I am trying to access Ivona Speech Cloud using Ruby.
I have ported one of the code examples I found to Ruby, but I probably did something wrong at authenticating the request, since I am getting an error.
This is my implementation:
require 'http' # the gem
require 'openssl'
require 'pp'
def sign key, date, region, service, text
k_date = OpenSSL::HMAC.digest('sha256', "AWS4" + key, date)
k_region = OpenSSL::HMAC.digest('sha256', k_date, region)
k_service = OpenSSL::HMAC.digest('sha256', k_region, service)
k_signing = OpenSSL::HMAC.digest('sha256', k_service, "aws4_request")
signature = OpenSSL::HMAC.digest('sha256', k_signing, text)
signature
end
def run
access_key = "GDxxxxxxxxxxxxxxxxRA"
secret_key = "QtxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxlE"
region = 'eu-west-1'
date = '20160808'
service = 'tts'
body = {"Input" => {"Data" => "Hello world"}}
endpoint = "https://#{service}.#{region}.ivonacloud.com/CreateSpeech"
signature = sign secret_key, date, region, service, 'Hello World'
headers = {
"Content-Type" =>"application/json",
"Authorization" => "AWS4-HMAC-SHA256",
"Credential" => "#{access_key}/#{date}/#{region}/#{service}/aws4_request",
"SignedHeaders" => "content-type;host;x-amz-content-sha256;x-amz-date",
"Signature" => "#{signature}",
}
res = HTTP.headers(headers).post(endpoint, json: body)
p res
end
run
This is the error I am getting (line broken for legibility):
#<HTTP::Response/1.1 403 Forbidden
{"X-Amzn-Requestid"=>"18a44dd8-6dc3-11e6-808f-975692d1ee55",
"X-Amzn-Errortype"=>"IncompleteSignatureException:http://internal.amazon.com/coral/com.amazon.coral.service/",
"Content-Type"=>"application/json",
"Content-Length"=>"293",
"Date"=>"Mon, 29 Aug 2016 08:32:18 GMT"}>
Any assistance is appreciated
I would suggest using the AWS4 gem to help with this. I've made similar calls using the following format:
signer = ::AWS4::Signer.new(
access_key: "YOUR_ACCESS_KEY",
secret_key: "YOUR_SECRET_KEY",
region: "us-east-1"
)
aws_headers = {
"Content-Type" => "application/json; charset=utf8",
"Date" => Time.now.iso8601.to_s,
"Host" => "tts.us-east-1.ivonacloud.com"
}
uri = URI(endpoint)
body_params = {"Input":{"Data":"Hello world"}}.to_json
headers = signer.sign("POST", uri, aws_headers, body_params)
res = HTTP.headers(headers).post(endpoint, body: body_params)
Related
I'm new with ruby and I want to use GCP AIPlatform but I'm struggeling with the payload.
So far, I have :
client = ::Google::Cloud::AIPlatform::V1::PredictionService::Client.new do |config|
config.endpoint = "#{location}-aiplatform.googleapis.com"
end
img = File.open(imgPath, 'rb') do |img|
'data:image/png;base64,' + Base64.strict_encode64(img.read)
end
instance = Instance.new(:content => img)
request = Google::Cloud::AIPlatform::V1::PredictRequest.new(
endpoint: "projects/#{project}/locations/#{location}/endpoints/#{endpoint}",
instances: [instance]
)
result = client.predict request
p result
Here is my proto
message Instance {
required bytes content = 1;
};
But I have the following error : Invalid type Instance to assign to submessage field 'instances'
I read the documentation but for ruby SDK it's a bit light.
The parameters are OK, the JS example here : https://github.com/googleapis/nodejs-ai-platform/blob/main/samples/predict-image-object-detection.js is working with those parameters
What am I doing wrong ?
I managed it
client = Google::Cloud::AIPlatform::V1::PredictionService::Client.new do |config|
config.endpoint = "#{location}-aiplatform.googleapis.com"
end
img = File.open(imgPath, 'rb') do |img|
Base64.strict_encode64(img.read)
end
instance = Google::Protobuf::Value.new(:struct_value => {:fields => {
:content => {:string_value => img}
}})
endpoint = "projects/#{project}/locations/#{location}/endpoints/#{endpoint}"
request = Google::Cloud::AIPlatform::V1::PredictRequest.new(
endpoint: endpoint,
instances: [instance]
)
result = client.predict request
p result
The use of the Google::Protobuf::Value looks ugly to me but it works
Im trying to create a developer token that is a ES256 JWT to use for Apple Music authentication. (Here)
Im using ruby and the JWT gem but after creating the token I get a 401 error when authenticating with Apple Music
require 'jwt'
payload = {:iss => 'CapExdTeam', :iat => '1497335982', :exp => '1513112982'}
priv = "-----BEGIN PRIVATE KEY-----
MIGTAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBHkwdwIBAQQgU208KCg/doqiSzsVF5sknVtYSgt8/3oiYGbvryIRrzSgCgYIKoZIzj0DAQehRANCAAQfrvDWizEnWAzB2Hx2r/NyvIBO6KGBDL7wkZoKnz4Sm4+1P1dhD9fVEhbsdoq9RKEf8dvzTOZMaC/iLqZFKSN6
-----END PRIVATE KEY-----"
ecdsa_key = OpenSSL::PKey::EC.new(priv)
token = JWT.encode payload, ecdsa_key, 'ES256', { :kid => "CapExedKid", :alg => "ES256" }
puts token
`curl -v -H 'Authorization: Bearer #{token}' "https://api.music.apple.com/v1/catalog/us/songs/203709340"
Im using the sample private key to simulate 429 error just for illustration purposes
I used this script and it works perfectly
https://github.com/pelauimagineering/apple-music-token-generator
Based on #DanDevine's answer, here's a more Ruby/OO approach:
require "openssl"
# Example:
#
# token = AppleMusic::Token.new(key_id: "...", team_id: "...", keyfile: File.new("lib/assets/AuthKey_xxxxxxx.p8"))
# token.auth_token
# token.auth_header
#
module AppleMusic
class Token
attr_reader :key_id, :team_id, :keyfile
# Keyfile should be an IO type that responds to `read`
def initialize(key_id:, team_id:, keyfile:)
#key_id = key_id
#team_id = team_id
#keyfile = keyfile
end
def auth_token
#auth_token ||= fetch_auth_token
end
def auth_header
"Bearer #{auth_token}"
end
protected
def fetch_auth_token
header = {
typ: "JWT", # Must be specified; not in documentation
alg: "ES256",
kid: key_id
}
body = {
iss: team_id,
iat: Time.now.to_i,
exp: Time.now.to_i + 43_200 # 12hrs
}
JWT.encode(body, auth_key, 'ES256', header)
end
def auth_key
key = OpenSSL::PKey::EC.new(keyfile.read)
key.check_key
key
end
end
end
It's now also possible in pure Swift!
You first have to create a MusicKit identifier and a private key using this guide from Apple. Then a token can be easily created using Swift-JWT from IBM in pure Swift.
It's more or less just an invocation of the SwiftJWT API:
let teamId = "yourTeamID"
let keyId = "yourKeyID"
let keyFileUrl = URL(fileURLWithPath:"/pathToYour/key.p8")
struct MyClaims: Claims {
let iss: String
let iat: Date?
let exp: Date?
}
let myHeader = Header(kid: keyId)
let myClaims = MyClaims(iss: teamId, iat: Date(), exp: Date() + 24 * 60 * 60)
var myJWT = SwiftJWT.JWT(header: myHeader, claims: myClaims)
let token = try! myJWT.sign(using: .es256(privateKey: try! String(contentsOf: keyFileUrl).data(using: .utf8)!))
I created a simple example and a command line tool using the Swift Package Manager: SwiftJWTSample
Here's a working Ruby implementation. Call with your keyId and teamId, provide access to your private key file and go.
class AppleMusic
#auth_token
#validity_start
#validity_end
def initialize(keyId, teamId, options ={})
appleKeyId = keyId
appleTeamId = teamId
#validity_start = Time.now.to_i
#validity_end = Time.now.to_i + 43200 # 12 hours in seconds...
# Build up the headers
header = {
'typ' => 'JWT', # MUST BE SPECIFIED... Apple doesn't tell you this!
'alg' => 'ES256',
'kid' => appleKeyId
}
# Build up the payload
body = {
'iss' => appleTeamId,
'iat' => #validity_start,
'exp' => #validity_end
}
# This should be installed manually on the server somewhere
# TODO: Add some protection around the file's existance, set the name & location
# as some type of configuration key.
file = File.read('lib/assets/AuthKey_xxxxxxx.p8')
key = OpenSSL::PKey::EC.new(file)
key.check_key
#auth_token = JWT.encode(body, key, 'ES256', header)
#auth_token
end
def auth_token
#auth_token
end
def auth_header
"Bearer #{#auth_token}"
end
def validity_start
#validity_start
end
def validity_end
#validity_end
end
end
i'm facing several problem with API,
first:
send method asking for 'id'(message id or thread id) .. but why ?
i'm sending new message so it shouldn't require . according to Gmail Api documnetation
its optional .
https://developers.google.com/gmail/api/v1/reference/users/messages/send
ArgumentError: Missing required parameters: id.
second:
even after specify message id it return this message .
Your client has issued a malformed or illegal request.
code
require 'mime'
include MIME
msg = Mail.new
msg.date = Time.now
msg.subject = 'This is important'
msg.headers.set('Priority', 'urgent')
msg.body = Text.new('hello, world!', 'plain', 'charset' => 'us-ascii')
msg.from = {'hi#gmail.com' => 'Boss Man'}
msg.to = {
'list#example.com' => nil,
'john#example.com' => 'John Doe',
'jane#example.com' => 'Jane Doe',
}
#email = #google_api_client.execute(
api_method: #gmail.users.messages.send(:get),
body_object: {
raw: Base64.urlsafe_encode64(msg.to_s)
},
parameters: {
userId: 'me'
}
)
and of-course authentication working fine.
some other methods also working fine
like:
get list of messages(Users.messages.list)
get single message(Users.messages.get)
but
send message not working .
I think
#gmail.users.messages.send(:get) is equal to #gmail.users.messages.get
because ".send" is ruby method
so now this method is working with
#gmail.users.messages.to_h['gmail.users.messages.send']
example:
msg = Mail.new
msg.date = Time.now
msg.subject = options[:subject]
msg.body = Text.new(options[:message])
msg.from = {#_user.email => #_user.full_name}
msg.to = {
options[:to] => options[:to_name]
}
#email = #google_api_client.execute(
api_method: #gmail.users.messages.to_h['gmail.users.messages.send'],
body_object: {
raw: Base64.urlsafe_encode64(msg.to_s)
},
parameters: {
userId: 'me',
}
)
Thanks.
I think you may have a look at this gem I just built that use Gmail API and not using IMAP and SMTP like other gems:
gem install gmail-api-ruby
m = Gmail::Message.new(to: test#test.com, subject: "hello", html: "<b>this is html part<b>, text: "this is the text part")
m.deliver
gmail-api-ruby
It comes with a lot of helpful methods that you use in Gmail interface
I want to start working with Magento's REST API, but I can't seem to get it working.
To start with I need to get access tokens, here's what I'm trying:
require 'oauth'
#consumer = OAuth::Consumer.new("4200100753b2c8b03bde1f5b062c5a80", "c06abdcb734c85dfd7bb115c6a67ae4d", {:site=>"http://178.62.173.99/"})
#request_token = #consumer.get_request_token
# => oauth-0.4.7/lib/oauth/consumer.rb:216:in `token_request': 404 Not Found (OAuth::Unauthorized)
But I keep getting a 404 error.
What should I try next?
Here's a Ruby module I've written to create an access token for the Magento REST API:
module Token
def create_consumer
OAuth::Consumer.new(
CONSUMER_KEY,
CONSUMER_SECRET,
:request_token_path => '/oauth/initiate',
:authorize_path=>'/admin/oauth_authorize',
:access_token_path=>'/oauth/token',
:site => URL
)
end
def request_token(args = {})
args[:consumer].get_request_token(:oauth_callback => URL)
end
def get_authorize_url(args = {})
args[:request_token].authorize_url(:oauth_callback => URL)
end
def authorize_application(args = {})
m = Mechanize.new
m.get(args[:authorize_url]) do |login_page|
auth_page = login_page.form_with(:action => "#{URL}/index.php/admin/oauth_authorize/index/") do |form|
form.elements[1].value = ADMIN_USERNAME
form.elements[2].value = ADMIN_PASSWORD
end.submit
authorize_form = auth_page.forms[0]
#callback_page = authorize_form.submit
end
#callback_page.uri.to_s
end
def extract_oauth_verifier(args = {})
callback_page = "#{args[:callback_page]}".gsub!("#{URL}/?", '')
callback_page_query_string = CGI::parse(callback_page)
callback_page_query_string['oauth_verifier'][0]
end
def get_access_token(args = {})
args[:request_token].get_access_token(:oauth_verifier => args[:oauth_verifier])
end
def save_tokens_to_json(args = {})
auth = {}
auth[:time] = Time.now
auth[:token] = args[:access_token].token
auth[:secret] = args[:access_token].secret
File.open("#{args[:path]}#{args[:filename]}.json", 'w') {|f| f.write(auth.to_json)}
auth
end
def get_new_access_tokens
new_consumer = self.create_consumer
new_request_token = self.request_token(consumer: new_consumer)
new_authorize_url = self.get_authorize_url(request_token: new_request_token)
authorize_new_application = self.authorize_application(authorize_url: new_authorize_url)
extract_new_oauth_verifier = self.extract_oauth_verifier(callback_page: authorize_new_application)
new_access_token = self.get_access_token(request_token: new_request_token, oauth_verifier: extract_new_oauth_verifier)
save_tokens_to_json(filename: 'magento_oauth_access_tokens', path: '/', access_token: new_access_token)
return 'Successfully obtained new access tokens.'
end
end
Run #get_new_access_tokens to get an access token.
Don't forget to define the following variable:
CONSUMER_KEY
CONSUMER_SECRET
URL
ADMIN_USERNAME
ADMIN_PASSWORD
Check out mage on rails. It should work right out of the box. Check out this page for annotated ruby code showcasing the oauth flow
I would like to use the purchase token from the in app purchases in an android app to validate it to the google server on my own server.
With the following code I can validate a token, but I have to authenticate myself with my OAuth credentials every time:
class GooglePlayVerification
require 'google/api_client'
# Refer:
# https://code.google.com/p/google-api-ruby-client/issues/detail?id=72
# and
# http://jonathanotto.com/blog/google_oauth2_api_quick_tutorial.html
# and
# http://milancermak.wordpress.com/2012/08/24/server-side-verification-of-google-play-subsc/
GOOGLE_KEY = 'xxx.apps.googleusercontent.com'
GOOGLE_SECRET = 'xxxx'
APP_NAME = 'xx.xx.xx'
SCOPE = "https://www.googleapis.com/auth/androidpublisher"
def self.token
##token ||= begin
require 'oauth2'
raise "Missing client_id variable" if GOOGLE_KEY.to_s.empty?
raise "Missing client_secret variable" if GOOGLE_SECRET.to_s.empty?
raise "Missing scope variable" if SCOPE.to_s.empty?
redirect_uri = 'https://localhost/oauth2callback'
auth_client_obj = OAuth2::Client.new(GOOGLE_KEY, GOOGLE_SECRET, {:site => 'https://accounts.google.com', :authorize_url => "/o/oauth2/auth", :token_url => "/o/oauth2/token"})
puts "1) Paste this URL into your browser where you are logged in to the relevant Google account\n\n"
puts auth_client_obj.auth_code.authorize_url(:scope => SCOPE, :access_type => "offline", :redirect_uri => redirect_uri, :approval_prompt => 'force')
puts "\n\n\n2) Accept the authorization request from Google in your browser:"
puts "\n\n\n3) Google will redirect you to localhost, but just copy the code parameter out of the URL they redirect you to, paste it here and hit enter:\n"
code = gets.chomp.strip
access_token_obj = auth_client_obj.auth_code.get_token(code, {:redirect_uri => redirect_uri, :token_method => :post})
puts "Result: #{access_token_obj.inspect}\n\n"
puts "Token is: #{access_token_obj.token}"
puts "Refresh token is: #{access_token_obj.refresh_token}"
{
:access_token => access_token_obj.token,
:refresh_token => access_token_obj.refresh_token,
:expires_in => access_token_obj.expires_in,
:expires_at => access_token_obj.expires_at
}
end
end
def self.refresh_token
refresh_client_obj = OAuth2::Client.new(GOOGLE_KEY, GOOGLE_SECRET, {:site => 'https://accounts.google.com', :authorize_url => '/o/oauth2/auth', :token_url => '/o/oauth2/token'})
refresh_access_token_obj = OAuth2::AccessToken.new(refresh_client_obj, token[:access_token], {refresh_token: token[:refresh_token]})
refresh_access_token_obj.refresh!
puts "refresh token: #{refresh_access_token_obj.inspect}"
##token = {
:access_token => refresh_access_token_obj.token,
:refresh_token => refresh_access_token_obj.refresh_token,
:expires_in => refresh_access_token_obj.expires_in,
:expires_at => refresh_access_token_obj.expires_at
}
end
# ie. https://developers.google.com/android-publisher/v1/
# eg.
# #subscription_id com.stocklight.stocklight.standardsubscription
# #purchase_token xxx
def self.verify_subscription(subscription_id, purchase_token)
response = RestClient.get "https://www.googleapis.com/androidpublisher/v1.1/applications/#{APP_NAME}/inapp/#{subscription_id}/purchases/#{purchase_token}?access_token=#{token[:access_token]}"
puts "Respnse \n #{response.inspect}"
puts response.code == 200
puts JSON.parse(response)
return response.code == 200 && JSON.parse(response)['kind'] =='androidpublisher#inappPurchase'
rescue
return false
end
end
Has anyone an idea how to authenticate a server without such things like OAuth on the server? Is there another authentification possibility?
Thanks!
Here is my ruby code:
def self.verify_subscription(subscription_id, transaction_id)
json = JSON.parse(transaction_id)
order = ["orderId", "packageName", "productId", "purchaseTime", "purchaseState", "purchaseToken"]
signature = json["signature"]
data = {}
order.each do |o|
data[o] = json[o]
end
key = OpenSSL::PKey::RSA.new(Base64.decode64(GOOGLE_PUBLIC_KEY))
verified = key.verify(OpenSSL::Digest::SHA1.new, Base64.decode64(signature), data.to_json)
verified
end