I’m working on an widget for the fiware mashup. It needs to get data in json from a server. I’ve realized that with the MashupPlatform.http.makeRequest.
The problem is, the server sends xml back, if I don’t ask to get json. I don’t find any option in the widget api to to do it so. (like the curl option --header 'Accept: application/json')
As you have said, when you perform an HTTP request, you should add the Accept header to specify the response format. When you are using the MashUp Platform to make requests, you can specify the headers by adding the object "requestHeaders" in the options parameter. For example:
MashupPlatform.http.makeRequest("http://YOUR_SERVICE_URL/PATH", { "requestHeaders": {"Accept":"application/json"}});
You can check all the options that you can include in a HTTP request in the documentation: https://wirecloud.readthedocs.org/en/latest/widgetapi/widgetapi/#request-options-general-options
Best Regards
Related
I am trying to carry out a test as like it explained here:
JMeter Alter HTTP Headers During Test.
Quote from above :
I'm attempting to test an HTTP service with JMeter. The HTTP service requires authentication through a simple bearer token mechanism. I'm trying to proceed as follows:
POST authentication request Store token as a variable
Set Authorization HTTP header to stored variable
Request protected resource(s)
Evaluate performance
When the POST occurs, I am not able to capture the bearer token. Its a header.
I tried the solution provided by Dmitri on that issue Or as Bennet tried with RegEx Extractor and HTTPs Manager.
I think I am doing something silly not to able to extract the token. Any thoughts how to extract the token?
Most likely your Regular Expression Extractor configuration is not correct, by default it:
uses response body as a source therefore you need to switch it to look into response headers (red rectangle)
looks up in main sample only, if your header is set after redirect it won't be processed (amber rectangle)
Example configuration:
You can double check ${bearer} variable value using Debug Sampler and View Results Tree listener combination.
While I was reading about interaction with Amazon S3, I came to know that request authentication with Amazon AWS is done in 2 ways
HTTP Authorization:
Using the HTTP Authorization header is the most common method of providing authentication information
Query string parameters:
Using query parameters to authenticate requests is useful when you want to express a request entirely in a URL. This method is also referred as presigning a URL.
The question is in which situation should I prefer one method over the other. Do these two authentication methods have their own advantages and disadvantages? As a developer, by using query string parameters method I can presign the URL which enables the end users to temporarily access the Amazon S3 resources by entering the presigned URL in the web browser. Can I use HTTP Authorization method to achieve the same thing? If so which method is better to use and what are their respective limitations?
Can I use HTTP Authorization method to achieve the same thing?
Sometimes. The key difference is that, as a developer, you don't always have enough control over the user agent to inject a header. The most obvious example of this is a simple GET request launched by a web browser in response to the user clicking a link. In that situation, you don't have the a ability to inject an Authorization: header for the browser to send ... so pre-signing the URL is all you can do.
Importantly, there's no information in a signed URL that is considered sensitive, so there's no particularly strong motivation to use the header instead of a signed URL. Your AWS Access Key ID is not secret, and your AWS Secret can't be derived from the other elements and the signature in a computationally-feasible time frame, particularly if you use Signature Version 4, which you should. Signature Version 2 is not officially deprecated in older regions, but newer S3 never supported it and likely never will.
When you do control the user agent, such as in back-end server code, adding the header may be preferable, because you don't need to do any manipulation of the URL string you already have in-hand.
The overview in the first AWS page says what the difference is:
Except for POST requests and requests that are signed by using query parameters, all Amazon S3 bucket operations and object operations use the Authorization request header to provide authentication information.
Basically a POST is used for HTML forms (discussed at length in the Mozilla page). You would use forms whenever the request involves passing data to the remote server, versus just checking status. As noted in HTML method Attribute (W3Schools),
Never use GET to send sensitive data! (will be visible in the URL)
as distinguished from POST:
Appends form-data inside the body of the HTTP request (data is not shown is in URL)
I am trying to use the Cloudcontrol REST API.
Has anybody used that API? I did not find out how to authenticate.
As an example, I tried https://api.devcctrl.com/app/APPMNAME/deployment/default/error/
I found : https://api.devcctrl.com/doc/#Token but I don't understand how exactly to use it.
An example would be great.
What I really want to do: I want to deploy an app using REST API. I cannot use the CLI tools due to missing python installation.
Thanks
Mike
First, in order to get the token, you need to send a HTTP POST request to api.cloudcontrol.com/token/using Basic Authentication using the email and password of your cloudControl account. You will get a JSON response like this:
{"token": "<TOKEN_KEY>"}'
You need this token key to authenticate for all other requests to the API. To do so, add an Authorization Header to your request with this content:
Authorization -> "cc_auth_token="<TOKEN_KEY>""
Furthermore, you might also need to set up some other headers for PUT or POST requests, like:
Content-Type -> "application/x-www-form-urlencoded"
Content-Length -> <length of your parametrized url values, e.g. bar=baz&foo=qux>
Accept-Encoding -> "compress, gzip"
You can find examples of this usage in the pycclib (Python) or gocclib (Go) libraries.
Anyone know how I can test posting data to this url? I was given the link by the IT supervisor and trying to have the data posted to the following link by submitting the following form. He said it would accept anything I send it
Could could do this via curl:
curl -X POST -d "data=anything_i_send_it" http://powersource.braindongle.com/lead-manager/lead/new/omgpost/sessions/
Or using another HTTP tool like Hurl.it
Or using a Chrome extension like Postman or REST Console.
Advanced Rest Client is an easy way to do it. It's a free chrome extension that can form http requests with data.
I'm using Restler's API Explorer (a fork of Swagger UI) and when I test a service call there it works fine but when I cut and paste the same URL into Chrome's Advanced REST Client I get a "403 Forbidden" error. How can that be? Is there some sort of required header parameter that needs to be passed with the request?
Here are the screen shots:
You need to get the content type right. Make sure you are sending the data as JSON (application/json)
You need to add a header
Content-Type application/json