I'm trying to create a proxy server that access third-party API, but their development end point have certificate error. Is there anyway to bypass ssl error when using http.dart?
import 'package:http/http.dart' as http;
Uri url = Uri.parse("https://url-with-ssl-error.com/endpoint");
http.get(url).then((response) => print(response.body));
and here's the error returned:
Uncaught Error: SocketIOException: RawSecureSocket error (Unexpected handshake error in client) (OS Error: errno = -8172)
Unhandled exception:
SocketIOException: RawSecureSocket error (Unexpected handshake error in client) (OS Error: errno = -8172)
#0 _FutureImpl._scheduleUnhandledError.<anonymous closure> (dart:async/future_impl.dart:207:9)
#1 Timer.run.<anonymous closure> (dart:async/timer.dart:17:21)
#2 Timer.run.<anonymous closure> (dart:async/timer.dart:25:13)
#3 Timer.Timer.<anonymous closure> (dart:async-patch:15:15)
#4 _Timer._createTimerHandler._handleTimeout (dart:io:6990:28)
#5 _Timer._createTimerHandler._handleTimeout (dart:io:6998:7)
#6 _Timer._createTimerHandler.<anonymous closure> (dart:io:7006:23)
#7 _ReceivePortImpl._handleMessage (dart:isolate-patch:81:92)
Though this question may be out of date, I should still post a short answer for this, in case of someone in the same trouble. This snippet's from my project:
import 'package:http/http.dart' as http;
import 'package:http/io_client.dart';
...
HttpClient client = new HttpClient()..badCertificateCallback = ((X509Certificate cert, String host, int port) => true);
var ioClient = new IOClient(client);
http.Response resp = await ioClient.post(uri, body: utf8.encode(json.encode(body)), headers: headers);
...
The issue was mentioned here and also the fix.
Error -8172 means that 'Peer's certificate issuer has been marked as not trusted by the user.'
If you had access to the raw socket, then connect method allows you to specify what to do in case of bad certificate by providing onBadCertificate callback. However, I am not sure what is the exact type of http object in your code sample, so i can't tell whether you can workaround this or not. I thought it might be an HttpClient instance but it doesn't have a get method which takes a URI, so I am not sure. If it is your own class, maybe you have access to underlying secure socket so you can still use onBadCertificate.
Additionally, for server sockets, you can't rely on implicit SecureSocket.initialize() call. You need to call it explicitly with certificate db info.
Related
I have a use case where I need to send 2 requests to the server. The output of first request is used in second request so the calls have to be synchronous. I am using ktor (OkHttp)client websocket for this. I am failing at first attempt to even connect to the server with this error
Exception in thread "main" java.net.UnknownHostException: https: nodename nor servname provided, or not known
I suspect I haven't split my url properly and thats why its not able to connect to host.
Couple of qns
Is there any benefit to using websocket instead of using 2 separate Http requests?
Is there a way I can just pass URL to the websocket request?
Best and easiest way to get response and send another request?
I have been able to find very limited documentation on ktor client websocket.
const val HOST = "https://sample.com"
const val PATH1 = "/path/to/config?val1=<val1>&val2=<val2>"
const val PATH2 = "/path/to/config?val=<response_from_first_req>"
fun useSocket() {
val client = HttpClient() {
install(WebSockets)
}
runBlocking {
client.webSocket(method = HttpMethod.Get, host = HOST, path = PATH1) {
val othersMessage = incoming.receive() as? Frame.Text
println(othersMessage?.readText())
println("Testing")
}
}
client.close()
}
Thanks in advance.
I need to connect to a server with authentication and a custom header.
The official gRPC docs show how to do it in Python but not in Ruby:
https://grpc.io/docs/guides/auth/#with-server-authentication-ssltls-and-a-custom-header-with-token
How can this be achieved in ruby ? There doesn't seem to be a metadata call credentials method.
I have tried the following but I'm getting Permission Denied.
channel_creds = GRPC::Core::ChannelCredentials.new()
auth_proc = proc { { 'authorization' => 'Plain ****' } }
call_creds = GRPC::Core::CallCredentials.new(auth_proc)
combined_creds = channel_creds.compose(call_creds)
#stub = Stub.new('host:port', combined_creds)
Nevermind, it was an error because of protection from the server that needed to be disabled, the above code works fine.
when i make access on website on endpoint "http://localhost/newsapp_api/public/api/authors"it's work without any problem,but when i try this in flutter it shows me a problem.
message error:E/flutter (24506): [ERROR:flutter/lib/ui/ui_dart_state.cc(186)] Unhandled Exception: SocketException: OS Error: Connection refused, errno = 111, address = localhost, port = 46873
codes:
authors_api.dart
import 'package:http/http.dart' as http;
import 'dart:convert';
import 'package:news_app/utilities/api_utilities.dart';
import 'package:news_app/models/author.dart';
class AuthorsAPI {
Future<List<Author>> fetchAllAuthors() async {
// ignore: deprecated_member_use
List<Author> authors = List<Author>();
String allAuthorsApi = base_api + all_authors_api;
var url = Uri.parse(allAuthorsApi);
var response = await http.get(url);
print(response.statusCode);
print("*****************");
print(response.body);
}
}
api_utilities.dart
String base_api = "http://localhost/newsapp_api/public/api/authors";
String all_authors_api = "/api/authors";
make sure that you are not using any VPN or proxy server
try to use http://127.0.0.1 instead of http://localhost
hope this solve your problem
Note that localhost does not work with the Android emulator which uses 10.0.0.2
To support both Web and Android emulator use the (local) IP address of the server
You can make the server running on localhost avalible on your device like this:
adb reverse tcp:3000 tcp:3000
Please note that you should replace 3000 with the port that you srever is running on.
And that's it! Now you can access localhost from your device.
I can't mock a https serve according to API,please give me some advice
python version: 3.6.5
pact-python: 1.0
pytest:5.3.5
platform:windows
Error message:
urllib3.exceptions.MaxRetryError: HTTPSConnectionPool(host='localhost', port=1234): Max retries exceeded with url: / (Caused by SSLError(SSLError("bad handshake: Error([('SSL rou
tines', 'tls_process_server_certificate', 'certificate verify failed')],)",),))
process:
I try to mock a https server by pact-python so I set ssl=True and don't set sslcert and sslkey, it can't work. Then I try to creat a self-signed sslcert and sslkey use openssl tools then set option: sslcert = 'server.crt', sslkey = 'server.key',it still not work. It's a very simple example, I just wanna mock a https server:
import requests
import atexit
import pytest
from pact import Consumer, Provider
def user(user_name):
"""Fetch a user object by user_name from the server."""
uri = 'https://localhost:1234/users/' + user_name
return requests.get(uri, verify = False).json()
pact = Consumer('Consumer').has_pact_with(Provider('Provider'), port=1234, ssl = True,
sslcert = 'server.crt', sslkey = 'server.key')
pact.start_service()
atexit.register(pact.stop_service)
def test_get_user():
expected = {
'username': 'UserA',
'id': 123,
'groups': ['Editors']
}
(pact
.given('UserA exists and is not an administrator')
.upon_receiving('a request for UserA')
.with_request('get', '/users/UserA')
.will_respond_with(200, body = expected))
with pact:
result = user('UserA')
assert(result, expected)
I think it might be the Pact Python trying to see if the server has come up. It might be a bug, if you can reproduce the bug reliably, please share that code and raise an issue.
FWIW using Pact tests with https is usually pointless IMO. Pact tests are designed to tests the contract, and the s part of HTTP makes no difference to this.
I've just installed the Google API 2.0, setup my application and I'm trying to authorize a user but I keep getting this error:
array(2) {
["error"]=>
string(13) "invalid_grant"
["error_description"]=>
string(20) "Malformed auth code."
}
for creating the authorization link I use the function $oGoogleClient->createAuthUrl(); within \Google_Client
it takes me to the authorization page and then returns to my authorization page with a code in the url like this:
http://example.com/authorize/?code=4/AABBv8nQ5N4mqrOTANDphl_L4ROPnzK6yckffDu-dnlIJGE9ZOcXo9eehUVbzbExbMuhCZQAb5zu9_BIS-VI4E4#
To handle this request I use the api funcion $oGoogleClient->fetchAccessTokenWithAuthCode($sCode); found in \Google_Client
At first I thought it was because of the # at the end of the code, because PHP only gets the code paramete until before that hashtag, so I hardcoded it to test, but the result is the same error message of Malformed Auth Code.
Any idea on how to solve this?
Update: I've moved the code to a different server, and it will authorize correctly the code and retrieve the Access Token. I guess it should be something within the server, but I can't figure out what!
I am using Node.js googleapis client library, Here is my case:
The authorization code in the url hash fragment is be encoded by encodeURIComponent api, so if you pass this code to request access token. It will throw an error:
{ "error": "invalid_grant", "error_description": "Malformed auth code." }
So I use decodeURIComponent to decode the authorization code.
decodeURIComponent('4%2F_QCXwy-PG5Ub_JTiL7ULaCVb6K-Jsv45c7TPqPsG2-sCPYMTseEtqHWcU_ynqWQJB3Vuw5Ad1etoWqNPBaGvGHY')
After decode, the authorization code is:
"4/_QCXwy-PG5Ub_JTiL7ULaCVb6K-Jsv45c7TPqPsG2-sCPYMTseEtqHWcU_ynqWQJB3Vuw5Ad1etoWqNPBaGvGHY"
Generally the URL is Encoded, So decode the URL and try again
Try URL Encode/Decode Tool click here
In python it can be done as below:
import requests
from urllib.parse import unquote
# Decode the url
query_str = unquote(request.META.get('QUERY_STRING'))
# Or just decode CODE
code = unquote(code)
data_dict = {
"code": code, "redirect_uri":"", "grant_type": "authorization_code",
"client_id": "","client_secret": ""
}
resp = requests.post('https://oauth2.googleapis.com/token', data_dict)