Google currently exposes, at https://www.googleapis.com/oauth2/v2/certs, the following certificate values
{
"keys": [
{
"kty": "RSA",
"alg": "RS256",
"use": "sig",
"kid": "90adc60c0f9f503265a5ebc2c404c88e59882083",
"n": "u_EOLEKRMNuTA_UPh9R-LTQkF1TNGE6XRVbgvh081A5VtKNFe8b2CmoGvgrm_ochjX0robr8LwpOUSHO779yJANgvwuATHJ4SKYHzN2Gr0yBsC7MyL9CI_eXik4RGiNlEU6mgoy7GGnLtY5-A6OPo-I-4HEttP81LJrmSYh6Y2k=",
"e": "AQAB"
},
{
"kty": "RSA",
"alg": "RS256",
"use": "sig",
"kid": "5886590f72b8e40668c55fa366c19efb2a22d635",
"n": "x9mePRk3StM-Tg32S_E8OyBYD8uIHhPPa6U8jkHbpnRf2jEImk1ndIwIoJQCrHl1IsKpY1j81fyQKul0u1Frvb-LFGFVY3L7zSR4hnwzuU_05JtKZRfK-87Kj8JVMJbt34SKRmUitPH4QA23b6g-ORUMYjqWgNWufV6OPy8GYNE=",
"e": "AQAB"
}
]
}
I'm trying to access Google APIs using oic and jwkest, and get the error
DeSerializationNotPossible: Not base64url encoded
The problem occurs because the n parameters of both keys end in a = character. IIUC, they should be Base64URL encoded according to JSON Web Algorighms draft, and Base64URL strips the = characters, according to the JSON Web Signature draft.
Is this error in the Python libraries I'm using, or is this indeed Google not conforming to the specification? If the latter: where can I report it?
You are correct that Google isn't compliant with (the now RFCs) JWA and JWS in using regular base64 rather than base64url. However, I believe they've already been made aware of the issue and fixed it with a new version of the JWKS endpoint: https://www.googleapis.com/oauth2/v3/certs, which has the same keys as v2 but encoded properly per spec. You should be able to consume the v3 endpoint with the libraries you're using.
Related
So I know there's several SDK packages for many languages available for nHost, however I need to create my own interface to the system since the language I'll be using isn't typical.
I basically just need to know how to interact with authentication endpoints, send a users un/pw and recieve a JWT token. I've been successfully able to do this with aws Cognito, but I'd like to explore this instead.
I'm also not sure if I'm using the right base url, here's my thought so far:
https://kbvlufgpikkxbfkzkbeg.nhost.run/auth/login
So I would POST to there with some json in the body with the un/pw stuff, and the response should be the jwt token right?
I get a "resource does not exist" response from the above, however, so obviously I'm not forming the url correctly in the first place.
Thanks for the help!
Nhost supports multiple sign-on methods.
For example, using the email+password method, you would send:
POST https://xxxxxxxxxxxxx.nhost.run/v1/auth/signin/email-password
{"email":"foo#example.com","password":"bar"}
and the response:
{
"session": {
"accessToken": "somejwt....",
"accessTokenExpiresIn": 900,
"refreshToken": "xxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
"user": {
"id": "xxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
"createdAt": "2022-09-17T19:13:15.440221+00:00",
"displayName": "foo#example.com",
"avatarUrl": "",
"locale": "en",
"email": "foo#example.com",
"isAnonymous": false,
"defaultRole": "user",
"metadata": {},
"emailVerified": true,
"phoneNumber": null,
"phoneNumberVerified": false,
"activeMfaType": null,
"roles": [
"user",
"me"
]
}
},
"mfa": null
}
The JWT is short-term, when it expires, the refresh token is used to get a new one.
The Nhost JavaScript SDK handles it automatically for you, that's a big benefit to the platform (in addition to being integrated with Hasura). If you are trying to port it to another unsupported language, you'd have to reimplement it. Probably by reading the library and/or running one of their sample client application and reverse-engineering the HTTP over the wire.
The question is about kucoin websocket public channel (not trades) just last trades
I just want a live feed of trades like other crypto exchanges...
but when I want to connect to "wss://ws-api-futures.kucoin.com/endpoint" I get WebSocketError: Received unexpected status code (401 Unauthorized)
the documentation https://docs.kucoin.com/futures/#create-connection lack explications :(
normally with other exchanges I can just do this in javascript
bybit_market_ws = new WebSocket("wss://stream.bybit.com/spot/quote/ws/v2");
bybit_market_ws.onmessage = event => bybit_trades(event.data);
bybit_market_ws.onopen = event => bybit_market_ws.send(JSON.stringify({"topic":"trade","params":{"symbol":"BTCUSDT","binary":false},"event":"sub"}));
function bybit_trades (jsonx) { console.log(JSON.parse(jsonx)); }
so how can I do that with kucoin websocket ?
according to the documentation i would need a "public token"...
but there is no explication on how to get that token :(
does someone knows how I would retrieve the last trades via websocket (public) channel ?
Note that the following steps may be changed when the API is updated.
All information can be found at https://docs.kucoin.com/#apply-connect-token
Get the public token
Send a empty http POST (GET will not work) message to https://api.kucoin.com/api/v1/bullet-public.
Response:
{
"code": "200000",
"data": {
"token": "2neAiuYvAU61ZD...",
"instanceServers": [
{
"endpoint": "wss://ws-api.kucoin.com/endpoint",
"encrypt": true,
"protocol": "websocket",
"pingInterval": 18000,
"pingTimeout": 10000
}
]
}
}
Connect to the Websocket
With the data of the repsonse above:
websocket: endpoint + "?token=" + token
Example: wss://ws-api.kucoin.com/endpoint?token=2neAiu....
Get all supported trading pairs
send a http GET message to https://api.kucoin.com/api/v1/symbols
{
"code": "200000",
"data": [
{
"symbol": "REQ-ETH",
"name": "REQ-ETH",
"baseCurrency": "REQ",
"quoteCurrency": "ETH",
...
},
{
"symbol": "BTC-USDC",
"name": "BTC-USDC",
"baseCurrency": "BTC",
"quoteCurrency": "USDC",
...
},
...
Get trading data
When the websocket connection is established send a http POST message:
{
"type": "subscribe", //subscribe or unsubscribe
"topic": "/market/ticker:BTC-USDT,BTC-USDC"
}
maybe this answer will not please you at all, but i will try, most of the people who work from the API in KuCoin do it with python, in fact the SDK for Nodejs is out of date, your best bet is to ask in the telegram channel https://t.me/KuCoin_API, there are KuCoin engineers who always help, although most of them use python, there is also the academy channel https://t.me/kucoin_learning, where there are examples, in short I can only mention references because I was also where you are, and the best I could do was that and review the SDk code and from there intuit and create my own adjustments
PD: the datafeed.js file is your best option, check it out https://github.com/Kucoin/kucoin-futures-node-sdk/blob/master/src/lib/datafeed.js
I have setup a two way communication between business account and customer using whatsapp business apis. I am having trouble understanding media providers that there documentation talks about for sending text message to customer with image/media.
Heres the link to it: https://developers.facebook.com/docs/whatsapp/api/settings/media-providers/
Who are these providers? are they some specified organisation?
I am currently storing the media files in AWS S3 using some pre-signed url method. Can I use media stored in S3 in whatsapp media message?.
An example would be great help.
According to the Whatsapp API media messages documentation, there are two ways of sending an image outbound message:
Send the image by its Media ID
Send the image by its URL
When choosing 2, sending it by its URL, sometimes you may need to setup a Media Provider settings if the images URL you reference is not directly accessible and requires a username/password authentication or even a bearer token. (check https://developers.facebook.com/docs/whatsapp/api/messages).
Sending images by Media ID
To send it by ID, you need first to upload the image file using the POST /v1/media endpoint. That will return the Media-ID (e.g: 456) that you should use to compose the message object on the POST /v1/messages/ endpoint, like this:
{
"to": "1234567",
"type": "image",
"recipient_type": "individual",
"image": {
"caption": "The image caption",
"id": "456"
}
}
Sending images by URL
When sending it by URL, you can simply inform the URL of a image file (e.g.: http://yourcompany.com/images/your_image.png) on the link field of the POST /v1/messages/ endpoint, just like this:
{
"to": "1234567",
"type": "image",
"recipient_type": "individual",
"image": {
"caption": "The image caption",
"link": "http://yourcompany.com/images/your_image.png"
}
}
What if the URL http://yourcompany.com/images/your_image.png is behind some authentication on the server? (username/password ou maybe a bearer token). Then you need first to setup a Media Provider with such credentials, using the POST /v1/settings/application/media/providers endpoint, like this:
[{
"name": "yourcompany-images",
"type": "www",
"config": {
"basic": {
"username": "the-username",
"password": "the-password"
}
}
}
]
Once you have this set up on your API, then you are able to reference this Media Provider by its name on the POST /v1/messages/ endpoint, like this:
{
"to": "1234567",
"type": "image",
"recipient_type": "individual",
"image": {
"caption": "The image caption",
"link": "http://yourcompany.com/images/your_image.png"
"provider": {
"name" : "yourcompany-images"
}
}
}
Using S3 pre-signed URLs as image links
You have to consider that pre-signed URLs are temporary links that will expire after a while. It can work when everything is fine with you Whatsapp API Client and the message is promptly received by the recipient. But if something goes wrong on this chain, maybe the Whatsapp API will try to download the image again later. So keep this in mind and try to create pre-signed URLs with long expiration time (maybe a 7 day expiration link using IAM User as explained here).
For my React Native app I am using Parse JS SDK and hosted Parse Server on Back4app.
When I try to register a new user, the user is not authenticated because the response does not return a sessionToken.
However, once the user is in the db and signs in a sessionToken is returned and the user is authenticated successfully.
Request
The request is the same for sign in/up.
await Parse.User.logInWith('google', {
// auth data received from #react-native-community/google-signin
authData: {
id,
id_token: token
}
})
Response on initial Sign Up
The response is supposed to return a sessionToken which is missing. So the user is not authenticated and modifications on the user object are not possible.
{
"authData": {...},
"createdAt": "...",
"objectId": "...",
"updatedAt": "...",
"username": "..."
}
Response on sign in after user was created
{
"ACL": {...},
"authData": {...},
"createdAt": "...",
"objectId": "...",
"sessionToken": "...",
"updatedAt": "...",
"username": "..."
}
I don't use any cloud code. Just a simple auth flow with Google oAuth.
Any help is highly appreciated.
Edit: same issue for 'sign in with Apple'
As far as I know, according to the Official Documentation, Parse will respond 200 (HTTP OK) and include the Session Token only when it verifies the user is already associated with the OAuth authentication data.
So, again, as far as I know, the very first request when you create the user, will not contain the sessionToken.
Take a look to this tutorial https://www.thinkertwin.com/how-to-setup-google-oauth2-login-with-parse-server-in-react/
Here there is an explanation on how to setup your Cloud Code. It's for React, but with small adjustments it will work for React Native.
You also need Cloud Code as you need to store your Client ID and Secret. You don't want to have those on your public application
https://anypoint.mulesoft.com/apiplatform/anypoint-platform/#/portals/organizations/68ef9520-24e9-4cf2-b2f5-620025690913/apis/8617/versions/40329/pages/35412
/applications/{domain}/logs Traits: environment_based
Retrieve log messages for the application, ordered newest to oldest.
I am trying to access this api but am unable to relate what client id does it ask. Also I am unable to relate to oauth authentication this needs.
I am new to mule.
i am sharing the steps by step instructions to access the details of apps from api.
Step 1 : Get the access token from the Api
https://anypoint.mulesoft.com/accounts/login?username=YOUR_USERNAME&password=YOUR_PASSWORD
NOTE : Use POST method and add Header Content-Type=application/json
You will get response in JSON format like below
{
"access_token": "44126898-7ed8-4453-8d28-skajnbf",
"token_type": "bearer",
"redirectUrl": "/home/"
}
Step 2: Get your organization id
https://anypoint.mulesoft.com/accounts/api/me
NOTE : Use GET method and add below Headers
Content-Type = application/json
Authorization = Bearer ACCESS_TOKE_YOU_GOT_ABOVE
Example : Authorization = Bearer 44126898-7ed8-4453-8d28-skajnbf
In the response you will have a section where you will get you organization related details like below
"organization": {
"name": "Sample",
"id": "c1e68d1e-797d-47a5-b",
"createdAt": "2016-11-29T09:45:27.903Z",
"updatedAt": "2016-11-29T09:45:27.932Z",
"ownerId": "68df9a5",
"clientId": "7200350999564690",
"domain": "******",
"idprovider_id": "mulesoft",
"isFederated": false,
"parentOrganizationIds": [],
"subOrganizationIds": [],
"tenantOrganizationIds": [],
"isMaster": true,
"subscription": {
"type": "Trial",
"expiration": "2016-12-29T09:45:27.906Z"
},
Step 3: Get the environment Details
https://anypoint.mulesoft.com/accounts/api/organizations/YOUR_ORGANIZATION_ID_FROM_ABOVE/environments
NOTE : Use GET method and add below Headers
Content-Type = application/json
Authorization = Bearer ACCESS_TOKE_YOU_GOT_ABOVE
Example : https://anypoint.mulesoft.com/accounts/api/organizations/c1e68d1e-797d-47a5-b/environments
You will get all available environments in the response in JSON format as below
{
"data": [
{
"id": "042c933d-82ec-453c-99b2-asmbd",
"name": "Production",
"organizationId": "c1e68d1e-797d-47a5-b726-77asd",
"isProduction": true
}
],
"total": 1
}
Step 4: Now specify the domain name and fetch the logs
https://anypoint.mulesoft.com/cloudhub/api/v2/applications/YOUR_CLOUDHUB_APP_NAME/logs
Example : https://anypoint.mulesoft.com/cloudhub/api/v2/applications/first-test-api-application/logs
NOTE : Use GET method and add below Headers
Content-Type = application/json
Authorization = Bearer ACCESS_TOKE_YOU_GOT_ABOVE
X-ANYPNT-ENV-ID = ENVIRONMENT_ID_YOU_GOT_ABOVE
Example : X-ANYPNT-ENV-ID = 042c933d-82ec-453c-99b2-asmbd
You will get the logs in JSON format as below
{
"data": [
{
"loggerName": "Platform",
"threadName": "system",
"timestamp": 1480503796819,
"message": "Deploying application to 1 workers.",
"priority": "SYSTEM",
"instanceId": "583eb1f1c4b27"
},
{
"loggerName": "Platform",
"threadName": "system",
"timestamp": 1480503797404,
"message": "Provisioning CloudHub worker...",
"priority": "SYSTEM",
"instanceId": "583eb1f1e4b27"
}
],
"total": 2
}
NOTE : FOR ENHANCED LOGGING YOU SHOULD SELECT APPROPRIATE DEPLOYMENT AND INSTANCE IDs TO GET LOGS IN SIMILAR MANNER
Hope this Helps for Beginners
To see the clientID. Log into your CloudHub account. Click on the "gear" icon in the upper right corner. Click on the name of your organisation. you should now see your "clientID" and the "ClientSecret" ID.
Before you use the CloudHub APIs or the Anypoint platform APIs you have to create an account on the Anypoint Platform - Check the architecture of the Anypoint API platform #
https://docs.mulesoft.com/anypoint-platform-for-apis/anypoint-platform-for-apis-system-architecture
Once your are done with the registration with the Anypoint API platform you need to set up users, roles & privileges as an admin -
https://docs.mulesoft.com/anypoint-platform-administration/managing-accounts-roles-and-permissions
As admin you need to control access to APIs by creating & supplying client Id and client Secret - https://docs.mulesoft.com/anypoint-platform-administration/manage-your-organization-and-business-groups
I guess that's the client you referring to. It needs to be present in the request for all the APIs.
As far as OAuth is concerned, it is not completely functional on Cloudhub API. You will have to raise a ticket for support. Check this out -
https://docs.mulesoft.com/mule-user-guide/v/3.7/mule-secure-token-service
If you are new to Mule, run through the Mule Intro videos and try out the Anypoint Studio to get feel of Mulesoft Applications.
Hope this helps.