I like to flattr an auto-submit url as the documentation describes on the bottom of the page:
http://developers.flattr.net/api/resources/flattrs/
Here is my request:
POST https://api.flattr.com/rest/v2/flattr
Authorization: Bearer xxx
Content-Type: application/json
{"url" : "https://flattr.com/submit/auto?user_id=243&url=http%3A%2F%2Fmobilemacs.de%2F2012%2F01%2Fmm079-folgen-heist-maul-halten.html&title=MM079+Folgen+hei%C3%9Ft+Maul+halten&description=Die+erste+Sendung+des+Jahres+muss+gleich+den+Ausfall+von+Denis+verkraften+und+dazu+mit+einer+geradezu+j%C3%A4mmerlichen+Nachrichtenlage+arbeiten.+Wir+machen+das+beste+draus+und+reden+ausf%C3%BChrlich+%C3%BCber+Apps%2C+singe+die+leise+Klage+des+L%C3%B6wen%2C+geben+ein+paar+nette+Konsumtips+und+kritteln+an+jeder+Hardware%2C+Software+und+Websites+herum%2C+die+bei+drei+nicht+auf+den+B%C3%A4umen+war.+So+sind+wir+halt.+Zu+Beginn+begl%C3%BCcken+wir+Euch+mit+der+Aufl%C3%B6sung+des+R%C3%A4tsels+der+letzten+Sendung%3A+%09Wie+hie%C3%9F+der+erste+Webbrowser+von+Apple%3F+Antwort%3A+CYBERDOG+%28YE%29+%09Wie+lautet+der+urspr%C3%BCngliche+Projektname+von+Mac+OS+8%3F+Antwort%3A+COPLAND+%28LA%29+%09Wie+lautet+das+Root+Passwort+des+iPhone%3F+Antwort%3A+ALPINE+%28IN%29+%09Wie+hei%C3%9Ft+das+erste+Ger%C3%A4t+von+Apple+mit+einem+Geh%C3%A4use+aus+durchsichtigem+Plastik%3F+Antwort%3A+EMATE+%28EA%29+%09Wie+lautet+die+kleinste+Einheit+von+Bitcoin%3F+Antwort%3A+SATOSHI+%28ST%29+%09Welche+Waffe+in+Worms+Armageddon+ist+auch+ein+Codename+einer+Apple+Software%3F+Antwort%3A+HOLY+HAND+GRENADE+%28NGR%29+Aus+dem+sich+daraus+ergebenden+Buchstab&language=de_DE&tags=blog&hidden=0&category=audio"}
And here is what I get back:
{"error":"invalid_request","error_description":"The request is invalid","error_uri":"http:\/\/developers.flattr.net\/api"}
Can anybody explain this?
Sorry that it took some time for us to respond.
It was a bug that now have been found thanks to you! :)
I've fixed it and rolled it out just now. I hope it works properly.
Let us know if you run into any other trouble.
Related
I'm facing a problem that seems to be simple. I'm trying to call a REST API from Jenkins build step and it's not working.
I make this call from postman and it works just fine, but from Jenkins, it doesn't. Bellow are some pictures of my configurations.
Postman Settings
As you can see on this image, at postman my request works perfectly.
Jenkins Settings
At this image you can see that I'm using the same settings at Jenkins, although it doesn't work.
Finally, the error message that is presented when I try to run the Jenkins.
Started by user Hugo da Silva da Silva
Running as SYSTEM
Building in workspace /var/lib/jenkins/workspace/Power BI - Atualizador mensal
HttpMethod: POST
URL: https://login.windows.net/7348b8c4-3705-4965-b18a-c02e2d5a28eb/oauth2/token
Content-Type: application/x-www-form-urlencoded; charset=ISO-8859-1
Accept: application/json
Sending request to url: https://login.windows.net/7348b8c4-3705-4965-b18a-c02e2d5a28eb/oauth2/token
Response Code: HTTP/1.1 400 Bad Request
ERROR: Build step failed with exception
hudson.AbortException: Fail: the returned code 400 is not in the accepted range: [[100‥399]]
at jenkins.plugins.http_request.HttpRequestExecution.responseCodeIsValid(HttpRequestExecution.java:369)
at jenkins.plugins.http_request.HttpRequestExecution.processResponse(HttpRequestExecution.java:379)
at jenkins.plugins.http_request.HttpRequestExecution.authAndRequest(HttpRequestExecution.java:295)
at jenkins.plugins.http_request.HttpRequestExecution.call(HttpRequestExecution.java:226)
Caused: java.lang.IllegalStateException
at jenkins.plugins.http_request.HttpRequestExecution.call(HttpRequestExecution.java:229)
at jenkins.plugins.http_request.HttpRequestExecution.call(HttpRequestExecution.java:79)
at hudson.remoting.LocalChannel.call(LocalChannel.java:45)
at jenkins.plugins.http_request.HttpRequest.perform(HttpRequest.java:398)
at hudson.tasks.BuildStepMonitor$1.perform(BuildStepMonitor.java:20)
at hudson.model.AbstractBuild$AbstractBuildExecution.perform(AbstractBuild.java:741)
at hudson.model.Build$BuildExecution.build(Build.java:206)
at hudson.model.Build$BuildExecution.doRun(Build.java:163)
at hudson.model.AbstractBuild$AbstractBuildExecution.run(AbstractBuild.java:504)
at hudson.model.Run.execute(Run.java:1856)
at hudson.model.FreeStyleBuild.run(FreeStyleBuild.java:43)
at hudson.model.ResourceController.execute(ResourceController.java:97)
at hudson.model.Executor.run(Executor.java:428)
Build step 'HTTP Request' marked build as failure
Finished: FAILURE
Anybody has ever faced a similar situation? Any tip?
Best Regards
Posting here the solution given by my friend #brunolmfg.
The problem was the body content format. I was posting it using json format, whereas I shoud post it as url encoded. Here is the body content that worked:
grant_type=client_credentials&resouce=XXX&client_id=YYY&client_secret=ZZZZ
can someone please help me with uploading a file on JMeter I feel its very tricky thing...
let me share the screen shot of what I've done
enter image description here
Its failing with below error:
Thread Name:jp#gc - Ultimate Thread Group 2-4
Sample Start:2021-02-04 17:28:44 IST
Load time:562
Connect Time:0
Latency:562
Size in bytes:595
Sent bytes:84568
Headers size in bytes:446
Body size in bytes:149
Sample Count:1
Error Count:1
Data type ("text"|"bin"|""):text
Response code:500
Response message:
HTTPSampleResult fields:
ContentType: application/json
DataEncoding: null
Response Body:
{"timestamp":"2021-02-04T11:58:45.482+00:00","status":500,"error":"Internal Server Error","message":"","path":"/pps/storage/upload-image"}
Request Body:
POST https://pixelperfectdevexternal.useready.com/pps/storage/upload-image
POST data:
--axOhwnTOrVj2VWGGuxcaqfjgHwGQKsTFl
Content-Disposition: form-data; name="filename"
Content-Type: image/jpeg; charset=US-ASCII
Content-Transfer-Encoding: 8bit
${filename}
--axOhwnTOrVj2VWGGuxcaqfjgHwGQKsTFl
Content-Disposition: form-data; name="filename"; filename="Passport size photo.jpeg"
Content-Type: image/jpeg
Content-Transfer-Encoding: binary
<actual file content, not shown here>
--axOhwnTOrVj2VWGGuxcaqfjgHwGQKsTFl--
I'm totally stuck on this from last 3 weeks, I did what was told in tutorials and still its not working, someone please help me out.
We don't know how to fix the issue because we don't know how the request should look like, moreover you don't show us "Parameters" tab of the HTTP Request sampler and HTTP Header Manager configuration.
So if you have another way of successfully calling this API like curl or Postman or other tool - you should be able to record the request using JMeter's HTTP(S) Test Script Recorder, see How to Convert Your Postman API Tests to JMeter for Scaling article for example setup.
If not, you need to check your API endpoint documentation, application logs or ask around for the proper request format, once you know it you should be able to amend the request yourself or provide us more details so we could assist.
I am working with an API that works well when consumed from Postman:
But when i try to consume it from Yii2 i get {"name":"Unauthorized","message":"Your request was made with invalid credentials.","code":0,"status":401} and i think i am sending all the headers
The authorization was made with a Bearer Token:
Don't know what i am doing wrong, thanks in advance.
I just got that i have to add my headers this way:
Was adding them the wrong way.
so I've followed the steps here to the letter: https://www.reddit.com/r/algotrading/comments/c81vzq/td_ameritrade_api_access_2019_guide/ in an effort to get a refresh token so that I can build a client app in C# to use TD Ameritrade's API, to conduct special stock and option screening and trading. I got to the end before reaching any trouble.
In the very last step in getting my refresh token, where you fill out the fields on https://developer.tdameritrade.com/authentication/apis/post/token-0, it fails, I just get the following response in an HTTP 401 error:
HTTP/1.1 401 Unauthorized
Access-Control-Allow-Headers: origin
Access-Control-Allow-Methods:
GET
Access-Control-Allow-Origin:
https://developer.tdameritrade.com
Access-Control-Max-Age: 3628800
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 31
Content-Security-Policy: frame-ancestors 'self'
Content-Type: application/json;charset=UTF-8
Date: Sat, 04 Apr 2020 16:07:04 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Application-Context: OAUTH_SERVICE:run:8080
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Xss-Protection: 1; mode=block
{
"error": "invalid_grant"
}
What could the problem be? I've double and triple checked each step and the values in the text boxes (imaged below) to receive a refresh token, but I can't get it to work. The code and client ID are properly done, as well, based on the guide's steps - I double and triple checked.
I followed the steps in the Reddit guide, and from a linked guide by TDA Ameritrade themselves, to ensure I was putting the proper values in the proper fields, so I really have no clue what's going on.
Any help is appreciated.
"code" or "authorization code" is only a one-time pass-key that expires after 30 minutes. It allows you to get the "access token", which, although it has a similar name, seems to be different. So make sure you URL-decode the auth code reasonably rapidly, then get your first response correctly in before 30 minutes.
Also try on weekends, as TDAmeritrade's SMS gateway has been frustratingly slow recently during the GameStop raids, and it's possible their authentication handshaking could be having problems as well during trading hours.
Note that appending "#AMER.OAUTHAP" does not seem to be necessary for the client_id slot of the manual Post Access Token form.
I ran into this issue and the problem was I was url encoding the redirect uri in the console when requesting the refresh token. When I retried using a urldecoded uri it worked.
It turns out, http://localhost does not function for a redirect URI in TDA's API. You have to use https://127.0.0.1 in your app settings and then again in the many steps that follow when you try to generate your first refresh token.
So, that solves that.
Make sure that your redirect_uri matches exactly to that configured in your app.
If you're using a Windows machine, I'd suggest setting your callback URL to:
http://localhost
Note that this is http rather than https.
This will save you from having to setup IIS and configuring SSL on your workstation.
Also, something worth remembering is that the authorization code will only work once when creating your bearer and refresh token.
On any subsequent attempts at sending that same authorization code, you'll get the "invalid_grant" error.
I had similar issue and it was resolved using below steps -
Update callback URI on custom app to https://127.0.0.1
Request new access code after updating the URI.
Access token is valid only for 30 mins. Hence, the refresh token should be requested ASAP.
I'm testing an implementation of JWT Token based security based off the following article. I have successfully received a token from the test server. I can't figure out how to have the Chrome POSTMAN REST Client program send the token in the header.
My questions are as follows:
1) Am I using the right header name and/or POSTMAN interface?
2) Do I need to base 64 encode the token? I thought I could just send the token back.
For the request Header name just use Authorization.
Place Bearer before the Token. I just tried it out and it works for me.
Authorization: Bearer TOKEN_STRING
Each part of the JWT is a base64url encoded value.
Here is an image if it helps :)
Update:
The postman team added "Bearer token" to the "authorization tab":
I am adding to this question a little interesting tip that may help you guys testing JWT Apis.
Its is very simple actually.
When you log in, in your Api (login endpoint), you will immediately receive your token, and as #mick-cullen said you will have to use the JWT on your header as:
Authorization: Bearer TOKEN_STRING
Now if you like to automate or just make your life easier, your tests you can save the token as a global that you can call on all other endpoints as:
Authorization: Bearer {{jwt_token}}
On Postman:
Then make a Global variable in postman as jwt_token = TOKEN_STRING.
On your login endpoint:
To make it useful, add on the beginning of the Tests Tab add:
var data = JSON.parse(responseBody);
postman.clearGlobalVariable("jwt_token");
postman.setGlobalVariable("jwt_token", data.jwt_token);
I am guessing that your api is returning the token as a json on the response as:
{"jwt_token":"TOKEN_STRING"}, there may be some sort of variation.
On the first line you add the response to the data varibale.
Clean your Global
And assign the value.
So now you have your token on the global variable, what makes easy to use Authorization: Bearer {{jwt_token}} on all your endpoints.
Hope this tip helps.
EDIT
Something to read
About tests on Postman: testing examples
Command Line: Newman
CI: integrating with Jenkins
Nice blog post: master api test automation
Here is how to set token this automatically
On your login/auth request
Then for authenticated page
I had the same issue in Flask and after trying the first 2 solutions which are the same (Authorization: Bearer <token>), and getting this:
{
"description": "Unsupported authorization type",
"error": "Invalid JWT header",
"status_code": 401
}
I managed to finally solve it by using:
Authorization: jwt <token>
Thought it might save some time to people who encounter the same thing.
If you wish to use postman the right way is to use the headers as such
key: Authorization
value: jwt {token}
as simple as that.
Open postman.
go to "header" field.
there one can see "key value" blanks.
in key type "Authorization".
in value type "Bearer(space)your_access_token_value".
Done!
For people who are using wordpress plugin Advanced Access Manager to open up the JWT Authentication.
The Header field should put Authentication instead of Authorization
AAM mentioned it inside their documentation,
Note! AAM does not use standard Authorization header as it is skipped
by most Apache servers. ...
Hope it helps someone! Thanks for other answers helped me alot too!!
Everything else ie. Params, Authorization, Body, Pre-request Script, Tests is empty, just open the Headers tab and add as shown in image. Its the same for GET request as well.
I did as how moplin mentioned .But in my case service send the JWT in response headers ,as a value under the key "Authorization".
Authorization →Bearer eyJhbGciOiJIUzUxMiJ9.eyJzdWIiOiJpbWFsIiwiZXhwIjoxNDk4OTIwOTEyfQ.dYEbf4x5TGr_kTtwywKPI2S-xYhsp5RIIBdOa_wl9soqaFkUUKfy73kaMAv_c-6cxTAqBwtskOfr-Gm3QI0gpQ
What I did was ,make a Global variable in postman as
key->jwt
value->blahblah
in login request->Tests Tab, add
postman.clearGlobalVariable("jwt");
postman.setGlobalVariable("jwt", postman.getResponseHeader("Authorization"));
in other requests select the Headers tab and give
key->Authorization
value->{{jwt}}
Somehow postman didn't work for me.
I had to use a chrome extension called RESTED which did work.
In Postman latest version(7++) may be there is no Bearer field in Authorization
So go to Header tab
select key as Authorization and in value write JWT
x-access-token on headers works for me.
key: x-access-token
value: token