I have implemented the steps described in this blog Post by Amila Suriarachchi :
http://wso2.com/library/articles/2012/10/implementing-restful-services-wso2-esb
I have done everything mentioned in above Post and i have got API Invocation URL as:
http://10.224.188.113:8280/students
for StudentAPI.
Now in the Post it has given three Steps as:
1. To add a new student
curl --request POST -v --data #addPayload.xml -H "Content-type: application/xml" http://localhost:8280/students/003
2. To get the added student details
curl --request GET -v http://localhost:8280/students/003
3. To update the student
curl --request PUT -v --data #updatePayload.xml -H "Content-type: application/xml" http://localhost:8280/students/003
4. To delete the student
curl --request DELETE -v http://localhost:8280/students/003
to add update and delete and get.But my question is,can i do the above operations without using curl.
i can access the url of rest service http://10.224.188.113:8280/students.
Now my question is since i have to make this accessible to outer world i have to create a proxy of this rest service, so how can i make proxy of above rest service which provides me all the operations.
Looking forward to your answers. Thanks in advance
In the article you have mentioned, Amila has explained about how to define a REST service on ESB.
CURL is a way of testing the REST APIs. Another way to access the REST APIs is using a web browser.
Any client program which can send the REST requests (GET, POST, DELETE, UPDATE) can access your defined student APIs without any issue. You need to host your server in a URL and give the accessibility to that URL for the outsider world. API Manager is such a product you can use to publish your API to outsider world. But it is not necessary.
If you want to expose these as SOAP services for a SOAP client, you can do that as well. For that you can use the following link.
http://docs.wso2.org/wiki/display/ESB460/Using+REST+with+a+Proxy+Service
Hope this help you to figure out your issue.
You can point that API, from APIManager, to make it available to outer world..or else, allow outer world, directly to access your backend api, but it depends on your users and usecase.
in the APIManger , we integrated swagger, which will automatically generate the API guide,so user can see details of the operations available in the API
Related
How can I obtain a Spotify access token for my own user, but from Postman ?
I want to use Postman to fetch the access token from Spotify (without a preceeding manual log in).
If that's complicated, I would accept to manually log in first,
before fetching the token from Postman.
Details:
To get an access token (to be used further in my own Postman requests),
I manually have to get one, while logged in on the Spotify Developer website.
Therefore, I would like to obtain it directy from Postman,
where I could immediately use it further in other requests/tests.
How could this be achieved ?
I did define an app on Spotify (so I have the client_id and client_secret).
I also have tried sending the cURL suggested in this Client Credentials Flow (one of the Authorization flows). Unsuccessfully:
curl -X "POST"
-H "Authorization: Basic ZjM4ZjAw...WY0MzE="
-d grant_type=client_credentials
https://accounts.spotify.com/api/token
Postman actually has all the various types of Spotify auth requests nicely packaged up in an exportable set of requests.
Came across it while researching the same issue and came across their blog post on using PKCE instead of implicit OAuth2 flows.
My coding skills and familiarity with Google Cloud solutions are limited and I'm trying to consume a Machine Learning model from a chatbot build using the platform Chatfuel.
I've trained a Natural Language Machine learning model using Google NL and I wanted to use this code snippet provided in my model page:
curl -X POST \
-H "Authorization: Bearer $(gcloud auth application-default print-access-token)" \
-H "Content-Type: application/json" \
https://automl.googleapis.com/v1/projects/123456/locations/us-central1/models/ABC123:predict \
-d #request.json
I've then tried to pass this information in Chatbot like this:
The problem is it looks like I need to pass a token (API key seems not possible for this API) and I don't see how from the Chatfuel interface I could obtain a token for each request and pass it in my post request.
Edit: I've seen this post and created a service account but I don't see how to pass the credentials to Chatfuel.
How can I pass Google API service account credential to Chatfuel?
You should make a service account with Google Cloud.
It should give you a JSON with an API key, which is used to generate a new token every hour or so. Using the Google API for whatever server side language you are using (or just using the native http requests), you use the service key (which in general is loaded into your server as a .json file) to fetch a new token every hour; OR you can use Google Apps Script, if they have Chatfuel available (which I'm not sure if they do) and get the token there, and send it to your own app every 30 minutes or so via a trigger.
But the main thing is: using your service API key, you make an HTTP request to a certain api URL (available on with instructions from another page from that link above) every hour or so to generate a new token.
From the docs, that URL appears to be:
POST https://iamcredentials.googleapis.com/v1/projects/-/serviceAccounts/SA-4#PROJECT-ID.iam.gserviceaccount.com:generateAccessToken
just replace, "`
SA-4#PROJECT-ID.iam.gserviceaccount.com
`"
with your own service account name
That's about it, its how it works for all Google Cloud APIs
Using wso2am-2.1.0 we'd like to create an API using the REST services, such as
/api/am/publisher/v0.11/apis
To use the services to search, create and publish an API the access token needs scope apim:api_view apim:api_createapim:api_publish
Seeing the publisher-api.yaml seems the full admin role is required to access these services.
We woudn't like to use the main admin user used by the services risking compromise of a user account with all privileges and mainly the admin user.
Assigning a different user to the admin role doesn't seem to work, tokens created don't hold necessary requested scopes (subsequence calls to the publisher's servicess causes 401 Unauthenticated request). Im I missing something?
It should work. I just did it and here is the output.
bhathiya#bhathiya-x1:/data/products/am/resources$ curl -X POST -H "Authorization: Basic YWRtaW46YWRtaW4=" -H "Content-Type: application/json" -d #payload.json https://localhost:9443/client-registration/v0.11/register -k
{"clientId":"ryUqrib4UAiKtbEt8_HxadTcubYa","clientName":"admin_rest_api_publisher","callBackURL":"www.google.lk","clientSecret":"Q1sTqqd175da8fLaESY6z9h5nuca","isSaasApplication":true,"appOwner":"admin","jsonString":"{\"grant_types\":\"password refresh_token\",\"redirect_uris\":\"www.google.lk\",\"client_name\":\"admin_rest_api_publisher\"}"}
-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- 22:29:11
bhathiya#bhathiya-x1:/data/products/am/resources$ curl -k -d "grant_type=password&username=bhathiya&password=admins&scope=apim:api_view apim:api_create" -u ryUqrib4UAiKtbEt8_HxadTcubYa:Q1sTqqd175da8fLaESY6z9h5nuca https://localhost:8243/token
{"access_token":"1e3f7460-e186-3ded-b4d9-c093e1ceb9df","refresh_token":"be66fe42-2d34-3a34-8576-f7e24388be00","scope":"apim:api_create apim:api_view","token_type":"Bearer","expires_in":3600}
And you can also change roles in publisher-api.yaml.
I have the WSO2 API manager set up with the four components on different VM's. What I need to do is check the health of the components. Is there a url I can hit with each component to make sure it is running? I don't want to do a full API call as I don't want to test the whole flow just a specific VM so I know if I need to restart that VM.
I could do a port check but I am not sure if that is really checking the status properly.
Any help would be appreciated.
Thanks
Perhaps you could hit login API/s of API Manager's published API's(https://docs.wso2.com/display/AM190/Published+APIs) and examine the HTTP response code:
Publisher Login API: https://docs.wso2.com/display/AM190/Publisher+APIs
curl -X POST -c cookies http://(publisherIP):9763/publisher/site/blocks/user/login/ajax/login.jag -d 'action=login&username=admin&password=admin'
Store Login API: https://docs.wso2.com/display/AM190/Store+APIs
curl -X POST -c cookies http://(storeIP):9763/store/site/blocks/user/login/ajax/login.jag -d 'action=login&username=admin&password=admin'
Gateway
https://docs.wso2.com/display/AM190/WSO2+Admin+Services
Key manager is a bit trickier , try getting an access token through the API gateway token API and see what it returns. The gateway will call the key manager:
curl -k -d "grant_type=password&username=<username>&password=<password>" -H "Authorization: Basic SVpzSWk2SERiQjVlOFZLZFpBblVpX2ZaM2Y4YTpHbTBiSjZvV1Y4ZkM1T1FMTGxDNmpzbEFDVzhh, Content-Type: application/x-www-form-urlencoded" https://(gatewayIP):8243/token
I want to implement a custom code for token generation or you can think of removing OAuth2 from the WSO2 implementation and incorporating my specific APIs for token management. Is this possible? If yes, then please guide me how to achieve the same.
If you need to customize it fully, It means that you need to completely remove the OAuth2. There there is no worth of it. But; if you just need to customize some behaviors of the OAuth2, It can be done easily. There are several extension points for it. One main extension is that customization of OAuth2 grant types. You can find details from here and some sample for it. It may helps to do some major customization of the OAuth2 flow. Hope it would help for you.
When you send an API request to the backend, you pass a token in the Authorization header of the request. The API Gateway uses this token to authorize access, and then drops it from the outgoing message. If you wish to use a different (or a custom generated) authorization token than the application generated access token, you can use it as a token exchange mechanism in mediation logic of the API. In this tutorial, we explain how to pass a custom authorization token that is different to the authorization token generated for the application.
Add the following sequence content in to a file and save it as XML file.
Log in to the API Publisher, create a new REST API
Navigate to the Runtime Configurations tab, enable the Message Mediation in Request flow. Engage the In sequence that you created earlier and click Save .
If the API is not in PUBLISHED state, go to Lifecycle tab, click REDPLOY to re-publish the API.
Go Developer Portal, subscribe and obtain a token to invoke the published API.
Install any REST client in your machine. We use cURL here.
Go to the command line, and invoke the API using the following cURL command.
In this command, you pass the token that the backend expects, i.e., 1234, in the Custom header with the authorization token that the system generates in the Authorization header.
curl -H "Authorization: Bearer " -H "Custom: Bearer 1234"
NOTE
is the token that you got in step 20.
appears on the API's Overview page in the API Developer Portal. Copy the HTTP endpoint. If you select the HTTPs endpoint, be sure to run the cURL command with the -k option.
Note the response that you get in the command line. According to the sample backend used in this tutorial, you get the response as "Request Received."
FOR MORE EXPLANATION, PLEASE VISIT THIS LINK
[LINK] : https://medium.com/#PrakhashS/passing-access-token-to-oauth2-protected-backends-wso2-api-manager-7d0671a0afca