SOAP service to retieve scope detailse from WSO2IS - wso2-identity-server

Is there SOAP service which returns the SCOPE from WSO2IS 5.5.0 ? I have bearer token generated using Oauth grant_type 'password'. Using this token, i need to retrieve set of scope associated with token.
I tried introespection RESTfull API, but its returning ' Could not resolve host: application' error message .
Any suggestion please ?
curl: (6) Could not resolve host: application
{"error": "Invalid input"}
thansk a lot

EDIT : I missed the tailing 't' of the end point. Added that.
You are missing the protocol here.
curl -k -u admin:admin -H 'Content-Type: application/x-www-form-urlencoded' -X POST --data 'token=a6998b8b-5fff-390d-abd6-b0c9170f3147' https://localhost:9443/oauth2/introspect -v
You don't need to use the SOAP call therefore. In case you need it, here is the documentation.

Related

How to fix 'TypeError: failed to fetch' (Chrome) / 'NetworkError when attempting to fetch resource.' (FireFox) in WSO2-AM

I am setting up WSO2-AM and uploading an API's servicedefinition swagger.json but upon trying the service in WSO2-AM, I get the response in FireFox "TypeError: NetworkError when attempting to fetch resource.". In Chrome its response is "TypeError: Unable to fetch".
The server is informationproxy.com and has SSL configured. Looks fine having a green lock in the urlbar with trusted certificate-chain. It does not certify for using the ip-number "https://209.182.203.81:9443/store/"
Question is: what makes WSO2 respond (in FireFox) with "TypeError: NetworkError when attempting to fetch resource."
The service does not seem to be the problem, since it works fine in editor.swagger.io.
The service also works fine directly called from curl to the external serviceprovider, returning a valid JSON with the data I expect:
curl -k -X GET "https://tieka.nl/webservices/address/luxembourg/v1/?postcode=8080&number=1" -H "accept: application/json"
Also: all other api-services that I have tried to implement fail with the same error message.
There is a side-effect. The response to this curl is an encrypted payload:
curl -k -X GET "https://209.182.203.81:8243/webservices/address/luxembourg/v1/?postcode=8080&number=1" -H "accept: application/json" -H "Authorization: Bearer a1111111-1aa1-1111-aaaa-1111aaaa1111"
<ns:binary xmlns:ns="http://ws.apache.org/commons/ns/payload">PCFET0NUWVBFIEhUTUwgUFVCTElDICItLy9JRVRGLy9EVEQgSFRNTCAyLjAvL0VOIj4KPGh0bWw+PGhlYWQ+Cjx0aXRsZT4zMDEgTW92ZWQgUGVybWFuZW50bHk8L3RpdGxlPgo8L2hlYWQ+PGJvZHk+CjxoMT5Nb3ZlZCBQZXJtYW5lbnRseTwvaDE+CjxwPlRoZSBkb2N1bWVudCBoYXMgbW92ZWQgPGEgaHJlZj0iaHR0cHM6Ly93d3cudGlla2Eubmw6ODAvd2Vic2VydmljZXMvYWRkcmVzcy9sdXhlbWJvdXJnL3YxLz9wb3N0Y29kZT04MDgwJmFtcDtudW1iZXI9MSI+aGVyZTwvYT4uPC9wPgo8aHI+CjxhZGRyZXNzPkFwYWNoZSBTZXJ2ZXIgYXQgd3d3LnRpZWthLm5sIFBvcnQgODA8L2FkZHJlc3M+CjwvYm9keT48L2h0bWw+Cg==</ns:binary>

How to test OpenIm (ForgeRock) Request on Postman?

I have openIdm ForgeRock installed locally and I'am trying to go through the API Explorer etc. in order to see how to use the endpoints and the available endpoints.
From localhost:8080 where ForgeRock is running I can run/try a request. It works fine and I see the Response with Status 200 and its details.
When I try same Request URL on Postman, I get:
{
"code": 401,
"reason": "Unauthorized",
"message": "Access Denied"
}
In a way this makes sense for me as I'am not logged in in this case as directly via ForgeRock Server on localhost:8080. So how can I work around this to be able to run my tests also on Postman.
I tried the parameters username=xxx and password=xxx to the Request on Postman, but it keeps throwing the same error.
I also tried it on Postman as CURL request exactly how ForgeRock is using it, but it seems to have an issue with Authorization.
curl -X GET --header 'Accept: application/json' --header 'X-Requested-With: Swagger-UI' 'http://localhost:8080/openidm/managed/user?_queryId=query-all'
Any Idea please?
Fixed. Was actually simple... Had to add the following in the headers:
X-OpenIDM-Username
X-OpenIDM-Password
Value is by default: opendidm-admin for both.

curl usage wso2-am example api

just started with wso2-am. I published the example PizzaShackAPI: /pizzashack/1.0.0 API and registered a default application against it. I can (re)generate keys for the default application and with this, I can call e.g. the GET/menu item in the API console. This gives me the expected list as long as the access token is valid.
However in the API console the equivalent curl command is also given as :
curl -X GET --header 'Accept: application/json' --header 'Authorization: Bearer 00cb3832-f73f-3536-b287-4330a47ef4bd' 'https://192.168.1.9:8243/pizzashack/1.0.0/menu'
I run this under windows (curl-7.54.0-win64-mingw) but this doesn't work. Tried replacing some quotes with double quotes etc. but all to no avail. Furthermore, I assume that I am using one-way SSL to the service running in wso2-am itself (on port 8243) and I don't need to supply any certificate myself. I also realize that the server side uses a self signed certificate and not sure whether this has any implications in this situation.
Hope someone can help me out on this.
As an addition - just noticed that in the sys$output of the wso2-am server the following is listed:
[2017-05-13 00:38:38,858] ERROR - SourceHandler I/O error: Received fatal alert:
unknown_ca
javax.net.ssl.SSLException: Received fatal alert: unknown_ca
at sun.security.ssl.Alerts.getSSLException(Alerts.java:208)
at sun.security.ssl.SSLEngineImpl.fatal(SSLEngineImpl.java:1639)
at sun.security.ssl.SSLEngineImpl.fatal(SSLEngineImpl.java:1607)
at sun.security.ssl.SSLEngineImpl.recvAlert(SSLEngineImpl.java:1776)
at sun.security.ssl.SSLEngineImpl.readRecord(SSLEngineImpl.java:1068)
at sun.security.ssl.SSLEngineImpl.readNetRecord(SSLEngineImpl.java:890)
at sun.security.ssl.SSLEngineImpl.unwrap(SSLEngineImpl.java:764)
at javax.net.ssl.SSLEngine.unwrap(SSLEngine.java:624)
at org.apache.http.nio.reactor.ssl.SSLIOSession.doUnwrap(SSLIOSession.ja
va:245)
I think that this is caused by the curl command hitting the API service .
Thanks Peter
You are accessing HTTPS url of the API, You have to either use a keystore or suppress the SSL in cURL with -k option
curl -X GET --header 'Accept: application/json' --header 'Authorization: Bearer 00cb3832-f73f-3536-b287-4330a47ef4bd' 'https://192.168.1.9:8243/pizzashack/1.0.0/menu' -k
You also can use below HTTP URL of the API, note the port difference.
curl -X GET --header 'Accept: application/json' --header 'Authorization: Bearer 00cb3832-f73f-3536-b287-4330a47ef4bd' 'http://192.168.1.9:8280/pizzashack/1.0.0/menu'

wso2 api manager PUT method does not work in api store

Wso2 API Manager 1.10.0. PUT method does not work in API store.
GET, POST, DELETE methods work, but PUT dose not work.
Error,
Curl
curl -X PUT --header "Content-Type: application/json" --header "Accept: application/json" --header "Authorization: Bearer c6c90338514e561c8a02a7b6a1c96553" -d "{\"payment\":\"PAID\"}" "https://10.138.31.22:8243/Starbucks_API/1/order_1"
Request URL
https://10.138.31.22:8243/Starbucks_API/1/order_1
Response Body
<ams:fault xmlns:ams="http://wso2.org/apimanager/security">
<ams:code>900906</ams:code>
<ams:message>No matching resource found in the API for the given request</ams:message>
<ams:description>Access failure for API: /Starbucks_API/1, version: 1. Check the API documentation and add a proper REST resource path to the invocation URL</ams:description>
</ams:fault>
Response Code
403
Response Headers
{
"content-type": "application/xml; charset=UTF-8"
}
Resource given in the request is actually matching, which I mentioned in API.
Any help is appreciated.
Resource Definition
You are having two PUT with same URL. You can't have two different HTTP resource with same URL.

converting curl api call into restful api call

i am very new to the java EE.
I have built some simple restful client for calling rest api's from java using jersey framework.
I have one curl request which i have to call from java
curl -i -X POST 'https://{url}' -H 'Content-Type: application/x-www-form-urlencoded' -H "Accept: application/vnd.newbay.dv-1.8+json" -H "X-HTTP-METHOD-OVERRIDE: DELETE" -H "X-Client-Platform: SERVICES" -H "X-Client-Identifier: IL" --insecure --data 'path=%2FMy+Samsung+GT-I9082%2F20130822_172409.jpg&path=%2FMy+Samsung+GT-I9082%2F20130905_085407.jpg'
Here the paths of file are passed as form post in curl using --data.
Can anyone tell me how to call this api from my java program using jersey framework? I am having difficulty because of this --data part? how exactly i will pass that in my restful java client that i cant understand.
Also can anyone tell me how to pass form post --data part while calling the same api from soapUI?
In your cURL command, --data provides post data in a classic html form format. You shoud alrealy be aware of that because the content-type is explicit : application/x-www-form-urlencoded
Jersey can handle this encoding for you, using MultivaluedMapImpl.
see Sending Name Value Pair in POST using Jersey Client