i am trying to call IBM STT Api with this code:
String auth = new IamAuthenticator("AuthApi").requestToken().getAccessToken();
client = new WebSocketClient(new URI(String.format("wss://%s/speech-to-text/api/v1/recognize?access_token=%s",uri,auth))) {
#Override
public void onOpen(ServerHandshake handshakedata) {
clientInterface.OnOpen();
}
#Override
public void onMessage(String message) {
clientInterface.OnMessage(message);
}
#Override
public void onClose(int code, String reason, boolean remote) {
clientInterface.OnClose();
}
#Override
public void onError(Exception ex) {
clientInterface.OnError(ex);
}
};
But i always get this: Invalid status code received: 403 Status line: HTTP/1.1 403 Forbidden.
any help?
Thanks
Related
When I need to work with I/O (Query DB, Call to the third API,...), I can use RichAsyncFunction. But I need to interact with Google Sheet via GG Sheet API: https://developers.google.com/sheets/api/quickstart/java. This API is sync. I wrote below code snippet:
public class SendGGSheetFunction extends RichAsyncFunction<Obj, String> {
#Override
public void asyncInvoke(Obj message, final ResultFuture<String> resultFuture) {
CompletableFuture.supplyAsync(() -> {
syncSendToGGSheet(message);
return "";
}).thenAccept((String result) -> {
resultFuture.complete(Collections.singleton(result));
});
}
}
But I found that message send to GGSheet very slow, It seems to send by synchronous.
Most of the code executed by users in AsyncIO is sync originally. You just need to ensure, it's actually executed in a separate thread. Most commonly a (statically shared) ExecutorService is used.
private class SendGGSheetFunction extends RichAsyncFunction<Obj, String> {
private transient ExecutorService executorService;
#Override
public void open(Configuration parameters) throws Exception {
super.open(parameters);
executorService = Executors.newFixedThreadPool(30);
}
#Override
public void close() throws Exception {
super.close();
executorService.shutdownNow();
}
#Override
public void asyncInvoke(final Obj message, final ResultFuture<String> resultFuture) {
executorService.submit(() -> {
try {
resultFuture.complete(syncSendToGGSheet(message));
} catch (SQLException e) {
resultFuture.completeExceptionally(e);
}
});
}
}
Here are some considerations on how to tune AsyncIO to increase throughput: http://apache-flink-user-mailing-list-archive.2336050.n4.nabble.com/Flink-Async-IO-operator-tuning-micro-benchmarks-td35858.html
I'm implementing JWT and Spring Security for authentication in my application.
I have 3 roles: Admin, Moderator and User.
For example, after logging with user role, I got the home page, but once I go to hit the user space by clicking on a button, I got:
2020-09-04 09:01:22.819 ERROR 10148 --- [nio-8080-exec-5]
c.b.s.security.jwt.AuthEntryPointJwt : Unauthorized error: Full
authentication is required to access this resource
the file webSecurityConfig.java is:
#Configuration
#EnableWebSecurity
#EnableGlobalMethodSecurity(
// securedEnabled = true,
// jsr250Enabled = true,
prePostEnabled = true)
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
#Autowired
UserDetailsServiceImpl userDetailsService;
#Autowired
private AuthEntryPointJwt unauthorizedHandler;
#Bean
public AuthTokenFilter authenticationJwtTokenFilter() {
return new AuthTokenFilter();
}
#Override
public void configure(AuthenticationManagerBuilder authenticationManagerBuilder) throws Exception {
authenticationManagerBuilder.userDetailsService(userDetailsService).passwordEncoder(passwordEncoder());
}
#Bean
#Override
public AuthenticationManager authenticationManagerBean() throws Exception {
return super.authenticationManagerBean();
}
#Bean
public PasswordEncoder passwordEncoder() {
return new BCryptPasswordEncoder();
}
#Override
protected void configure(HttpSecurity http) throws Exception {
http.cors().and().csrf().disable()
.exceptionHandling().authenticationEntryPoint(unauthorizedHandler).and()
.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS).and()
.authorizeRequests().antMatchers("/api/auth/**").permitAll()
.antMatchers("/api/test/**").permitAll()
.anyRequest().authenticated();
http.addFilterBefore(authenticationJwtTokenFilter(), UsernamePasswordAuthenticationFilter.class);
}
}
The class AuthEntryPointJwt is:
#Component
public class AuthEntryPointJwt implements AuthenticationEntryPoint {
private static final Logger logger = LoggerFactory.getLogger(AuthEntryPointJwt.class);
#Override
public void commence(HttpServletRequest request, HttpServletResponse response,
AuthenticationException authException) throws IOException, ServletException {
logger.error("Unauthorized error: {}", authException.getMessage());
response.sendError(HttpServletResponse.SC_UNAUTHORIZED, "Error: Unauthorized");
}
}
The class AuthTokenFilter is:
public class AuthTokenFilter extends OncePerRequestFilter {
#Autowired
private JwtUtils jwtUtils;
#Autowired
private UserDetailsServiceImpl userDetailsService;
private static final Logger logger = LoggerFactory.getLogger(AuthTokenFilter.class);
#Override
protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain)
throws ServletException, IOException {
try {
String jwt = parseJwt(request);
if (jwt != null && jwtUtils.validateJwtToken(jwt)) {
String username = jwtUtils.getUserNameFromJwtToken(jwt);
UserDetails userDetails = userDetailsService.loadUserByUsername(username);
UsernamePasswordAuthenticationToken authentication = new UsernamePasswordAuthenticationToken(
userDetails, null, userDetails.getAuthorities());
authentication.setDetails(new WebAuthenticationDetailsSource().buildDetails(request));
SecurityContextHolder.getContext().setAuthentication(authentication);
}
} catch (Exception e) {
logger.error("Cannot set user authentication: {}", e);
}
filterChain.doFilter(request, response);
}
private String parseJwt(HttpServletRequest request) {
String headerAuth = request.getHeader("Authorization");
if (StringUtils.hasText(headerAuth) && headerAuth.startsWith("Bearer ")) {
return headerAuth.substring(7, headerAuth.length());
}
return null;
}
}
The class JwtUtils is:
#Component
public class JwtUtils {
private static final Logger logger = LoggerFactory.getLogger(JwtUtils.class);
#Value("${bezkoder.app.jwtSecret}")
private String jwtSecret;
#Value("${bezkoder.app.jwtExpirationMs}")
private int jwtExpirationMs;
public String generateJwtToken(Authentication authentication) {
UserDetailsImpl userPrincipal = (UserDetailsImpl) authentication.getPrincipal();
return Jwts.builder()
.setSubject((userPrincipal.getUsername()))
.setIssuedAt(new Date())
.setExpiration(new Date((new Date()).getTime() + jwtExpirationMs))
.signWith(SignatureAlgorithm.HS512, jwtSecret)
.compact();
}
public String getUserNameFromJwtToken(String token) {
return Jwts.parser().setSigningKey(jwtSecret).parseClaimsJws(token).getBody().getSubject();
}
public boolean validateJwtToken(String authToken) {
try {
Jwts.parser().setSigningKey(jwtSecret).parseClaimsJws(authToken);
return true;
} catch (SignatureException e) {
logger.error("Invalid JWT signature: {}", e.getMessage());
} catch (MalformedJwtException e) {
logger.error("Invalid JWT token: {}", e.getMessage());
} catch (ExpiredJwtException e) {
logger.error("JWT token is expired: {}", e.getMessage());
} catch (UnsupportedJwtException e) {
logger.error("JWT token is unsupported: {}", e.getMessage());
} catch (IllegalArgumentException e) {
logger.error("JWT claims string is empty: {}", e.getMessage());
}
return false;
}
}
The class AuthController is:
#CrossOrigin(origins = "*", maxAge = 3600)
#RestController
#RequestMapping("/api/auth")
public class AuthController {
#Autowired
AuthenticationManager authenticationManager;
#Autowired
UserRepository userRepository;
#Autowired
RoleRepository roleRepository;
#Autowired
PasswordEncoder encoder;
#Autowired
JwtUtils jwtUtils;
#PostMapping("/signin")
public ResponseEntity<?> authenticateUser(#Valid #RequestBody LoginRequest loginRequest) {
System.out.println("---------------- auth 1 ");
Authentication authentication = authenticationManager.authenticate(
new UsernamePasswordAuthenticationToken(loginRequest.getUsername(), loginRequest.getPassword()));
SecurityContextHolder.getContext().setAuthentication(authentication);
String jwt = jwtUtils.generateJwtToken(authentication);
UserDetailsImpl userDetails = (UserDetailsImpl) authentication.getPrincipal();
List<String> roles = userDetails.getAuthorities().stream()
.map(item -> item.getAuthority())
.collect(Collectors.toList());
return ResponseEntity.ok(new JwtResponse(jwt,
userDetails.getId(),
userDetails.getUsername(),
userDetails.getEmail(),
roles));
}
#GetMapping("/user")
#PreAuthorize("hasRole('USER') or hasRole('MODERATOR') or hasRole('ADMIN')")
public String userAccess()
{
System.out.println("---------------- test User ");
return "User Content.";
}
}
The file application.properties, I put:
spring.datasource.url=...
spring.datasource.username=...
spring.datasource.password=...
spring.jpa.properties.hibernate.jdbc.lob.non_contextual_creation= true
spring.jpa.properties.hibernate.dialect=...
spring.jpa.hibernate.ddl-auto=update
bezkoder.app.jwtSecret= bezKoderSecretKey
bezkoder.app.jwtExpirationMs= 86400000
In Browser console, I got that exception.
Could you please help me solving that issue ?. Big thanks.
You have to update WebSecurityConfig according to your Controller mapping.
.antMatchers("/**").permitAll()
.anyRequest().authenticated();
You probably are testing in wrong in postman or amneasia or whatever API testing tool you are using. If you are using postman :
1.Select the Header tab
2.Click the button that says "hide auto-generated headers"
3.Type "Authorization" (without quotes) under the "Key" column.
4.Type "Bearer" under the "Value" column then paste the token. Ensure there is a space between "Bearer" and the "Token".
5.Send the request
You should comment #PreAuthorize("hasRole('USER') or hasRole('MODERATOR') or hasRole('ADMIN')").
Tell about the result ?.
I'm trying to create webSocket on springBoot application.
this is config class:
#Configuration
#EnableWebSocketMessageBroker
public class WebSocketConfig implements WebSocketMessageBrokerConfigurer {
#Override
public void registerStompEndpoints(StompEndpointRegistry registry) {
registry.addEndpoint("/ws").setAllowedOrigins("*").withSockJS();
}
#Override
public void configureMessageBroker(MessageBrokerRegistry config) {
config.enableSimpleBroker("/sub");
config.setApplicationDestinationPrefixes("/send");
}
#Override
public void configureWebSocketTransport(WebSocketTransportRegistration registry) {
}
#Override
public void configureClientInboundChannel(ChannelRegistration registration) {
}
#Override
public void configureClientOutboundChannel(ChannelRegistration registration) {
}
#Override
public void addArgumentResolvers(List<HandlerMethodArgumentResolver> argumentResolvers) {
}
#Override
public void addReturnValueHandlers(List<HandlerMethodReturnValueHandler> returnValueHandlers) {
}
#Override
public boolean configureMessageConverters(List<MessageConverter> messageConverters) {
return true;
}
}
Now from AngularJS I'm trying to connect to websocket using SockJS and Stomp
var socket = new SockJS('/api/ws');
var stompClient = Stomp.over(socket);
stompClient.connect({}, function (frames) {
stompClient.subscribe('/subs/hello', function (data) {
console.log(data);
});
});
When I open console I get this message:
admin-components.js:112173 WebSocket connection to 'wss://proxy.beta.corp.payment21.com/api/ws/135/hwq2yv3q/websocket' failed: Error during WebSocket handshake: Unexpected response code: 502
After 30 seconds I get this:
VM333 sockjs.min.js:2 Uncaught Error: Incompatibile SockJS! Main site uses: "1.4.0", the iframe: "1.0.0".
at s (VM333 sockjs.min.js:2)
And after 30 more seconds:
And it is working...
When I go to network to see details in the frames it says
(Opcode -1)
What is the problem here? Is it the spring configuration or SockJS?
Based on the Spring documentation the supported client SockJS version is 1.0.x
On the browser side, applications can use the sockjs-client (version 1.0.x). It emulates the W3C WebSocket API and communicates with the server to select the best transport option, depending on the browser in which it runs.
I got this error and my web socket cannot run:
403
Here is my configure for websocket:
#Configuration
#EnableWebSocketMessageBroker
public class SpringWebSocketConfig extends
AbstractWebSocketMessageBrokerConfigurer {
#Override
public void configureMessageBroker(MessageBrokerRegistry config) {
config.enableSimpleBroker("/topic");
config.setUserDestinationPrefix("/ws-secured/user/");
config.setApplicationDestinationPrefixes("/ws");
}
#Override
public void registerStompEndpoints(StompEndpointRegistry registry) {
registry.addEndpoint("/ws-secured/init-api").withSockJS();
registry.setErrorHandler(new ApplicationStompSubProtocolErrorHandler());
}
}
and websocket security:
#Configuration
public class SpringWebSocketSecurityConfig extends
AbstractSecurityWebSocketMessageBrokerConfigurer {
#Override
protected void configureInbound(MessageSecurityMetadataSourceRegistry
messages) {
messages.simpTypeMatchers(
SimpMessageType.CONNECT,
SimpMessageType.MESSAGE,
SimpMessageType.SUBSCRIBE).authenticated()
.simpTypeMatchers(
SimpMessageType.UNSUBSCRIBE,
SimpMessageType.DISCONNECT).permitAll()
.anyMessage().denyAll();
}
#Override
protected boolean sameOriginDisabled() {
return true;
}
}
For more information, here is my csrf configure in Spring Sec:
http.headers().frameOptions().sameOrigin().and().authorizeRequests();
http
.csrf()
.ignoringAntMatchers("/ws-secured/**")
.and()
.headers()
.frameOptions().sameOrigin();
I have also pass my csrf token to the header:
$stomp.connect('/ws-secured/init-api', {'X-CSRF-TOKEN' : csrf_token}, function(data) {
I have searched through the Internet but cannot find the answer. I am using Tomcat 7. Do you have any ideas?
When i receive an error in onerrorrepsonse of android volley request i want to retry the request. How can i achieve this?
well, you can create the RetryPolicy to change default retry behavior, only specify timeout milliseconds, retry count arguments :
public class YourRequest extends StringRequest {
public YourRequest(String url, Response.Listener<String> listener,
Response.ErrorListener errorListener) {
super(url, listener, errorListener);
setRetryPolicy(new DefaultRetryPolicy(DefaultRetryPolicy.DEFAULT_TIMEOUT_MS,
DefaultRetryPolicy.DEFAULT_MAX_RETRIES, DefaultRetryPolicy.DEFAULT_BACKOFF_MULT));
}
}
the another way is estimate the VolleyError, re-execute the same request again when if was TimeoutError instance :
public static void executeRequest() {
RequestQueue.add(new YourRequest("http://your.url.com/", new Response.Listener<String>() {
#Override
public void onResponse(String response) {
}
}, new Response.ErrorListener() {
#Override
public void onErrorResponse(VolleyError error) {
if (error instanceof TimeoutError) {
// note : may cause recursive invoke if always timeout.
executeRequest();
}
}
}));
}
you may have a question at this very moment : "have Volley offer some retry callback methods ?", the answer is "none". but there have a project calls Netroid which based Volley and satisfy preceded question, with it, you can take a retry callback if you care about that, you can calculate how much time used when retry coming and how long this request execute, the code style like this :
final String REQUESTS_TAG = "Request-Demo";
String url = "http://facebook.com/";
JsonObjectRequest request = new JsonObjectRequest(url, null, new Listener<JSONObject>() {
long startTimeMs;
int retryCount;
#Override
public void onPreExecute() {
startTimeMs = SystemClock.elapsedRealtime();
}
#Override
public void onFinish() {
RequestQueue.add(request);
NetroidLog.e(REQUESTS_TAG);
}
#Override
public void onRetry() {
long executedTime = SystemClock.elapsedRealtime() - startTimeMs;
if (++retryCount > 5 || executedTime > 30000) {
NetroidLog.e("retryCount : " + retryCount + " executedTime : " + executedTime);
mQueue.cancelAll(REQUESTS_TAG);
} else {
NetroidLog.e(REQUESTS_TAG);
}
}
});
request.setRetryPolicy(new DefaultRetryPolicy(5000, 20, DefaultRetryPolicy.DEFAULT_BACKOFF_MULT));
request.setTag(REQUESTS_TAG);
RequestQueue.add(request);
Netroid also have many other handy and powerful features, hope that will help you enough :).
You can set counter variable for trying specific time with out making it full recursive
static int count=10; //so its will try ten time
public void userLogin(final View view)
{
final RequestQueue requestQueue= Volley.newRequestQueue(getApplicationContext());
String url = "http://192.168.43.107/mobodb/register.php";
StringRequest stringRequest=new StringRequest(Request.Method.POST,url,new Response.Listener<String>()
{
#Override
public void onResponse(String response) {
Toast.makeText(getApplicationContext(),"Updated",Toast.LENGTH_LONG).show();
}
}
},new Response.ErrorListener()
{
#Override
public void onErrorResponse(VolleyError error) {
count=count-1;
Toast.makeText(getApplicationContext(),"Retry left"+count,Toast.LENGTH_LONG).show();
if (count>0) {
// note : may cause recursive invoke if always timeout.
userLogin(view);
}
else
{
Toast.makeText(getApplicationContext(),"Request failed pls check network connection or the error is "+error.getMessage(),Toast.LENGTH_LONG).show();
}
}
})
{
#Override
protected Map<String, String> getParams() throws AuthFailureError {
Map<String,String> paramter=new HashMap<String,String>();
paramter.put("name",login_name);
paramter.put("user_pass",login_pass);
return paramter;
}
};
requestQueue.add(stringRequest);
stringRequest.setRetryPolicy(new DefaultRetryPolicy(20 * 1000, 10, 1.0f));
you can also check response inside which you can return from php and deal in your java class
#Override
public void onResponse(String response) {
if(response.contains("no record found for"))
Toast.makeText(getApplicationContext(),response.toString(),Toast.LENGTH_LONG).show();
else
{
Toast.makeText(getApplicationContext(),"Updated num of row is"+response.toString(),Toast.LENGTH_LONG).show();
}
}
your PHP code will be
if($res){
$resp=mysql_affected_rows();
if($resp==0)
{
$resp="no record found for".$_POST['name'];
}
if($resp==1 or $resp>1)
{
$resp=mysql_affected_rows();
}else $resp="efrror is".mysql_error();