WSO2 APIM: Calling service APIs through cURL gives no response - wso2

I'm using APIM 4.1.0. I am following this and another tutorial to create an API through publisher service API. After generating the access token I use the below command but there is no response. No error code even. Are these URLs correct?
curl -k -H "Authorization: Bearer <access-token>" -H "Content-Type: application/json" -X POST -d #data.json https://127.0.0.1:9443/api/am/publisher/v2/apis
data.json file contains:
{
"policies": [
"Unlimited"
],
"visibility": "PUBLIC",
"visibleRoles": [],
"visibleTenants": [],
"cacheTimeout": 300,
"endpointConfig": {
"endpoint_type": "http",
"sandbox_endpoints": {
"url": "http://maps.google.com/maps/api/directions/"
},
"production_endpoints": {
"url": "http://maps.google.com/maps/api/directions/"
}
},
"subscriptionAvailability": null,
"subscriptionAvailableTenants": [],
"operations": [
{
"id": "postapiresource",
"target": "string",
"verb": "POST",
"authType": "string",
"throttlingPolicy": "Unlimited",
"scopes": [
"apim:api_view"
],
"usedProductIds": [
"string"
]
}
],
"responseCachingEnabled": false,
"isDefaultVersion": true,
"businessInformation": {
"technicalOwner": "ApiCreator",
"technicalOwnerEmail": "ApiCreator#pizzashack.com",
"businessOwner": "ApiPublisher",
"businessOwnerEmail": "ApiPublisher#pizzashack.com"
},
"transport": [
"http",
"https"
],
"tags": [
"phone",
"multimedia",
"mobile"
],
"provider": "admin",
"version": "Beta",
"description": "Calculates directions between locations",
"name": "GoogleDirectionsAPI",
"context": "/googledirections"
}

You have to use v3 version as follows.
curl -k -H "Authorization: Bearer <access-token>" -H "Content-Type: application/json" -X POST -d #data.json https://127.0.0.1:9443/api/am/publisher/v3/apis

Related

Google Cloud Armor doesn't seam to interpret reCaptcha enterprise score

This is follow up question to another one about reCaptcha and GCA.
I have GKE applications in following setup:
front app works on example.com
backend app works on api.example.com
I expose those loads via Ingress and all looks cool. I want to protect application with Cloud Armor. I added annotation to api service. I can confirm that if policy has just one rule "deny all IPs" I cannot reach backend endpoints and if I change rule to "allow all IPs" I can. So GCA itself works ok.
I tried to connect reCaptcha Enterprise and interpret its score with Google Cloud Armor but I cannot make it work. I created following rules but whatever values I add token.recaptcha.score doesn't seem to be interpreted at all.
I have 3 following rules:
priority: 500, expression: "request.method == 'OPTIONS'"
priority: 1000, expression: "token.recaptcha.score > 0.1"
priority: 2147483647, expression: deny(403) from *.
I can see that OPTIONS passes:
{
"insertId": "1xxxr",
"jsonPayload": {
"#type": "type.googleapis.com/google.cloud.loadbalancing.type.LoadBalancerLogEntry",
"enforcedSecurityPolicy": {
"priority": 500,
"configuredAction": "ALLOW",
"outcome": "ACCEPT",
"name": "login-security-policy"
},
"statusDetails": "response_sent_by_backend"
},
"httpRequest": {
"requestMethod": "OPTIONS",
"requestUrl": "https://api.example.com/v1/graphs?pageSize=10&orderBy=created_at%20desc&key=AxxxE",
"requestSize": "97",
"status": 200,
"responseSize": "367",
"userAgent": "XXX",
"remoteIp": "XX.XX.XX.XX",
"referer": "https://example.com/",
"serverIp": "10.10.0.33",
"latency": "0.126041s"
},
"resource": {
"type": "http_load_balancer",
"labels": {
"project_id": "xxx",
"zone": "global",
"url_map_name": "k8s2-um-dxxxd-default-main-ixxxq",
"backend_service_name": "k8s-be-3xxx9--9xxx9",
"target_proxy_name": "k8s2-ts-dxxxd-default-main-ixxxq",
"forwarding_rule_name": "k8s2-fs-dxxxd-default-main-ixxxq"
}
},
"timestamp": "2021-12-21T18:28:42.103879Z",
"severity": "INFO",
"logName": "projects/xxx/logs/requests",
"trace": "projects/xxx/traces/3xxx2",
"receiveTimestamp": "2021-12-21T18:28:43.228371341Z",
"spanId": "5xxx0"
}
but then GET doesn't:
{
"insertId": "1xxxr",
"jsonPayload": {
"statusDetails": "denied_by_security_policy",
"enforcedSecurityPolicy": {
"outcome": "DENY",
"configuredAction": "DENY",
"name": "login-security-policy",
"priority": 2147483647
},
"#type": "type.googleapis.com/google.cloud.loadbalancing.type.LoadBalancerLogEntry"
},
"httpRequest": {
"requestMethod": "GET",
"requestUrl": "https://api.example.com/v1/graphs?pageSize=10&orderBy=created_at%20desc&key=AxxxE",
"requestSize": "1291",
"status": 403,
"responseSize": "194",
"userAgent": "XXX",
"remoteIp": "XX.XX.XX.XX",
"referer": "https://example.com/",
"latency": "0.221476s"
},
"resource": {
"type": "http_load_balancer",
"labels": {
"project_id": "xxx",
"target_proxy_name": "k8s2-ts-dxxxd-default-main-ixxxq",
"forwarding_rule_name": "k8s2-fs-dxxxd-default-main-ixxxq",
"zone": "global",
"url_map_name": "k8s2-um-dxxxd-default-main-ixxxq",
"backend_service_name": "k8s-be-3xxx9--9xxx9"
}
},
"timestamp": "2021-12-21T18:28:42.254613Z",
"severity": "WARNING",
"logName": "projects/xxx/logs/requests",
"trace": "projects/xxx/traces/5xxx0",
"receiveTimestamp": "2021-12-21T18:28:43.228371341Z",
"spanId": "axxxb"
}
Here is also this GET request exported from browser:
curl 'https://api.example.com/v1/graphs?pageSize=10&orderBy=created_at%20desc&key=AxxxE' \
-H 'authority: api.example.com' \
-H 'pragma: no-cache' \
-H 'cache-control: no-cache' \
-H 'accept: application/json, text/plain, */*' \
-H 'authorization: Bearer exxxw' \
-H 'x-recaptcha-token: Axxxo' \
-H 'user-agent: XXX' \
-H 'origin: https://example.com' \
-H 'sec-fetch-site: same-site' \
-H 'sec-fetch-mode: cors' \
-H 'sec-fetch-dest: empty' \
-H 'referer: https://example.com/' \
--compressed
reCAPTCHA WAF is a new feature reCAPTCHA enterprise have. It put reCAPTCHA at edge layer, protecting web application in WAF(Web application Firewall), before hitting the application server.
recaptcha waf token is different from the normal recaptcha enterprise token.
Make sure reCAPTCHA waf token is visible to Cloud Armor.
If you are using the session-token case, it will be the cookie, should automatically visible to Cloud Armor. If you are using the action-token case, make sure the token is attached at the request header, see the integration guide for action-token.

How can I get a partial response for Method: instances.aggregatedList Compute API in GCP

I am trying to get specific response from Compute API method instances.aggregatedList by setting the fields request param as per https://cloud.google.com/resource-manager/docs/performance#partial-response
But I am getting 400 BAD REQUEST.
Is there a sample which I can refer for getting partial response for aggregated methods?
If you use the following CURL command:
curl -H "Authorization: Bearer "$(gcloud auth application-default print-access-token) "https://compute.googleapis.com/compute/v1/projects/[CHANGE-FOR-YOUR-PROJECT-ID]/aggregated/instances?maxResults=1"
You'll notice that the result will have a similar form to:
{
"id": "projects/[PROJECT-ID]/aggregated/instances",
"items": {
"zones/us-central1-a": {
"instances": [
{
"id": "[INSTANCE-ID]",
"creationTimestamp": "2020-09-21T06:22:21.604-07:00",
"name": "instance-1",
"description": "",
"tags": {
"items": [
"http-server",
"https-server"
],
"fingerprint": "XXXXXX"
},
"machineType": "https://www.googleapis.com/compute/v1/projects/[PROJECT-ID]/zones/us-central1-a/machineTypes/e2-medium",
"status": "RUNNING",
"zone": "https://www.googleapis.com/compute/v1/projects/[PROJECT-ID]/zones/us-central1-a",
"canIpForward": false,
"networkInterfaces": [
{
"network": "https://www.googleapis.com/compute/v1/projects/[PROJECT-ID]/global/networks/default",
"subnetwork": "https://www.googleapis.com/compute/v1/projects/[PROJECT-ID]/regions/us-central1/subnetworks/[SUBNETWORK_NAME]",
"networkIP": "10.8.0.13",
"name": "nic0",
... with a lot more fields
As you can see the result is a little bit different as the response body explained in the documentation:
{
"id": string,
"items": [
{
"scopeName": string,
"instances": [
{
"id": string,
"creationTimestamp": string,
"name": string,
"description": string,
"tags": {
"items": [
string
],
"fingerprint": string
},
"machineType": string,
"status": enum,
"statusMessage": string,
"zone": string,
"canIpForward": boolean,
"networkInterfaces": [
{
"network": string,
"subnetwork": string,
"networkIP": string,
"ipv6Address": string,
"name": string,
.... with a lot more fields
Notice that if you compare both results, the actual response that you receive has an additional "zones/us-central1-a": field before the instances: field that I believe is causing the behavior you experience.
If you are interested in working with partial resources and get only some particular fields on the response you simply need to respect the syntax rules explained on the documentation you've shared and use the escape characters accordingly on your query parameters.
E.g. if you are only interested in getting the id of your project as well as the instances' name, machineType and status I tested the following curl command from the Cloud Shell with my GCP project and it worked without issues:
curl -H "Authorization: Bearer "$(gcloud auth application-default print-access-token) "https://compute.googleapis.com/compute/v1/projects/[PROJECT-ID]/aggregated/instances?fields=id,items/zones%2Finstances(name,machineType,status)"
where I see that something similar to the following is returned:
{
"id": "projects/[PROJECT-ID]/aggregated/instances",
"items": {
"zones/us-central1-a": {
"instances": [
{
"name": "instance-1",
"machineType": "https://www.googleapis.com/compute/v1/projects/[PROJECT-ID]/zones/us-central1-a/machineTypes/e2-medium",
"status": "RUNNING"
},
{
"name": "instance-2",
"machineType": "https://www.googleapis.com/compute/v1/projects/[PROJECT-ID]/zones/us-central1-a/machineTypes/e2-medium",
"status": "TERMINATED"
}
]
}
}
}

How to use Google Data Prep API using Python

Google Just launched the new API. Link is here.
I want to know what is the host in this case as they are using example.com and using the port 3005.
I am also following this article. But this does not provide example code.
If you open the Dataprep Console and navigate to Settings > Access Tokens you can click on Generate New Token. This will bring up the token, that you can copy to clipboard, but also the instructions on which base endpoint to use:
Then, clicking on a particular Recipe (see image below) will modify the browser URL to be in the form of:
https://clouddataprep.com/flows/<FLOW_ID>?recipe=<RECIPE_ID>&tab=recipe
We'll keep RECIPE_ID> so that our request body (dataprep-request.json) is something like this:
{
"wrangledDataset": {
"id": <RECIPE_ID>
}
}
Then, we can call JobGroups Create:
curl https://api.clouddataprep.com/v4/jobGroups \
-X POST \
-H "Authorization: Bearer $TOKEN" \
-H "Content-Type: application/json" \
-d #dataprep-request.json
The response will be similar to this output (I used python3 -m json.tool to pretty print the JSON):
{
"sessionId": "<SESSION_ID>",
"reason": "JobStarted",
"jobGraph": {
"vertices": [
4479390,
4479391
],
"edges": [
{
"source": 4479390,
"target": 4479391
}
]
},
"id": <JOB_GROUP_ID>,
"jobs": {
"data": [
{
"id": 4479390
},
{
"id": 4479391
}
]
}
}
Now, with the retrieved <JOB_GROUP_ID> we can use the JobGroups Get endpoint:
curl https://api.clouddataprep.com/v4/jobGroups/<JOB_GROUP_ID> \
-H "Authorization: Bearer $TOKEN"
Response:
{
"id": <JOB_GROUP_ID>,
"name": null,
"description": null,
"ranfrom": "ui",
"ranfor": "recipe",
"status": "InProgress",
"profilingEnabled": true,
"runParameterReferenceDate": "2019-12-08T21:49:33.000Z",
"createdAt": "2019-12-08T21:49:35.000Z",
"updatedAt": "2019-12-08T21:49:36.000Z",
"workspace": {
"id": REDACTED
},
"creator": {
"id": REDACTED
},
"updater": {
"id": REDACTED
},
"snapshot": {
"id": 4226057
},
"wrangledDataset": {
"id": <RECIPE_ID>
},
"flowRun": null
}

Go-CD: How to use API to trigger a pipeline?

Is there an API can be used to trigger a pipeline, I did not find one in the API manual. Or, is there any other way I can trigger a pipeline using linux command?
Thanks
link to the docs: https://api.gocd.org/current/#scheduling-pipelines
POST /go/api/pipelines/:pipeline_name/schedule
in the request you can override the environmental variables, the material to use and choose to update the material before the start.
command example as taken from the documentation:
$ curl 'https://ci.example.com/go/api/pipelines/pipeline1/schedule' \
-u 'username:password' \
-H 'Accept: application/vnd.go.cd.v1+json' \
-H 'Content-Type: application/json' \
-X POST \
-d '{
"environment_variables": [
{
"name": "USERNAME",
"secure": false,
"value": "bob"
},
{
"name": "SSH_PASSPHRASE",
"value": "some passphrase",
"secure": true,
},
{
"name": "PASSWORD",
"encrypted_value": "YEepp1G0C05SpP0fcp4Jh+kPmWwXH5Nq",
"secure": true,
}
],
"materials": [
{
"fingerprint": "b5bb9d8014a0f9b1d61e21e796d78dccdf1352f23cd32812f4850b878ae4944c",
"revision": "123"
},
{
"fingerprint": "7d865e959b2466918c9863afca942d0fb89d7c9ac0c99bafc3749504ded97730",
"revision": "1058e75b18e8a645dd71702851994a010789f450"
}
],
"update_materials_before_scheduling": true
}'
/go/api/pipelines/${pipelineName}/schedule works

Drupal-8 restful webservices only delivering HTML

I have a freshly configured Drupal 8.0 beta 12 with HAL, HTTP Basic Authentication, RESTful Web Services and Serialization modules enabled. The installation is in a subfolder (D8_beta12). When I access the web services for the first page created (id=1) like
curl -H "Accept: application/json" --request GET http://localhost/d8_beta12/node/1
DRUPAL only delivers HTML format of the node. I have tried to configure via REST UI to JSON only but that didn't help. DRUPAL would answer the requests even if the web services are disabled.
Its probably the user, who's sitting in front of DRUPAL, who is the problem (me) - but I don't get it. Any help deply appreciated - I have been working hours on this, reviewing all of DRUPALs forums and here as well.
Thanks,
Andi
I was getting the same and found a note about it https://drupal.stackexchange.com/questions/161421/d8-services-errors-no-route-found-for-the-specified-formats
So I updated the request to :
node/1?_format=json
Update: Found note about it in a webchick slideshare:
http://www.slideshare.net/webchickenator/plain-english-guide-to-drupal-8-criticals/51
Please try replacing aaplication/json with application/hal+json.
curl -H "Accept: application/hal+json" --request GET http://localhost/d8_beta12/node/1
You may also like to go through this precise tutorial.
from postman if you are trying or from other rest api you are trying make sure you follow below format
http://localhost/da/drupal819/node/253?_format=json
output
{
"nid": [
{
"value": "253"
}
],
"uuid": [
{
"value": "6f255c93-6886-4c38-b4cb-c40469073d1c"
}
],
"vid": [
{
"value": "253"
}
],
"langcode": [
{
"value": "en"
}
],
"type": [
{
"target_id": "article",
"target_type": "node_type",
"target_uuid": "ee2c7b5e-d57e-4714-9193-daff153c63ff"
}
],
"title": [
{
"value": "Commodo Pagus Quia"
}
],
"uid": [
{
"target_id": "14",
"target_type": "user",
"target_uuid": "0b8602ec-8003-4e3d-8406-5bd53e47df71",
"url": "/da/drupal819/user/14"
}
],
"status": [
{
"value": "1"
}
],
"created": [
{
"value": "1474126412"
}
],
"changed": [
{
"value": "1474175616"
}
],
"promote": [
{
"value": "1"
}
],
"sticky": [
{
"value": "0"
}
],
"revision_timestamp": [
{
"value": "1474175616"
}
],
"revision_uid": [
{
"target_id": "14",
"target_type": "user",
"target_uuid": "0b8602ec-8003-4e3d-8406-5bd53e47df71",
"url": "/da/drupal819/user/14"
}
],
"revision_log": [],
"revision_translation_affected": [
{
"value": "1"
}
],
"default_langcode": [
{
"value": "1"
}
],
"path": [],
"body": [
{
"value": "Duis revitas melior paulatim quibus quidne rusticus velit vereor.\n\n",
"format": "plain_text",
"summary": "Duis vitas melior paulatim quibus quidne rusticus velit vereor.\n\n"
}
],
"comment": [
{
"status": "2",
"cid": "165",
"last_comment_timestamp": "1474175616",
"last_comment_name": "",
"last_comment_uid": "13",
"comment_count": "1"
}
],
"field_image": [
{
"target_id": "248",
"alt": "Diam iriure neo quadrum refero valetudo verto ymo.",
"title": "Os patria refoveo si valetudo.",
"width": "225",
"height": "526",
"target_type": "file",
"target_uuid": "02050136-7a51-4183-9c28-7d7cc793183a",
"url": "http://localhost/da/drupal819/sites/default/files/2016-09/gen8C.tmp.jpeg"
}
],
"field_tags": []
}
you can try other format as well
1) http://localhost/da/drupal819/node/253?_format=hal_json
2) http://localhost/da/drupal819/node/253?_format=xml
to support all above format you need to make that format support from rest configuration from admin panel
and even you need to provide get permission for rest call from permission page for anonymous user.