I'm trying to call a cloud function using cURL (or from Postman) for testing. The problem is, I need to somehow set a "current user" so I can use request.user.
I've tried everything I can think of - setting it in the body of the request, using useMasterKey, fetching a user from an objectId and assigning it within the cloud code function etc. I've even tried making the request through a proxy to try see how it's done, so I could replicate it... I've got nothing.
Simply trying to save a new object to a class Orders with a user object...
In order to have a request.user in present in your cloud code, you will need to pass in a session token.
First query the session class.
curl -X GET \
-H "X-Parse-Application-Id: ${APPLICATION_ID}" \
-H "X-Parse-REST-API-Key: ${REST_API_KEY}" \
https://YOUR.PARSE-SERVER.HERE/parse/sessions
Then pick any user session token and add that to the header of your orginal request.
The header should be in this format
"X-Parse-Session-Token: your_session_token"
And it will work.
Related
We have a google automl natural language model and while testing, have been deploying and undeploying the model by hand on the console.
We also have a google automl image classification model in a production application and we deploy and undeploy that from our application using the API.
I am now viewing the documentation for the automl natural language model and I want to be able to deploy the model from our application as-needed and undeploy it when finished. Obviously being deployed incurs charges so we minimise these by only having the deployed capability active when needed.
The documentation page for this functionality is here
https://cloud.google.com/natural-language/automl/docs/manage-models#deploy-models
This is next to the section in the documentation that describes deleting models here
https://cloud.google.com/natural-language/automl/docs/manage-models#delete-model
In the deploy and undeploy model, it shows the API call you make for undeploy (:undeploy) but it does not specifically show the one you make for deploy (which I would assume is :deploy but this is not noted in the documentaion)
IN the delete model section, the API endpoint shown is the undeploy endpoint. The documentation specifically says that if you use the undeploy command, it deletes the model. I believe this to be a documentation error but I don't want to try it as I don't want to delete our model by mistake.
It also doesn't specifically say this but in my image model, it returns me a long running operation and I can poll for the status of that. Is that how it works on the natural language models too?
Thanks for the clarification
Richard
Deploying a model was not properly documented for the REST usage. See deploy endpoint for reference.
curl -X POST \
-H "Authorization: Bearer "$(gcloud auth application-default print-access-token) \
https://automl.googleapis.com/v1/projects/your-project-id/locations/location-id/models/your-model-id:deploy
You are correct, this might be a documentation error. Another error is when using :undeploy it should be POST not GET.
curl -X POST \
-H "Authorization: Bearer "$(gcloud auth application-default print-access-token) \
https://automl.googleapis.com/v1/projects/your-project-id/locations/location-id/models/your-model-id:undeploy
For :delete it should be DELETE not GET.
curl -X DELETE \
-H "Authorization: Bearer "$(gcloud auth application-default print-access-token) \
https://automl.googleapis.com/v1/projects/your-project-id/locations/location-id/models/your-model-id
Yes you can poll for the status that was given. See Working with long-running operations for AutoML Natural Language for more details.
I also sent a feedback on the documentation about the mistakes you pointed out.
Hi i am using zoho v2 apis to create lead on zoho. All the values are save but one value is not saving. Check the attached file.
i have tried "Last_Page_Url" and "last_page_url" nothing works.
I used this api to get the api_name for the key.
curl "https://www.zohoapis.com/crm/v2/settings/fields?module=Leads"
-X GET
-H "Authorization: Zoho-oauthtoken 1000.8cb99dxxxxxxxxxxxxx9be93.9b8xxxxxxxxxxxxxxxf"
I am able to add participant using composer-rest-api and it is possible to upload card through composer-rest-api by rest API wallet. Is it possible to create Card through composer-rest-api?
I checked this answer Hyperledger Composer Web application user authentication, it mentions how to create card using javascript api. I used javascript code to create participant and issue it and when I run it ($node filename.js), it works fine. How can I add this to the rest API, which file exactly I need to modify for the rest server to be included create card.
yes sure - you would use the /api/system/issueIdentity operation as in http://localhost:3000/api/system/issueIdentity - you would get an option to save the card to a file (no credentials set, ie enrol ID and secret). You would then, again in REST, import the card (as you did) using http://localhost:3000/api/wallet/import'- and specify the card file to import from a 'Browse' (explorer) button. Once you import it to the wallet in your REST client, you can set it as the default card too usingsetDefault` endpoint operation if need be. Then use it once enrolled and indeed export it for use elsewhere. Example using curl:
curl -X POST --header 'Content-Type: application/json' --header 'Accept: application/json' -d '{ \ "participant": "org.acme.org.user#orguser1", \ "userID": "dave" \ }' 'http://localhost:3000/api/system/issueIdentity'
where orguser1 is your participant already created in Composer. Hope this helps.
I'm able to execute the curl command as provided by Mr O'Mahony. However, I don't know how to deal with the response I got back (please see below). Does anyone have javascript example code to handle the response? Thanks.
PK
�|eL��gDconnection.json{"name":"hlfv1","type":"hlfv1","orderers":[{"url":"grpc://localhost:7050"}],"ca":{"url":"http://localhost:7054","name":"ca.org1.example.com"},"peers":[{"requestURL":"grpc://localhost:7051","eventURL":"grpc://localhost:7053"}],"channel":"composerchannel","mspID":"Org1MSP","timeout":300}PK
�|eL�/
metadata.json{"userName":"voter114","version":1,"enrollmentSecret":"JoKCZAJxTfic","businessNetwork":"voting-network"}PK
�|eL��gDconnection.jsonPK
�|eL�/
I want to use Bitbucket's Rest API with Bitbucket's two-factor authentication enabled, so I can administer my account using curl via the terminal. Previously, I made REST API calls without 2FA and now I want to make this transition.
With 2FA enabled, you need to use the OAuth 2.0 protocol to make API calls; rather than the standard REST API invocations you'll find on the Bitbucket site.
Now, I got as far as creating a so-called consumer, on the Bitbucket website. This generates a Key and a Secret.
The part where I got stuck is in the following. With this Key and Secret, you can obtain a so-called access token (which expires after an hour) via
https://bitbucket.org/site/oauth2/authorize?client_id={client_id}&response_type=code
, which you can do via a the curl command
$ curl -X POST -u "client_id:secret" \
https://bitbucket.org/site/oauth2/access_token \
-d grant_type=authorization_code -d code={code}.
I don't know how to obtain this access token; i.e., the step from invoking the curl command to having it in a Bash variable.
Once we've obtained our access token we can make API requests by including it in our curl command, according to the Bitbucket documentation. I presume, something like,
curl -u "client_id:secret" https://api.bitbucket.org/2.0/[API Request] --data-urlencode "access_token=$[Access_token]" --data "[api_request_data]=[Api_request_data]"
, where $[Access_token] is our Bash variable holding our unexpired access token.
I want to create two functions implemented in Bash: one to obtain an access token; and, one to refresh the access token. Or is there a more simple way?
Anyhow, a quick outline on how to make REST API calls with 2FA enabled, would be highly appreciated.
You can use a Bitbucket "app password". More info here.
What I Did
First I accept that I am lacking in spring security knowledge.
I am trying secure rest services for one of our product. I am using spring security OAuth2 JWT. I want to allow anonymous as well as registered users to access my resources.
Suppose I have one service "http://localhost:8282/melayer/articles" and when I run following command
(1). curl -X POST -vu melayer:12345 http://localhost:8282/melayer/oauth/token -H "Accept: application/json" -d "password=melayer&username=melayer&grant_type=password&scope=write&client_secret=12345&client_id=melayer"
I am able to receive access_token, refresh_token etc. Everything works fantastic, even I can access url http://localhost:8282/melayer/articles with received acces_token
(2). curl http://localhost:8282/melayer/articles -H "Authorization: Bearer eyJhbGciOiJIUzI1NiJ9.eyJleHAiOjE0NjA3NzY5NDIsInVzZXJfbmFtZSI6ImVjb2tyeXB0IiwianRpIjoiNWI5ZmE4NjYtMTBlNS00NDA2LTgxYmMtYjM3NWVmNGE0ZmQ1IiwiY2xpZW50X2lkIjoiZWNva3J5cHQiLCJzY29wZSI6WyJ3cml0ZSJdfQ.4jO9euBz4TSSNh7M3l2YBD1QPblE0ZyOfGm4VtyFMFY"
What I want to understand
I want to receive access_token anonymously i.e. I dont want to pass user name, password or client secret, I want to run curl command in following way
curl -X POST http://localhost:8282/melayer/oauth/token -H "Accept: application/json"
My one of the concern is, I want access_token with or without user credentials I am trying to achieve this from last week, Am I missing something ? is it possible ? what is correct way to do this ?
It is kind request to help me on this :)
If anyone want to see my code please refer Git repo https://github.com/aniruddhha/spring-security-oauth2-jwt
I think you Misunderstood the access token concept, access tokens are meant to be used on behalf of authenticated user.
OAuth2 supports different grants types (password, authorization_code, etc) , check the spec Oauth2 Spec
In order to authenticate used you can use any one of those grants or could create your own (eg: login with Google token ) but you must send some form of user credentials to identify the user and the client credentials to identify the client.
Access token cannot be used as some kind of ApiKey used to access public api