I am trying to register my app with FB Realtime Graph updates and having issues with FB verifying my callback URL. I can successfully register (and receive updates) with FB using HTTP but I need to switch to HTTPS.
curl -XPOST -i -v \
-d 'access_token=$OAUTH_TOKEN' \
-H 'Accept: application/json' -H 'Content-Type: application/json' \
-d "object=user" -d "fields=friends,name" -d "callback_url=https://$MY_RUL" \
-d "verify_token=$VERIFY_TOKEN" "https://graph.facebook.com/$APP_ID/subscriptions"
and yes, I am using the correct values in all $ variables.
I receive an HTTP 400 Bad Request with body:
{"error":{"message":"(#2200) callback verification failed: SSL certificate problem, verify that the CA cert is OK. Details:\nerror:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed","type":"OAuthException"}}
But I do have SSL setup correctly, as far as I can tell. I can issue other CURL calls against my HTTPS endpoint.
$ curl -i https://foo.com/health
HTTP/1.1 200 OK
Content-Type: text/plain
Date: Mon, 17 Oct 2011 19:56:42 GMT
Status: 200
X-Rack-Cache: miss
X-Runtime: 0.002040
Content-Length: 21
Connection: keep-alive
pong
Where is the issue, is it on my end or facebooks?
Note: I see similar issues here on SO especially in regards to Ruby / HTTPS, such as:
SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed
But I dont think this is my issue, and again, I am attempting to us CURL directly to ensure its not a Ruby/OpenSSL issue.
Plus, since FB says callback verification failed it makes me think the error is on FBs end when it is verifying MY callback URL.
Any help would be appreciated.
We don't have your parent certificate in our CA chain since its relatively new. You'll need to include all of the parent certificates in the chain. I'm guessing the step got skipped during install.
See the concatenate step on https://knowledge.rapidssl.com/support/ssl-certificate-support/index?page=content&id=SO17664
Related
I am probably just missing something here.
I can successfully call cloud code functions on my AWS elastic beanstalk deployment (e.g. /parse/functions/abc), but saving a class directly via PUT always times out.
Locally on my dev server everything works like a charm.
This is a sample call:
curl -X "PUT" "http://<redacted>.elasticbeanstalk.com/parse/classes/Test/tFSSqF5w4f" \
-H 'x-parse-session-token: <redacted>' \
-H 'x-parse-application-id: <redacted>' \
-H 'x-parse-client-key: <redacted>' \
-H 'x-parse-os-version: 14.1 (16C50)' \
-H 'Content-Type: text/plain; charset=utf-8' \
-d $'{
"r_instruments": [
"violin",
"singer"
]
}'
In the EB server logs I found the following error, but I don't know how to fix it (especially since calling a cloud code function works like a charm).
2022/04/03 21:43:12 [error] 5122#5122: *1 upstream timed out (110: Connection timed out) while reading response header from upstream, client: 24.164.138.198, server: , request: "PUT /parse/classes/Test/tFSSqF5w4f HTTP/1.1", upstream: "http://127.0.0.1:8080/parse/classes/Test/tFSSqF5w4f", host: "<redacted>.elasticbeanstalk.com"
Did anybody else ran into this problem by any chance?
I am totally lost here.
I have tried to use Django basic Authentication feature to verify username(test) and password(test).
It works from my local:
curl -H 'Accept: application/json; indent=4' -u test:test 'http://127.0.0.1:8000/api/checkuser/'
{
"detail": "Account authorized."
}
But it failed from production site:
curl -H 'Accept: application/json; indent=4' -u test:test 'https://production.fake/api/checkuser/'
{
"detail": "Authentication credentials were not provided."
}
I have tried to enable WSGIPassAuthorization from production server, but it does not help.
It seems to me that somehow the username and password did not really pass through, but cannot figure out how.
It works if I use web browser to access https://production.fake/api/checkuser/
Any advice to troubleshoot will be really appreciated. Thanks!
Has anyone used cUrl to manage the AWS (EC2) rest API? Here I picked the simplest possible call, listing running instances. Am I missing something or am I clearly showing ignorance of proper cUrl usage? The only real lead I have is this post from 2014 aside from the scattered AWS docs which don't show an actual complete example. (I do realize there are SDKs). It's a curl expert I need...I guess and someone to help me get past the over-use of the word "canonical" by the AWS tech writer.
Rest API
DescribeImages Action
Create Canonical Request
Bash:
amz_access_key_ID="????"
amz_ec2_secret="????"
amz_host=ec2.amazonaws.com
amz_date8=`date -u "+%Y%m%d"`
amz_date_http=`date -uR`
amz_date_rfc8601=`date -u "+%Y%m%dT%H%M%SZ"`
amz_content_type="application/json"
amz_credential="${amz_access_key_ID}/${amz_date8}/us-west-2/ec2/aws4_request"
amz_signed_headers="${amz_host};${amz_date_rfc8601};${amz_content_type}"
amz_signature=`echo -en ${amz_signed_headers} | openssl sha256 -hmac ${amz_ec2_secret} -binary | base64`
params="Action:DescribeInstances;Version:2016-11-15;X-Amz-Algorithm:AWS4-HMAC-SHA256;X-Amz-Credential:${amz_credential};X-Amz-Date:${amz_date_rfc8601};X-Amz-SignedHeaders:${amz_signed_headers};X-Amz-Signature:${amz_signature}"
curl -X POST -H "Content-Type:${amz_content_type}" -H "Date:${amz_date_http}" -H "Host:${amz_host}" -F "${params}" http://ec2.amazonaws.com/
Result from Amazon:
<!doctype html><html...HTTP Status 500 – Internal Server Error</h1><hr class="line" /><p><b>Type</b> Status Report</p><p><b>Message</b> Encountered an Internal Error</p><p><b>Description</b> The server encountered an unexpected condition that prevented it from fulfilling the request.</p><hr class="line" /></body>
The AWS API requests are unfortunately not straight forward to implement in curl. You are at least missing the canonical request that looks like that (from the example from the docs):
GET
/
Action=ListUsers&Version=2010-05-08
content-type:application/x-www-form-urlencoded; charset=utf-8
host:iam.amazonaws.com
x-amz-date:20150830T123600Z
content-type;host;x-amz-date
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
I recently started a litte project at https://github.com/sengaya/aws-micro-cli that implements some basic API calls of s3 and sts. While it does not support ec2 at this point you can look at the code or run something like this to get the final curl output as well as the steps to craft the request:
AWS_ACCESS_KEY_ID=foo AWS_SECRET_ACCESS_KEY=bar aws-micro s3 ls
Full debug output:
s3://some-bucket --debug --dryrun
DEBUG - get_bucket_from_s3url: some-bucket
DEBUG - get_key_from_s3url:
DEBUG - create_request_url: https://some-bucket.s3.amazonaws.com/
DEBUG - get_host_from_request_url: some-bucket.s3.amazonaws.com
DEBUG - array_sort: host:some-bucket.s3.amazonaws.com
x-amz-content-sha256:123456789123456789123456789
x-amz-date:20201007T155300Z
DEBUG - array_sort: host
x-amz-content-sha256
x-amz-date
DEBUG - create_canonical_and_signed_headers: host:some-bucket.s3.amazonaws.com
x-amz-content-sha256:123456789123456789123456789
x-amz-date:20201007T155300Z
host;x-amz-content-sha256;x-amz-date
DEBUG - get_canonical_uri: /
DEBUG - create_canonical_request: GET
/
host:some-bucket.s3.amazonaws.com
x-amz-content-sha256:123456789123456789123456789
x-amz-date:20201007T155300Z
host;x-amz-content-sha256;x-amz-date
123456789123456789123456789
DEBUG - sha256: 123456789123456789123456789
DEBUG - create_string_to_sign: AWS4-HMAC-SHA256
20201007T155300Z
20201007//s3/aws4_request
123456789123456789123456789
DEBUG - create_authorization_header: AWS4-HMAC-SHA256 Credential=foo/20201007//s3/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date, Signature=123456789123456789123456789
curl -v --fail https://some-bucket.s3.amazonaws.com/ -H Authorization: AWS4-HMAC-SHA256 Credential=foo/20201007//s3/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date, Signature=123456789123456789123456789 -H x-amz-content-sha256:123456789123456789123456789 -H x-amz-date:20201007T155300Z
I am using WSO2 IOT server, RaspberryPi 3 device with LED and DTH11 sensor. I can manage LED with console.
What I am trying to do is turn it On and Off with my mobile application. So, I want to know how can I send the HTTP request to the API and the request also. The server is running in localhost. Can anyone help me?
This is the command I used:
curl -k -X POST https://172.16.13.86:8243/api/device-mgt/v1.0/devices/raspberrypi/operations
-H 'accept: application/json' -H 'authorization: Bearer a7a156d7-0393-3350-8b9b-0ac956723440'
-H 'content-type: application/json' -d '{"deviceIdentifiers":[r1lovwmwg113],
"operation":{"code":"bulb","type":"CONFIG", "payLoad":"state:ON"}}'```
And this is the reply:
{"activityId":"ACTIVITY_36492","code":"bulb","type":"CONFIG","createdTimeStamp":"Fri
Dec 21 11:38:20 IST
2018","activityStatus":[{"deviceIdentifier":{"id":"r1lovwmwg113","type":"raspberrypi"},"status":"PENDING"}]}
I need to configure a NIFI flow that invokes a webservice. The curl command works fine from the cmd line of my nifi host
curl -U <user>:<password> -x <ip>:8080 -H 'SOAPACTION:"http://method"'-X POST -H 'Content-type: text/xml' -d #req.xml https://url -o result2.xml
Im trying to configure NIFI InvokeHTTP processor to make the call from within a nifi flow with following settings.
HTTP Method:POST
Remote URL: https://url
Proxy Host: <ip>
Proxy Port: 8080
Proxy Username: <user>
Proxy Password: <password>
SOAPAction: method (Dynamic Properties)
But it keeps running in the Failure queue.
how do i configure my InvokeHTTP according to the curl command which works ok?
We updated the version of the InvokeHTTP component from 1.3.0 to the newest