I'm trying to read data from a google spreadsheet by retrieving a cell based feed via the sheets API.
The spreadsheet is private, so I'm using oauth 2.0 to authorize my requests.
Retrieving basic infos about my drive account via https://spreadsheets.google.com/feeds/spreadsheets works fine, but when I try to access the data from on of my spreadsheets directly via
XMLHttp GET Request to https://spreadsheets.google.com/feeds/cells
I'm getting an "No 'Access-Control-Allow-Origin' header is present on the requested resource" error.
I've set the correct Authorization Token via
xhr.setRequestHeader('Authorization', 'Bearer ' + token);
and tried to "activate" CORS via
xhr.setRequestHeader('Access-Control-Allow-Credentials', 'true');
To no avail.
Any tipps on how to access this resource ?
Thanks !
Fixed this very same issue just today. And I did not need to enable/activate CORS as I've read that some firewalls will strip out the headers for security. http://promincproductions.com/blog/server-proxy-for-cross-site-scripting-cors/
In a global part of your js code, add in a function ...
window.googleDocCallback = function () { return true; };
Then, to the URL in your AJAX (GET assumed?) request, if you have no URI params, append ?callback=googleDocCallback
and if you do have other params,
append &callback=googleDocCallback
For more info, please see: https://jvaneyck.wordpress.com/2014/01/07/cross-domain-requests-in-javascript/
Google Sheets API has a known bug that doesn't support CORS for POST requests. Can you confirm that you are in fact making a GET request and not a POST/PUT/DELETE?
You need to send a GET request. Make sure that there are no headers sent (not even content-type headers).
Related
I am a beginner in JMeter, trying to perform load test to my Rest API. First, the Get request gets the access_token as below:
Then the following Post request runs with that authorization token to produce the Json, but I am missing something so the Post Request is failing as Authentication denied as below,
Added the Regular expression extractor to extract the token from the Get request's response as below:
Then storing it in the HTTP Header Manager in a variable as below
I am missing to link the value to the Post request, I dont know how to do it, please help.
In header manager, instead of access_token, the header name should be Authorization. Please reconfirm this with developer team / retry this same request in postman
The regex expression used should look something like this
"access_token":"(.*?)"
Also, another pro tip: because the response to getToken api call is JSON, you can use JSON Post Processor to extract the access_token by saying something like $.access_token. It is much clean way to process JSON object.
I have application api url which has passed as Background with Basicauth. Using that i need to get an csrf token. I tried with responsecookies. Nothing is coming up.
Can you please let me know how to get the csrf token from that specific api. I am getting actual application response but not the cookies.
Please read the documentation and go through the demo examples. It depends on the response. There are 2 possibilities, cookie (or header) OR the response body itself (plain text or JSON / XML).
So it is up to you to extract it and then store it as a variable, and use it to build headers for all future responses.
Please refer to the demo example:
Given path 'signin', 'token'
When method get
Then status 200
And header X-CSRF-TOKEN = response
In this case, the token happened to be the entire response string.
I am using postman to do some testing on a REST API.
To login I use a post request who respond with a token I need to keep to use it with another request.
I did it that way :
and then I want to use it in another request who need that token in the header :
I seems that it's not sending the token. What am I doing wrong ?
Let's say the login response is:
{
"message": {
"token":"Some token value here"
}
}
There is a slight change in the latest postman and here is the syntax to set variable:
var data = pm.response.json();
pm.environment.set("token", data.message.token);
Read here more information:
https://learning.getpostman.com/docs/postman/environments_and_globals/variables/
The problem was that I was using postman.setEnvironmentVariable() instead of postman.setGlobalVariable().
I found the answer here
I have used the below script in the Tests tab of the postman and it worked for me.
pm.environment.set("access_token", JSON.parse(responseBody).access_token);
After setting the access token in my first API, I am passing that access token in my second API.
You can save token to an environment variable and access in any requests under that collection. May be this link will be helpful:
Extracting data from responses and chaining requests
Go to Login API
Go to "Tests" tab.
Add folowing script. This script will set variable "AuthToken" with response token.
var jsonData = JSON.parse(responseBody);
postman.setEnvironmentVariable("AuthToken", jsonData.data.accessToken);
I'm trying to send data from NetSuite to ZenDesk via the ZenDesk API. Problem is, I can not get it to authenticate by placing the authentication inside the header. Has anyone seen any articles on doing it this way? I've tried adding it as {email}:{password} and {email}/token:{token} with no luck.
I have tested the password and the token using curl. So I do know that the password is correct. Any thoughts on this one?
I've also tried using Postman to create the authentication and it worked as well. Oddly enough, though, I can not use that authentication in any other application. I can paste is into the header (in Postman) with no issues, but when I try to do that via Advanced Rest Client (Chrome Extension) it won't work, nor will it work in the header from NetSuite.
I'm guessing there must be something that I am missing that Postman is doing by itself.
generally you have to provide credentials as a header e.g. a GET request like:
var url = 'https://...';
var cred = 'username' +':'+ 'password';
var headers = {
'Content-Type' : 'application/json',
'Authorization' : nlapiEncrypt(cred, 'base64');
};
nlapiRequestURL(url, null, headers);
Netsuite has a new method that apparently helps with this: nlapiRequestURLWithCredentials but I've not bothered figuring it out since the above is well tested and has worked with multiple remote systems.
When doing any filters or any other option allowed in the request body per documents like this: https://developer.intuit.com/docs/0025_quickbooksapi/0050_data_services/v2/0400_quickbooks_online/in... (the quickbooks online API document) I always get the error "Unauthorized OAuth Token: signature_invalid" in my own application as well as the API tool located here: https://developer.intuit.com/apiexplorer
Example of what I put in request body:
PageNum=1&ResultsPerPage=20
or simply ResultsPerPage=20
I am not sure why this would also happen in the API Explorer even per instruction but it does. Without the ability to move the page marker and show more results as well as being able to filter, I will simply not be able to use the API as you can see.
Any ideas?
It could be a bug in ApiExplorer. I tried with RestClient plugin of Mozilla browser. It worked fine.
Method - post
Content-Type - application/x-www-form-urlencoded
Paging filter - PageNum=1&ResultsPerPage=1
Snapshot
Thanks