In the past, Using getObject method to get networkComponents(PrimaryBackendNetworkComponent, PrimaryNetworkComponent) in time after createObject.
The curl URL is below with appropriate object mask.
$ curl 'https://{username}:{api_key}#api.softlayer.com/rest/v3.1/SoftLayer_Virtual_Guest/{vid}.json?objectMask=mask%5Bid%2C+globalIdentifier%2C+hostname%2C+domain%2C+fullyQualifiedDomainName%2C+status.name%2C+powerState.name%2C+activeTransaction%2C+datacenter.name%2C+operatingSystem%5BsoftwareLicense%5BsoftwareDescription%5Bname%2Cversion%5D%5D%2Cpasswords%5Busername%2Cpassword%5D%5D%2C++maxCpu%2C+maxMemory%2C+primaryIpAddress%2C+primaryBackendIpAddress%2C+privateNetworkOnlyFlag%2C+dedicatedAccountHostOnlyFlag%2C+createDate%2C+modifyDate%2C+billingItem%5BnextInvoiceTotalRecurringAmount%2C+children%5BnextInvoiceTotalRecurringAmount%5D%5D%2C+notes%2C+tagReferences.tag.name%2C+networkVlans%5Bid%2CvlanNumber%2CnetworkSpace%5D%2C+primaryBackendNetworkComponent%5BprimaryIpAddress%2C+networkVlan%5Bid%2Cname%2CvlanNumber%2CprimaryRouter%5D%2C+subnets%5Bnetmask%2CnetworkIdentifier%5D%5D%2C+primaryNetworkComponent%5BprimaryIpAddress%2C+networkVlan%5Bid%2Cname%2CvlanNumber%2CprimaryRouter%5D%2C+subnets%5Bnetmask%2CnetworkIdentifier%5D%5D%5D'
And readable object mask is below:
INSTANCE_DETAIL_MASK = "id, globalIdentifier, hostname, domain, fullyQualifiedDomainName, status.name, " +
"powerState.name, activeTransaction, datacenter.name, " +
"operatingSystem[softwareLicense[softwareDescription[name,version]],passwords[username,password]], " +
" maxCpu, maxMemory, primaryIpAddress, primaryBackendIpAddress, " +
"privateNetworkOnlyFlag, dedicatedAccountHostOnlyFlag, createDate, modifyDate, " +
"billingItem[nextInvoiceTotalRecurringAmount, children[nextInvoiceTotalRecurringAmount]], notes, tagReferences.tag.name, networkVlans[id,vlanNumber,networkSpace], " +
"primaryBackendNetworkComponent[primaryIpAddress, networkVlan[id,name,vlanNumber,primaryRouter], subnets[netmask,networkIdentifier]], primaryNetworkComponent[primaryIpAddress, networkVlan[id,name,vlanNumber,primaryRouter], subnets[netmask,networkIdentifier]]"
But about 18 hours ago, This way is not working because two primary network components stay null. And I have to wait about 30 seconds to call in the workaround.
The question is that I want to know that this situation is temporary or permanent change. We programmatically request these API requests. So it is risky if not to find the root cause.
Please tell me if anyone knows the details of Softlayer.
the createObject method does not create a Virtual server immediately, you need to check first if the server has been provisioned properly, for that propourse you can see the provisionDate property as it is detailed here: https://sldn.softlayer.com/blog/phil/simplified-cci-creation Once the server has been provisioned properly you should be able to see all the information that you want to
Related
Maybe I'm doing this wrong but how would I access query parameters of Cloud functions?
When I do a POST here (as cloud functions work) and add my query parameter of "q" it says it is undefined.
Here's the URL I am POST'ing to
http://localhost:1337/api/v1/functions/get_untappd?q=45566
From the url I build up you can see at the end I'm using the typical Express.js / Node accessing of parameters.
var untappdURL = "https://api.untappd.com/v" +
untappdApiVersion +
"/search/beer?client_id=" +
untappdClientId +
"&client_secret=" +
untappdClientSecret +
"&q=" + request.params.q;
Anything I'm doing wrong?
Sorry I should of closed this out. It was a bug and they eventually fixed it =]
''I am using the WinNT ADSI provider in a bit of authentication code, which looks up the user from Active Directory and checks its group membership.
We have run in to an issue getting this working for cross domain access. We followed the steps outlined here (https://support.microsoft.com/kb/241737?wa=wsignin1.0) to set up a Cross-Reference to an External Domain in Active Directory. This should be all that is required to allow WinNT to find the users.
When the code is run we only ever find one object under the domain (in the loop below) - "Schema". This is not correct - there are MANY child objects.
This problem seems to be intermittent - the same system did not have this issue a month ago. I realise this will be hard to investigate but someone who has a better understanding of ADSI may know better.
The below code illustrates the problem:
Dim objUser
Dim sUserName
Set ns = GetObject("WinNT://DOMAINNAME")
msgbox "Found " & ns.AdsPath & " (" & ns.Class &")" ' Shown
'ns.Filter = Array("User") ' Commented to show ALL objects
For Each UserObj in ns
Dim UserName
UserName = UserObj.Name & " " & UserObj.Class ' Returns "Schema Schema"
msgbox UserName
Next
This solution works but I'd like to point out why. After hours of trying to determine what the importance of the dns suffix on NetBIOS resolution for the WinNT provider, I found that the client makes a call to the local domain controller first to do an LSA_LookupNames call for the NetBIOS name and it gets back a domain controller in the remote domain/forest to go to which is responsible for that NetBIOS name. Subsequent to that lookup, it attempts to connect to the domain controller that was returned - but the name of the server is the simple host or NetBIOS name! So, it has to look that up and it uses DNS for that, trying suffixes in the order prescribed in the network config of the client. So, the domain is being translated properly by the local AD domain as part of the lookup but the client can't figure out how to get to that DC because LSA_LookupNames doesn't return an FQDN, just a hostname.
Hopefully this will save others the time I burned searching - sometimes it pays to just break down and open wireshark.
The solution was to ensure that the local computer, that the query was being run from, had a DNS suffix for the remote domain
I am writing a trading program that I need to connect to MtGox (a bitcoin exchange) through the API v2. But I keep getting the following error:
URL: 1 https://data.mtgox.com/api/2/BTCUSD/money/bitcoin/address
HTTP Error 403: Forbidden.
Most of my script is a direct copy from here (that is a pastebin link). I just had to change it to work with Python 3.3.
I suspect that it has to do with the part of script where I use base64.b64encode. In my code, I have to encode my strings to utf-8 to use base64.b64encode:
url = self.__url_parts + '2/' + path
api2postdatatohash = (path + chr(0) + post_data).encode('utf-8') #new way to hash for API 2, includes path + NUL
ahmac = base64.b64encode(str(hmac.new(base64.b64decode(self.secret),api2postdatatohash,hashlib.sha512).digest()).encode('utf-8'))
# Create header for auth-requiring operations
header = {
"User-Agent": 'Arbitrater',
"Rest-Key": self.key,
"Rest-Sign": ahmac
}
However, with the other guy's script, he doesn't have too:
url = self.__url_parts + '2/' + path
api2postdatatohash = path + chr(0) + post_data #new way to hash for API 2, includes path + NUL
ahmac = base64.b64encode(str(hmac.new(base64.b64decode(self.secret),api2postdatatohash,hashlib.sha512).digest()))
# Create header for auth-requiring operations
header = {
"User-Agent": 'genBTC-bot',
"Rest-Key": self.key,
"Rest-Sign": ahmac
}
I'm wondering if that extra encoding is causing my header credentials to be incorrect. I think this is another Python 2 v. Python 3 problem. I don't know how the other guy got away without changing to utf-8, because the script won't run if you try to pass a string to b64encode or hmac. Do you guys see any problems with what I am doing? Is out code equivalent?
This line specifically seems to be the problem -
ahmac = base64.b64encode(str(hmac.new(base64.b64decode(self.secret),api2postdatatohash,hashlib.sha512).digest()).encode('utf-8'))
To clarify, hmac.new() creates an object to which you then call digest(). Digest returns a bytes object such as
b.digest()
b'\x92b\x129\xdf\t\xbaPPZ\x00.\x96\xf8%\xaa'
Now, when you call str on this, it turns to
b'\\x92b\\x129\\xdf\\t\\xbaPPZ\\x00.\\x96\\xf8%\\xaa'
So, see what happens there? The byte indicator is now part of the string itself, which you then call encode() on.
str(b.digest()).encode("utf-8")
b"b'\\x92b\\x129\\xdf\\t\\xbaPPZ\\x00.\\x96\\xf8%\\xaa'"
To fix this, as turning bytes into a string back into bytes was unnecessary anyhow(besides problematic), I believe this will work -
ahmac = base64.b64encode(hmac.new(base64.b64decode(self.secret),api2postdatatohash,hashlib.sha512).digest())
I believe you are likely to find help in a related question of mine although it deals with the WebSocket API:
Authenticated call to MtGox WebSocket API in Python 3
Also, the HTTP 403 error seems to indicate that there is something fundamentally wrong with the request. Even if you threw the wrong authentication info at the API you should have gotten an error message as a response and not a 403. My best guess is that you are using the wrong HTTP method so check if you are using the appropriate one (GET/POST).
I have been looking at techniques to secure an API for use in an android/iphone app or website application.
I have found one technique which I like but am unsure about if it is a good or what is wrong with it (aside from being a pritty long process).
Processing (users side initially):
First a salt is created by hashing the users password.
Then a signature is created by hashing the requested url (with username appended on the end via a query string) and the salt.
Lastly a token is created by hashing the username and the signature.
The token is passed inside a header to the server (everytime).
First Request:
The first request must be for the validate endpoint and include the device_id as a query string.
The same processing (as above) is done on the server and if the token matches that sent from the user than the device_id is stored in the database and is assigned to that username for future reference (the device id is found in the requested url) and is used to verify the username/device thereafter.
All subsequent requests:
The processing must take place on the users end and servers end for every request now with the token being different everytime (as the requested url changes).
No code is included as it is not written yet.
Your authentication model is a shared secret authentication. In your case your user's password serves as the shared secret. You need to ensure you have a secure way for getting the password to the user and server ahead of time. In order to sign the request you create a message with all your request headers and data. Then hash that request. Then that hash (token) will be passed with the request. The server will perform the same signing and hashing process on the server and ensure the tokens match.
In your example your sound like you want to create the token with this pseudo code:
Token = hmac-sha1( Hash(Pasword + Salt) + RequestUrl + UserName )
Your way is not bad but I would compare your method to Amazon's REST Auth model and implement a closer version of what they have detailed. http://s3.amazonaws.com/doc/s3-developer-guide/RESTAuthentication.html
Their implementation:
"Authorization: AWS " + AWSAccessKeyId + ":" + base64(hmac-sha1(VERB + "\n"
+ CONTENT-MD5 + "\n"
+ CONTENT-TYPE + "\n"
+ DATE + "\n"
+ CanonicalizedAmzHeaders + "\n"
+ CanonicalizedResource))
They have good reasons for including some fields that you have left out, including but not limited to:
The timestamp is to prevent replay attacks.
The content-MD5 is to prevent prevents people tampering with the request data (relevant to
POST and PUTS)
Is it possible to manipulate (add to) a Spotify playlist via server side functionality?
The web API seems limited to search (https://developer.spotify.com/technologies/web-api/) and the JavaScript API Reference which has the function seems limited to actually building an app inside Spotify itself...
Yes you can , but you need an authorization process involving the user which is quite painful.
You'll need to use the right API.
Source:
https://developer.spotify.com/web-api/console/playlists/
For example for adding a track, you'll need this end-point
https://api.spotify.com/v1/users/{user_id}/playlists/{playlist_id}/tracks
This codes works on AppleScript, just to prove the concept:
set userID to "XXXXX"
-- your userID can be retrieved with https://developer.spotify.com/web-api/console/get-current-user/#complete
set SelectedPlaylistID to "YYYY"
-- your target playlist can be retrieved with https://developer.spotify.com/web-api/console/get-playlists/#complete
set BearerID to "ZZZZ"
-- ZZZZ can be retrieved manually on page https://developer.spotify.com/web-api/console/post-playlist-tracks/
tell application "Spotify"
set currentSpotifyID to id of current track as string
end tell
set currentlyPlayingTrack to trim_line(currentSpotifyID, "spotify:track:", 0)
set theURL to "'https://api.spotify.com/v1/users/" & userID & "/playlists/" & SelectedPlaylistID & "/tracks?uris=spotify%3Atrack%3A" & currentlyPlayingTrack & "' -H 'Accept: application/json' -H 'Authorization: Bearer " & BearerID & "'"
-- obtenu de https://developer.spotify.com/web-api/console/post-playlist-tracks/#complete
set theCommand to "curl -X POST " & theURL
do shell script theCommand
BUT there is a big caveat : you'll need to refresh the BearerID every hour.
Which is where the authorization process is needed, and where it becomes complicated if you want to bypass the refreshing limit.
Unfortunately, this isn't possible at this time without building a Spotify application either inside the client using the JS API or a standalone app using libSpotify.