How to delete a Jelastic environment through the API? - api

I tried to delete one of my Jelastic environments by means of the following API call:
curl -k \
-H "${CONTENT_TYPE}" \
-A "${USER_AGENT}" \
-X POST \
-fsS ${HOSTER_URL}/1.0/environment/control/rest/deleteenv -d "password=${password}&session=${session}&envName=${envName}
where I am sure that the session and envName are correct, as I have other commands running perfectly well with them. In particular, I get the session in the following way:
getSession() {
local login=$1
local password=$2
local hosterUrl=$3
echo "Signing in..." >&2
local cmd=$(curl -k -H "${CONTENT_TYPE}" -A "${USER_AGENT}" -X POST \
-fsS "$hosterUrl/1.0/users/authentication/rest/signin" -d "login=$login&password=$password");
exitOnFail $cmd
echo "Signed in" >&2
echo $(jq '.session' <<< $cmd | sed 's/\"//g')
}
In the call to deleteenv, I provide the very same password as that of my Jelastic provider account. Indeed, when I want to delete an environment through Jelastic's dashboard, this is the password I need to provide to make the deletion happen. However, I get the following error:
{"result":801,"source":"hx-core","error":"invalid password"}
Because the password field is documented as optional in Jelastic's API documentation, I tried not to set the password. This yields the following error:
{"result":3,"source":"JEL","error":"invalid parameter [password] for method [DeleteEnv] in service [ControlService]"}
I tried to use other secrets as that password, like the APPID, without any success.
Does anyone have a clue what password I need to put there?

We used the same oneliner based on API you used, your script to get a session and the same Jelastic version but were not able to reproduce this issue. Environment were successfully deleted.
Does anyone have a clue what password I need to put there?
This is the same password as you used to get session or to enter Dashboard. Make sure there are no additional symbols in your password variable.
Because the password field is documented as optional
Indeed, it's optional if use token instead of session. In case of session, password is an obligatory parameter.

Related

Modify Github profile by API but got "message not found" error

I followed this page to practice GitHub API and try to edit my profile
https://docs.github.com/en/rest/reference/users
curl -X PATCH -H "Accept: application/vnd.github.v3+json" -H "Authorization: token MyToken" https://api.github.com/user -d '{"name":"myname"}'
But got the error message:
{
"message": "Not Found",
"documentation_url": "https://docs.github.com/rest/reference/users#update-the-authenticated-user"
}
I am very new to GitHub API, any help is appreciated!
As long as you have replaced MyToken by an actual PAT (Personal Access Token), registered to your account, this should work.
It should update the authenticate user.
Check first its old name (before renaming it) does exist with curl and its write outs:
curl -w '%{response_code}' 'https://api.github.com/users/<username>'
... Unless you are part of an organization that enforces SAML SSO for authentication, : see "Authenticating for SAML SSO".
But I suspect this is not your case.
The OP ITnewbie confirms in the comments it was a scope issue
Removed and regenerate the token which includes all permission, then it's work!
iqbal was, in the comments, following the "Get your own user profile" GitHub REST API tutorial.
When I changed the url from
curl -i -u your_username:your_token api.github.com/<<your user name>> to
curl -i -u your_username:your_token api.github.com/users/<<your user name>>, it worked.

ldapsearch with username and password

Here is my LDAP ORG Structure:
I created user with first, last name with password. But it is not working when am trying to connect using jdbc. Error says invalid credentials. Then I tried ldapsearch as follows:
I followed this process for users and group creation:
root#ip:/home# ldapwhoami
SASL/DIGEST-MD5 authentication started
Please enter your password:
ldap_sasl_interactive_bind_s: Invalid credentials (49)
additional info: SASL(-13): user not found: no secret in database
root#ip:/# ldapsearch -x -LLL -h ip -D username -w password -b"cn=admin,dc=ivhdev,dc=local" -s sub "(objectClass=*)" "givenName=username*"
ldap_bind: Invalid DN syntax (34)
additional info: invalid DN
Please suggest/correct me, if am passing the right info in DN syntax. I am unable to validate the user credentials with their name and password.
The -D option takes the DN for logging in to your LDAP server.
The -b option takes the search base in your LDAP tree where you want to search for the user's given name.
So, your ldapsearch command becomes:
ldapsearch -x -LLL -h ip -D 'cn=admin,dc=ivhdev,dc=local' -w password -b 'dc=users,dc=local' -s sub '(objectClass=*)' 'givenName=username*'
If you use the Apache Directory Studio (http://directory.apache.org/studio/) you can see the actual ldapsearch commands used by the application. Maybe this is useful for anyone.

Why can I no longer delete File storage NAS with the cancelService API?

Starting today (or possibly a few days ago), the SoftLayer_Billing_Item::cancelService API has stopped working for File Storage type NAS. It still works fine for block type storage.
Here is the output I get:
[chrisr#ratsy ~]$ curl -k -u chrisr1:xxxxxxxx https://api.softlayer.com/rest/v3/SoftLayer_Billing_Item/129162879/cancelService.json
{"error":"This cancellation could not be processed please contact support.This cancellation could not be processed please contact support. You cannot cancel the selected billing items immediately. Please choose your next billing anniversary date for cancellation date.","code":"SoftLayer_Exception_Public"}
This was working previously, but I tried using the SoftLayer_Billing_Item::cancelServiceOnAnniversaryDate api to see if it would work, but it didn't.
[chrisr#ratsy ~]$ curl -k -u chrisr1:xxxxxxxxxxxx https://api.softlayer.com/rest/v3/SoftLayer_Billing_Item/129162879/cancelServiceOnAnniversaryDate.json
{"error":"This type of service cannot be cancelled through this method. Please use cancelService()","code":"SoftLayer_Exception"}
Could you try with this method please:
SoftLayer_Billing_Item::cancelItem
e.g:
curl -X -k POST -d '{"parameters":[true, true, "No longer needed", "Cancel"]}' -u $username:$apiKey https://api.softlayer.com/rest/v3/SoftLayer_Billing_Item/$billingItemId/cancelItem.json
Replace: $username, $apiKey and $billingItemId with your own information.

Setting up Shibboleth IdP with LDAP

I am attempting to use LDAP with Shibboleth. I am nearly there, but I cannot authenticate. I followed these instructions, and my login.config file contains the following:
ShibUserPassAuth {
edu.vt.middleware.ldap.jaas.LdapLoginModule required
host="ldap://localhost:10389" base="ou=users,ou=system"
ssl="false" userField="uid";
};
I have tried several variations of the above.
I can use TestShib to reach my IdP's login page, but always receive "Login failed. Double-check your username and password" when I attempt to authenticate.
This might be easier to debug myself if I could manage to get any authentication log messages, but I can't seem to get those working either.
Note that the following ldapsearch command works perfectly fine:
ldapsearch -h "ldap.example.com:10389" -w testpass -x -D "uid=testuser,ou=users,ou=system" -b "dc=example,dc=com" '(objectclass=*)'
If you could tell me what my problem might be, or at least how to enable logging, that would be very helpful.
I have this working locally. I have taken my working config and replaced my LDAP host and base path with yours from the question above.
ShibUserPassAuth {
edu.vt.middleware.ldap.jaas.LdapLoginModule required
ldapUrl="ldap://localhost:10389"
baseDn="ou=users,ou=system"
userFilter="uid={0}";
};

LDAP password authication from command line?

I am providing -w "LDAP server password" in commandline but i am getting error . ldap_bind: Invalid credentials (49).
So basically I am trying to achieve this - A user can reset its password by running a small script but i don't want to expose LDAP password to him . so storing it in script only .
A very simple script -
uid="$USER"
echo "Welcome" $uid ;
ldappasswd -x -S -D "cn=xxx,dc=xxxxx,dc=xxx" -W -h 'IP address of LDap server' "uid=".$USER.",ou=xxxx,dc=xxx,dc=xxxx" -w "LDAP server password"
Please let me know if there is any other way to achieve this .
Thanks,
Use either -w <newpassword> to provide the password on the command line, or -W to get prompted, but not both. Also, you need to put options in front of arguments. Try ldappasswd -x -w "LDAP server password" -S -D "cn=xxx,dc=xxxxx,dc=xxx" -h 'IP address of LDap server' "uid=$USER,ou=xxxx,dc=xxx,dc=xxxx". Note i removed the dots from around $USER, you need them in perl but not in the shell.
But note that if you put this in a script, your users will need read permission on the script, or the shell won't execute it. Which means they will be able to cat the script and see the password. One workaround would be to make the script rx to the root user only, and allow sudo <yourscript> without password. Also, noone will prevent a user from changing his $USER variable, so your script is easy to hack - better parse the output of the id command, and make sure you don't use root if you do the sudo workaround.