Magento 2 SOAP API WSDL anonymous access - visual-studio

I need to create a service reference to the Magento 2 SOAP API in my Visual Studio project. So I've created an Integration in the Magento backend, gave it All access and activated it.
But when I try to access the WSDL for (ie. the customer API) at http://my.magento/soap/default?wsdl&services=customerCustomerRepositoryV1, I get the exception:
Consumer is not authorized to access %resources
Ok, I get it. I need my access token to access these specific 'admin' API's. Because public API's like 'quoteGuestCartRepositoryV1' do work. When I get the full API list at http://my.magento/soap/default?wsdl_list=1 it also only lists public/guest API's.
No problem so far, but when I try to add the 'customerCustomerRepositoryV1' as a service reference in Visual Studio, of course the authorized exception is thrown. But I have no way of actually adding the access token to the header there.
Is there a way to get access to all WSDL's anonymously? Magento 1.x used to allow this.

Yes, it is a Magento error. The WSDL is not available anonymous anymore since a recent Magento release. I think it's a stupid decision by the devs.
https://github.com/magento/magento2/issues/5330#issuecomment-255222166
And for the 'solution': https://community.magento.com/t5/Programming-Questions/Magento-2-C-APIs-SOAP-problem/m-p/49677#M1206

Related

oAuth2.0 authentication using EWS throwing 401 Unauthorized

I have oAuth 2.0 implemented in java as per recommended in the following link https://learn.microsoft.com/en-us/exchange/client-developer/exchange-web-services/how-to-authenticate-an-ews-application-by-using-oauth.
The Azure application which I created to get consent was using "Exchange API" earlier. Since I am migrating to a new domain, I thought of Instead of migrating my existing Azure applications I can have them newly created and replace the applicationId wherever required. When I started creating a new application I didn't find "Exchange API" as an option for API Permission, so went with "Graph API" as "Exchange API" was not available.
If I use the old code where the scope is https://outlook.office365.com/Calendars.Read against the new application created (where API Permission is using Graph API) and create an OAuth token with ExchangeService as [ewsClient.Url = https://outlook.office365.com/EWS/Exchange.asmx] it is working as expected.
But when I change my Scope to https://graph.microsoft.com/.default (As I changed the API to Graph in my azure application, I thought my scope also has to be changed accordingly) and having ExchangeService as [ewsClient.Url = https://outlook.office365.com/EWS/Exchange.asmx ] it is throwing 401 at ExchangeService.bindToFolder() method from Microsoft ews-java-api jar.
Any suggestions on
what has to be changed to avoid 401.
Can I still use https://outlook.office365.com/Calendars.Read as scope and https://outlook.office365.com/EWS/Exchange.asmx as my ExchangeService URL even though the azure application which I use to generate the OAuth token is having API permissions through Microsoft Graph?
https://outlook.office365.com/Calendars.Read
This isn't a Scope that will work with EWS it sounds like you maybe use the Outlook V2 endpoint as that would be a valid scope and audience for that API (which has now been depreciated).Depending on what flow you using the only valid scope for EWS are EWS.AccessAsUser.All for delegate flows and full_access_as_app for Application (Client_credentials) flow. In the first doc you linked it give a method of modifying the manifest as they removed the method of adding the permission in the portal. Graph permission won't work in EWS so https://graph.microsoft.com/.default won't be a valid scope it may return a token but that token wont have a valid audience for EWS. If you using the Client_Crendentials flow and you have given full_access_as_app then you need to use https://outlook.office365.com/.default or for delegate flow you use https://outlook.office365.com/EWS.AccessAsUser.All. It sounds like from you code you may have either both EWS or some Outlook V2 code but you need to show some of your code. What might be an easier solve for you it to look at your old manifest and look at the Guid's of the permission being used you can actually cut and paste these into the new manifest then consent to those and everything will work.

Google Marketplace license api suddenly does not work

Since approx 5:30 UTC we are receiving only this response for this api call
https://www.googleapis.com/appsmarket/v2/customerLicense/{appId}/{customer}
{"error":{"errors":[{"domain":"global","reason":"forbidden","message":"Not authorized to access the application ID"}],"code":403,"message":"Not authorized to access the application ID"}}
but there has not been any previous development or changes on our side and this affects all of our marketplace applications.
Any ideas what is going on and how to fix/workaround this issue?
This issue should now be fixed by Google.
If you are still experiencing 403 Forbidden on marketplace API calls make sure you are following these guidelines
Access to these APIs is restricted: only project members of the
Developer Console project associated with your application may use the
API. Specifically, these project members must be in Can Edit or Is
Owner roles. You may also access UserLicense and CustomerLicense as
the logged in user to your app. Refer to
https://cloud.google.com/compute/docs/access/add-remove-change-permissions-for-team-members to learn how to
add members to your project.
For example by doing the API requests using a service account in the Google Cloud Platform Project for you application without using any impersonation/delegation.

How to use OAuth 2.0 in Oracle Application Express?

I have created an application that calling Oracle RESTful Webservice. But I want to add OAuth 2.0 when calling this webservice in order to maintain the security of the data. I have follow the tutorial 'Accessing the RESTful Services from a Third Party Application'
But when I try to get the access token, I got the error below
https://server:port/i/oauthdemo/gallery.html#error=access_denied&state=STATE
In this document got mention, this error happen if user denies the request.
Can anyone help me how to approve the request?Is there any extra configuration that I need make?

How to get only projects associated with user with Web Service API

I'm using SonarQube (ver4.3.2) and I'm trying to get project list that the API caller user is allowed to see. I found a following API which can get project list:
http://nemo.sonarsource.org/api/resources
When I call this API, then I get all SonarQube's projects though the API caller user doesn't have brows permission for some projects. The API caller a user means user which is authorized by http basic authentication. I want to get only project list which the API caller user can see.
Is it possible?
Regards,
Michael
When calling the "/api/resources" WS, you will get only the projects you are allowed to see - which indeed means projects for which the user has the "Browse" permission.
If you get all the projects of your SonarQube instance when calling this WS, this means that your permissions allow this and you should review them. For instance, maybe the group "anyone" is set on the "Browse" permission of each project? (which is the default configuration of SonarQube by the way).

what is soap in magento? what is use of it?what is use of soap/xml-RPC-user?

what is use of soap/xml-RPC-user and soap/xml-RPC-roles?
in system menu there is one menu item web services contains 4-5 options like soap/xml-RPC-user and soap/xml-RPC-roles.
what is use of it? how to use that?
The original Magento API was implemented both in SOAP and XML-RPC. SOAP and XML-RPC are well known technologies for creating functions, classes, and methods client-programmers may call over HTTP. Explaining them in greater detail is beyond the scope of a Stack Overflow question.
The User and Roles menus are the for the authentication portion of the Magento API. To authenticate the API, you call a login method, passing in a username and password. You setup this user name and password in the Users menu you mentioned.
Each user you setup has access to a "role". Roles determine which API functions a user may call. You setup the roles in the Roles menu you mentioned. You assign a role to a User when you're editing it in the User section you mentioned.
In newer versions of Magento these sections are explicitly labeled with SOAP/XML-RPC to differentiate them from the newer REST APIs.
At first you'll need to know the use of web services. To acquire basic knowledge of web services,soap and xml-rpc read below url
http://nanostuffs.com/Blog/?p=1152
http://blog.manishchhabra.com/2013/04/rest-and-soap-web-services-analogy/
After getting basic knowledge of web services read how to use it in magento from below url
http://www.magentocommerce.com/wiki/5_-_modules_and_development/0_-_module_development_in_magento/introduction
http://inchoo.net/ecommerce/magento/magento-api-v2/
http://inchoo.net/ecommerce/magento/magento-v2-soap-demystified/

Resources