The API authentication is denied as the value of $login_token variable that I pass in the curl command is enclosed with double quotes during the execution.
Code
set -x
login_token="eUsadjb#dsi-0nknhsnc"
API_Response=$(curl -X POST --header 'Accept: application/json' --header 'Authorization: Bearer '$login_token 'https://example.com')
set +x
Curl Response in Debug Mode
++ curl -X POST --header 'Content-Type: multipart/form-data' --header 'Accept: application/json' --header 'Authorization: Bearer "eUsadjb#dsi-0nknhsnc"'
+API_Response='Authorization has been denied for this request. Please use a valid access token.'
As you can notice that the login_token value is embedded with double quotes when passed as a variable and this causes the failure. The value of login_token variable should be passed without quotes as it is. Suppose, if I pass the value of login_token directly in the curl command, then the authentication is successful.
Direct Value - Authentication Success
API_Response=$(curl -X POST --header 'Accept: application/json' --header 'Authorization: Bearer eUsadjb#dsi-0nknhsnc' 'https://example.com')
How can I pass the value of login_token variable without quotes in curl command?
FYI, I tried the following method as well, but it doesn't work
login_token="eUsadjb#dsi-0nknhsnc"
API_Response=$(curl -X POST --header "Accept: application/json" --header "Authorization: Bearer $login_token" "https://example.com")
Related
im trying to hit gitlab release api to update my release note description field from CHANGELOG.md file
these are what ive tried:
#!/bin/sh
releaseNote=$(cat CHANGELOG.md)
curl --header 'Content-Type: application/json' --request PUT --data '{"description": "'"${releaseNote}"'"}' --header "PRIVATE-TOKEN: mytokenhere" "https://gitlab.com/api/v4/projects/1234/releases/0.1"
#!/bin/sh
releaseNote=$(cat CHANGELOG.md)
curl --header 'Content-Type: application/json' --request PUT --data '{\"description\": \"${releaseNote}\" }' --header "PRIVATE-TOKEN: mytokenhere" "https://gitlab.com/api/v4/projects/1234/releases/0.1"
when i try to hard-code description field like this, it works
#!/bin/sh
curl --header 'Content-Type: application/json' --request PUT --data '{"description": "foo"}' --header "PRIVATE-TOKEN: mytokenhere" "https://gitlab.com/api/v4/projects/1234/releases/0.1"
and here is whats inside my CHANGELOG.md file
# Changelog
All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines.
## 1.0.0 (2022-07-22)
### Features
* abc
* def
any suggestion guys?
as per #LĂ©aGris suggestion above, finally it works.. here is my code snippet
#!/bin/sh
# format CHANGELOG.md to proper JSON format first
releaseNote=$( jq -sR '{"description": .}' CHANGELOG.md )
# hit the API
curl --header 'Content-Type: application/json' --request PUT --data "$releaseNote" --header "PRIVATE-TOKEN: mytokenhere" "https://gitlab.com/api/v4/projects/1234/releases/0.1"
I am novice and first timer to bash. Trying to run bash under command line to invoke an API, by passing token and payload received from two different APIs and are set as parameters. Below is my command. I am trying to add this bash script to a task in AzureBatch service job.
It has 3 curl requests,
First one (Line#1 in the code snippet below)- gets payload by
calling an API. ---- This is working fine, I am able to verify the
payload using the echo statement following the first curl command.
Second one(Line#3 in the code snippet below) - gets token by
calling the token provider ----- This is working fine as well,
verified using the echo statement.
Third one (Line#5 in the code snippet below),This is the problematic command. I am trying to pass the token and payload received from the above two commands and the curl is not able to resolve them.
both token and payload or not resolving to their values..
My Bash COmmand
/bin/bash -c
"payload=$(curl --location --request GET 'http://url/OutreachData')
&& echo -e \"The value of payload is: "'$payload'"\"
&& token=$(curl --location --request POST 'https://login.microsoftonline.com/<<tenantId>>/oauth2/v2.0/token' --header 'Content-Type: application/x-www-form-urlencoded' --data-urlencode 'client_id=<<clientId>>' --data-urlencode 'scope=api://<<applicationId>>/.default' --data-urlencode 'client_secret=<<clientSecret>>' --data-urlencode 'grant_type=client_credentials' --data-urlencode 'Audience=api://<<applicationId>>'|jq -j '.access_token')
&& echo -e \"value of token is "'$token'"\n\"
&& result=$(curl --location --request POST 'https://url/api/<<Resource>>' --header 'accept: */*' --header 'Content-Type: application/json' --header 'Authorization: Bearer '"'$token'" --data-raw "'$payload'")
&& echo -e \"Result is "'$result'"\""
This is how the third Curl is resolving to, payload and token are not getting replaced as we can see in the authorization header and data-raw elements
++ curl --location --request POST https://url/api/ --header 'accept: /' --header 'Content-Type: application/json' --header 'Authorization: Bearer ' --data-raw ''''''''
There should be no need to explicitly run this with bash -c unless you are in a very constrained environment where you simply cannot run Bash by any other means.
The immediate problem is that code like
bash -c "echo "'$token'" && true"
ends up with $token being single-quoted in the shell which you run bash -c from. But the blazingly obvious fix is to not have this complex quoting in the first place.
payload=$(curl --location --request GET 'http://url/OutreachData')
echo "The value of payload is: '$payload'"
token=$(curl --location --request POST \
'https://login.microsoftonline.com/<<tenantId>>/oauth2/v2.0/token' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'client_id=<<clientId>>' \
--data-urlencode 'scope=api://<<applicationId>>/.default' \
--data-urlencode 'client_secret=<<clientSecret>>' \
--data-urlencode 'grant_type=client_credentials' \
--data-urlencode 'Audience=api://<<applicationId>>' |
jq -j '.access_token')
echo "value of token is "'$token'"
result=$(curl --location --request POST \
'https://url/api/<<Resource>>' --header 'accept: */*' \
--header 'Content-Type: application/json' \
--header 'Authorization: Bearer '"$token" \
--data-raw "$payload")
echo "Result is "'$result'"
If your current shell is not Bash and you need these commands to be run in Bash, a simpler workaround is to put the script in a here document, which drastically simplifies the quoting needs (or if this is in an interactive session, just run bash and run these commands at the interactive Bash prompt, then exit when you no longer want to be in Bash).
How can I set the environment variable in request header for curl
curl --location --request POST 'test.example.com' \
--header 'Content-Type: application/json' \
--header 'access_token: "${SOME_ENV_TOKEN}"' \
--header 'Authorization: Basic Og=='
Not working.
Use --header "access_token: \"${SOME_ENV_TOKEN}\""
The ' quotes disable variable expansion in sh.
I'm trying to create a Jelastic Manifest with a cURL command inside it. When I import it, it gives me an error but unfortunately I have no access to the console (disabled by the provider).
The command is the following :
curl -X POST <my_url> -H "Content-Type: application/json" -H "Authorization: Bearer <token>" -d "{}"
Some additionnal information :
The URL is correct 100%
The token does not contain any special characters : Only upper/lowercase characters and numbers
The command is run successfully from the command line
If I remove the first -H parameter, I can import my manifest. Same if I remove the second -H parameter and keep the first one
My guess is that, somehow, having two -H is not considered as valid but I don't know why. Any ideas ?
EDIT : A screenshot of the error shown on the platform
The "two -H parameters" wasn't a root cause in your question.
The thing is that the YAML gets the data you sent as a key/value array (dictionary).
In your example it would be:
curl -s -X POST https://test.com -H "Content-Type - as a key,
and
application/json" -H "Authorization: Bearer xx" -d "{\"Key\":\"Value\"}" - as a value.
If you need an array of strings the YAML may be as this
cmd [cp]:
- 'curl -s -X POST https://test.com -H "Content-Type: application/json" -H "Authorization: Bearer xx" -d "{\"Key\":\"Value\"}"'
If you need a multi-line string it should look like this
cmd [cp]: |
curl -s -X POST https://test.com -H "Content-Type: application/json" -H "Authorization: Bearer xx" -d "{\"Key\":\"Value\"}"
I have a bunch of these to test my RESTful API
$CURL \
-v \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-X POST \
-d '{"user":{"email":"user#example.com","password":"secret"}}' \
$URL/$PATH/sessions
I kinda want to shorten it to something like
CURLOPTS="-v -H 'Content-Type: application/json' -H 'Accept: application/json'"
$CURL \
$CURLOPTS \
-X POST \
-d '{"user":{"email":"user#example.com","password":"secret"}}' \
$URL/$PATH/sessions
but the options don't seem to be passed in. Any clues?
Short answer: see BashFAQ #50:'m trying to put a command in a variable, but the complex cases always fail!.
Long answer: Putting commands (or parts of commands) into variables and then getting them back out intact is complicated. The reason your script doesn't work is because of the order in which the shell parses the command line: it parses (and removes) quotes and escapes, then replaces variable values. By the time $CURLOPTS gets replaced, it's too late for the quotes to have their intended effect; instead, they're passed to curl as part of the arguments, which confuses curl greatly.
The solution: store the options in an array rather than a plain string:
CURLOPTS=(-v -H 'Content-Type: application/json' -H 'Accept: application/json')
$CURL \
"${CURLOPTS[#]}" \
-X POST \
-d '{"user":{"email":"user#example.com","password":"secret"}}' \
"$URL/$PATH/sessions"
You can use an array and trigger word splitting
$ set -x
$ CURLOPTS=(-v -H 'Content-Type: application/json' -H 'Accept: application/json')
$ : curl "${CURLOPTS[#]}"
+ : curl -v -H 'Content-Type: application/json' -H 'Accept: application/json'