this url in your API.

In my case I was having a query param option called 'state'.I put my constant data in it and after authorize, I got my constant data in 'state' query param again when I redirected to my app.

Related

Include request parameters in URL when using Postman

I need to fire some requests using Postman but I need to include the parameter in the URL.
What I need:
https://serveraddress/v1/busride/user/favorites/route/RanDOMid
What I currently can configure in Postman:
https://serveraddress/v1/busride/user/favorites/route/?id=RanDOMid
I do not control the server, so I need to work it out how to craft the request in Postman to accept the input data as part of the URL, not as parameter. How can I specify input data in Postman to get it included in URL?
Click on Manage Environment
Add variable as path with Initial and current value as RanDOMid
Add path to URL:
https://serveraddress/v1/busride/user/favorites/route/{{path}}
#User7294900's answer should do for you in case all you want to do is include a variable in your request URL.
However, if you want to actually generate a random ID for every request, you may use {{$guid}} or {{$randomInt}} directly in you URL as follows:
https://serveraddress/v1/busride/user/favorites/route/{{$guid}}
This will generate a random GUID every time your request is fired and the generated GUID will replace {{$guid}} in your URL.
or
https://serveraddress/v1/busride/user/favorites/route/{{$randomInt}}
This will generate a random integer between 0 and 1000 every time your request is fired and the generated integer will replace {{$randomInt}} in your URL.
Refer postman documentation for more details - https://www.getpostman.com/docs/v6/postman/environments_and_globals/variables
Hope this helps!

Instagram api - redirect URI

I have registered redirect_uri as
http://localhost/auth.php
And I am requesting
http://api.instagram.com/oauth/authorize/?client_id=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX&response_type=code&scope=public_content&redirect_uri=http://localhost/auth.php? type=like&ltse=1
Then I received back this from Instagram:
localhost/auth.php?type=like&code=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
But I need two parameters (type and ltse) in the URI:
Like this:
localhost/auth.php?type=like&ltse=1&code=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
What is wrong in my request?
Try using
http://api.instagram.com/oauth/authorize/?client_id=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX&response_type=code&scope=public_content&type=like&ltse=1&redirect_uri=http://localhost/auth.php
or you may pass the value in "state". The state is always returned with the code

Use URL as an API method for Slackbot in Express js

I am still new to javascript and trying to write a Slackbot in express js. I want to use the method defined in https://api.slack.com/methods/channels.history. How should this look syntacticly and how do I use it since the method is simply a URL?
You need to make an http request for the URL and you'll be returned a response with an object containing the status (ok:true|false), if there are more messages (has_more:true|false), and then an array of the actual messages (messages:array).
The response should look something like this:
{
has_more:true
messages:Array[100]
ok:true
}
The url that you make the get request to should look something like:
https://slack.com/api/channels.history?token=BOT_TOKEN&channel=CHANNEL_ID&pretty=1
Where BOT_TOKEN is the token attached to the bot you created, and CHANNEL_ID is the ID (not the name) of the channel whos history you want to get (9 uppercase alphanumeric characters, starts with a "C").
There are also a few other parameters you can include in the url. For example, "latest=", "oldest=", "inclusive=", "count=", and "unreads=". Details about those parameters can be found on the page you linked to (https://api.slack.com/methods/channels.history).
If you want to test it out in your browser's console, find a page where jQuery is loaded, open your dev tools and head into the console, and enter the following (with your bot token and channel id swapped in):
$.get('https://slack.com/api/channels.history?token=BOT_TOKEN&channel=CHANNEL_ID&pretty=1', function(response){console.log(response)});

WSO2 api manager always expect query parameter issue in case query and path parameter?

Does anyone know how to use WSO2 api manager to specify all query parameters as optional through URL pattern specification in WSO2 API Manager UI(Paath Params also present in the same URI)? for example, I have a API which will be registered in WSO2 api manager , and its uri is 'search//?type="xx"&status="yy"', currently both of these 2 query parameters (type & status) are optional and is pathparam.
I specified URL Pattern "search/{stationcode}*". Now I am calling with path param only, it gives Error "No matching resource found in the API for the given request".
I call "search/TAMK", it is not working. But if I use "search/TAMK?" or "search/TAMK*" or "search/TAMK*", it works just fine.
I tried to use "search/{stationcode}/*", but still it did not solve the issue. It is always expecting one character for queryparam. Can any one please help me to solve this. Without query parameter it should work, right?
I would suggest you to use the new API Manager (1.9) and try the following.
Create an API with the backend URL of
http://...../search
when you define the URL patterns you can define the following pattern
/{stationcode}*
and you can add 'type' and 'status' as optional parameters in the design view of the API creation page. You can choose the parameter type as 'query' and Required as 'False'

Unable to test login using jmeter

I am newbie to jmeter. I am trying to test to login to my site say (example.com/session/new).
I have added the http cookie manager and 2 http request defaults.
In the first, am visiting example.com/session/new and extracting the authenticity token in the response data using regex meta content="(.+?)"name="csrf-token" . Now, in the second http request, I have a post request with the parameters as
name:utf value:(tickmark)
name :authenticity_token value: ${token}
name:email value:test#test.com
name:password value:test.
name:commit value:Sign In
And then am asserting for a text post login.
When I run the test, the assertion fails. as it results in 404.
In the request, I can see utf8=%E2%9C%93+&authenticity_token=%24%7Btoken%7D&email=test%40test.com&password=test&commit=Sign+In. Please help me fix this.
I know this is an old post, but I've been struggling with this exact same query, so I've decided to post my answer in case it helps anyone - it worked first time for me. So after requesting the login page for my site, the following csrf token is embedded in the html response;
<input type="hidden" name="csrfToken" value="fe5a48ebda7b98cbbf885b4a220ebe0c23b11125-1459096615520-1ac64aa945986cb1bd318d9c"/>
So when making the initial request for the login page, instead of using a Regular Expression Extractor, if the token is in the body of the HTML response, use an XPath Extractor instead.
If your response is not XML/XHTML compliant then tick the 'use tidy' checkbox.
For reference name add the reference you wish to refer to the token as e.g. token. When you add your parameters to the login request, you can then refer to your csrfToken as ${token}
Then for X-Path query use;
//input[#name="csrfToken"]/#value
The following tutorial shows you how to use a Regular Expression Extractor, but it should also help you to understand how to set up the query a bit more;
https://www.youtube.com/watch?v=SVxB3Tk4O4A&feature=iv&src_vid=hGkrSFKcj10&annotation_id=annotation_85358
Looks like you did every thing good , except correlation . After decoding your error url , I found that you correlation is not working . Below is the decoding URL "utf8=✓ &authenticity_token=${token}&email=test#test.com&password=test&commit=Sign In."
In your "Regular expression extractor" add below details
1. Reference Name:token
2. Regular Expression : name="csrfToken" value="(.+?)"
3. Template : $1$
4. Match No: 1
Note: Check the occurrences of "csrfToken", if you required first occurrence then enter 1 , if you required 2nd occurrence enter 2 ....etc.