publisher APIs invoke failed - api

all. recently I learned wso2 api manager 1.4+ and see the publisher apis are open. As I tried to invoke the apis using the RESTClient in api store, the response show "{"message" : "AuthenticateError", "error" : true}". I follow the doc in here: http://docs.wso2.org/display/AM140/Publisher+APIs. I am not familiar with rest apis, I just invoke the GET method, using the URL: http://**:9763/publisher/site/blocks/listing/ajax/item-list.jag, and get the error above. did I miss something or use the wrong format?
then I use curl to test the apis, it works.
root#appfactory01:~# curl -b cookies http://*:9763/publisher/site/blocks/listing/ajax/item-list.jag?action=getAllAPIs
{"error" : false, "apis" : [{"provider" : "admin", "subs" : 0, "name" : "redmine", "thumb" : "/registry/resource/_system/governance/apimgt/applicationdata/icons/admin/redmine/1.0.0/icon", "version" : "1.0.0", "status" : "PUBLISHED"}]}

It is because when using curl you are setting cookies through -b cookies option, but when using RESTClient it's not used. That's why you get Authenticate Error. You can add the -v option to curl to see the exact request and response.
To access through RESTClient add the Cookie Header as follows. Get the value for JSESSIONID from the cookies file used with curl or by observing the output of curl with -v option.
Cookie:JSESSIONID=8BB4617ABC21786D90A450xxxxxxx
and use the following url with GET request.
http://localhost:9763/publisher/site/blocks/listing/ajax/item-list.jag?action=getAllAPIs

Related

Fetching bearer token for OroCommerce returning error 405 Method Not Allowed

I'm attempting to fetch the bearer token for OroCommerce, via POSTMAN and am encountering a 405 error, for the following request:
URL: http://<OroCommerce DNS>/oauth2-token
Header: Content-Type: application/json
Body:
{
"grant_type": "client_credentials",
"client_id": "XXXX",
"client_secret": "XXXX"
}
I have generated the public and private keys and added them to the /var directory of the application. Per this issue, I have tried "Enabled Guest Access" checked and unchecked. Both result in the same 405 error w/ HTML in the response (see image below). The back-end is up, when attempting these requests. Any suggestions on where to look (configurations, etc), in order to successfully fetch the bearer token, via the REST API?
Response HTML
First of all, make sure an API is enabled: https://doc.oroinc.com/api/enabling-api-feature/.
Then, make sure you are using the POST HTTP method to submit the request.
If it wouldn't help, make sure the maintenance mode is fully disabled. It's step 13 in the upgrade guide: https://doc.oroinc.com/backend/setup/upgrade-to-new-version/#id1
Check the application log at var/logs/prod.log for errors. Usually, the error message explains what is wrong, or at least, you can use it to google the issue.
If nothing works, you can try to access the same endpoint using the dev environment. There should be a more explicit error message with the stack trace. Or enable an xdebug extension and check it step by step.

Curl call yahoo weather new api OAuth

I am trying to do a curl call to the new yahoo weather API
https://developer.yahoo.com/weather/
https://developer.yahoo.com/weather/documentation.html
I got my API Keys and my app has been approved or whitelisted.
However I can't seem to get my curl call to work with OAuth authentication. I first tried with Postman to make the call, I was authorized but the results were empty. According to support " Using oauth1 in postman can get intermittent error."
So am I trying to do a curl call like so:
curl --request GET --url 'https://weather-ydn-yql.media.yahoo.com/forecastrss?location=sunnyvale,ca' --header 'Authorization: OAuth oauth_consumer_key="(MY CLIENT ID)",oauth_signature_method="HMAC-SHA1",oauth_timestamp="1547215497",oauth_nonce="kIDevCJSTBi",oauth_version="1.0",oauth_signature="(MY GENERATED OAUTH SIGNATURE)"' --header 'Yahoo-App-Id: "(MY APP ID)"'
But I get this returned:
<?xml version="1.0" encoding="UTF-8" standalone="yes"?><yahoo:error xmlns:yahoo="http://www.yahooapis.com/v1/base.rng" xml:lang="en-US" yahoo:uri="http://yahoo.com"><yahoo:description>Please provide valid credentials. OAuth oauth_problem="OST_OAUTH_SIGNATURE_INVALID_ERROR", realm="yahooapis.com"</yahoo:description><yahoo:detail>Please provide valid credentials. OAuth oauth_problem="OST_OAUTH_SIGNATURE_INVALID_ERROR", realm="yahooapis.com"</yahoo:detail></yahoo:error>
This is from the Yahoo Weather Developer page:
GET /forecastrss?location=sunnyvale,ca HTTP/1.1 Host:
weather-ydn-yql.media.yahoo.com Yahoo-App-Id: YOUR_APP_ID
Authorization: OAuth
oauth_consumer_key="YOUR_CONSUMER_KEY",oauth_signature_method="HMAC-SHA1",oauth_timestamp="YOUR_TIMESTAMP",oauth_nonce="YOUR_NONCE",oauth_version="1.0",oauth_signature="YOUR_GENERATED_SIGNATURE" cache-control: no-cache
What Am I doing wrong? This is so frustrating.
Here is an example of curl request :
curl 'https://weather-ydn-yql.media.yahoo.com/forecastrss?location=sunnyvale,ca&format=json&oauth_consumer_key=YOUR_CONSUMER_KEY&oauth_signature_method=HMAC-SHA1&oauth_timestamp=YOUR_TIMESTAMP&oauth_nonce=YOUR_NONCE&oauth_version=1.0&oauth_signature=YOUR_GENERATED_SIGNATURE'
As explained in the documentation.
• YOUR_CONSUMER_KEY : Your consumer key
• YOUR_TIMESTAMP : Unix timestamp
• YOUR_NONCE : nounce
• YOUR_GENERATED_SIGNATURE : The encrypted signature.
Here are the steps using Postman (as you mentioned using it in the description) to generate a GET request to the Yahoo Weather API.
1) Postman configuration :
2) Generate the curl command
Then, in order to make the curl request you can press the code button and see the generated command.
There are some Code examples in Java, PHP and NodeJS on this page.

gitlab API unathorized

I tried to create a project by importing manually my git repo. I followed that tutorial :
https://gitlab.com/gitlab-org/gitlab-ce/blob/master/doc/raketasks/import.md
At the end I got that error :
* Failed trying to create xxx (xxx/xxx.git)
Errors: {:base=>["Failed to create repository via gitlab-shell"]}
By reading gitlab-shell.log file I discover that access to the API is forbidden I got the following error :
{"message":"401 Unauthorized"}
With that URL :
https://xxx/api/v4/internal/check
Do you know how can I fix this ?
You have to make a HTTP Post request in order to achieve this.
Clearly, according to https://docs.gitlab.com/ee/api/README.html you do not have the authorization. This is because you are not using the Gitlab Private token.
You can go to Profile -> settings -> generate a Private token. Once generated, copy it to your clipboard and use it in your post request.
Best way to use it is by Curl:
Ex:
curl --request POST --header "PRIVATE-TOKEN: XXXX -k "https://example.com//api/v4/projects/11/jobs/16863/retry"
u need to genrate private Token :
open your account gitlab -> settings->genrate private Token

Getting wrong data while using the Store API - List Subscriptions by Application - WSO2

I am following the below steps to get the subscriptions per application.
curl -X POST -c cookies http://localhost:9763/store/site/blocks/user/login/ajax/login.jag -d 'action=login&username=random&password=random
Now logged in and got the cookie details.
2.curl -b cookies 'http://localhost:9763/store/site/blocks/subscription/subscription-list/ajax/subscription-list.jag?action=getSubscriptionByApplication&app=App1'
Now , I am getting the subscriptions for the application App1 which has subscriber by the user admin not random.
Why this API thorws admin subscription instead of the particular user even though we are posting the request with the use of cookies. Please help.
The following curl request will List all API subscriptions of App1.
Request
.curl -b cookies 'http://localhost:9763/store/site/blocks/subscription/subscription-list/ajax/subscription-list.jag?action=getSubscriptionByApplication&app=App1'
Response
{"error" : false, "apis" : [{"apiName" : "CalculatorAPI", "apiVersion" : "1.0", "apiProvider" : "admin", "description" : "Simple calculator API to perform addition, subtraction, multiplication and division.", "subscribedTier" : "Unlimited", "status" : "PUBLISHED", "subStatus" : "UNBLOCKED"}]}
The response does not have a field for subscribedUsers
Hence I assume what you saw as admin was the apiProvider.

Creating a fork with the GitHub V3 API (REST)

I'm trying to fork a repo using the GitHub V3 API via REST, however, I am having issues making a POST request as per the docs (https://developer.github.com/v3/repos/forks/#create-a-fork).
Basically, what I have so far:
A logged-in user with an OAuth Token
A POST request setup to the API (URL: https://api.github.com/repos/carmichaelalonso/infiniteflight/forks/) - I am testing this with hurl.it to begin with.
Headers in the request: one has the name Authorization with the value 'token ...', the other specifies Content-Type with the value application/json
A body with the following JSON: {"organization" : "shortlisthome"} (shortlisthome is the account I am trying to fork the repo to.
I am not intending to fork this to an organization, instead of a standard user account, which is where I am getting confused. When I run the request, I do not get any authentication errors or 404 errors (I previously had but I had been entering incorrect values by mistake, causing such errors).
When I run this request though, I get the following result (a 422 unprocessable request):
{
"message": "Validation Failed",
"documentation_url": "---url-to-docs---",
"errors": [
{
"resource": "Fork",
"code": "invalid",
"field": "organization"
}
]
}
I am unsure whether or not I am able to fork this to a standard user, or if it is an error with my request. Please let me know if I can provide any more info (first post here so a bit unfamiliar with the convention).
Thanks!
In order for shortlisthome to fork the repository you need to authenticate as them. The repository you're trying to fork is public, so all you need to do is obtain a OAuth token for shortlisthome and then make a similar request to the one you're making now. The only difference will be that you do not need to provide the JSON body of {"organization": "shortlisthome"}.
For what it is worth, the optional JSON body is intended for you to use when you are a member of an organization with proper permissions and you want to fork the repository to that organization. You cannot fork a repository to someone else's account unless you are authenticated as them.
I've so far avoided OAuth2, and do not know hurl. Yet, perhaps this can help.
This post shows how it can be done using cURL's -u username flag:
curl -u 'myusername' https://api.github.com/repos/carmichaelalonso/infiniteflight/forks/ -d ''
The -d (or alternatively --data) flag turns it into a POST request.
Without that flag cURL defaults to a GET request, which is not what you want.
Since, the data is part of the URI for this request, send an empty string for the data that must follow the -d param, as such: -d ''.
Of course, using -u will require you to also supply a password..
Here is what GitHub shows using OAuth2 with their API:
OAuth2 Token (sent in a header):
curl -H "Authorization: token OAUTH-TOKEN" https://api.github.com
OAuth2 Token (sent as a parameter):
curl https://api.github.com/?access_token=OAUTH-TOKEN
Read more about OAuth2. Note that OAuth2 tokens can be acquired programmatically, for applications that are not websites.
OAuth2 Key/Secret
curl 'https://api.github.com/users/whatever?client_id=xxxx&client_secret=yyyy'
I suspect that adding -d '' (or some equivalent in hurl),
plus one of the formats above for sending OAuth2 info might get you most of the way there.
I used this command to fork on github enterprise
curl -vX POST https://git.redacted.com/api/v3/repos/<org-to-fork-from>/<repo-to-fork>/forks?access_token=<api-token> -d #gh-fork.json --header "Content-Type: application/json"
gh-fork.json is just
{
"organization": "org-to-fork-to",
"description": "",
"homepage": "https://git.redacted.com",
"private": false
}