This is what I am having trouble understanding and doing.
I need to add a header called sign with the query's POST data signed by my key's "secret" according to the HMAC-SHA512 method. What is my query's post data? And how can I find it so that I can encrypt it and send it as a header.
These are my parameters: "command" => "returnBalances", "nonce" => Time.now.to_i
Please let me know:
How do I find my post request data.
How do I use the HMAC-SHA512 method to encrypt this data so that I can send it in a header. (using Ruby)
Thank you people let me know.
I answered your question more completely here, in the context of the Poloniex exchange:
Ruby Http Post Parameters
To answer your specific questions from this post:
How do I find my post request data?
POST data simply means the body of your request. This could be JSON, plain text, form data, etc. In cases where a specific format (i.e. JSON) isn't mentioned, POST data probably refers to POST form data (Content-Type: application/x-www-form-urlencoded). This is how data submitted from a web form is formatted and indeed that appears to be what Poloniex is looking for.
x-www-form-urlencoded data can be produced like this in Ruby:
form_data = URI.encode_www_form({:command => 'returnBalances', :nonce => Time.now.to_i * 1000 })
puts form_data
command=returnBalances&nonce=1447537613000
Mozilla Developer's Network link on POST form data.
How do I use the HMAC-SHA512 method to encrypt this data so that I can send it in a header? (using Ruby)
HMAC digest produces a unique string based on a secret key and the data provided. In Ruby, you can produce an HMAC digest like so:
OpenSSL::HMAC.hexdigest( 'sha512', secret, form_data)
Related
There is a way to config the Twilio webhooks in the conversation product to send a post request to an endpoint and in the body send the information instead in the params?
You would pass a payload of the JSON you want to send in your post body and then pass in a header called x-www-form-urlencoded which tells Twilio that you want the parameters to be sent in the body as form data. I'm not sure if it's limited to only a few parameters or not but I know that it works with \"To\" and \"From\" (as they need to be URL encoded). It would definitely work with MessageSid.
You could also use the \"Bulk\" post body format, which is just JSON. This would allow you to pass more parameters since it's just JSON. (You don't need to url encode them if you do this, so no need to have x-www-form-urlencoded header.)
{
\"To\": \"+15551235555\",
\"From\": \"+15551234567\",
\"Body\": \"A text message\",
...: ...
}
You should be able to send the information you want, along with the headers, from your endpoint and have it pass through Twilio.
Looks like this:
curl -X POST https://api.twilio.com/2010-04-01/Accounts/{AccountSid}/Messages -d 'From=%2B15551234567&To=%2B15551235555&Body=Test' -u '{AccountSid}:{AuthToken}'
You can pass any JSON you want as a body using this option but make sure you've set your \"Content-Type\" header to \"application/x-www-form-urlencoded\". This is pretty straightforward and makes it easy to pass in whatever parameters you want.
This isn't limited to text messages! This is exactly how I push data back into a Conversation or Action resource too so it'll work for things like card pushes too! You can use this to programmatically create a response that Twilio will process and then act on in your Conversation or Action instance.
And yeah … if you're going to support a webhook that takes form data then I would suggest adding some basic security checks since anyone could just post random stuff as form data if they wanted and get access to your endpoint. I'd recommend checking the Request Method as well to make sure it's POST.
If you're worried about someone passing in a bad value then you can just check the request body against some regex. I'd recommend checking the Twilio-To and Twilio-From params as well. You could also use the request header too, which is passed along with all webhooks:
header('Access-Control-Allow-Origin: *');
header('Access-Control-Allow-Methods: POST');
header('Access-Control-Allow-Headers: xxx');
I'm looking for an alternative tool to Gatling and found Locust. I found it's powerful but I wonder how can I extract a Json value and then using that value in the Json payload of the next request (please note the Json payload is in different file). Like in Gatling we can use saveAs() and the value will be store in the session variable, then we can put that value in Json payload.
Thanks,
Hoang
Locust is pretty much just Python, using the requests http client, so look in to the requests documentation for more info.
Lets assume /login returns a session_id in the json response that we want to use in future requests. You would then do something like this in your task:
response = self.client.post("/login")
session_id = response.json()["session_id"]
self.client.post("/foo", json={"session_id": session_id})
I'm developing a RESTful web application in Ruby with Sinatra. It should support CRUD operations, and to respond to Read requests I have the following function that formats the data according to what the request specified:
def handleResponse(data, haml_path, haml_locals)
case true
when request.accept.include?("application/json") #JSON requested
return data.to_json
when request.accept.include?("text/html") #HTML requested
return haml(haml_path.to_sym, :locals => haml_locals, :layout => !request.xhr?)
else # Unknown/unsupported type requested
return 406 # Not acceptable
end
end
Only I don't know what is best to do in the else statement. The main problem is that browsers and jQuery AJAX will accept */*, so technically a 406 error is not really the best idea. But: what do I send? I could do data.to_s which is meaningless. I could send what HAML returns, but they didn't ask for text/html and I would rather notify them of that somehow.
Secondly, supposing the 406 code is the right way to go, how do I format the response to be valid according to the W3 spec?
Unless it was a HEAD request, the response SHOULD include an entity containing a list of available entity characteristics and location(s) from which the user or user agent can choose the one most appropriate. The entity format is specified by the media type given in the Content-Type header field. Depending upon the format and the capabilities of the user agent, selection of the most appropriate choice MAY be performed automatically. However, this specification does not define any standard for such automatic selection.
It looks like you're trying to do a clearing-house method for all the data types you could return, but that can be confusing for the user of the API. Instead, they should know that a particular URL will always return the same data type.
For my in-house REST APIs, I create certain URLs that return HTML for documentation, and others that return JSON for data. If the user crosses the streams, they'll do it during their development phase and they'll get some data they didn't expect and will fix it.
If I had to use something like you're writing, and they can't handle 'application/json' and can't handle 'text/html', I'd return 'text/plain' and send data.to_s and let them sort out the mess. JSON and HTML are pretty well established standards now.
Here's the doc for Setting Sinatra response headers.
In my sinatra app i have a form which is used to submit data via a POST request to a url.The url also accepts json sent in a POST request.
Is there any way to determine in the handler if json data was received in the post or the data submitted was sent from the form ?
Thank You
When you send data via a Post request you will have data in your params Hash. So if there is a key there is a value, even if it's empty. So you can check for example via params[:json] if you have received something via json (assuming you call that parameter :json). The same goes for data. But then I'm not entirely sure if that's what you're asking for. Either way all data you get is handled via the params variable.
Assuming that JSON is sent via XHR call, you can make use of request.xhr? to check if the request is xhr.
How do I pass multilevel parameters to POST when I'm using net/http library?
example that works:
require "net/http"
http = Net::HTTP.new("localhost", 3000)
request = Net::HTTP::Post.new("/external/rd")
request.set_form_data({:name => 'device_rb'})
response = http.request(request)
puts response.body
but common rails notation would be:
"device" => {:name => 'device_rb'}
I have no idea how to put this embeded parameters to set_form_data method. Any help?
Regards
If you are posting form data, your data will get encoded in x-www-form-urlencoded format. This is more or less a simple key/value format with no nesting of structures.
If you want nesting for the data you pass to the server, you would have to use a format that allows it, such as JSON or XML. You cannot set the payloads for these formats with set_form_data though.
You rather set them using request.body = payload. See also this simple example for posting a JSON payload.