We use Ansible to configure build agent for different technology stacks like: frontend builder(Nodejs, libs, Dart SDK), backend builder(JDK), etc with Ansible orchestration tool and that easy to replace one linux with another be configuring new one from zero with orchestration except new teamcity agent registration.
Is it piossible to generate new authorizationToken for new agent with API call which can be used in programming language or register new agent via API call to be able to connect new linux box without Admin/human ?
There's REST API call to achieve this, just pass true or false string as request data via PUT request to the /httpAuth/app/rest/agents/<agentLocator>/authorized, <agentLocator> syntax is described here.
Here's an example of a curl command:
curl -X PUT "http://teamcity/httpAuth/app/rest/agents/id:3/authorized" --data true --header "Content-Type: text/plain" -u user:pass
PUT method should be used and Content-Type: text/plain header should be provided.
Related
Description:
I have configured an API (http://localhost:8280/GPNAPI2/1.0.0) that has Production and Sandbox endpoints (http://sparkgatetest.interfax.ru/iFaxWebService/iFaxWebService.asmx). All I need is to send a curl request to http://localhost: 8280/GPNAPI2/1.0.0, but receive a response from http://sparkgatetest.interfax.ru/iFaxWebService/iFaxWebService.asmx. As I understand it, wso2 am is needed for this, so that several external APIs can be connected to one gateway. I also created a subscription for http://localhost:8280/GPNAPI2/1.0.0.
Steps to reproduce:
I pass a GET request to http://localhost:8280/GPNAPI2/1.0.0 and pass a security token in the request, for example:
curl -X GET "http://localhost:8280/GPNAPI2/1.0.0" -H "accept: */ *" -H "Authorization: Bearer eyJ4NXQiOiJNell4TW1Ga09HWXdNV0kwWldObU5EY3hOR1l3WW1NNBelpUQTR"
Everything is going well. But I don't know how to transfer data to the endpoint in one request: http://sparkgatetest.interfax.ru/iFaxWebService/iFaxWebService.asmx
A request of this type:
curl -c cookies.txt -i -X --location --request POST 'http://sparkgatetest.interfax.ru/iFaxWebService/iFaxWebService.asmx'
--header 'Content-Type: text / xml'
--header 'SOAPAction: http://interfax.ru/ifax/Authmethod'
--data '
<soap: Envelope xmlns: xsi = "http://www.w3.org/2001/XMLSchema-instance" xmlns: xsd = "http://www.w3.org/2001/XMLSchema" xmlns: soap = "http : //schemas.xmlsoap.org/soap/envelope/ ">
<soap: Body>
******
*****
</ soap: Body>
</ soap: Envelope> '
I want to understand how to combine these two requests into one, and whether it needs to be done. After all, my task, when accessing http://localhost: 8280/GPNAPI2/1.0.0, is actually working with http://sparkgatetest.interfax.ru/iFaxWebService/iFaxWebService.asmx
Affected Product Version:
wso2 apim 3.2.0 (We need this particular version, since the customer is using it and, for reasons I do not understand, does not want to switch to version 4.0.0).
Environment details (with versions):
windows 8
Please help me with my problem.
You can follow the documentation to expose your SOAP service as a REST API using API Manager 3.2.0.
Basically, you have to provide your WSDL url in the first step (for example, http://sparkgatetest.interfax.ru/iFaxWebService/iFaxWebService.asmx?wsdl) and then continue as mentioned in the documentation.
If you go to the Resources section in Publisher portal, you'll be able to see SOAPAction header and SOAPRequest body parameters are defined. Also, under the WSDL Definition section in the Publisher you'll be able to see the complete WSDL definition of your SOAP service. If you follow rest of the steps you'll be able to invoke the API by providing necessary header and body parameters through APIM devloper portal.
I am a new user on WSO2 API Manager. I just installed it 2 days back and hosted one simple API on that. It works fine with internal tool. But how to consume it from outside ? eg from Postman or Java code ? Can we make API accessible without any authentication and if i want only jet authentication, how can I do that. please guide. Thanks in advance.
As per suggestion called the API using Curl command and got the token then while calling the
Errors even when providing access token ( which I got after client id and client secret)
Following error when passing Authorization: Bearer 2ee039b0-5cd4-3f31-844c-dd9441593f88
<ams:fault xmlns:ams="http://wso2.org/apimanager/security">
<ams:code>900908</ams:code>
<ams:message>Resource forbidden </ams:message>
<ams:description>Access failure for API: /getcustrates/1.0, version: 1.0 status: (900908) - Resource forbidden </ams:description>
</ams:fault>
Following error when passing Authorization:Basic 2ee039b0-5cd4-3f31-844c-dd9441593f88
<ams:fault xmlns:ams="http://wso2.org/apimanager/security">
<ams:code>900902</ams:code>
<ams:message>Missing Credentials</ams:message>
<ams:description>Invalid Credentials. Make sure your API invocation call has a header: 'Authorization : Bearer ACCESS_TOKEN' or 'Authorization : Basic ACCESS_TOKEN' or 'apikey: API_KEY'</ams:description>
</ams:fault>
If you're new to the product, follow the quick start guide[1]. In the end when you invoke the API using the integrated Try-it tool. When you invoke an API using that, it also gives you the equivalent curl command. You can use that to invoke the API externally.
I assume by Jet you meant to say JWT. You can generate JWTs using the client key/secret pair you get from applications you create at the developer portal. You can use this command to generate further tokens.
curl -k -H "Authorization: Basic EncodeToBase64(<consumer-key>:<consumer-secret>)" -d "grant_type=password&username=<username>&password=<password>" -H "Content-Type: application/x-www-form-urlencoded" https://localhost:8243/token
or
curl -k -u <consumer-key>:<consumer-secret> -d "grant_type=password&username=<username>&password=<password>" -H "Content-Type: application/x-www-form-urlencoded" https://localhost:8243/token
[1] https://apim.docs.wso2.com/en/latest/getting-started/quick-start-guide/
I want to build a TTS application and I am using the Google TTS engine. However, when trying the examples such as
curl -H "Authorization: Bearer "$(gcloud auth print-access-token) -H "Content-Type: application/json; charset=utf-8" --data "{
'input':{
'text':'I\'ve added the event to your calendar.'
},
'voice':{
'languageCode':'en-gb',
'name':'en-GB-Standard-A',
'ssmlGender':'FEMALE'
},
'audioConfig':{
'audioEncoding':'MP3'
}
}" "https://texttospeech.googleapis.com/v1/text:synthesize"
I get Error code 403 telling me that Cloud Text-to-Speech API has not been used in project 32555940559 before or it is disabled. Now the problem is that it mentions the project number 32555... but I want to use another project which has the TTS API switched on. Now you might suggest that I switch to the correct project, but I have done that -- when I type gcloud config list, it tells me that I am using the correct project (with project number different from the 32555...).
Where is the problem? Why is it trying to use a different project from the one that I am currently using?
You need to use "gcloud auth app-default print-access-token" (and use a dedicated service account as specified in the docs).
32555940559 is a CLOUDSDK_CLIENT_ID that comes with gcloud. And app-default has its own client_id as well. It's still now clear how Google API distinguishes between the two, unless it checks for hard-coded app-default client ID (from gcloud SDK).
It's also not clear how gcloud command line still manages to use speech API without a dedicated service account.
On a related note, since I had this same issue (API has not been used in project before or it is disabled "32555940559") in a Python virtual environment using gcloud SDKs (not curl).
Solved by running:
gcloud auth application-default login
(using gcloud auth login did not solve it).
For gcloud, the root cause might also be related to missing:
GOOGLE_CLOUD_PROJECT or GOOGLE_APPLICATION_CREDENTIALS environment variables.
I am working on ArangoDB 3.1 in stand-alone mode.
We are creating a Foxx API to authenticate the users who are accessing our database and our custom APIs. In order to activate authentication, we added the following statements in the arangod.conf file.
authentication = true
authentication-system-only = true
We created a user in arangosh for the database we are working on. When we log into the web console the username and password worked and we are able to access the database,APIs and also able to create users using the APIs.
But when we try to access using another browser or using curl command we are not able to see the user information. HTTP and curl commands are given below.
http://username:password#ip-address:portno/_db/AdtheorentDB/test-app/whoami
curl --basic --user "username:password" -X GET --header 'Accept: application/json' 'http://ip-address:portno/_db/databasename/test-app/whoami'
What might be the issue ?
The above curl command is obtained from the link given below.
ArangoDB authentication via HTTP
I have a script that delete and re-create jobs through curl HTTP-calls and I want to get rid of any hard-coded "username:password".
E.g. curl -X POST $url --user username:password
Considerations:
Jenkins CLI (probably not an option).
One should be able to achieve the same with the CLI as with Jenkins API (creating jobs etc) but as far as I understand Jenkins CLI is not a good alternative for me since jobs created with will only appear in Jenkins after restarting or a "Reload Configuration from Disk", and that would cancel any other running jobs.
API token. Can't find out how to get the user token and then pass it
as a parameter to the script, but that may be a solution..
Try this way: (for example delete the job)
curl --silent --show-error http://<username>:<api-token>#<jenkins-server>/job/<job-name>/doDelete
The api-token can be obtained from http://<jenkins-server>/user/<username>/configure.
This worked for me:
curl -u $username:$api_token -FSubmit=Build 'http://<jenkins-server>/job/<job-name>/buildWithParameters?environment='
API token can be obtained from Jenkins user configuration.
With Jenkins CLI you do not have to reload everything - you just can load the job (update-job command). You can't use tokens with CLI, AFAIK - you have to use password or password file.
Token name for user can be obtained via http://<jenkins-server>/user/<username>/configure - push on 'Show API token' button.
Here's a link on how to use API tokens (it uses wget, but curl is very similar).
I needed to explicitly add POST in the CURL command:
curl -X POST http://<user>:<token>#<server>/safeRestart
I also have the SafeRestart Plugin installed, in case that makes a difference.
If you want to write a script to automate creation of jobs using the Jenkins API, you can use one of the API clients to do that. A ruby client for Jenkins is available at https://github.com/arangamani/jenkins_api_client
gem install jenkins_api_client
require "rubygems"
require "jenkins_api_client"
# Initialize the client by passing in the server information
# and credentials to communicate with the server
client = JenkinsApi::Client.new(
:server_ip => "127.0.0.1",
:username => "awesomeuser",
:password => "awesomepassword"
)
# The following block will create 10 jobs in Jenkins
# test_job_0, test_job_1, test_job_2, ...
10.times do |num|
client.job.create_freestyle(:name => "test_job_#{num}")
end
# The jobs in Jenkins can be listed using
client.job.list_all
The API client can be used to perform a lot of operations.
API token is the same as password from API point of view, see source code uses token in place of passwords for the API.
See related answer from #coffeebreaks in my question python-jenkins or jenkinsapi for jenkins remote access API in python
Others is described in doc to use http basic authentication model
In order to use API tokens, users will have to obtain their own tokens, each from https://<jenkins-server>/me/configure or https://<jenkins-server>/user/<user-name>/configure. It is up to you, as the author of the script, to determine how users supply the token to the script. For example, in a Bourne Shell script running interactively inside a Git repository, where .gitignore contains /.jenkins_api_token, you might do something like:
api_token_file="$(git rev-parse --show-cdup).jenkins_api_token"
api_token=$(cat "$api_token_file" || true)
if [ -z "$api_token" ]; then
echo
echo "Obtain your API token from $JENKINS_URL/user/$user/configure"
echo "After entering here, it will be saved in $api_token_file; keep it safe!"
read -p "Enter your Jenkins API token: " api_token
echo $api_token > "$api_token_file"
fi
curl -u $user:$api_token $JENKINS_URL/someCommand