Accoding to the following docs, I can exchange a code for an access_token using this curl:
curl -X POST \
https://mysubdomain.auth.us-east-2.amazoncognito.com/oauth2/token \
-H 'Content-Type: application/x-www-form-urlencoded' \
-H 'authorization: Basic ...' \
-d 'grant_type=authorization_code&client_id=client_id&code=code&redirect_uri=https%3A%2F%2Fwww.somewhere.com'
https://docs.aws.amazon.com/cognito/latest/developerguide/token-endpoint.html
I got this working no problem in Postman. Now I want to replicate this HTTP request in a dotnet core WebApi application and I'm having a very hard time finding any SDK to manage this. I could build and issue HttpRequest + deserialize the response json to models, but I find it hard time believing there isn't some AWS library that handles and maintains this much better than I ever could.
Is there an SDK for the amazoncognito.com/oauth2/token endpoint, preferably for dotnet core?
Unfortunately, not yet. You should use make a native HTTP call with POST method.
Here is the git issue for the same (for Java):
https://github.com/aws/aws-sdk-java/issues/1792
Related
I am trying to make a post call to an alation api through Azure Data factory web request activity.
Documentation : https://developer.alation.com/dev/reference/upload-logical-metadata#code-samples
curl -X POST "${BASE_URL}/default/article" -H 'content-type: application/json' -H "TOKEN: ${API_TOKEN}" -d '{"article_id":"1", "description":"Data API Resource", "steward":[{"type":"user","key":"example#company.com"}]}'
I am able to make the same post call outside ADF with other tools.
Below is the snapshot from ADF pipeline
Web activity executes successfully without error but I get errors in the response and update does not happen
I am a new user on WSO2 API Manager. I just installed it 2 days back and hosted one simple API on that. It works fine with internal tool. But how to consume it from outside ? eg from Postman or Java code ? Can we make API accessible without any authentication and if i want only jet authentication, how can I do that. please guide. Thanks in advance.
As per suggestion called the API using Curl command and got the token then while calling the
Errors even when providing access token ( which I got after client id and client secret)
Following error when passing Authorization: Bearer 2ee039b0-5cd4-3f31-844c-dd9441593f88
<ams:fault xmlns:ams="http://wso2.org/apimanager/security">
<ams:code>900908</ams:code>
<ams:message>Resource forbidden </ams:message>
<ams:description>Access failure for API: /getcustrates/1.0, version: 1.0 status: (900908) - Resource forbidden </ams:description>
</ams:fault>
Following error when passing Authorization:Basic 2ee039b0-5cd4-3f31-844c-dd9441593f88
<ams:fault xmlns:ams="http://wso2.org/apimanager/security">
<ams:code>900902</ams:code>
<ams:message>Missing Credentials</ams:message>
<ams:description>Invalid Credentials. Make sure your API invocation call has a header: 'Authorization : Bearer ACCESS_TOKEN' or 'Authorization : Basic ACCESS_TOKEN' or 'apikey: API_KEY'</ams:description>
</ams:fault>
If you're new to the product, follow the quick start guide[1]. In the end when you invoke the API using the integrated Try-it tool. When you invoke an API using that, it also gives you the equivalent curl command. You can use that to invoke the API externally.
I assume by Jet you meant to say JWT. You can generate JWTs using the client key/secret pair you get from applications you create at the developer portal. You can use this command to generate further tokens.
curl -k -H "Authorization: Basic EncodeToBase64(<consumer-key>:<consumer-secret>)" -d "grant_type=password&username=<username>&password=<password>" -H "Content-Type: application/x-www-form-urlencoded" https://localhost:8243/token
or
curl -k -u <consumer-key>:<consumer-secret> -d "grant_type=password&username=<username>&password=<password>" -H "Content-Type: application/x-www-form-urlencoded" https://localhost:8243/token
[1] https://apim.docs.wso2.com/en/latest/getting-started/quick-start-guide/
Using Kong API Gateway, I have added the OAuth2 plugin to all API's in the hopes of getting one token to access these API's.
When I call: www.example.com/oauth2/token with the required fields:
grant type, client id and client secret
it forces me to add the API: www.example.com/apiendpoint/oauth2/token
Unfortunately the token generated only has access to the specific API.
I've tried:
www.example.com/apis/oauth2/token
www.example.com/token
As well as reviewing the latest API Dos:
https://getkong.org/docs/0.10.x/admin-api/
none of which worked.
Is it possible to generate one token to access all the API's and if so how?
This isn't possible with Kong today - you are welcome to open an issue https://github.com/Mashape/kong/issues to raise the visibility of your request with the Kong community.
For people searching how to do this.
A way to achieve what was asked is by doing a post on the admin API:
$ curl -X POST http://kong:8001/oauth2_tokens \
--data "api_id=API-ID" \
--data "scope=SOME-SCOPE" \
--data "credential_id=KONG-APPLICATION-ID" \
--data "token_type=bearer" \
--data "access_token=SOME-TOKEN" \
--data "refresh_token=SOME-TOKEN" \
--data "expires_in=3600"
This way you can set a token in the desired APIs.
The KONG-APPLICATION-ID can be found in the /consumers/consumername/oauth2 API point.
I am trying to use the Confluence REST API to create a page. I am using the curl example off of the documentation found HERE. Every time I try to run a terminal command using this curl I get a response that says 'HTTP Status 401 - Basic Authentication Failure - Reason : AUTHENTICATION_DENIED'. I see that someone else had a similar issue regarding their C# code, but there was never a resolution given. Hopefully someone with experience will be able to tell me what I am doing wrong. My curl is listed below with the sensitive parts replaced in <> format.
curl -u <USER>:<PASSWORD> -X POST -H 'Content-Type: application/json' -d'{"type":"page","title":"new page","space":{"key":"<PAGEKEY>"},"body":{"storage":{"value":"<p>This is a new page</p>","representation":"storage"}}}' https://<SERVER>/wiki/confluence/rest/api/content/ | python -mjson.tool
I was finally able to resolve this. Through a combination of the answer here How to create new page in Confluence using their REST API? and using a login that had the appropriate permissions.
i've never used an ajax call,can anybody suggest me to create a jquery ajax call using this api (parse.com),what is H,G?:
curl -X GET \
-H "X-Parse-Application-Id: qS0KLMx5h9lFLGJIpj9qyhM9EEPiTS3VMk" \
-H "X-Parse-REST-API-Key: nh3eoUo9GF2gMhcKJIfIt1Gm" \
-G \
--data-urlencode 'username=cooldude6' \
--data-urlencode 'password=p_n7!-e8' \
https://api.parse.com/1/login
curl is a tool for sending HTTP requests. The -H flag sets a header and -G specifies that the data should be transmitted as a URL query parameter rather than content body. In this case, your command sends an HTTP GET command with the custom headers "X-Parse-Application-Id" and "X-Parse-REST-API-Key". This request was sent to https://api.parse.com/1/login?username=cooldude6&password=p_n7!-e8.
You don't need to become a CURL expert to use Parse; the REST API helps you understand how the Parse API works across the wire, but there are both first and third party APIs for just about every language you would need.
P.S. The Parse docs page helps you by pre-filling the value of X-Parse-Application-Id and X-Parse-REST-API-Key with keys from your actual app. By posting these keys online, others can write code that will look like your app to Parse. Though best practices would suggest you secure your app so that it's OK for these keys to leak (e.g. by setting class-level permissions), you may consider deleting & recreating a new app since it sounds like you are just starting development.