Have implemented oauth2 and it works fine as long as I am using clients.inMemory in my authorization server config. When i change it to clients.jdbc, and provide the datastore, the first step of getting a oauth2 token succeeds. The second step of using that token always fails. Even though for the in memory code snippet, both steps work. so with jdbc, i am unable to reach my rest end point. I get error. The following works
curl -u ksclient:top_secret -X POST http://localhost:8080/oauth/token -H "Accept:application/json" -d "username=mickey&password=cheese&grant_t
ype=password"
The result:
{"access_token":"4e6a6ff2-87e9-428d-9a80-13f0300a7344","token_type":"bearer","expires_in":43016,"scope":"read write"}
Then the second step of using it fails
curl http://localhost:8080/oauth2/hello -H "Authorization: Bearer 4e6a6ff2-87e9-428d-9a80-13f0300a7344"
The error:
{"error":"invalid_token","error_description":"Invalid access token: 4e6a6ff2-87e9-428d-9a80-13f0300a7344"}
What is interesting that on the mysql side the table for "oauth_client_details" does have the data whereas the table for "oauth_client_token"/"oauth_access_token" never has any records.
Here is the link to my code
https://github.com/ksachdev1/springbootlearning
Related
I'm trying to use SuiteQL to query a workbook for a client implementation, but I'm having trouble getting it to work in VS Code. I downloaded the Postman environment template and collections archive from the SuiteTalk tools download page and then sent a test request. It returned a successful JSON response. I then tried to send the same sample request using cURL in the VS Code terminal, then with node-fetch, and then using an npm library called netsuite-rest. All of these return 401 'INVALID_LOGIN'. Why does it work when I use Postman, but nowhere else? Here's a sample of my cURL request:
curl --location --request POST 'https://<ACCOUNT_ID>.suitetalk.api.netsuite.com/services/rest/query/v1/suiteql?limit=5' \
--header 'prefer: transient' \
--header 'Content-Type: application/json' \
--header 'Authorization: OAuth realm="<ACCOUNT_ID>",oauth_consumer_key="<CONSUMER_KEY>",oauth_token="<TOKEN>",oauth_signature_method="HMAC-SHA256",oauth_timestamp="<TIMESTAMP>",oauth_nonce="<NONCE>",oauth_version="1.0",oauth_signature="<SIGNATURE>"' \
--header 'Cookie: NS_ROUTING_VERSION=LAGGING' \
--data-raw '{
"q": "SELECT id, companyName, email, dateCreated FROM customer WHERE dateCreated >= '\''01/01/2019'\'' AND dateCreated < '\''01/01/2020'\''"
}'
I see this is an old thread however, I myself am just getting started with NetSuite and Postman. For me, the netsuite Postman query will work fine when you get your access token and this will work for a short period of time. Eventually it will fail and at that time you need to use your refresh token to get a new access token. Then, add the fresh access token into your query authorization as a bearer token - and then the query will start working again.
Once it is actively working then there is a magic Area of postman = Code Snippet. So click on that and then notice that there is a pulldown menu of many code bases - that will display the entire code request for your query! For example you could choose nodeJS - Axios - and just copy the code and paste it in to your webpage.
The one thing you will have to remember is that the access token Will expire after a period of time and then you will have to replace the access token with a fresh one (using the refresh token).
I am little new Spring boot and Aouth 2. I tried to secure my spring boot application with OAuth2. But My authentication is nit working and it causes for 401 error even with unsecured url. My code can be found in the git hub with under url
I used the below curl command
curl -i http://localhost:8990/api/hello
But it results for
{"timestamp":1489824873836,"status":401,"error":"Unauthorized","message":"Full authentication is required to access this resource","path":"/api/hello"}
Also when I try to access my secured url as below, it produces the same error.
curl -i -H "Authorization: Bearer <access_token>" http://localhost:8990/api/secure
I have searched in the internet but unable to fix my problem yet. Could anybody please help me
Thanks
Git hub url
https://github.com/txmr765/Spring-Oauth2
Authentication code has got few things to be changed and now and it's working.
Just check curl -vu secureapp:secret 'http://localhost:8990/api/oauth/token?username=admin&password=admin&grant_type=password'
The reason was that I was logged in to WP.
Looking for a reason here: WooCommerce REST API Authentication fails when logged in
I am trying to connect to Woocommerce REST API using Ajax (to read product data)
The following URL ...
https://example.com/wp-json/wc/v1/products/1744?consumer_key=ck_xxx&consumer_secret=cs_xxx
... gives me this error:
{"code":"woocommerce_rest_cannot_view","message":"Sorry, you cannot view this resource.","data":{"status":401}}
I also tried the same using CURL like:
curl https://example.com/wp-json/wc/v1/products/1744 \
-u ck_xxx:cs_xxx
And got the same error.
What could be wrong here?
The key is read only.
I am quite sure the error means that everything is ok but there's an issue with authentication.
Entering exactly the same information into Advanced REST Client Chrome extension gives me exactly what I am looking for. Why is it not working with CURL or Ajax?
Even just pasting the URL at http://onlinecurl.com/ gets me 200 OK
EDIT: Got the CURL working like this:
curl -XGET 'https://example.com/wp-json/wc/v1/products/30552?consumer_key=ck_xxx&consumer_secret=xxx'
I am trying to create rest based webservices, which I want to secure them using spring security Oauth2.
What I found is then, in oauth2 we have to send auth_token in query string.
But my need is to send in header.
I have searched a lot, but I didn't get the answer which I need.
Is there anybody who can help?
Reference link [ http://www.beingjavaguys.com/2014/10/spring-security-oauth2-integration.html
]
You can test sending the access token for example using Curl:
curl -H "Authorization: Bearer <ACCESS_TOKEN>" http://www.example.com
With this you should be able to see, if server is working as expected. How to do it in client application depends on the programming language you are using.
I am new to Spring and very new to Spring Oauth2 Security. I have searched a lot about how to request the following link in web browser(In Firefox Rest Client plugin).The following request is curl and working perfectly fine in terminal through this command.
I am getting the problem while giving basic authorization. So How we can interact with basic authorization given below as -vu myapp:123456.
curl -X POST -vu myapp:123456 http://localhost:8080/oauth/token -H "Accept: application/json" -d "password=sunit&username=sunit&grant_type=password&scope=read%20write&client_secret=123456&client_id=myapp"
I used wireshark for capture the request and ended the same request to fb just to connect because I don't have a local server running... you can see that is a post request with the body in encoded URL...