I have created an endpoint localhost:8000/getauthtoken to generate the authentication token.
The curl command that i am using to get the authentication token is:
curl --request POST --url localhost:8000/getauthtoken --header 'content-type: application/json' --data '{"username":"admin", "password":"admin123"}'
But i am getting
{"password":["This field is required."],"username":["This field is required."]}
But in the command i am passing both username and password
As per the DRF documentation http://www.django-rest-framework.org/api-guide/authentication/ this is the correct way.
Use httpie (available on pypi)
Then follow this on terminal:
Http post your_ip:your_port/your_authresource/ username='' password=''
Or you can try that in Curl in right way:
curl -X POST http://localhost:8000/api-token-auth/ -d "password=aaaaa&username=user"
Related
In wso2-IS 5.11, trying Update Password Operation through cURL restAPI command.
I got reset password mail notification for below curl request,
$ curl -X POST -k -H "Authorization: Basic YWRxxxx=" -H "Content-Type: application/json" -d '{"user": {"username": "John","realm": "PRIMARY"},"properties": []}' "https://localhost:9445/api/identity/recovery/v0.9/recover-password?type=email¬ify=true"
but instead of reset the password in reset-password-window , I need to pass the reset password values through cURL same like this, but this also requires Confirmation keycode with validity period and this is availlable in IDN_RecoveryDataTable as per this doc, so where this "IDN recovery data table" find out.? and shall I use same operation? or need to try some different use cases like , active and inactive user via cURL RestAPI ,and 3rd case Invalid password.
It seems you are following the blog [1] and referring to ii) Update Password step.
IDN_RECOVERY_DATA is a table of the identity database where WSO2IS stores information about the recovery flow. But you don't have to worry about the data stored in the database.
If you are just trying to change the password of a user without sending an email, you can use SCIM APIs.
Following is an example to update the password of a user when the existing password is provided.
curl -X PATCH 'https://localhost:9443/scim2/Me' \
-H 'accept: application/scim+json' \
-H 'Content-Type: application/scim+json' \
-H 'Authorization: Basic {base64(username:currentPassword)}' \
-d '{ "schemas": [ "urn:ietf:params:scim:api:messages:2.0:PatchOp" ], "Operations": [ { "op": "replace", "value": { "password": "newPassword" } } ]}'
If you want to send an email and void WSO2 UIs for creating the new password, you can change the email template to redirect the user to your UI once the user clicks the link in the email. Then use the confirmation code included in that link to invoke the password set-password API. The document [2] has information on the APIs related to the account recovery, available in WSO2 Identity Server 5.11.0.
For locking or disabling a user, you can use the SCIM APIs to patch the relevant user attributes.
[1] https://medium.com/#isurakarunaratne/password-recovery-wso2-identity-server-b80abe2bcc61
[2] https://docs.wso2.com/display/IS511/apidocs/account-recovery/
I am unable to successfully acquire an id token/access token from my AWS cognito user pool when I supply an auth code. I have written a shell script (see below), and receive invalid_grant back from the server.
I have encoded the base64 Authorization Basic header for client_id:client_secret generated with python as:
import base64
encode='my_client_id_string:my_client_secret_string'
base64.b64encode(encode)
#!/usr/bin/env sh
curl --location --request POST 'https://<domain>.auth.us-east-2.amazoncognito.com/oauth2/token' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--header 'Authorization: Basic <base64 encode string client_id:client_secret>' \
--data-urlencode 'grant_type=authorization_code' \
--data-urlencode 'client_id=<client_id from app settings' \
--data-urlencode 'code=<code received from redirect url to my localhost app endpoint>' \
--data-urlencode 'redirect_uri=http://localhost:8000/my_redirect'
Any ideas?
Solved it!
The problem was caused by an invalid client id. I had supplied a typo for the client id value!
I am trying to retrieve data from the SDC API protected by Kerberos. Initially i am posting the credentials to the SCH login page and then using the cookies generated to access the SDC rest api. However, i am not able to post the credentials. Response code is 401 and hence not able to access api.
dpm_auth_creds = {"userName":"", "password":"" }
headers = {"Content-Type": "application/json", "X-Requested-By": "SDC"}
auth_request = requests.post("https://url:18641/sch/security/users" , data=json.dumps(dpm_auth_creds), headers=headers, verify="file.pem")
cookies = auth_request.cookies
print(auth_request.status_code)
print(auth_request.headers)
url = requests.get("https://url:18641/jobrunner/rest/v1/sdcs", cookies=cookies)
print(url.text)
Response code is 401: for auth_request.status_code
This is from the REST API page in Control Hub:
# login to Control Hub security app
curl -X POST -d '{"userName":"DPMUserID", "password": "DPMUserPassword"}' https://cloud.streamsets.com/security/public-rest/v1/authentication/login --header "Content-Type:application/json" --header "X-Requested-By:SCH" -c cookie.txt
# generate auth token from security app
sessionToken=$(cat cookie.txt | grep SSO | rev | grep -o '^\S*' | rev)
echo "Generated session token : $sessionToken"
# Call SDC REST APIs using auth token
curl -X GET https://cloud.streamsets.com/security/rest/v1/currentUser --header "Content-Type:application/json" --header "X-Requested-By:SCH" --header "X-SS-REST-CALL:true" --header "X-SS-User-Auth-Token:$sessionToken" -i
So your Python code should be more like:
dpm_auth_creds = {"userName":"", "password":"" }
headers = {"Content-Type": "application/json", "X-Requested-By": "SDC"}
auth_request = requests.post("https://url:18641/security/public-rest/v1/authentication/login" , data=json.dumps(dpm_auth_creds), headers=headers, verify="file.pem")
cookies = auth_request.cookies
print(auth_request.status_code)
print(auth_request.headers)
# Need to pass value of SS-SSO-LOGIN cookie as X-SS-User-Auth-Token header
headers = {
"Content-Type":"application/json",
"X-Requested-By":"SCH",
"X-SS-REST-CALL":"true",
"X-SS-User-Auth-Token":auth_request.cookies['SS-SSO-LOGIN']
}
url = requests.get("https://url:18641/jobrunner/rest/v1/sdcs", headers=headers)
print(url.text)
I have a curl command that was given to me that I have to convert using requests.
curl --request POST "https://www.example.com" --data "user_id=200" --data "user_data=je93jfe92dj220,39fjid20djd93f302,93jfieheio02hfne,902jfoienfieshiu202" --header "Authorization: Bearer [TOKEN]"
using requests, the call should be
hdr = {'Content-Type': 'Content-type: application/json',
'Authorization': 'Bearer TOKEN' }
payload = {"user_id":200,"records":"je93jfe92dj220,39fjid20djd93f302,93jfieheio02hfne,902jfoienfieshiu202"
requests.post('https://www.example.com', headers=hdr, data=json.dumps(payload))
This isn't working as I'm getting an error returned that the 'user_id' param must be an integer. Not sure how to ensure that, as aren't all parameters formatted as strings when sent? The curl command does work, however.
Im not really sure the reason, but to make this work, just change data=json.dumps(payload) to json=json.dumps(payload). This worked just fine for me.
I i am new to django-rest-auth and apis.
Its the first time i build a rest auth and i am not very familiar with Authorization headers and Content Types.
I am trying to understand why when i try to authenticate a user in /login/ with Basic Authorization like this:
curl -X POST -H "Authorization: Basic dXNlcm5hbWU6cGFzc3dvcmQ=" 'https://myurl.com/rest-auth/login/' --insecure
i got this error message:
{"password":["(This field is required"]}
When passing the username and password in the body like this:
curl -X POST -H "Content-Type: application/x-www-form-urlencoded" -d 'username=myuser&password=mypassword' 'https://myurl.com/rest-auth/login/' --insecure
I got the key:
{"key":"b5c0f3a9c7b2fc2f58a74b25f816e2968c64712f"}
Why this is happening?
I also wonder why when trying the same in /user/ it didn't throw me any error and give me my user model serialized
curl -X GET -H "Authorization: Basic dXNlcm5hbWU6cGFzc3dvcmQ=" -H "Cache-Control: no-cache" 'https://myurl.com/rest-auth/user/' --insecure
The only difference i can understand is that in /login i am using POST and in /user/ is GET
Can anybody explain this to me?
Thanks for reading!
The '/auth/login/' endpoint is specifically for getting an authentication token to use with token authentication on the rest of the app. It doesn't itself support any authentication methods. The second curl command uses the correct method. the third curl command works because you are using an endpoint which does support Basic Authentication (you can could also use the token you got in the second call).
pls refer
Inet Mode Example (unprivileged user with AltAuth)
$ echo -e "GET http://localhost/slurm/v1/diag HTTP/1.1\r\nAccept: */*\r\n" |
slurmrestd -f etc/slurm.token.conf
● slurmrestd: operations_router: /slurm/v1/diag for pipe:[1052487]
● HTTP/1.1 200 OK
● Content-Length: 973
● {
● "parts_packedg": 1,
● "req_timeg": 1568051342,
● "req_time_startg": 1568050812,
● "server_thread_count": 3,
… JSON continues ...