I have a simple nativeScript application (ng-groceries ), which I created by following up a tutorial. And Now I have also managed to get Jhipster Microservice and Jhipster Microservice Gateway App is up and running. I am trying to login from nativeScript app to Jhipster app. I have searched many places, tried to understand generated code , but not able to figure out the solution. I know this has to do something with JWT token, Can someone please point me in the correct direction, or give an approach to the solution. It will be great help.
OK.
I have tried following things:
Tried calling http://169.254.86.103:8080/FITHSERVICEMONGO/api/authenticate/" in loginService.ts. but can not see any thing on the console of Jhipster service server.
169.254.86.103 is the external IP given when I start Jhipster service app by mvnw.
FITHSERVICEMONGO is the name of my service app.I had also tried removing this from url.When I login from gateway app from UI,the request that gets is http://169.254.86.103:8080/api/authenticate.I had tried with this too. same ,nothing on service console nor on gateway app console. both are started by mvnw
To check of this IP is really accessible from my emulator . I tried accessing //169.254.86.103:8080/#/ from emulator browser. It works.
The gateway application works in browser. where as //localhost:8080/#/. was not working.
I was expecting that, when I send an authenticate request with params as username and password. I will get a JWT token in return and that token I will pass with every subsequent request.
the syntax of my code is :
http.post(
//BackendService.apiUrl + "oauth/token",
"BackendService.apiUrl" + "/FITHSERVICEMONGO/api/authenticate/",
JSON.stringify({
username: user.email,
password: user.password
}),
{ Content-Type: "application/json"}
)
To authenticate a third party front-end app with JHipster's back-end you can do the same thing as the angular front-end, calling /api/authenticate and using passing the received the jwt token in api headers. Swagger UI is your friend on order to achieve this.
Here is how to retrieve the JWT token using curl:
curl -X POST localhost:8080/api/authenticate -d '{"password":"admin","username":"admin"}' -H 'Content-Type: application/json'
Sample authenticated request:
curl -X POST localhost:8080/api/users -H 'Authorization: Bearer YOURTOKENHERE'
Related
I have a Spring app that I secured with Keycloak. I can access it with a terminal using the following command curl -X GET http://localhost:9089/my-service/mypage -H 'Authorization: Bearer +access_token'. Its is a bearer-only type of security.
I followed this tutorial (I had a hard time with french but still I figured it out) https://blog.ineat-conseil.fr/2017/11/securisez-vos-apis-spring-avec-keycloak-2-parametrage-dun-domaine-keycloak/
As a result, I get the HTML code of the corresponding page, which makes me think that it works.
However, when I try to type the link http://localhost:9089/my-service/mypagein my browser, it displays a 401 Unauthorized error. I'm using a #Controller and not a #RestController, even though I'm not sure that makes any significant difference in this case.
It's nice that it works with the terminal, but I can't really use my app with it.
My question is how can I overcome that 401 error so I can actually access my front interface from my browser ?
I'm developing a Java application which uses GitHub API to download Zips of users' repositories, but every time I execute it, it exceeds the rate limit . How can I authorize my Java application to reach 5000 requests per hour?
I don't want to use other libraries, just pure GitHub API
I have a token I can use to authorize
from https://developer.github.com/v3/
Increasing the unauthenticated rate limit for OAuth applications
If your OAuth application needs to make unauthenticated calls with a
higher rate limit, you can pass your app's client ID and secret as
part of the query string.
curl -i
'https://api.github.com/users/whatever?client_id=xxxx&client_secret=yyyy'
from https://developer.github.com/v3/ there are two ways once you have OAUTH token
OAuth2 Token (sent in a header)
curl -H "Authorization: token OAUTH-TOKEN" https://api.github.com
OAuth2 Token (sent as a parameter)
curl https://api.github.com/?access_token=OAUTH-TOKEN
e.g. curl https://api.github.com/rate_limit?access_token=xxxxxxxxxxxxx
Getting OAUTH (access) token Refer - https://developer.github.com/v3/oauth_authorizations/#create-a-new-authorization
Approach 1
Using your user id and password (as used to login on the web)
curl -X POST https://api.github.com/authorizations -d '{ "scopes": ["public_repo"],"note": "admin script"}' -u :
Approach 2
Using your application's client id and secret
curl -X POST https://api.github.com/authorizations -d '{ "scopes": ["public_repo"],"note": "admin script", "client_id": "", "client_secret": ""}'
Approach 3
curl -X PUT https://api.github.com/authorizations/clients/ -d '{ "scopes": ["public_repo"],"note": "admin script", "client_secret": ""}'
In the response of the any of the above calls you would get a value
"token": "abcdefgh12345678",
This is the OAUTH or access token. Keep a copy of this token.
You should be able to generate the token using the web as well https://github.com/blog/1509-personal-api-tokens
Since we have acquired this token with access to only the public repo, it should be safe to use it for gain in TPS.
I am getting a 403 response from the Power BI rest API and I am not sure why.
Here is the request I am making in cURL format(my actual web app is in Java):
curl -X GET -H "Authorization: Bearer accessToken" -H "Cache-Control: no-cache" 'https://api.powerbi.com/beta/myorg/dashboards'
I have given all Power BI Service permissions on my app in the azure management portal.
Do I need to replace 'myorg' with an actual org name? If so where would I find my org name? What am I doing wrong? This request seems to work for me in Aipary.io so I think it has something to do with my app not the request.
I have tried this request with both an admin account and a regular user and I get 403 responses for both of them.
I have also tried removing the Power BI Service permissions from the app with my admin account and then adding them again. That didn't work.
It seems to be that the 403 response was caused by the request in cURL missing some required parameters. The 403 response should show the error information that might be ignore.
Per my experience, I recommand you can try to use the GUI tool Postman in Chrome for requesting the APIs like cURL.
For checking the issue, you can follow the toturial https://powerbi.microsoft.com/en-us/documentation/powerbi-developer-authenticate-a-web-app/ to make sure the request required parameters correct.
However, according to your description for the issue, I can't locate the problem whether the prepare steps cause. So I suggest you can try to review the complete toturial https://powerbi.microsoft.com/en-us/documentation/powerbi-developer-steps-to-create-a-power-bi-app/ to be sure the every step is correct.
Hope it helps. Any concern, please feel free to let me know.
I used Java Hipster to create my Rest API. I want to use this Rest API in my Java code (I'm developing an Android application). But I don't understand how authenticate me to use my Rest API !
As example, my api is blabla/api/getUser. With Firebug I tried to understand how call my API. I simulate a HTTP request POST with parameters ?id=x and my token in the header (token I got from the request to login from the browser). It's okay, it works, I have my information.
But now, in my java code, I can't send the same HTTP request because I don't know the token. How can I get it ? How can I log me as admin ?
I know : login for admin, password for admin and the URL of my API and parameters I have to send.
Thank's !
OAUTH2
POST
URL:
http://localhost:8080/oauth/token
in the header:
Authorization: eg. 'BASIC Y2xpZW50aWQ6Y2xpZW50c2VjcmV0'
BASE 64 encoding the client details (source: www.base64encode.org/)
Y2xpZW50aWQ6Y2xpZW50c2VjcmV0 == clientid:clientsecret
in the body:
username
password
grant_type
scope
curl -X POST -vu clientid:clientsecret http://localhost:8080/oauth/token -H "Accept: application/json" -d "username=admin&password=admin&grant_type=password&scope=read"
edit:
in android look at retrofit by square
I am trying to get the refresh token from Google in order to access Google drive. So Far I have managed to create a page in google app engine which redirects me to authentication page and I am able to get the code. The url address for getting there is
Window.Location.assign("https://accounts.google.com/o/oauth2/auth?scope=profile&redirect_uri=http://127.0.0.1:8888/oauth2manager/redirect&response_type=code&client_id=1058171155388-hg2akr2idan7c2kvdam9b89vptcjai8i.apps.googleusercontent.com");
I then get redirected to the /oauth2manager/redirect servlet and get the code inside the doPost method
String code = request.getParameter("code");
My problem is that I cannot proceed as I constantly get the above error "Required parameter is missing: grant_type" I have tried restclient wiztools, RestEasy firefox extension even curl.
here is my Curl script
#!/bin/bash
$code= "4/E7i1aKu4C-Pf23-8hY4Y8OBe9IBZ.wtKglnd8-CMdOl05ti8ZT3aNPWw7igI";
curl -v --data "code="+$code+"&client_id=1058171155388-hg2akr2idan7c2kvdam9b89vptcjai8i#developer.gserviceaccount.com&client_secret=JHXTAT4UWwsNaMgm******&redirect_uri= http://127.0.0.1:8888/oauth2manager/redirect&grant_type=authorization_code" https://accounts.google.com/o/oauth2/token
How can this be solved? I am a total newbie at this.
I think your mixing Oauth types. The code you are using is for normal Oauth2. But your clientid is for a service account.
Normal Oauth2 will ask a user if they want to allow your access to their data. A service account is for allowing others access to the application's data, there is no permission request with a service account.
Link to the documentation for service accounts. Service account