We have a google automl natural language model and while testing, have been deploying and undeploying the model by hand on the console.
We also have a google automl image classification model in a production application and we deploy and undeploy that from our application using the API.
I am now viewing the documentation for the automl natural language model and I want to be able to deploy the model from our application as-needed and undeploy it when finished. Obviously being deployed incurs charges so we minimise these by only having the deployed capability active when needed.
The documentation page for this functionality is here
https://cloud.google.com/natural-language/automl/docs/manage-models#deploy-models
This is next to the section in the documentation that describes deleting models here
https://cloud.google.com/natural-language/automl/docs/manage-models#delete-model
In the deploy and undeploy model, it shows the API call you make for undeploy (:undeploy) but it does not specifically show the one you make for deploy (which I would assume is :deploy but this is not noted in the documentaion)
IN the delete model section, the API endpoint shown is the undeploy endpoint. The documentation specifically says that if you use the undeploy command, it deletes the model. I believe this to be a documentation error but I don't want to try it as I don't want to delete our model by mistake.
It also doesn't specifically say this but in my image model, it returns me a long running operation and I can poll for the status of that. Is that how it works on the natural language models too?
Thanks for the clarification
Richard
Deploying a model was not properly documented for the REST usage. See deploy endpoint for reference.
curl -X POST \
-H "Authorization: Bearer "$(gcloud auth application-default print-access-token) \
https://automl.googleapis.com/v1/projects/your-project-id/locations/location-id/models/your-model-id:deploy
You are correct, this might be a documentation error. Another error is when using :undeploy it should be POST not GET.
curl -X POST \
-H "Authorization: Bearer "$(gcloud auth application-default print-access-token) \
https://automl.googleapis.com/v1/projects/your-project-id/locations/location-id/models/your-model-id:undeploy
For :delete it should be DELETE not GET.
curl -X DELETE \
-H "Authorization: Bearer "$(gcloud auth application-default print-access-token) \
https://automl.googleapis.com/v1/projects/your-project-id/locations/location-id/models/your-model-id
Yes you can poll for the status that was given. See Working with long-running operations for AutoML Natural Language for more details.
I also sent a feedback on the documentation about the mistakes you pointed out.
Related
I have an existing spring boot application which provides Rest API's and it doen't do authentication. Authentication is being handled by FrontEnd applcation and for evert API request from FrontEnd, we receive token in the Request Headers(authorization) and we validate this token by calling below 2 service provider endpoints using org.springframework.web.client.RestTemplate before proceed with the API requests. For this we have written an interceptor to intercept every request and validate the token.
Token Info end point to validate token and User Info endpoint to get User Details.
UserInfo: https://dev-login.iam.organisation.com/organisationsso/oauth2/userinfo
TokenInfo: https://dev-login.iam.organisation.com/organisationsso/oauth2/tokeninfo?access_token=
User Info Sample request:
curl -X GET \
https://dev-login.iam.organisation.com/organisationsso/oauth2/userinfo \
-H 'Authorization: Bearer eyJ0eXAiOiJKV1QiLCJub25jZSI6Il…' \
-H 'cache-control: no-cache'
Token Info Sample request:
curl -X GET \
'https://dev-login.iam.organisation.com/organisationsso/oauth2/tokeninfo?access_token=eyJ0eXAiOiJKV1QiLCJub25jZSI6Il..' \
-H 'Cache-Control: no-cache'
Now we are changing the IAM service provider to Azure Active Directory B2C and I don't have much idea on how to validate tokeninfo and userinfo with Azure AD using existing org.springframework.web.client.RestTemplate or different approach.
I have found docs for userinfo and it seems we can use RestTemplate to call the endpoint to get the user information but could not find the Rest Template approach for Token info.
Can someone guide me to the correct and simple approach to avoid the multiple changes in the existing code.
ACCESS TOKENS
For access tokens you will use JWT validation in memory - here is a Spring Boot API Example.
USER INFO
To get user info in an API is tricky - not sure if you need to do that? If so you may need to get a different (graph) token using the On Behalf Of Flow.
RESOURCES OF MINE
I remember struggling with some of this a couple of years ago, so my links below may provide a useful hint or two:
Code
Blog Post
Using v3 Pinterest Analytics API
Trying to exchange an authorization code for an access token and I'm getting the following error:
{"error":{"message":"None","oauth_error_code":"invalid_grant"},"code":283,"data":null,"message":"The authorization grant is invalid","endpoint_name":"oauth_access_token","status":"failure"}
In following these instructions:
https://developers.pinterest.com/docs/redoc/#section/User-Authorization/Exchange-the-code-for-an-access-token
I successfully obtained an authorization code. Now I want to exchange it for an access_token. I submit the following curl:
curl -X PUT \
--url https://api.pinterest.com/v3/oauth/access_token/ \
--data "code=1234authcode&redirect_uri=https://myURL.com/&grant_type=authorization_code&client_id=123appId&client_secret=123secret"
The redirect_uri is the same as that which was registered. The app secret and app Id are accurate as per this notification we received today:
Your App ID has been enabled. You can now see your app secret in our Developer App Portal and start building.
I have tried various incarnations of the curl thinking I've botched the args I'm passing in and that's still a possibility, so any help there would be appreciated, however, I'm wondering if my app Id and secret are bad or truly invalid somehow. We've only just received them. Any ideas or theories welcome.
Thanks for your time.
Sorry to answer my own question, but it turns out that the auth code was bad. After fetching a new authorization code I was able to obtain an access_token using the approach shown above. What was initially confusing is that I literally got the original auth code moments before using it so I didn't doubt it's validity as much as I should have I guess.
I am able to add participant using composer-rest-api and it is possible to upload card through composer-rest-api by rest API wallet. Is it possible to create Card through composer-rest-api?
I checked this answer Hyperledger Composer Web application user authentication, it mentions how to create card using javascript api. I used javascript code to create participant and issue it and when I run it ($node filename.js), it works fine. How can I add this to the rest API, which file exactly I need to modify for the rest server to be included create card.
yes sure - you would use the /api/system/issueIdentity operation as in http://localhost:3000/api/system/issueIdentity - you would get an option to save the card to a file (no credentials set, ie enrol ID and secret). You would then, again in REST, import the card (as you did) using http://localhost:3000/api/wallet/import'- and specify the card file to import from a 'Browse' (explorer) button. Once you import it to the wallet in your REST client, you can set it as the default card too usingsetDefault` endpoint operation if need be. Then use it once enrolled and indeed export it for use elsewhere. Example using curl:
curl -X POST --header 'Content-Type: application/json' --header 'Accept: application/json' -d '{ \ "participant": "org.acme.org.user#orguser1", \ "userID": "dave" \ }' 'http://localhost:3000/api/system/issueIdentity'
where orguser1 is your participant already created in Composer. Hope this helps.
I'm able to execute the curl command as provided by Mr O'Mahony. However, I don't know how to deal with the response I got back (please see below). Does anyone have javascript example code to handle the response? Thanks.
PK
�|eL��gDconnection.json{"name":"hlfv1","type":"hlfv1","orderers":[{"url":"grpc://localhost:7050"}],"ca":{"url":"http://localhost:7054","name":"ca.org1.example.com"},"peers":[{"requestURL":"grpc://localhost:7051","eventURL":"grpc://localhost:7053"}],"channel":"composerchannel","mspID":"Org1MSP","timeout":300}PK
�|eL�/
metadata.json{"userName":"voter114","version":1,"enrollmentSecret":"JoKCZAJxTfic","businessNetwork":"voting-network"}PK
�|eL��gDconnection.jsonPK
�|eL�/
I have looked at the two similar questions in StackoverFlow and on the web but I still don't understand what I should do.
I want to download a file that is located on OneDrive programmatically using a bash script (with curl).
So I've seen here that I can use the code flow to access Microsoft Graph. So I proceeded like that (I inspired myself from the Jay Lee answer):
1- I get the code with this URL
https://login.live.com/oauth20_authorize.srf?client_id=10c492f9-132a-4079-adae-382dad9d4339&scope=onedrive.readonly&response_type=code&redirect_uri=https://login.microsoftonline.com/common/oauth2/nativeclient
2- Then I swap authorization code for access token with this URL:
curl -X POST https://login.live.com/oauth20_token.srf -d "client_id=${client_id}&redirect_uri=${redirect_uri}&code=${auth_code}&grant_type=authorization_code" --header "Content-Type:application/x-www-form-urlencoded"
And I store the token and the expire time in a file
3- I made some process to handle the fact that I have to refresh the token (according to the expire time).
4- I use my token to download my file programmatically with Microsoft Graph
api_data=$(curl https://graph.microsoft.com/v1.0/me/drive/items/B8D9948257F95B84%21104/content -H "Authorization: Bearer $access_token")
echo -e "$api_data"
The problem- When I run the program, I get this:
How come?
You're authenticating against the wrong endpoint. The login.live.com endpoint cannot provide a valid token for Graph. You need to use the v2 Endpoint for this instead.
Check out Microsoft v2 Endpoint Primer for a walkthrough. Given that you're using curl, the pseudo code provided should give you everything you need.
I want to use Bitbucket's Rest API with Bitbucket's two-factor authentication enabled, so I can administer my account using curl via the terminal. Previously, I made REST API calls without 2FA and now I want to make this transition.
With 2FA enabled, you need to use the OAuth 2.0 protocol to make API calls; rather than the standard REST API invocations you'll find on the Bitbucket site.
Now, I got as far as creating a so-called consumer, on the Bitbucket website. This generates a Key and a Secret.
The part where I got stuck is in the following. With this Key and Secret, you can obtain a so-called access token (which expires after an hour) via
https://bitbucket.org/site/oauth2/authorize?client_id={client_id}&response_type=code
, which you can do via a the curl command
$ curl -X POST -u "client_id:secret" \
https://bitbucket.org/site/oauth2/access_token \
-d grant_type=authorization_code -d code={code}.
I don't know how to obtain this access token; i.e., the step from invoking the curl command to having it in a Bash variable.
Once we've obtained our access token we can make API requests by including it in our curl command, according to the Bitbucket documentation. I presume, something like,
curl -u "client_id:secret" https://api.bitbucket.org/2.0/[API Request] --data-urlencode "access_token=$[Access_token]" --data "[api_request_data]=[Api_request_data]"
, where $[Access_token] is our Bash variable holding our unexpired access token.
I want to create two functions implemented in Bash: one to obtain an access token; and, one to refresh the access token. Or is there a more simple way?
Anyhow, a quick outline on how to make REST API calls with 2FA enabled, would be highly appreciated.
You can use a Bitbucket "app password". More info here.