I am trying to do a curl call to the new yahoo weather API
https://developer.yahoo.com/weather/
https://developer.yahoo.com/weather/documentation.html
I got my API Keys and my app has been approved or whitelisted.
However I can't seem to get my curl call to work with OAuth authentication. I first tried with Postman to make the call, I was authorized but the results were empty. According to support " Using oauth1 in postman can get intermittent error."
So am I trying to do a curl call like so:
curl --request GET --url 'https://weather-ydn-yql.media.yahoo.com/forecastrss?location=sunnyvale,ca' --header 'Authorization: OAuth oauth_consumer_key="(MY CLIENT ID)",oauth_signature_method="HMAC-SHA1",oauth_timestamp="1547215497",oauth_nonce="kIDevCJSTBi",oauth_version="1.0",oauth_signature="(MY GENERATED OAUTH SIGNATURE)"' --header 'Yahoo-App-Id: "(MY APP ID)"'
But I get this returned:
<?xml version="1.0" encoding="UTF-8" standalone="yes"?><yahoo:error xmlns:yahoo="http://www.yahooapis.com/v1/base.rng" xml:lang="en-US" yahoo:uri="http://yahoo.com"><yahoo:description>Please provide valid credentials. OAuth oauth_problem="OST_OAUTH_SIGNATURE_INVALID_ERROR", realm="yahooapis.com"</yahoo:description><yahoo:detail>Please provide valid credentials. OAuth oauth_problem="OST_OAUTH_SIGNATURE_INVALID_ERROR", realm="yahooapis.com"</yahoo:detail></yahoo:error>
This is from the Yahoo Weather Developer page:
GET /forecastrss?location=sunnyvale,ca HTTP/1.1 Host:
weather-ydn-yql.media.yahoo.com Yahoo-App-Id: YOUR_APP_ID
Authorization: OAuth
oauth_consumer_key="YOUR_CONSUMER_KEY",oauth_signature_method="HMAC-SHA1",oauth_timestamp="YOUR_TIMESTAMP",oauth_nonce="YOUR_NONCE",oauth_version="1.0",oauth_signature="YOUR_GENERATED_SIGNATURE" cache-control: no-cache
What Am I doing wrong? This is so frustrating.
Here is an example of curl request :
curl 'https://weather-ydn-yql.media.yahoo.com/forecastrss?location=sunnyvale,ca&format=json&oauth_consumer_key=YOUR_CONSUMER_KEY&oauth_signature_method=HMAC-SHA1&oauth_timestamp=YOUR_TIMESTAMP&oauth_nonce=YOUR_NONCE&oauth_version=1.0&oauth_signature=YOUR_GENERATED_SIGNATURE'
As explained in the documentation.
• YOUR_CONSUMER_KEY : Your consumer key
• YOUR_TIMESTAMP : Unix timestamp
• YOUR_NONCE : nounce
• YOUR_GENERATED_SIGNATURE : The encrypted signature.
Here are the steps using Postman (as you mentioned using it in the description) to generate a GET request to the Yahoo Weather API.
1) Postman configuration :
2) Generate the curl command
Then, in order to make the curl request you can press the code button and see the generated command.
There are some Code examples in Java, PHP and NodeJS on this page.
Related
Description:
I have configured an API (http://localhost:8280/GPNAPI2/1.0.0) that has Production and Sandbox endpoints (http://sparkgatetest.interfax.ru/iFaxWebService/iFaxWebService.asmx). All I need is to send a curl request to http://localhost: 8280/GPNAPI2/1.0.0, but receive a response from http://sparkgatetest.interfax.ru/iFaxWebService/iFaxWebService.asmx. As I understand it, wso2 am is needed for this, so that several external APIs can be connected to one gateway. I also created a subscription for http://localhost:8280/GPNAPI2/1.0.0.
Steps to reproduce:
I pass a GET request to http://localhost:8280/GPNAPI2/1.0.0 and pass a security token in the request, for example:
curl -X GET "http://localhost:8280/GPNAPI2/1.0.0" -H "accept: */ *" -H "Authorization: Bearer eyJ4NXQiOiJNell4TW1Ga09HWXdNV0kwWldObU5EY3hOR1l3WW1NNBelpUQTR"
Everything is going well. But I don't know how to transfer data to the endpoint in one request: http://sparkgatetest.interfax.ru/iFaxWebService/iFaxWebService.asmx
A request of this type:
curl -c cookies.txt -i -X --location --request POST 'http://sparkgatetest.interfax.ru/iFaxWebService/iFaxWebService.asmx'
--header 'Content-Type: text / xml'
--header 'SOAPAction: http://interfax.ru/ifax/Authmethod'
--data '
<soap: Envelope xmlns: xsi = "http://www.w3.org/2001/XMLSchema-instance" xmlns: xsd = "http://www.w3.org/2001/XMLSchema" xmlns: soap = "http : //schemas.xmlsoap.org/soap/envelope/ ">
<soap: Body>
******
*****
</ soap: Body>
</ soap: Envelope> '
I want to understand how to combine these two requests into one, and whether it needs to be done. After all, my task, when accessing http://localhost: 8280/GPNAPI2/1.0.0, is actually working with http://sparkgatetest.interfax.ru/iFaxWebService/iFaxWebService.asmx
Affected Product Version:
wso2 apim 3.2.0 (We need this particular version, since the customer is using it and, for reasons I do not understand, does not want to switch to version 4.0.0).
Environment details (with versions):
windows 8
Please help me with my problem.
You can follow the documentation to expose your SOAP service as a REST API using API Manager 3.2.0.
Basically, you have to provide your WSDL url in the first step (for example, http://sparkgatetest.interfax.ru/iFaxWebService/iFaxWebService.asmx?wsdl) and then continue as mentioned in the documentation.
If you go to the Resources section in Publisher portal, you'll be able to see SOAPAction header and SOAPRequest body parameters are defined. Also, under the WSDL Definition section in the Publisher you'll be able to see the complete WSDL definition of your SOAP service. If you follow rest of the steps you'll be able to invoke the API by providing necessary header and body parameters through APIM devloper portal.
Due to the new updates of the Soundcloud API, I'm trying to update the authentication flow in my code ( the project was using login and password ).
But I'm blocked by a problem, and I'm losing my head.
I follow instructions on this page : https://developers.soundcloud.com/blog/security-updates-api
I manage to get a refresh token and an access token with this :
curl --request POST \
--url https://api.soundcloud.com/oauth2/token \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data client_id=CLIENT_ID \
--data client_secret=CLIENT_SECRET \
--data grant_type=client_credentials
But I'm not able to execute this request, which is an example in the mentionned page, with the access token I got with the previous request :
curl --request GET \
--url 'https://api.soundcloud.com/me/tracks?limit=1' \
--header 'Authorization: OAuth ACCESS_TOKEN'
The request response is always :{"code":401,"message":"","link":"https://developers.soundcloud.com/docs/api/explorer/open-api","status":"401 - Unauthorized","errors":[],"error":null}
I tried with a refresh of my access token, and with the url "https://api.soundcloud.com/me" instead of "https://api.soundcloud.com/me/tracks?limit=1".
And always returning the same error.
Can someone help me ?
Thanks by advance, and thanks for reading.
OK, I think I got it, thanks to this question on github :
https://github.com/soundcloud/api/issues/76
"The client_credentials auth flow is meant only for server-side integration and allows access to public endpoints only. Meaning that for endpoint /me or any other user-related endpoint you have to use the Authorization Code flow which provides the client-side integration."
And here : https://developers.soundcloud.com/docs/api/guide#authentication :
"if your app needs to access only public resources, you can use the OAuth Client Credentials Flow"
I'm done with the error messages too blurry... and with me reading too fast !
I will add the correct authentication method in comments later.
UPDATE : "manual" authentication flow
As the project is behind a VPN, I can't use normal authentication flow ( redirect_uri can't be called by soundcloud !)
So :
Get a "code"
First, authenticate on SoundCloud with the account you want to access ( or ask your customer to do it )
In your browser, type this url :
https://api.soundcloud.com/connect?client_id=YOUR_CLIENT_ID&response_type=code&scope=&state=[random_string]&redirect_uri=YOUR_REDIRECT_URI
Accept the demand and this will redirect you to an URL with the code inside : code=YOUR_CODE. Keep it. If this is done by your customer, simply ask him to copy-paste the url.
That's not really secure, but you can't avoid it if your redirect uri is not accessible from Soundcloud.
Obtain a refresh token and an access token :
With curl, to keep your Client Secret, or App Secret, secret ( indeed :D ). And also the access token.
curl -X POST "https://api.soundcloud.com/oauth2/token"
-H "accept: application/json; charset=utf-8"
-H "Content-Type: application/x-www-form-urlencoded"
-d "grant_type=authorization_code&client_id=YOUR_CLIENT_ID&client_secret=YOUR_CLIENT_SECRET&redirect_uri=YOUR_REDIRECT_URI&code=YOUR_CODE"
This last request will answer in json format. Inside, you'll find an access token, and a refresh token.
Register the refresh token in your projet to reuse it to refresh your access token when needed !
I have created a job of JDBC to BigQuery using the web interface and it worked just fine.
Now I want to create the same job from the REST API of GCP so I took the rest equivalent of the request from the site and tried to send it from Postman.
I'm sending POST request for the following URL:
https://dataflow.googleapis.com/v1b3/projects/test-data-308414/templates:launch?gcsPath=gs://dataflow-templates/latest/Jdbc_to_BigQuery
which I got from the example in the GCP documentation.
I also pass the JSON that the GCP gave me in the body.
And the API key as get parameter in the next format "?key=[API_KEY]"
I'm getting 401 response from the server with the following message:
Request is missing required authentication credential. Expected OAuth
2 access token, login cookie or other valid authentication credential.
See
https://developers.google.com/identity/sign-in/web/devconsole-project.
With a status of:
UNAUTHENTICATED
I looked up at the link and found a tutorial on how to create google authentication on the front end
witch is not helpful to me.
I'm pretty sure that I'm passing the API key in the wrong format and that the reason it failed to authenticate.
But I couldn't find any documentation that says how to do it correctly.
PS> I have also tried passing it at the headers as I saw in one place
in the next format
Authorization : [API_KEY]
but it failed with the same message
Few days back I was trying to integrate GCP into MechCloud and struggling to figure out how to invoke a microservice ( which is acting as a proxy to GCP) with credentials for different projects which will be passed to this microservice on the fly. I was surprised that in spite of spending good amount of time I could not figure out how to achieve it because GCP documentation is focused on working with one project credentials at a time using application default credentials. Another frustrating thing is that API explorer shows both OAuth 2.0 and API Key by default for all the APIs when the fact is that API Key is hardly supported for any API. Finally I found the solution for this problem here.
Here are the steps to invoke a GCP rest api -
Create a service account for your project and download the json file associated with it.
Note down values of client_email, private_key_id and private_key attribues from service account json file.
Define following environment variables using above values -
GCP_SERVICE_ACCOUNT_CLIENT_EMAIL=<client_email>
GCP_SERVICE_ACCOUNT_PRIVATE_KEY_ID=<private_key_id>
GCP_SERVICE_ACCOUNT_PRIVATE_KEY=<private_key>
Execute following python code to generate jwt_token -
import time, jwt, os
iat = time.time()
exp = iat + 3600
client_email = os.getenv('GCP_SERVICE_ACCOUNT_CLIENT_EMAIL')
private_key_id = os.getenv('GCP_SERVICE_ACCOUNT_PRIVATE_KEY_ID')
private_key = os.getenv('GCP_SERVICE_ACCOUNT_PRIVATE_KEY')
payload = {
'iss': client_email,
'sub': client_email,
'aud': 'https://compute.googleapis.com/',
'iat': iat,
'exp': exp
}
private_key1 = private_key.replace('\\n', '\n')
# print(private_key1)
additional_headers = {'kid': private_key_id}
signed_jwt = jwt.encode(
payload,
private_key1,
headers=additional_headers,
algorithm='RS256'
)
print(signed_jwt)
Use generated jwt token from previous step and use it as a bearer token to invoke any GCP rest api. E.g.
curl -X GET --header 'Authorization: Bearer <jwt_token>' 'https://compute.googleapis.com/compute/v1/projects/{project}/global/networks'
The best practice to authenticate a request is to use your application credentials. Just make sure you installed the google cloud SDK.
curl -X POST \
-H "Authorization: Bearer "$(gcloud auth application-default print-access-token) \
-H "Content-Type: application/json; charset=utf-8" \
-d #request.json \
https://dataflow.googleapis.com/v1b3/projects/PROJECT_ID/templates:launch?gcsPath=gs://dataflow-templates/latest/Jdbc_to_BigQuery
I am a new user on WSO2 API Manager. I just installed it 2 days back and hosted one simple API on that. It works fine with internal tool. But how to consume it from outside ? eg from Postman or Java code ? Can we make API accessible without any authentication and if i want only jet authentication, how can I do that. please guide. Thanks in advance.
As per suggestion called the API using Curl command and got the token then while calling the
Errors even when providing access token ( which I got after client id and client secret)
Following error when passing Authorization: Bearer 2ee039b0-5cd4-3f31-844c-dd9441593f88
<ams:fault xmlns:ams="http://wso2.org/apimanager/security">
<ams:code>900908</ams:code>
<ams:message>Resource forbidden </ams:message>
<ams:description>Access failure for API: /getcustrates/1.0, version: 1.0 status: (900908) - Resource forbidden </ams:description>
</ams:fault>
Following error when passing Authorization:Basic 2ee039b0-5cd4-3f31-844c-dd9441593f88
<ams:fault xmlns:ams="http://wso2.org/apimanager/security">
<ams:code>900902</ams:code>
<ams:message>Missing Credentials</ams:message>
<ams:description>Invalid Credentials. Make sure your API invocation call has a header: 'Authorization : Bearer ACCESS_TOKEN' or 'Authorization : Basic ACCESS_TOKEN' or 'apikey: API_KEY'</ams:description>
</ams:fault>
If you're new to the product, follow the quick start guide[1]. In the end when you invoke the API using the integrated Try-it tool. When you invoke an API using that, it also gives you the equivalent curl command. You can use that to invoke the API externally.
I assume by Jet you meant to say JWT. You can generate JWTs using the client key/secret pair you get from applications you create at the developer portal. You can use this command to generate further tokens.
curl -k -H "Authorization: Basic EncodeToBase64(<consumer-key>:<consumer-secret>)" -d "grant_type=password&username=<username>&password=<password>" -H "Content-Type: application/x-www-form-urlencoded" https://localhost:8243/token
or
curl -k -u <consumer-key>:<consumer-secret> -d "grant_type=password&username=<username>&password=<password>" -H "Content-Type: application/x-www-form-urlencoded" https://localhost:8243/token
[1] https://apim.docs.wso2.com/en/latest/getting-started/quick-start-guide/
I want to make app based on youtube channel. I have google access token but I don't know how to call youtube api with my access token or how to pass parameters.
This is my code:
NSString *newURL = [NSString stringWithFormat:#"googleapis.com/youtube/v3/…;, idToken];
As discussed in Calling the YouTube Data API, after obtaining an access token for a user, your application can use that token to submit authorized API requests on that user's behalf. The following are the two supported ways to specify an access token.
This first option provides greater security and is the recommended approach. Specify the access token as the value of the Authorization: Bearer HTTP request header:
`POST /feeds/api/users/default/uploads HTTP/1.1
Host: gdata.youtube.com
Authorization: Bearer ACCESS_TOKEN
...`
You can test this using cURL with the following command:
curl -H "Authorization: Bearer ACCESS_TOKEN" gdata.youtube.com/feeds/api/users/default/uploads
Specify the access token as the value of the access_token query parameter:
https://gdata.youtube.com/feeds/api/users/default/uploads?access_token=ACCESS_TOKEN
You can test this using cURL with the following command:
curl gdata.youtube.com/feeds/api/users/default/uploads?access_token=YOUR_ACCESS_TOKEN