I'm trying to use CURL on the following address (example)
https://examplesite.com/ExampleService/ExampleService.asmx?wsdl
When I copy the url to a browser i get the browser login popup and using the username and password i get to see the webservice XML file
But when i try to call curl to the same address using
curl -u username:password https://examplesite.com/ExampleService/ExampleService.asmx?wsdl
I get a 401 reply error.
What might be the problem ?
I think this website does not support the basic authentication.
That is the reason why you cannot log in by CURL.
Related
I am using django-rest-auth to authenticate and register my user I can do everyhting.
Login is working Registration is working but I am unable to access get User details:
/rest-auth/user/ (GET, PUT, PATCH)
I am trying to access this endpoint I am using JWT I am getting correct token. But when I am using this command in curl:
curl -X GET http://localhost:8000/rest-auth/user/ -H 'Authorization: Bearer <jwt-toke>'
I am getting this error:
{"detail":"Authentication credentials were not provided."}
What do I need to do to access details of user
After a long investigation, I was able to find a solution and according to the documentation if you want to use JWT in django-rest-auth.
They shared one link which is not working actual link is:
https://jpadilla.github.io/django-rest-framework-jwt/
After installing django-rest-auth.
You need to install django-rest-framework-jwt using:
pip install djangorestframework-jwt
And it will work fine if you want to access this URL:
/rest-auth/user/ (GET, PUT, PATCH)
You need to pass JWT instead of Bearer example:
curl -X GET http://localhost:8000/rest-auth/user/ -H 'Authorization: JWT <jwt-toke>'
And it worked for me.
I am trying to use curl via bash script to store cookies using curl -c cookies.txt https://www.mydjangoapp.com/ so that I can use the CSRF token in subsequent curl requests (using the -b cookies.txt option in subsequent commands).
However, when I run cat cookies.txt to view the contents, the file only contains the following:
# Netscape HTTP Cookie File
# https://curl.haxx.se/docs/http-cookies.html
# This file was generated by libcurl! Edit at your own risk.
Additionally, the cookies aren't viewable in the response when using the verbose -v option either.
When I check the cookies returned via Chrome Developer Tools, I see all the cookies that I expect.
I have verified that cookies.txt is populated with cookies when running the curl command against other endpoints.
Any ideas about how this might happen? In particular, I'm trying to get the CSRF token, but this seems to be a more general cookie retrieval issue with curl and my Django application.
This was happening because in the browser, I have already been navigating around as an authenticated user.
When I used curl to visit the login endpoint, cookies.txt was finally populated with the cookies I needed.
This StackOverflow post was essential to figuring this out.
I have an API Gateway that invokes a lambda function. I deployed the gateway and am succesfully invoking the function from my terminal by sending a POST request to the endpoint. I do this like so:
curl -H "Content-Type: application/json" -X POST -d "{\"bt_signature\":\"curl\",\"bt_payload\":\"abcsdsddsd\"}" https://*myendpointurl*
When I enter this endpoint in my Braintree console though as a webhook url though and click "check url" i get the following error pop up:
Last delivery unsuccessful. Invalid server response 400
It is weird that it works when I invoke it from my terminal but not here. Futhermore when i enter my endpoint for the method in my web browser it turns up with this error message:
{"message":"Missing Authentication Token"}
I have double checked I am using the write endpoint for this specific POST method. It's just weird that it works from terminal but not as a webhook url in braintree. Ideas?
The reason you get "Missing Authentication Token" when hitting from the browser is because the browser will make a GET request, whereas your API is setup for POST method. API Gateway will respond with a "Missing Authentication Token" when you make requests for non-existent resources/methods. (It's possible Braintree is also generating a GET request internally, but I would recommend you check with their support for confirmation.)
Hope this helps,
Ritisha.
i use django rest framework and OAuth2 Toolkit in my django backend app. I registered users in django admin site. Whne i try to get access token with CURL for user i get error:
{"error":"invalid client"}.
my curl request is bellow:
curl -X POST -d "client_id=MY_CLIENT_ID&client_secret=MY_CLIENT_SECRET&grant_type=password&username=myuser&password=mypass" http://localhost:8000/o/token/
Do you have the right secret and id and/or the right grant-type?
1) Go to <yoursite>/admin and login with your admin account
2) Go to <yoursite>/o/applications and choose your application
Now you can see your secret, id and grant type(should be 'password').
Also have a look at the client type(should be 'confidential')
Thank you fo your help I solve my problem. My right curl request is bellow:
curl -X POST -d "grant_type=password&username=USERNAME&password=PASSWORD" --user "CLIENT_ID:CLIENT_SECRET"
Im using django-oauth2-provider to build a authorization server. When i try to get access_token by using this command:
curl -d "client_id=513204402d4b4f4d62e2&grant_type=authorization_code&response_type=code" http://127.0.0.1:8000/oauth2/access_token
i get an error: invalid_client
I have been created my client with client_type is Confidential
How can i fix it?
If your client is confidential, you must authenticate to issue an access token.
I suppose that it is a password client. You just have to add the client_secret=CLIENT_SECRET_HERE parameter in your POST request or set your client credentials in the authorization header.
Example:
curl -d "client_id=CLIENT_ID_HERE&client_secret=CLIENT_SECRET_HERE&...
or
curl --user CLIENT_ID_HERE:CLIENT_SECRET_HERE -d "...
The authorization code grant type is a two step flow.
You get an authorization code just after the resource owner allowed your client.
You get an access token using the authorization code.
You are trying to send a POST request so I suppose that if you already have an authorization code.
You get an invalid_request because you do not set the code parameter in your curl command:
curl -X POST -d "client_id=CLIENT_ID_HERE&client_secret=CLIENT_SECRET_HERE&grant_type=authorization_code&code=AUTHORIZATION_CODE_HERE&redirect_uri=REDIRECT_URI_HERE" http://127.0.0.1:8000/oauth2/access_token