We are trying to configure APIMan on Aws server. We were able to publish API as public and endpoint also, working fine & fetching the results with backend API.
default end point is something like,
https://localhost:8443/apiman-gateway/XXX/XX/1.0
But we want to access those api's over the internet. So instead of localhost want to give public ip in End point configuration but it is not at all connecting to that public IP.
As this didn't worked we have tried with URL Rewrite plugin available but even that is not giving any proper results.
Related
I have been following the facebook bot setup guide and have setup a callback url that is running on an EC2 instance.
I am getting an error (see title of this) when trying to validate the callback url and verify token.
https://360.finance:1337/webhook is my webhook and the verify token is the same in my environment variable and in my facebook setting.
I set up SSL using LetsEncrypt and from what I can tell, the SSL is not showing as self signed so it looks to be working correctly (please note I'm new to all of this)
Checked at https://www.ssllabs.com/ssltest/analyze.html?d=360.finance&hideResults=on and all looks correct.
I have also included the facebook page token as an environment variable and included in my index.js file
I have tested netcat / telnet into that port on my ec2 ip and it is succeeding
You must return an http response of the hub.challenge token as a plain text.
We need to update the following on Facebook app settings page before adding The Callback URL or Verify Token.
Privacy Policy URL
Category
App Icon (1024*1024)
Its weird that facebook doesn't point our exact error.
check you callback server, if it is running or not ?
the callback and token comes from your server.
For python users you need to use a dot not underscore. I don't get it when I use the underscore version Facebook API cant access challenge but when I replicate the same GET request with postman I can access the challenge.
# Wrong way
challenge = request.GET['hub_challenge']
# Right way
challenge = request.GET['hub.challenge']
return HttpResponse(challenge)
Do not use ngrok or localtunnel.
I tried both, with no luck.
If you really want your local dev server to authenticate - you can port forward over ssh to your public faced server.
ssh -R 4000:localhost:4000 root#your-server-ip
This way you can setup nginx to reverse proxy 443 to 4000 and handle ssl with certbot
sample config for nginx reverse proxy (before running certbot)
server {
server_name my-own-domain;
root /usr/share/nginx/html;
index index.html index.htm;
listen 80;
location / {
proxy_pass http://localhost:4000/;
}
}
So you "only" need:
Your own domain
Your own server
nginx
certbot
SSH Server
And now you have your own private ngrok replacement
I'm developing an application that uses the Youtube Data API from the server (with node.js) so I have my server side credential key already set up but when I try to get data is always refusing my requests with this message.
Access Not Configured. The API is not enabled for your project, or there is a per-IP or per-Referer restriction configured on your API key and the request does not match these restrictions. Please use the Google Developers Console to update your configuration.
I've my app hosted in Heroku with the add-on Quote Guard Static that gives me two static IP's that I have whitelisted in the Credentials section of the google developers console. I also have the app hosted in modulus.io and whitelisted the IP range 54.0.0.0/8 that is what they gave me for their AWS region... Any of both deployments are working only in my local machine with my home external IP whitelisted.
The funny thing is that yesterday 15 minutes approximately after I whitelisted the 54.0.0.0/8 range, the app API started working in my Heroku host, but today it stopped again (this might be because it has changed to another IP inside their AWS region or something...).
Is there any way to check what IP is doing the requests to the Youtube data api? I can see in the developers console the request reaching the API and been rejected as "errors" at least I know that their are getting the requests...
Any ideas??
Thanks
EDIT:
Partially solved. See my answer below.
There's a simple service I found that returns your public IP:
http://api.ipify.org?format=json
You could add a route to your application that you can hit from your browser. The route handler then makes a request to this service and returns the result. You could then periodically check what your app's actual public IP is and adjust whitelist accordingly.
// Example express + request
app.get('/ip', function(req, res) {
request({ uri: 'http://api.ipify.org?format=json' }, function(err, response, body) {
res.send(body);
});
});
The problem with the app hosted in Modulus.io is solved now. The app was running by default in Joyent servers but I changed it to the Amazon AWS region and with the IP range 54.0.0.0/8 whitelisted google is accepting all my requests to the API.
Nevertheless, the app in heroku still not working but as is working in one service I'm going to stop investigating in the other one.
I am trying to set up google authentication for my local project. I run projects in python virtual environments and have different local domainnames set up for those. Names like projectname.dev. When i enter http://projectname.dev in browser the site opens up.
When i went to https://console.developers.google.com/project/< myprojectid >/apiui/credential?authuser=0 i could set values like javascript origin and authorized redirect uri there. I set javascript origins to http://projectname.dev and tried to put same domain for authorized redirect url too, but it did not work and i had to leave it to localhost.
When i tried to authenticate via django-allauth, i got such response from google:
**Error: invalid_request**
Invalid parameter value for redirect_uri: Non-public domains not allowed: http://projectname.dev/account/google/login/callback/
Now my questions are:
Can i develop this part of project locally with domainname like projectname.dev or do i need to set it up for localhost? Will local redirect from localhost -> projectname.dev work?
If i can do it with projectname.dev, then perhaps there is an error in the way i have this project set up in google developers console?
In any case, if you cannot set the redirect URI in the Cloud Console, Google will throw you our when you try to authorize the app.
My recommendation would be to choose either of those solutions :
Use "localhost" as you said, with some kind of redirection/NAT/proxy to projectname.dev
Replace projectname.dev with a domain with an actual tld such as projectname.thisdomaindoesnotexist.com . Then configure this domain name to map to your servers.
Or wait for ".dev" to be recognized as an actual TLD, and you'll be good :)
I have a grails 2.2.2 application and i want to have two domains connected with it.
Domain.tld and shop.domain.tld.
Requests over domain.tld aren't allowed to access to ShopController. Only shop.domain.tld should have access to ShopController, but to no other Controller of the application.
I also want to use the grails url-rewriting. Is there a possibility to implement such use-case with grails? If yes, how would you implement it?
In the end i want that for example each online shop can be accessed by
shop.domain.tld/ID
and not by domain.tld/shop/myShop/ID. domain.tld is supposed to other purposes.
Thanks and best regards
If both domain points to the same server, and Tomcat is used for both as your public facing web server, then you just need to modify the part inside your Grails.
In Controller, you can check which domain was used to access your application:
def uri = new java.net.URI(request.getHeader("referer"))
def domainName = uri.getHost()
I'm stuck trying to get an API call to Google Places working. I'm using a server-side PHP proxy for the request - not because I want to, but because it's part of JQuery-POI-Mapper.
The server I'm using is an Amazon EC2 server without a static IP address. I'm out of stactic IP addresses at the moment, but I'll take the time to request more if people think that's the problem. I identified the current public IP address of my EC2 server by running this command on the server:
curl http://169.254.169.254/latest/meta-data/public-ipv4
Next, I went to https://code.google.com/apis/console and created a new API key. I selected a server-side API key and used my EC2 server's public IP address.
Under the services tab, I enabled every related API I could think of, including:
Google Maps API v2
Google Maps API v3
Google Maps Gelolocation API
Places API
Static Maps API
Here's a screen capture of my Services:
The proxy code running on the EC2 server is part of a commercial package, so I shouldn't post the entire code, but it's very short, and the important part is:
$json = file_get_contents($url);
The $url variable in my case was:
https://maps.googleapis.com/maps/api/place/search/json?location=-37.7133771,145.14891620000003&radius=2000&types=bakery&sensor=false&key=AIzaSyCCUV...
The response I get is:
{
"html_attributions" : [],
"results" : [],
"status" : "REQUEST_DENIED"
}
I checked to see if I had gone over my quota already, but everything looks OK. What's interesting is that Google is showing that I had made requests to the Places API today, so Google definitely knows that the requests are coming from me.
Here's a screen capture of my API Traffic Report, which is all from testing:
Any advice would be much appreciated.
Thanks,
Bret
You need a Static IP address to successfully use IP Locking with a Server API Key.