I am trying to get OAuth2 token for authorization on my local JHipster server.
Everything is setup correctly and working, I can login via Web GUI.
But when I try to get token via cURL I get POST method not allowed
My cURL request is as following:
curl -X POST -vu client:secret http://localhost:8080/oauth/token -H "Accept: application/json" -d "username=admin&password=admin&grant_type=password&scope=read&client_id=CLIENTID&client_secret=CLIENTSECRET"
Thanks to this post, I have tested JHipster UAA, alongside JHipster version 5 .
This command could be a working sample:
curl -X POST -v http://[server-ip]:9999/oauth/token -i
-H "Accept: application/json"
-H "Authorization: Basic aW50ZXJuYWw6aW50ZXJuYWw="
-d "username=admin&password=admin&grant_type=client_credentials&scope=web-app"
Important notice:
Username and password must be replaced with yours.
The BASE64 encoded value of your 'clientId + ":" + clientSecret' must be set in header.
In my case BASE64('internal:internal')='aW50ZXJuYWw6aW50ZXJuYWw='
https://www.base64encode.org/ can be used to encode your text.
Since you have put client Id and secret on message Header, no need to provide it on message body.
And this could be a sample output:
{
"access_token" : "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJzY29wZSI6WyJ3ZWItYXBwIl0sImV4cCI6MTUzNTM2ODEyNiwiaWF0IjoxNTM1MzY2MzI2LCJqdGkiOiJiYjYwMWVkYS01NjUyLTQ5OTgtYWJkNS04YzYxZjA3Y2U1ODUiLCJjbGllbnRfaWQiOiJpbnRlcm5hbCJ9.lNqpfE7N6XJVFe9t7zPbwokU_zl4AFIAmQJZ_Hb2ok0vBpWrDMf3v6KgEEi5bN2iyRd0TQBelSIJothrsYHoTk0ZaeeK9BM97OJr4Uc8kLzn2Vp-xpBk8-n2PlwAKIRojoOxMnBp0nA2qjPieaPV2Fj1HETmK2gZ38lQcZ_KJLD-ug9AT9_N1E9SwRjt1yfZtd64IJZOQGqcZ05VCAj54jxH9lyvX-_1NY2Iq2aA5-cGbOftmv0sUjF15EiTGps6YtFUrJqKs8PmDofMImyqjAwB3yNObpg7c6PbeCXWYLAir5IOFdueTys3cLLyrhE78GJ3OiKSAA128nZSeUbiAg",
"token_type" : "bearer",
"expires_in" : 1799,
"scope" : "web-app",
"iat" : 1535366326,
"jti" : "bb601eda-5652-4998-abd5-8c61f07ce585"
* Connection #0 to host [server-ip] left intact
}
Using the default generated jhipster app (3.5.0), this is how you would curl a token for the admin user:
> curl -X POST -u jhipsterapp:my-secret-token-to-change-in-production -i -H 'Accept:application/json' http://localhost:8080/oauth/token -d "username=admin&password=admin&grant_type=password&scope=read%20write"
HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
X-Application-Context: jhipster:swagger,dev:8080
Cache-Control: no-store
Pragma: no-cache
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: DENY
Content-Type: application/json;charset=UTF-8
Transfer-Encoding: chunked
Date: Fri, 22 Jul 2016 13:09:38 GMT
{
"access_token" : "4a1ae413-5cd7-46e9-8a33-31698218d43e",
"token_type" : "bearer",
"refresh_token" : "537f231c-e6e0-4499-bbd8-9580eee02f79",
"expires_in" : 1799,
"scope" : "read write"
}
Note: here is my .yo-rc.json:
{
"generator-jhipster": {
"jhipsterVersion": "3.5.0",
"baseName": "jhipster",
"packageName": "com.mycompany.myapp",
"packageFolder": "com/mycompany/myapp",
"serverPort": "8080",
"authenticationType": "oauth2",
"hibernateCache": "ehcache",
"clusteredHttpSession": "no",
"websocket": "no",
"databaseType": "sql",
"devDatabaseType": "h2Disk",
"prodDatabaseType": "mysql",
"searchEngine": "no",
"buildTool": "maven",
"useSass": false,
"applicationType": "monolith",
"testFrameworks": [
"gatling"
],
"jhiPrefix": "jhi",
"enableTranslation": true,
"nativeLanguage": "en",
"languages": [
"en"
]
}
}
Related
I found the CLI or API request methods and they work for me, like this:
# source /etc/kolla/admin-openrc.sh
# openstack user password set --password newpsw --original-password oripsw
Or
# source /etc/kolla/admin-openrc.sh
# curl -v -s -X POST $OS_AUTH_URL/auth/tokens?nocatalog \
-H "Content-Type: application/json" \
-d '{ "auth": { "identity": { "methods": ["password"], \
"password": {"user": {"domain": {"name": "'"$OS_USER_DOMAIN_NAME"'"}, \
"name": "'"$OS_USERNAME"'", "password": "'"$OS_PASSWORD"'"} } }, \
"scope": { "project": { "domain": { "name": "'"$OS_PROJECT_DOMAIN_NAME"'" }, \
"name": "'"$OS_PROJECT_NAME"'" } } }}'
< HTTP/1.1 201 CREATED
< Date: Mon, 18 Oct 2021 11:44:39 GMT
< Server: Apache
< Content-Length: 720
< X-Subject-Token: gAAAAABhbV4o9WvatToB4Z7dUhaNqyYqpwUt4T3wwOmnN2-YCioaSYZ-HpqdWNDvAq0pvnSe6qIuvoZXOIUjmxxUu03tWk2mp2TOJ_LTLECXOHqlQT22vqNvgJj_YTgOWbwHVlrrqbkcUWM4WDvbsD1HjM8xiEYidSNMzpw2LOHtO43cIN0nyvs
< Vary: X-Auth-Token
# export OS_TOKEN=gAAAAABhbV4o9WvatToB4Z7dUhaNqyYqpwUt4T3wwOmnN2-YCioaSYZ-HpqdWNDvAq0pvnSe6qIuvoZXOIUjmxxUu03tWk2mp2TOJ_LTLECXOHqlQT22vqNvgJj_YTgOWbwHVlrrqbkcUWM4WDvbsD1HjM8xiEYidSNMzpw2LOHtO43cIN0nyvs
# curl --header "Content-Type: application/json" --request POST --data '{"user":{"password":"123","original_password":"aaa"}}' http://10.32.17.172:5000/v3/users/e1c5cc75489f4e0cbb05c39d03b46097/password
The Change password for user method at the last of API request documentation.
But I need to achieve that by using openstacksdk in our project, I found the last method in the openstacksdk documentation -- update_user(user, **attrs), it seems the most like I look for. Unfortunately, the openstack.identity.v3.user instance doesn't have the original_password, and my code can't work:
import openstack
conn = openstack.connect(
region_name = 'RegionOne',
auth_url = 'http://10.32.17.172:35357/v3',
domain_name = 'Default',
project_name = 'admin',
username = 'admin',
password = '123'
)
user_args = {
"name":"admin",
"pasword":'aaa', # new password
"password_expires_at":None,
"links":{u'self': u'http://10.32.17.172:5000/v3/users/e1c5cc75489f4e0cbb05c39d03b46097'},
"enabled":True,
"domain_id":"default",
"original_password": "123",
}
conn.identity.update_user(user_args)
How could I implement change current user passord by openstacksdk? Thanks advance.
Solve by this:
import openstack
conn = openstack.connect(
...
)
user_args = {
"id":"e1c5cc75489f4e0cbb05c39d03b46097"
}
user = conn.identity.get_user(user_args)
user.description = "test_update_psw"
user.password="123456"
conn.identity.update_user(user)
Update the user's info should use the user object instead of the dictionary like the question's code.
Shame of my bad program language skill and lack of API documentation knowledge.
And thank you very very much for one people who called tanjin.
I'm trying to use POST methods (Revenue REST API) but I always get the error message "Content-Type not application/json".
The strange is that I'm using their website to test: [https://docs.revenuecat.com/reference#receipts][1]
API TEST (IMAGE)
curl --request POST \
--url https://api.revenuecat.com/v1/receipts \
--header 'Accept: application/json' \
--header 'Authorization: Bearer xxxx' \
--header 'Content-Type: application/json' \
--header 'X-Platform: android' \
--data '
{
"product_id": "xxxx",
"price": 12.9,
"currency": "BRL",
"is_restore": "false",
"app_user_id": "xxxx",
"fetch_token": "xxxxxx"
}
'
Any clues?
I've run the code using CURL and it works. Problem was in revenuecat website.
Their API test page has a bug. It adds an extra Content-Type: application/json
header to the request. You can see it the Metadata tab
Request Headers
Accept: application/json
Content-Type: application/json
X-Platform: stripe
Content-Type: application/json
Authorization: Bearer ********************
User-Agent: ReadMe-API-Explorer
And sends the request with an invalid header (you can check it in your browsers network traffic):
content-type: application/json, application/json
I just started using the stormpath-default-spring-boot-starter (1.2.0) library for new Rest API platform that we are building. I was expecting the access cookie to be generated by the following code on authenticating the user so that subsequent API calls can be authenticated by the cookie. Account is authenticated however the cookie is not getting generated.
AuthenticationRequest request = UsernamePasswordRequests.builder()
.setUsernameOrEmail(userId)
.setPassword(pwd)
.withResponseOptions(UsernamePasswordRequests.options().withAccount())
.build();
Account account = null;
try {
account = app.authenticateAccount(request).getAccount();
}
catch (ResourceException ex) {
throw(ex);
}
Following here is the property file entries,
stormpath.spring.security.enabled = false
security.basic.enabled = false
Help is much appreciated.
I think you may be mixing contexts here.
The code you provided looks like the type of manual code required when you are using the Java SDK directly and not using an integration, like the Stormpath Spring Boot integration.
When you are using the Stormpath Default Spring Boot Starter you get a bunch of endpoints automatically that you can use to authenticate and have cookies set.
For example, you have a /login endpoint.
If you fire up your example app, you should be able to go to:
curl localhost:8080/login
You will get back a login model that looks something like this:
{
"form": {
"fields": [
{
"name": "login",
"label": "Username or Email",
"placeholder": "Username or Email",
"required": true,
"type": "text"
},
{
"name": "password",
"label": "Password",
"placeholder": "Password",
"required": true,
"type": "password"
}
]
}
}
You can then authenticate with a POST:
curl -v -H "Content-Type: application/json" -X POST \
-d '{"login": "<email>", "password": "<password>"}' \
http://localhost:8080/login
You'll get a response like this:
> POST /login HTTP/1.1
> Host: localhost:8080
< HTTP/1.1 200
< Set-Cookie: access_token=eyJraWQiOiJSOTJTQkhKQzFVNERBSU1HUTNNSE9HVk1YIiwic3R0IjoiYWNjZXNzIiwiYWxnIjoiSFMyNTYifQ...;Max-Age=3600;path=/;HttpOnly
< Set-Cookie: refresh_token=eyJraWQiOiJSOTJTQkhKQzFVNERBSU1HUTNNSE9HVk1YIiwic3R0IjoicmVmcmVzaCIsImFsZyI6IkhTMjU2In0...;Max-Age=5184000;path=/;HttpOnly
< Content-Type: application/json
< Transfer-Encoding: chunked
< Date: Mon, 05 Dec 2016 05:30:25 GMT
<
* Connection #0 to host localhost left intact
{
"account": {
"href": "https://api.stormpath.com/v1/accounts/<account id>",
"createdAt": "2016-03-04T06:29:48.506Z",
"modifiedAt": "2016-08-17T18:01:07.812Z",
"username": "<username>",
"email": "<email>",
"givenName": "<givenName>",
"middleName": null,
"surname": "<surname>",
"status": "ENABLED",
"fullName": "<full name>",
"emailVerificationStatus": null,
"passwordModifiedAt": "2016-05-24T02:14:01.000Z"
}
}
The response contains both the access_token and the refresh_token cookies as well as a JSON response containing the account information.
If you want to use OAuth2, you have a /oauth/token endpoint that supports both the grant_type=password and the grant_type=client_credentials flow:
curl -v -X POST \
-d grant_type=password -d username=<email> -d password=<password> \
http://localhost:8080/oauth/token
You'll get a response like:
> POST /oauth/token HTTP/1.1
> Host: localhost:8080
< HTTP/1.1 200
< Set-Cookie: access_token=eyJraWQiOiJSOTJTQkhKQzFVNERBSU1HUTNNSE9HVk1YIiwic3R0IjoiYWNjZXNzIiwiYWxnIjoiSFMyNTYifQ...;Max-Age=3600;path=/;HttpOnly
< Set-Cookie: refresh_token=eyJraWQiOiJSOTJTQkhKQzFVNERBSU1HUTNNSE9HVk1YIiwic3R0IjoicmVmcmVzaCIsImFsZyI6IkhTMjU2In0...;Max-Age=5184000;path=/;HttpOnly
< Cache-Control: no-store, no-cache
< Pragma: no-cache
< Content-Type: application/json;charset=ISO-8859-1
< Content-Length: 933
< Date: Mon, 05 Dec 2016 05:38:53 GMT
<
* Connection #0 to host localhost left intact
{
"access_token": "eyJraWQiOiJSOTJTQkhKQzFVNERBSU1HUTNNSE9HVk1YIiwic3R0IjoiYWNjZXNzIiwiYWxnIjoiSFMyNTYifQ...",
"refresh_token": "eyJraWQiOiJSOTJTQkhKQzFVNERBSU1HUTNNSE9HVk1YIiwic3R0IjoicmVmcmVzaCIsImFsZyI6IkhTMjU2In0...",
"token_type": "Bearer",
"expires_in": 3600
}
I hope this helps!
Full disclosure: I am one of Stormpath's Java Developer Evangelists
From a ReactJS - Redux front app, I try to get the Location Header value of an REST API response.
When I Curl this :
curl -i -X POST -H "Authorization: Bearer MYTOKEN" https://url.company.com/api/v1.0/tasks/
I Have this answer :
HTTP/1.1 202 ACCEPTED
Server: nginx
Date: Fri, 12 Aug 2016 15:55:47 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Location: https://url.company.com/api/v1.0/tasks/status/idstatus
When I make a Fetch in ReactJS
var url = 'https://url.company.com/api/v1.0/tasks/'
fetch(url, {
method: 'post',
credentials: 'omit',
headers: {
'Authorization': `Bearer ${token}`
}
}
)
I don't have any Headers in the response object :
No header in Fetch request
I tried all the response.headers functions I've found in https://developer.mozilla.org/en-US/docs/Web/API/Headers :
response.headers.get('Location');
But well, as headers is empty, I have empty results.
Do you know why I can't get a proper Header object filled with the headers values ?
Thanks to John, I've found the answer.
I just had to put
Access-Control-Expose-Headers: Location
To my response headers and it worked, so now I can access Location value with :
response.headers.get('Location');
Thx John !
Besides to expose the Location Header in the server.
I just could access the location in the react application with:
response.headers.location;
We want to create Quickblox user through our WEB-Java application.
To get the same working we are trying to first make the REST API calls through Postman and CURL and then proceed to Java Code.
However, we are getting 500 internal error
URL
https://api.quickblox.com/session.json
Header
Content-Type: application/json"
QuickBlox-REST-API-Version: 0.1.0
body
{"application_id": “35221”, "auth_key": "wU8JrJ-DKamUB8v", "timestamp": “1456378718”, "nonce": “1112”, "signature": "81f3967265c87de025010eb9298d169555085e91”}
To generate the signature
application_id=35221&auth_key=wU8JrJ-DKamUB8v&nonce=1112×tamp=1456378718
Here is the response we are getting `Connection → keep-alive
Content-Length → 948
Content-Type → text/html; charset=utf-8
Date → Thu, 25 Feb 2016 05:48:08 GMT
Server → nginx/1.8.0
Status → 500 Internal Server Error
X-Rack-Cache → invalidate, pass
X-Request-Id → 3a47c3daaf9ad353a5b592459c6f3345
X-Runtime → 0.003346`
As to my understanding the parameters are as suggested in the API docs. Please help as we are bit stuck at it and are not able to move forward.
Also posting a curl equivalent that results in same error
curl -X POST \
-H "Content-Type: application/json" \
-H "QuickBlox-REST-API-Version: 0.1.0” \
-d '{"application_id": “35221”, "auth_key": "wU8JrJ-DKamUB8v", "timestamp": “1456378718”, "nonce": “1112”, "signature": "81f3967265c87de025010eb9298d169555085e91”}’ \
https://api.quickblox.com/session.json
application_id=35221&auth_key=wU8JrJ-DKamUB8v&nonce=1112×tamp=1456378718
authorisation secret - FEu2AN8CfgU7VF4
thanks,
aakash
First define all the related to the application:
DEFINE('APPLICATION_ID', 23424);
DEFINE('AUTH_KEY', "dfsadfasdfsadf-");
DEFINE('AUTH_SECRET', "23421342134");
DEFINE('USER_LOGIN', "rahul");
DEFINE('USER_PASSWORD', "fghdf56456456");
// Quickblox endpoints
DEFINE('QB_API_ENDPOINT', "https://api.quickblox.com");
DEFINE('QB_PATH_SESSION', "session.json");
After define, create signature and pass $post_body in curl session api hit, get token and use token in all the webservices php:
$nonce = rand();
$timestamp = time();
$signature_string = "application_id=".APPLICATION_ID."&auth_key=".AUTH_KEY."&nonce=".$nonce."×tamp=".$timestamp."&user[login]=".USER_LOGIN."&user[password]=".USER_PASSWORD;
$signature = hash_hmac('sha1', $signature_string , AUTH_SECRET);
$post_body = http_build_query(array(
'application_id' => APPLICATION_ID,
'auth_key' => AUTH_KEY,
'timestamp' => $timestamp,
'nonce' => $nonce,
'signature' => $signature,
'user[login]' => USER_LOGIN,
'user[password]' => USER_PASSWORD
));