I am new to Zuul and I want to redirect to external url using zuul pre filter in spring boot application. I want to send request data to call external url (post method api in python).
When i try to send request data using below code, when i hit the url from postman,i get 405 The method is not allowed for the requested URL.
my code:
RequestContext ctx = RequestContext.getCurrentContext();
HttpServletRequest request = ctx.getRequest();
InputStream in = request.getInputStream();
String body = StreamUtils.copyToString(in, Charset.forName("UTF-8"));
ctx.set(body);
when i hit the url like http://localhost:8080/customers/ passing request body in postman,it should redirect to external url (api method) by sending post data but i am getting getting 405 The method is not allowed for the requested URL.
Could any one please help me in solving this issue? I want to send request data in zuul and call external api. Thank you
Related
I'm learning how to make telegram bots. With webhook telegram send you a post request with some message.
I want my server to get this request, process and send new request to telegram get/post.
For example:
telegram bot sent me a post request with a new message in chat.
i get this request and proccess it.
now i need to send new get request to telegram to post a message like https://api.telegram.org/bot/sendMessage?chat_id=&text=hello
Is there a way to send request directly from controller? I know that i can redirect request, but redirect can be only GET and i need completly new request.
You can either use Spring's RestTemplate:
RestTemplate restTemplate = new RestTemplate();
UriComponentsBuilder telegramRequestBuilder = UriComponentsBuilder.fromHttpUrl("https://api.telegram.org/bot/sendMessage")
.queryParam("chat_id", 1)
.queryParam("text", "Hello");
ResponseEntity<String> response
= restTemplate.getForEntity(telegramRequestBuilder.toUriString(), String.class); // or to a Java pojo class
Or use the newer Spring WebClient for this. See this link for example.
you can use Rest Template to send request to a web service.this is a spring guide on how to do it.
I am trying to send a post message to authentication server and I am usign postforobject. When I run the program, i am getting "Exception in thread "main" org.springframework.web.client.HttpClientErrorException: 401 null" error
RestTemplate rest = new RestTemplate();
String responseEntity;
String uri = "http://...";
responseEntity = rest.postForObject(uri, null, String.class);
System.out.println(responseEntity);
Also I tried
responseEntity = rest.postForObject(uri, "", String.class);
Same result, it didn't work.
When I using Simple Rest Client it works
enter image description here
Any idea?
401 null probably means that the server expected some form of authentication but none was presented (i.e. no Authorization header in your request)
The most likely explanation is: the Simple REST Client (re)uses Chrome's cookies. If you previously authenticated against your service using a form login, the Simple Rest Client will reuse the JSESSIONID cookie. To detect that simply press F12 and open the network tab of your debugger. FYI there are other browser plugins, for example "Advanced REST Client", which give you more visibility over what's being sent to the server.
When you send a request using restTemplate, it doesn't have access to the session cookie (which is to be expected). You should either post to URI that allows anonymous access, or provide some form of authentication in the request. If you require additional help please post your security configuration.
I want to customise OAuth Endpoint URI's.
I want to sent parameters in post body instead of query params.
now my request is like -
example.com/oauth/token?grant_type=password&client_id={CLIENT_ID}&client_secret={CLIENT_SECRET}&username={USERNAME}&password={PASSWORD}
But I want it like this.
example.com/oauth/token
Request body -
{
grant_type=password,
client_id={CLIENT_ID},
client_secret={CLIENT_SECRET},
username={USERNAME},
password={PASSWORD}
}
How should I do it?
The token endpoint of a properly-implemented authorization server does NOT accept GET requests because RFC 6749, "3.2. Token Endpoint" says as follows:
The client MUST use the HTTP "POST" method when making access token requests.
So, your authorization server's token endpoint should reject GET requests.
RFC 6749, "4.3. Resource Owner Password Credentials Grant" says that request parameters of a token request using Resource Owner Password Credentials flow should be embedded in the request body in the format of "application/x-www-form-urlencoded". The following is an excerpt from "4.3.2. Access Token Request".
POST /token HTTP/1.1
Host: server.example.com
Authorization: Basic czZCaGRSa3F0MzpnWDFmQmF0M2JW
Content-Type: application/x-www-form-urlencoded
grant_type=password&username=johndoe&password=A3ddj3w
Therefore, you don't have to customize your authorization server. If the server is implemented correctly, its token endpoint accepts POST requests.
The token endpoint created by spring-oauth2 already deals with POST as well.
It would be hard to customize it to accept a JSON request body, because the TokenEndpoint class expects all the params as #RequestParam params.
However, if your concern is about security (as HTTPs does not secure query parameters) you indeed can send the request parameters through post. It is just a matter of sending the request in the form "form-data" or "x-www-form-urlencoded". These are 2 ways of sending arbitrary key-value parameters in the request body, in a way that appears to the server as they are regular request parameters. So it is a matter of making your client using this.
Also, note that in spring-oauth2 it is possible to disable the GET endpoint, this way forcing your clients to use POST with one of the ways above.
It seems I am missing something very basic here.
I made a REST Api that takes POST requests for generating tokens using the Apache Oltu OAuth2 service, that looks something like this :
#POST
#Consumes("application/x-www-form-urlencoded")
#Produces("application/json")
public Response authorize(#Context HttpServletRequest request) throws OAuthSystemException, IOException {
try {
OAuthTokenRequest oauthRequest = new OAuthTokenRequest(request);
OAuthIssuer oauthIssuerImpl = new OAuthIssuerImpl(new MD5Generator());
When I use HttpRequester or Postman to test the service, it works perfectly fine on condition that I input all authentication and OAuth2 parameters as input parameters, as an example :
https://localhost:8443/rest/OAuthService/token?grant_type=password&username=userfortest&password=Johhny1é&client_id=1234
However I read, that for any POST requests, all parameters should be
in the Body of the HTTP request and never sent through with the url as a simple parameter. When I try to pass it in the body of the HTTP request, so as to make the request secure (so the url is the same without parameters and all params are specified in the body), it seems like it doesn't receive anything from the body as it throws an exception, after
OAuthTokenRequest oauthRequest = new OAuthTokenRequest(request);
with the following message :
{"error_description":"Missing grant_type parameter value","error":"invalid_request"}
Is it the intended behaviour of Oltu/OAuth2 for the parameters to be passed through with the url? Or what am I doing wrong?
Thanks in advance.
Your answer is here: Unable to retrive post data using ,#Context HttpServletRequest when passed to OAuthTokenRequest using Oltu
I did exactly what he said and it worked perfectly.
You need modify Response authorize() parameters.
My API return the full host URL, and in Apiary every user has it's own private URL for the mock server.
There's a way to use this URL in the response body?
For now I'm using my own URL in the response body.
Currently, there is now way to do that as responses are statically mocked up. It is planned as the response templating, but there is no ETA yet.