I'm trying to use the API Speech to text in google cloud. I try to give the command under as indicated in the documentation. I've given the value of GOOGLE_APPLICATION_CREDENTIALS as
"D:\certs\My First Project.json" The command is:
requests>curl -s -H "Content-Type: application/json" -H "Authorization: Bearer
"$(gcloud auth application-default print-access-token)
https://speech.googleapis.com/v1/speech:recognize -d #sync-request.json
Which results in:
requests>curl -s -H "Content-Type: application/json" -H "Authorization: Bearer "$(gcloud auth application-default print-access-token) https://speech.googleapis.com/v1/speech:recognize -d #sync-request.json
{
"error": {
"code": 401,
"message": "Request had invalid authentication credentials. Expected OAuth 2 access token, login cookie or other valid authentication credential. See https://developers.google.com/identity/sign-in/web/devconsole-project.",
"status": "UNAUTHENTICATED"
}
}
Then I tried the command cloud auth by it self:
requests>gcloud auth application-default print-access-token
resulting in:
ERROR: (gcloud.auth.application-default.print-access-token) File "D:\certs\My First Project.json" (pointed by GOOGLE_APPLICATION_CREDENTIALS environment variable) does not exist!
What is the problem with my credentials?
I finally got it, you should not have quotes around the [PATH]/[FILENAME] given for GOOGLE_APPLICATION_CREDENTIALS.
ie
SET GOOGLE_APPLICATION_CREDENTIALS=C:\home\myfile.json
I hope this helps someone.
The error message indicates that your OS is not finding your credential, the official documentation mentioned how to set your environment variable GOOGLE_APPLICATION_CREDENTIALS.
I also suggest to avoid spaces in the path which contains the KEYFILE.json, as is mentioned in the comments. Let me know how it works.
Related
I am using SCIM api for registering a user
curl -v -k --user admin:admin --data '{"schemas":[],"name":{"familyName":"Smith","givenName":"Paul"},"userName":"Paul","password":"password","emails":[{"primary":true,"value":"paul#somemail.com"}],"urn:ietf:params:scim:schemas:extension:enterprise:2.0:User":{askPassword:"true"}}' --header "Content-Type:application/json" https://localhost:9443/scim2/Users
I got a
Create Password for New Account
email to my primary email address with a confirmation code.
How to validate this confirmation code with wso2is using SCIM 2?
In REST API there is an option to validate code.
I tried REST API
curl -k -v -X POST -H "Authorization: Basic YWRtaW46YWRtaW4=" -H "Content-Type: application/json" -d '{ "code": "84325529-8aa7-4851-8751-5980a7f2d9f7","properties": []}' "https://localhost:9443/api/identity/user/v1.0/validate-code"
it returns in case of invalid code
{
"code": "18001",
"message": "Bad Request",
"description": "Invalid Code '84325529-8aa7-4851-8751-5980a7f2d9f7'"
}
in the case valid code it returns
{
"code": "18001",
"message": "Bad Request",
"description": "Invalid Code '%s.'"
}
no console error
Validate code worked with REST API work flow
There is no such SCIM APIs in WSO2 Identity Server to validate the confirmation codes. WSO2 Identity Server has a soap API (UserInformationRecoveryService-verifyConfirmationCode) and a REST API (/validate-code) that can fulfill your requirement.
You can find the SOAP API here.
I am editing my answer here since I talked with the developers and I realised there is a different API that you need to use for validating the confirmation code: documentation.
So you need to send the following request:
curl -k -v -X POST -H "Authorization: Basic YWRtaW46YWRtaW4=" -H "Content-Type: application/json" -d '{ "code": "84325529-8aa7-4851-8751-5980a7f2d9f7","step": "UPDATE_PASSWORD","properties": []}' "https://localhost:9443/api/identity/recovery/v0.9/validate-code"
and the response should be
"HTTP/1.1 202 Accepted"
I tried it and it works.
Note: if you are using SCIM identity through a system like a self-managed GitLab, GitLab 15.3 (August 2022) offers a better integration:
User SCIM identity visible in UI
Previously, the SCIM identity for a user could only be accessed using the SCIM API.
Now, a user’s SCIM identity is visible to GitLab administrators in the Identities tab of the User list. With
this, troubleshooting of SCIM-related issues is simplified. Administrators can validate what identity, if any, is
being used for a specific account without requiring GitLab Support or an API query.
See Documentation and Issue.
I am trying to the Google Cloud Platform REST API. I have created a service account and its key.
From one of the Google Cloud Platform documentation links I got the REST API provided below.
My question is, how do I get the OAUTH_TOKEN in this example? I assume I need to do something with my service account to generate this token? and how long will this token last before it expires?
curl -X POST -H "Authorization: Bearer [OAUTH_TOKEN]" -H "Content-Type: application/json"
https://compute.googleapis.com/compute/v1/projects/[PROJECT_ID]/zones/[ZONE]/instances -d
'{
"disks":[
{
"boot":"true",
"initializeParams":{
"sourceImage":"https://compute.googleapis.com/compute/v1/projects/debian-cloud/global/images/debian-8-jessie-v20160301"
}
}
],
"machineType":"https://compute.googleapis.com/compute/v1/projects/[PROJECT_ID]/zones/[ZONE]/machineTypes/n1-standard-1",
"name":"[INSTANCE_NAME]",
"networkInterfaces":[
{
"accessConfigs":[
{
"name":"external-nat",
"type":"ONE_TO_ONE_NAT"
}
],
"network":"https://compute.googleapis.com/compute/v1/projects/[PROJECT_ID]/global/networks/default"
}
]
}'
As per google's docs, I'm generating my oauth access token like this:
export TOKEN=$(~/go/bin/oauth2l fetch -jwt -json ~/.google/my-service-key.json cloud-platform)
I'm then doing requests to Google's REST API like this:
curl -v -H "Authorization: Bearer $TOKEN" -H "Content-Type: application/json" -d (...) $URL
The response I'm getting back from Google is that I'm not providing an OAuth token, when I clearly am:
Request had invalid authentication credentials. Expected OAuth 2 access token, login cookie or other valid authentication credential. See https://developers.google.com/identity/sign-in/web/devconsole-project.
Other posts suggest to use gcloud auth application-default print-access-token instead of the OAuth token, but I know this to be the incorrect approach, as Google's API responds back that it wants a service account OAuth token and not an identity.
Any idea what's happening here?
Sometimes an old (bad) token gets cached from before you rotated the service_account.json.
Delete Cache
Try this:
rm ~/.oauth2l
Token vs JWT
And try getting an API token before you sign the JWT:
oauth2l fetch cloud-platform
Scope vs Audience
Also, the API token requires a scope (shown above), whereas the JWT requires an audience aud, which is a URL:
oauth2l fetch --jwt https://www.googleapis.com/auth/cloud-platform
ENVs
You may also want to make sure that you don't have competing configuration, see if GOOGLE_APPLICATION_CREDENTIALS is set.
echo $GOOGLE_APPLICATION_CREDENTIALS
unset GOOGLE_APPLICATION_CREDENTIALS
Or potentially use it instead of --json ./service_account.json:
export GOOGLE_APPLICATION_CREDENTIALS=$HOME/.config/google/service_account.json
HTH
i created a custom tensorflow model and deployed to google cloud AI platform
however, when i sent a post request to online prediction api (https://ml.googleapis.com/v1/projects/my-project/models/my-model/versions/my-version:predict). i got back 401 Request is missing required authentication credential. Expected OAuth 2 access token my understand that by deploying model is its API already available online, so is there away to make API public? if not how i can make api authentication through bearer token?
You can get the auth token using gcloud:
access_token=$(gcloud auth application-default print-access-token)
and then embed it into the header:
curl --silent \
-H "Authorization: Bearer $access_token" \
-H "Content-Type: application/json" \
-X POST \
etc.
I am recently doing projects on openstack. I start it. I want to access openstack account through RESTful API. I read the API guide in the official website. The link is here http://developer.openstack.org/api-guide/quick-start/api-quick-start.html#authenticate.
I do the same way to do the authentication.
Here is my command:
curl -s -X POST https://url:5000/v2.0/tokens -H "Content-Type: application/json" -d '{"auth": {"tenantName": "MyTenantName", "passwordCredentials": {"username": "'"myAccountNme"'", "password": "mypassword"}}}'
But everytime I just get 401 (Unauthorized) response said The request you have made requires authentication. The error message is here.
What's wrong with my request? My username and password is correct, I can use it to access my account from dashboard.
Since you are using https, I think you get the error message because you do not specify a certificate. Use the --cert or --cacert option of curl. Something like this:
curl --cacert <your_crt_file> -X POST https://url:5000/v2.0/tokens -H "Content-Type: application/json" -d '{"auth": {"tenantName": "MyTenantName", "passwordCredentials": {"username": "'"myAccountNme"'", "password": "mypassword"}}}'