I've got this script in the user-data of an ec2 linux. Is there a way to do a while to "loop" in this script so that it keeps doing the curl requests every 5 minutes until the requests return 200?
#!/bin/bash
sed -i -e '/<Name>loadbalanceServerIP<\/Name>/,/<Value>/s/<Value>[^<]*/<Value>52.53.197.227/' /home/wowza/conf/Server.xml
edge_ip=`curl -s http://169.254.169.254/latest/meta-data/public-ipv4`
curl --digest -u 'wowza:i-0fbfeb0718fab03b8' -X POST --header 'Accept:application/json; charset=utf-8' --header 'Content-type:application/json; charset=utf-8' http://52.53.197.227:8087/v2/servers/_defaultServer_/vhosts/_defaultVHost_/applications/live/pushpublish/mapentries/letitoptier_source -d'
{
"restURI": "http://52.53.197.227:8087/v2/servers/_defaultServer_/vhosts/_defaultVHost_/applications/live/pushpublish/mapentries/letitoptier_source",
"serverName": "_defaultServer_",
"sourceStreamName": "letitoptier_source",
"entryName": "letitoptier_source_target",
"profile": "rtmp",
"host": "'$edge_ip'",
"application": "live",
"userName": "wowza",
"password": "i-0fbfeb0718fab03b8",
"streamName": "letitoptier_source"
}'
curl --digest -u 'wowza:i-0fbfeb0718fab03b8' -X POST --header 'Accept:application/json; charset=utf-8' --header 'Content-type:application/json; charset=utf-8' http://52.53.197.227:8087/v2/servers/_defaultServer_/vhosts/_defaultVHost_/applications/live/pushpublish/mapentries/letitoptier_160p -d'
{
"restURI": "http://52.53.197.227:8087/v2/servers/_defaultServer_/vhosts/_defaultVHost_/applications/live/pushpublish/mapentries/letitoptier_160p",
"serverName": "_defaultServer_",
"sourceStreamName": "letitoptier_160p",
"entryName": "letitoptier_160p_target",
"profile": "rtmp",
"host": "'$edge_ip'",
"application": "live",
"userName": "wowza",
"password": "i-0fbfeb0718fab03b8",
"streamName": "letitoptier_160p"
}'
How can I know if it ran and what result or message it returned?
Thank you
If you are unsure whether the User Data script executed, log files are available at:
Linux: /var/log/cloud-init-output.log
Windows: C:\cfn
Related
Is there any way I can get contents of the post request for access tokens(http://localhost:8484/auth/realms/my_realm/protocol/openid-connect/token) and get both tokens on the screen in get request?
Well, there is no such api from Keycloak where you can get both access token and refresh token in a get request, it is possible only via the POST(api).
If your only intention is to view the token's for development then you can use chrome dev tools, or log them in your spring boot app.
If you POST get tokens (access and refresh) this command, you can get both tokens.
#1 curl demo
curl -v \
-d "client_id=admin-cli" \
-d "username=user" \
-d "password=1234" \
-d "grant_type=password" \
-X \
POST "http://localhost:8484/auth/realms/test/protocol/openid-connect/token" | jq
This is result
{
"access_token": "eyJhbGciOiJSUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJrTXNKN25mdUFpYWFBYXhZeFp2WXo3WWVFaVh6Nk5hZzV6LXMyazFreUpNIn0.eyJleHAiOjE2NjU2NTU1ODQsImlhdCI6MTY2NTY1NTI4NCwianRpIjoiZjQwYWJmMGMtZjA2OS00YWFiLTg3YWUtN2M0MDA5ZmY3ZDY1IiwiaXNzIjoiaHR0cDovL2xvY2FsaG9zdDo4NDg0L2F1dGgvcmVhbG1zL3Rlc3QiLCJzdWIiOiIzOTEyYzZkMC1mMjEwLTRiZWQtOGM1Ni03MDM2NGQyMjhhZGQiLCJ0eXAiOiJCZWFyZXIiLCJhenAiOiJhZG1pbi1jbGkiLCJzZXNzaW9uX3N0YXRlIjoiZTNiOThiYTItYjYzNS00MWYxLTg0YTktZTk1YzZiZDZmM2E5Iiwic2NvcGUiOiJwcm9maWxlIGVtYWlsIiwic2lkIjoiZTNiOThiYTItYjYzNS00MWYxLTg0YTktZTk1YzZiZDZmM2E5IiwiZW1haWxfdmVyaWZpZWQiOmZhbHNlLCJwcmVmZXJyZWRfdXNlcm5hbWUiOiJ1c2VyIiwiZW1haWwiOiJ1c2VyQHRlc3QuY29tIn0.BzPrRNdgdyDgg7Y0BNNuAVDfC9NBOyo97JBpw-kfRr-NRPfcP27ch3FONC108v4GQqOLTLF0Z5y6SoQr2BcX9ZFqBm5d8_tSn2XSVSoxWh_ci91PYzfs4656_QLV2TBcTPrW69Z-5oCEUEGZjpKW2UsavEonwTlop80xoDVTpvfgfq-pv0gh8tX6260weynIxSALiy8srFs6ExHp8IGqp-bKNPXM35nM9BX9gPgKPrrbe-IenXO37ESazubqhdtznzcCEDFrTNnOKR87hiFcInx28o2sBMhcDiZxPbaIfNhCpENxnoeNPHFnVA6wayjaJSiBxKVO8EMVaOSlDTRS9w",
"expires_in": 300,
"refresh_expires_in": 1800,
"refresh_token": "eyJhbGciOiJIUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJhMTdkM2U5Yi1kMThlLTQyOGQtYTUxYS0xYzdiMzhkYTkxYjgifQ.eyJleHAiOjE2NjU2NTcwODQsImlhdCI6MTY2NTY1NTI4NCwianRpIjoiYjk1MTA1NGEtYjU5ZC00NjIxLWEwOGYtMDMxOWZkYjc1ZTA2IiwiaXNzIjoiaHR0cDovL2xvY2FsaG9zdDo4NDg0L2F1dGgvcmVhbG1zL3Rlc3QiLCJhdWQiOiJodHRwOi8vbG9jYWxob3N0Ojg0ODQvYXV0aC9yZWFsbXMvdGVzdCIsInN1YiI6IjM5MTJjNmQwLWYyMTAtNGJlZC04YzU2LTcwMzY0ZDIyOGFkZCIsInR5cCI6IlJlZnJlc2giLCJhenAiOiJhZG1pbi1jbGkiLCJzZXNzaW9uX3N0YXRlIjoiZTNiOThiYTItYjYzNS00MWYxLTg0YTktZTk1YzZiZDZmM2E5Iiwic2NvcGUiOiJwcm9maWxlIGVtYWlsIiwic2lkIjoiZTNiOThiYTItYjYzNS00MWYxLTg0YTktZTk1YzZiZDZmM2E5In0.UDV1fBhW8I7E9IELNK7XOvpy-6FJ_Bdir1wujYNvK_U",
"token_type": "Bearer",
"not-before-policy": 0,
"session_state": "e3b98ba2-b635-41f1-84a9-e95c6bd6f3a9",
"scope": "profile email"
}
#2 You can see the content via jwt.io
copy from #1's token , paste to Encoded section
for access token content
{
"exp": 1665655584,
"iat": 1665655284,
"jti": "f40abf0c-f069-4aab-87ae-7c4009ff7d65",
"iss": "http://localhost:8484/auth/realms/test",
"sub": "3912c6d0-f210-4bed-8c56-70364d228add",
"typ": "Bearer",
"azp": "admin-cli",
"session_state": "e3b98ba2-b635-41f1-84a9-e95c6bd6f3a9",
"scope": "profile email",
"sid": "e3b98ba2-b635-41f1-84a9-e95c6bd6f3a9",
"email_verified": false,
"preferred_username": "user",
"email": "user#test.com"
}
for refresh token content
{
"exp": 1665657084,
"iat": 1665655284,
"jti": "b951054a-b59d-4621-a08f-0319fdb75e06",
"iss": "http://localhost:8484/auth/realms/test",
"aud": "http://localhost:8484/auth/realms/test",
"sub": "3912c6d0-f210-4bed-8c56-70364d228add",
"typ": "Refresh",
"azp": "admin-cli",
"session_state": "e3b98ba2-b635-41f1-84a9-e95c6bd6f3a9",
"scope": "profile email",
"sid": "e3b98ba2-b635-41f1-84a9-e95c6bd6f3a9"
}
Decoding JWT in bash command
ACCESS_TOKEN=$(curl --location --request POST "http://localhost:8484/auth/realms/test/protocol/openid-connect/token" \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'client_id=admin-cli' \
--data-urlencode 'grant_type=password' \
--data-urlencode 'username=user' \
--data-urlencode 'password=1234' | jq -r '.access_token')
Confirm access token
echo $ACCESS_TOKEN
jwtd() {
if [[ -x $(command -v jq) ]]; then
jq -R 'split(".") | .[0],.[1] | #base64d | fromjson' <<< "${1}"
echo "Signature: $(echo "${1}" | awk -F'.' '{print $3}')"
fi
}
jwtd $ACCESS_TOKEN
result
{
"alg": "RS256",
"typ": "JWT",
"kid": "kMsJ7nfuAiaaAaxYxZvYz7YeEiXz6Nag5z-s2k1kyJM"
}
{
"exp": 1665656835,
"iat": 1665656535,
"jti": "6fdcd375-e721-4646-b725-4f5f23d8b103",
"iss": "http://localhost:8484/auth/realms/test",
"sub": "3912c6d0-f210-4bed-8c56-70364d228add",
"typ": "Bearer",
"azp": "admin-cli",
"session_state": "f0353bdd-0a08-49eb-bc2a-111ceb59dc56",
"scope": "profile email",
"sid": "f0353bdd-0a08-49eb-bc2a-111ceb59dc56",
"email_verified": false,
"preferred_username": "user",
"email": "user#test.com"
}
Same way to get refresh token
REFRESH_TOKEN=$(curl --location --request POST "http://localhost:8484/auth/realms/test/protocol/openid-connect/token" \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'client_id=admin-cli' \
--data-urlencode 'grant_type=password' \
--data-urlencode 'username=user' \
--data-urlencode 'password=1234' | jq -r '.refresh_token')
jwtd $REFRESH_TOKEN
result
$ jwtd $REFRESH_TOKEN
{
"alg": "HS256",
"typ": "JWT",
"kid": "a17d3e9b-d18e-428d-a51a-1c7b38da91b8"
}
{
"exp": 1665658687,
"iat": 1665656887,
"jti": "287a7f90-1435-44e6-b8c8-417eda935382",
"iss": "http://localhost:8484/auth/realms/test",
"aud": "http://localhost:8484/auth/realms/test",
"sub": "3912c6d0-f210-4bed-8c56-70364d228add",
"typ": "Refresh",
"azp": "admin-cli",
"session_state": "4beb4f1d-fb56-42b6-99ea-d13281b8db3f",
"scope": "profile email",
"sid": "4beb4f1d-fb56-42b6-99ea-d13281b8db3f"
}
Signature: JAyDz4qS9Jvi4u8sHS68NPP8721MzlQXPXNaIgtD7v8
I am creating a pod spec using json which when run will give me a shell on the underlying node as shown below.
overrides=$(cat <<EOF
{
"apiVersion": "v1",
"kind": "Pod",
"metadata": {
"name": "admin-shell"
},
"spec": {
"containers": [
{
"name": "admin-shell",
"securityContext": {
"privileged": true
},
"image": "alpine:latest",
"args": ["chroot", "/kdet", "/bin/bash"],
"stdin": true,
"stdinOnce": true,
"tty": true,
"volumeMounts": [{
"name": "kdet",
"mountPath": "/kdet"
}]
}],
"volumes": [{
"name": "kdet",
"hostPath": {
"path": "/",
"type": "Directory"
}
}]
}
}
EOF
)
kubectl run --image alpine:latest --rm --restart=Never --overrides="$foo" -ti test
If you don't see a command prompt, try pressing enter.
[root#admin-shell /]# exit
exit
pod "admin-shell" deleted
However, when I try to launch the pod using curl with the config saved in api.json, the pod is being created, however I don't get the shell as I got in the previous step.
>curl -k $APISERVER/api/v1/namespaces/default/pods \
-XPOST -H 'Content-Type: application/json' \
-d#api.json \
--header "Authorization: Bearer $TOKEN"
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 2900 0 2250 100 650 13005 3757 --:--:-- --:--:-- --:--:-- 16763
{
"phase": "Pending",
"qosClass": "BestEffort"
}
Can you please help me how can I get the shell using curl?
I've a problem with URI module from ansible, maybe someone have an idea what the problem could be?
I try to communicate with I-Doit API (JSON-RPC) by using ansible uri module. My first attempt with curl works fine, whether I try to run curl manually or by using ansible.
# curl manual example
curl --location --request POST 'https://SERVER-FQDN/i-doit/src/jsonrpc.php' \
--header 'Content-Type: application/json' \
--header 'X-RPC-Auth-Session: SESSION-KEY' \
--header 'Cookie: PHPSESSID=SESSION-KEY' \
--data-raw '{
"version": "2.0",
"method": "idoit.version",
"params": {
"apikey": "API-KEY",
"language": "en"
},
"id": 1
}'
# example in ansible
---
- name: CURL REST / JSON-RPC API Call
shell: |
curl -s --noproxy "*" --location --request POST 'https://SERVER-FQDN/i-doit/src/jsonrpc.php' \
--header "Content-Type: application/json" \
--header "X-RPC-Auth-Session: {{ session_key }}" \
--header "Cookie: PHPSESSID= {{ session_key }}" \
--data-raw '{
"version": "2.0",
"method": "idoit.version",
"params": {
"apikey": "{{ api_key }}",
"language": "en"
},
"id": 1
}'
If I try to reproduce the call with the URI module like
- name: REST / JSON-RPC API Call check I-Doit Version
uri:
url: "https://SERVER-FQDN/i-doit/src/jsonrpc.php"
method: post
validate_certs: no
follow_redirects: all
use_proxy: no
timeout: 200
headers:
X-RPC-Auth-Session: "{{ SESSION-KEY }}"
Content-Type: "application/json"
body_format: json
return_content: yes
body: "{{ lookup('file','test.json') }}"
ignore_errors: yes
# test.json content
{
"version": "2.0",
"method": "idoit.version",
"params": {
"apikey": "API-KEY",
"language": "en"
},
"id": 1
}
the request failed with error code -1 and message: "Connection failure: connection was closed before a valid response was received: No status line received - the server has closed the connection"
Is there a difference in usage by URI modul with rest or json-rpc?
thanks for help or ideas
dantegabriel
I know how to create a repo in BitBucket by doing this.
Let email = john#outlook.com, and password 123
curl -k -X POST --user john#outlook.com:123 "https://api.bitbucket.org/1.0/repositories" -d "name=test"
But how would one check if a repo exist in BitBucket programmatically ?
Here is what I get for a curl call to a public, private and non-existing repos:
Private (Status code 403):
> curl -k -X GET https://api.bitbucket.org/1.0/repositories/padawin/some-private-repo
Forbidden
Non existing (Status code 404):
> curl -k -X GET https://api.bitbucket.org/1.0/repositories/padawin/travels1
{"type": "error", "error": {"message": "Repository padawin/travels1 not found"}}
Public (Status code 200):
> curl -k -X GET https://api.bitbucket.org/1.0/repositories/padawin/travels
{"scm": "git", "has_wiki": false, "last_updated": "2015-08-02T14:09:42.134", "no_forks": false, "forks_count": 0, "created_on": "2014-06-08T23:48:28.483", "owner": "padawin", "logo": "https://bytebucket.org/ravatar/%7Bb56f8d55-4821-4c89-abbc-7c1838fb68a3%7D?ts=default", "email_mailinglist": "", "is_mq": false, "size": 1194864, "read_only": false, "fork_of": null, "mq_of": null, "followers_count": 1, "state": "available", "utc_created_on": "2014-06-08 21:48:28+00:00", "website": "", "description": "", "has_issues": false, "is_fork": false, "slug": "travels", "is_private": false, "name": "travels", "language": "", "utc_last_updated": "2015-08-02 12:09:42+00:00", "no_public_forks": false, "creator": null, "resource_uri": "/api/1.0/repositories/padawin/travels"}
You can use the status code, given that the body is not always a valid json (Forbidden would have to be "Forbidden" to be a valid JSON).
Using the 2.0 API, I check in this way:
if curl -s -f -o /dev/null -u "${USERNAME}:${APP_PASSWORD}" "https://api.bitbucket.org/2.0/repositories/${USERNAME}/${REPONAME}"; then
echo "Repo exists in Bitbucket."
else
echo "Repo either does not exist or is inaccessible in Bitbucket."
Access is required to the repository:read scope. Note that access to the repository:admin scope is insufficient and irrelevant for this check.
Why is my composer REST server not returning the transaction id of the request, or where can I find the id?
curl -X POST --header 'Content-Type: application/json' --header 'Accept: application/json' -d '{ \
"$class": "org.example.biznet.SampleAsset", \
"assetId": "1", \
"value": "103300" \
}' 'http://localhost:3000/api/SampleAsset'
Response:
{
"date": "Sun, 04 Feb 2018 15:59:10 GMT",
"x-content-type-options": "nosniff",
"etag": "W/\"52-0IlZYwJKBE6+rHqbXGCNVeELkQ0\"",
"x-download-options": "noopen",
"x-frame-options": "DENY",
"content-type": "application/json; charset=utf-8",
"access-control-allow-origin": "http://localhost:3000",
"access-control-allow-credentials": "true",
"connection": "keep-alive",
"vary": "Origin, Accept-Encoding",
"content-length": "82",
"x-xss-protection": "1; mode=block"
}
As I can see in the pull request it should be solved: https://github.com/hyperledger/composer/pull/843
My versions:
├── composer-cli#0.16.3
├── composer-playground#0.16.3
├── composer-rest-server#0.16.3
It looks like you have submitted a POST request to an Asset (SampleAsset) which being an Asset does not generate a Transaction ID. If you POST to a Transaction you will get a Transaction ID - and you will see it in the Response Body, not the Response Header. See example below.