Hello, in a sh script i try to call an api in App Engine Standard (with a POST) behind an IAP.
I use a service account who have the "IAP-secured Web App user" permission.
The service account is from an another account that the IAP.
I first generate an OpenId connect :
OIDC_token_response=$(curl -X POST \
-H "Content-Type: application/json" \
-H "Authorization: Bearer "$(gcloud auth print-access-token) \
-H "Accept: application/json" \
--data '{"audience":"{CLIENT_ID_IAP","includeEmail":true}' \
-s --write-out "HTTP_CODE:%{http_code}" \
https://iamcredentials.googleapis.com/v1/projects/-/serviceAccounts/${MY_SERVICE_ACCOUNT:generateIdToken)
Then i use the token :
api_response=$(curl -X POST -H "Authorization: Bearer "${OIDC_token} -s --write-out "HTTP_CODE:%{http_code}" https://{MY-APP}.appspot.com/my-api/)
The answer is :
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">
<title>401 Unauthorized</title>
<h1>Unauthorized</h1>
<p>Unauthorized</p>
HTTP_CODE:401
Any idea ?
Regards
The error was not at the IAP Level : the 401 error was returned by the app engine application.
The IAP connection is OK.
Sorry for this post.
Related
Using the Bugzilla 5.0 REST API, how do I send the API key in a header?
The following works with a 200 response and creates a bug:
curl -Ski -X POST -H "Content-Type: application/json"
-H "Accept: application/json"
--data "#$HOME/bug_attrs.json"
"https://fmd-bugzil-01tst.vrt.sourcefire.com/rest/bug?Bugzilla_api_key=ibMexQ7suwgyiYNskgxgBDqrXGLV5Jkogj1KSYL0"
But sending it in the header returns a 401:
curl -Ski -X POST -H "Content-Type: application/json"
-H "Accept: application/json"
-H "X-BUGZILLA-API-KEY: ibMexQ7suwgyiYNskgxgBDqrXGLV5Jkogj1KSYL0"
--data "#$HOME/bug_attrs.json"
"https://fmd-bugzil-01tst.vrt.sourcefire.com/rest/bug"
How do I send the API Key in the headers instead of the Query string?
I think you are using stable version of Bugzilla, version 5.0.4, according to the documentation for Rest API 5.0.4, it does not support X-BUGZILLA-API-KEY header for authentication.
However, latest version 5.1.2 has support for allowing api key in the header.
Alternatively, authentication credentials can be provided via one of
the following headers:
X-BUGZILLA-LOGIN
X-BUGZILLA-PASSWORD
X-BUGZILLA-API-KEY
X-BUGZILLA-TOKEN
Credentials passed as part of the query string take
precedence over the header credentials.
I have enables authentication in Zeppelin. I am able to authenticate Zeppelin from curl:
curl -i --data 'userName=admin&password=admin' -X POST http://ip_address:port/api/login
It is giving me response properly with JSESSIONID.
How can I use the same session in my next API calls like
http://ip_address:port/api/notebook
Thanks.
Write the response cookies to local file during login api call
curl -c cookies.txt -i --data 'userName=admin&password=admin' -X POST http://ip_address:port/api/login
and pass the cookies to next API calls
curl -b cookies.txt http://ip_address:port/api/notebook
Example for run note
curl -i -b 'JSESSIONID=ad51301f-a13b-4b8d-a6c7-b684dc453f8f; Path=/; HttpOnly' -X POST -H "Content-Type: application/json" http://ip_address:port/api/notebook/job/note_id
I am using Coinbase Wallet Endpoints of Coinbase API in my application and trying to hit create_account API https://developers.coinbase.com/api/v2#create-account using curl without OAuth2. According to Coinbase documentation, curl command would be like:
curl https://api.coinbase.com/v2/accounts \
-X POST
-H 'Content-Type: application/json'
-H 'Authorization: Bearer
abd90df5f27a7b170cd775abf89d632b350b7c1c9d53e08b340cd9832ce52c2c'
-d '{"name": "New wallet"}'
I am unable to figure out what will be the value of access token and how I will get it without using OAuth2 request.
Please guide me that "How I will get Bearer access token without using OAuth2?".
Are there any Payment APIs, preferably in Javascript/Angular that can be directly used on the client side, and thus require no server side implementation?
The best example is Stripe. It both requires setting up the client side (Checkout and retrieval of StripeToken) and then actually processing the payment on the server (Charge).
I found a service that allows you to process Stripe payments without setting up the server-side yourself: Noodlio Pay.
You simply send HTTP requests to the API hosted on Mashape.
Here is an example of a request in cURL:
curl -X POST --include 'https://noodlio-pay.p.mashape.com/charge/token'
\ -H 'X-Mashape-Key: <required>'
\ -H 'Content-Type: application/x-www-form-urlencoded'
\ -H 'Accept: application/json'
\ -d 'amount=100'
\ -d 'currency=usd'
\ -d 'description=Purchase with Noodlio Pay'
\ -d 'source=tok_181ER0E9p71uHfeG90clN2MH'
\ -d 'stripe_account=acct_12abcDEF34GhIJ5K'
We have a simple auth2 applciation (like this) that works, when called from CURL, but we have a problem getting the token from angular http
So the question is: what is the equivalent of this curl in angular:
curl -H "Accept: application/json" my-client-with-secret:secret#localhost:8080/oauth/token -d grant_type=client_credentials
We tried to set the Authorization header
$http.defaults.headers.common['Authorization'] = "Basic <'secret:secret' in Base64>";
but we got 401 unauthorized