Is there a sample code for using IBM Bluemix Container API? - api

I'm trying to create container in bluemix with API as it in http://ccsapi-doc.mybluemix.net In the document it mentions:
When using the API with the new model, the following HTTP headers shall be provided:
X-Auth-Token = Bluemix JWT Token
X-Auth-Project-Id = Space GUID
But I have no idea how to get or generate the Bluemix JWT Token. Can someone help me ?

You can get X-Auth-Token by cf oauth-token command. Then copy and paste rest of the part after bearer. And you also can get X-Auth-Project-Id by cf space --guid <space Name>. Please see below commands;
$ cf login -a api.<region>.bluemix.net -u <space name> -o <org name> -s <space name>
$ cf ic login
$ cf oauth-token
$ cf space <space-name> --guid (space name where the container exists)

Try expanding the Authentication section on that page and the "Get TLS Certificate" to show more info
When you enter the values and click "try it out" you will see additional output generated with token info.

This is an alternative Method:
You can retrieve X-Auth-Token and X-Auth-Project-Id with this command:
cf login
CF_TRACE=true cf ic login
Copy all output in a .txt file and search for X-Auth-Token and X-Auth-Project-Id
here there is a simple example:
curl -X GET --header "Accept: application/json" --header "X-Auth-Token: asdlkfajdfdkaldkjfskl239049283049jsdfjksl29304" --header "X-Auth-Project-Id: sdfadf-0090-43ef-22932-23434234" "https://containers-api.ng.bluemix.net/v3/containers/quota"
Response:
The output of API is like this:
{
"account_type": "TRIAL",
"country_code": "ITA",
"org_quota": {
"floating_ips_max": "2",
"floating_ips_space_default": "2",
"floating_ips_usage": 2,
"ram_max": "2048",
"ram_space_default": "2048",
"ram_usage": 2048,
"subnet_usage": -1,
"subnets_default": "5",
"subnets_max": 0
},
"space_quota": {
"floating_ips_max": 2,
"ram_max": 2048,
"subnets_max": -1
}

Related

Getting 403 Forbidden Error While Accessing Google Chrome Web Store API

We have a chrome extension in Google web store under my Google user id and I want to give API access to my colleagues (in the same organization). I am following this guide but it is not allowing me to access API. Here is exactly what I did
Created a Google Cloud console project using the email id that is
used to access the chrome store
Enabled Google Chrome Web Store API
Generated Oauth credentials as described in the link
Added my colleagues email address as test users under Oauth Consent section
Generated the "code" as described in the link using Colleague's Google ID
Successfully got the token by sending the curl request as described in the instructions above
Sent a curl API GET request using the token as shown below
curl \
-H "Authorization: $TOKEN" \
-H "x-goog-api-version: 2" \
-H "Content-Length: 0" \
-H "Expect:" \
-X GET \
-v \
https://www.googleapis.com/chromewebstore/v1.1/items/ITEM_ID?projection=DRAFT
The response I get is this
{
"error": {
"code": 403,
"message": "Forbidden",
"errors": [
{
"message": "Forbidden",
"domain": "global",
"reason": "forbidden"
}
]
}
}
Any idea on what I am missing here?
https://www.googleapis.com/chromewebstore/v1.1/items/ITEM_ID?projection=DRAFT
The Authorization header is missing the token type: Bearer
-H "Authorization: Bearer $TOKEN"

"INVALID" Service Account key on Google Cloud Platform

I use the GCP Text-to-Speech API to create greetings and interactive menus that are played to phone customers who call into businesses. I have successfully used the Text-to-Speech API in the past using this Google quick-start: Google Cloud Text-to-Speech
I used the same quick-start guide again for a new organization and project but I keep getting an invalid key error which I have been unable to debug.
Here are the commands I have used to invoke the service and the results:
# curl -X POST \
-H "Authorization: Bearer $(gcloud auth application-default print-access-token)”\
-H "Content-Type: application/json; charset=utf-8" \
-d #request.json \
https://texttospeech.googleapis.com/v1/text:synthesize > synthesize-output-base64.txt
{
"error": {
"code": 403,
"message": "The request is missing a valid API key.",
"status": "PERMISSION_DENIED"
}
}
I tried again with a different authentication header:
# curl -X POST \
-H "X-Goog-Api-Key:***my_API_key***.json" \
-H "Content-Type: application/json; charset=utf-8" \
-d #request.json \
https://texttospeech.googleapis.com/v1/text:synthesize > synthesize-output-base64.txt
{
"error": {
"code": 400,
"message": "API key not valid. Please pass a valid API key.",
"status": "INVALID_ARGUMENT",
"details": [
{
"#type": "type.googleapis.com/google.rpc.ErrorInfo",
"reason": "API_KEY_INVALID",
"domain": "googleapis.com",
"metadata": {
"service": "texttospeech.googleapis.com"
}
}
]
}
}
I have re-verified the following configurations:
The Text-to-Speech API is enabled for my project.
The credential (service account) I am attempting to use is listed with the Text-to-Speech API as compatible. I verified that that service account key is the key that was used in the attempted authentications.
I compared my configuration on GCP with another working configuration I manage for a different company. There are no differences I can see.
I compared my key and the other company's working key and they are identical except for the specific user data.
The billing account for the project is active with valid payment card in place.
These two links were helpful but did not clear up the problem:
Google Cloud Text-to-Speech API - permission error
Google Cloud Text to Speech INVALID API KEY
Any help on this issue would be very appreciated!
The solution to this problem is to install the Google Cloud SDK.
The CLI was missing so the returned output from gcloud auth application-default print-access-token was an error.
I enabled the Cloud Text-to-Speech API
I created a service account with Editor role.
Note: Ensure you have set the GOOGLE_APPLICATION_CREDENTIALS environment variable to your service account private key file path.
Save the request body in a file called request.json,
Execute the following command:
curl -X POST \
-H "Authorization: Bearer "$(gcloud auth application-default print-access-token) \
-H "Content-Type: application/json; charset=utf-8" \
-d #request.json \
https://texttospeech.googleapis.com/v1/text:synthesize
Response body
{
"audioContent": "//NExAARcrn0ABhEudAgAjuem7vohckY3IAFgWvxrBkAD//ARvqc/QhCZ/6EJO6E9Dvo2cjHPQhLfWQ/rTU7yEznsoGBn8hJz5xbQiOgEfwDzD1DVARLPlzGNXylbM8s//NExA0SCnoAAUIQAd8vlrM9DPR//6t5fpUpS
sk3MbzGUvMhqOpdSsjmcpeY2Zz ...................
}
Everything worked as expected

How to enable a kv secret engine in vault using HTTP APIs

I am trying to enable kv secret engine at secret path in my vault setup..
I can easily do it using CLI
vault secrets enable -path=secret kv
But I have to make it work using Vault's HTTP APIs.
I have gone through documentation but could not find any endpoint for the above command.
Thanks in advance
This is covered under the System Backend/sys/mounts API reference page.
Issue a POST request to /v1/sys/mounts/<mountpoint> with a payload containing the type (kv) and various configuration options. For KV, you probably want to specify version: 2 (or type kv-v2) unless you want to stick to V1.
See the above link for details on the possible parameters.
Here is the example from the docs:
payload.json:
{
"type": "aws",
"config": {
"force_no_cache": true
}
}
Request:
$ curl \
--header "X-Vault-Token: ..." \
--request POST \
--data #payload.json \
http://127.0.0.1:8200/v1/sys/mounts/my-mount

How to automate BrowserStack screenshot API on my localhost?

I tried to go through their Screenshots API & Local testing but got lost in between..
All I want is to test my front-end style guide (language agnostic), can someone direct me to a good direction please?
Generating screenshots for internal URL via Screenshots API is a two-step process:
a) Setup Local Testing using the BrowserStack Local binary. The command is as follows:
./BrowserStackLocal --key KEY
More details on Local Testing is available here.
b) Add the parameter "local" = true in your Rest API. For more information, refer.
Example for generating a screenshot for localhost on Windows 7-IE 8:
"UserName:KEY" -H "Content-Type: application/json" -H "Accept: application/json" -d '{"browsers": [{"os": "Windows", "os_version": "7", "browser_version": "8.0", "browser": "ie"}], "url": "http://localhost", "local": "true"}' https://www.browserstack.com/screenshots
Note: The access key for your account can be acquired from here.

How to perform token authentication in elasticsearch?

I'm testing Elasticsearch in development mode with docker official image.
The basic install is based on X_pack and basic authentication.
Everything works fine by performing curl like:
curl -XPUT -u elastic:elasticpassword "http://localhost:9200/movies/movie/1" -d'
{
"title": "The Godfather",
"director": "Francis Ford Coppola",
"year": 1972, "user":"elastic", "password":"changeme"
}'
But is there a way to perform a token request (with user and password) and then query Elasticsearch with the token. Instead of having to specify user/password every time I perform a query?
The default X_Pack in docker image has Basic authentication enabled. Which is what your are using. The token for the same is base64(user:password). You can generate the same using http://base64encode.org and inputing :.
In curl there are two ways to call Basic auth URLs
curl -XPUT -u elastic:elasticpassword "http://localhost:9200/movies/movie/1" -d''
which you have already been using
curl -H "Authorization: Basic ZWxhc3RpYzpjaGFuZ2VtZQ==" -XPUT "http://localhost:9200/movies/movie/1" -d'....'
Now if your problem is putting in this again and again then you better create a alias in your bash profile like below
alias curles='curl -u elastic:elasticpassword'
After that you can call your commands as below
curles -XPUT "http://localhost:9200/movies/movie/1" -d''
Cutting out a lot of my original answer because you could argue it's all local, but leaving one major complaint about security here:
Definitely don't go to base64encode.org and enter your username:password. The very fact that it is suggested here on StackOverflow makes that site now (sadly for the owners) and incredibly juicy hacking target to compromise since they know people are going there.
curl -X GET --user myuser:mypassword "http://elasticsearch:9200/_cluster/health?pretty"
In my case above curl helped
{
"cluster_name" : "elasticsearch",
"status" : "green",
"timed_out" : false,
"number_of_nodes" : 1,
"number_of_data_nodes" : 1,
"active_primary_shards" : 16,
"active_shards" : 16,
"relocating_shards" : 0,
"initializing_shards" : 0,
"unassigned_shards" : 0,
"delayed_unassigned_shards" : 0,
"number_of_pending_tasks" : 0,
"number_of_in_flight_fetch" : 0,
"task_max_waiting_in_queue_millis" : 0,
"active_shards_percent_as_number" : 100.0
}
Further to Taran's answer, if you want to generate base64 token, you can do so by the following command:
echo -n 'username:pass' | openssl base64