I want to implement Google Document AI to read invoice details in salesforce using Rest API. I found below Api detail which is working well.
Now to call this api I need Oauth token. I have tired to setup Named Credentials but getting error "No_Oauth_Token: Access token was not returned". Can you please guide me for this? Might be I am setting wrong Scope, so can you please let me know which scope I need to setup.
Currently scope:- https://www.googleapis.com/auth/cloud-platform
curl -X POST \
-H "Authorization: Bearer $(gcloud auth print-access-token)" \
-H "Content-Type: application/json; charset=utf-8" \
-d #request.json \
"https://LOCATION-documentai.googleapis.com/v1/projects/PROJECT_ID/locations/LOCATION/processors/PROCESSOR_ID:process"
Also, if any other way is available, please suggest.
Looking forward to hear on this.
Thank you!
Looking for solution to get Google Authentication(Oauth) token which I can use to call Google Document AI api.
Here is the information about setting up OAuth 2.0 for Google Cloud
https://support.google.com/cloud/answer/6158849?hl=en
And General Information about using OAuth 2.0 with Google APIs
https://developers.google.com/identity/protocols/oauth2
In addition, the REST request provided is not complete. It looks like you got the sample from this page https://cloud.google.com/document-ai/docs/send-request
On this page, you can click on the purple variables to replace them with the appropriate values for your setup (PROJECT_ID, LOCATION, etc)
I have done research base on above answer and found solution.
Solution is to use JWT token. You can generate JWT token at your end and using that we can call google API to get valid Authentication token and then we can use respective Google APIs.
Related
I just starting working on an iOS Swift 3 application that will integrate with a certain EHR. I had it working several months ago, but when I tried it this eve I noticed the application froze when I tried to get the access token. it appears that the token part of the OAuth2 exchange has changed and now looks like this:
POST https://api.xxxxxx.com/oauth2/access_token
curl -X POST https://api.xxxxxx.com/oauth2/access_token \
-H 'Authorization: Basic Y2xpZW50X2lkOnNlY3JldA==' \ //dummy auth
--data "code=a14d2c8e-9c8a-4820-8ae1-d9313bb6abe2&grant_type=authorization_code&redirect_uri=YOUR_REDIRECT_URI" //dummy code
I was going to include a pic of their documentation concerning this, but its copyrighted. Basically this is what must be included in the post to the token URL:
The Authorization header is required and must be in the format API_KEY:SECRET_KEY and then url safe base64 encoded.
The body of the request must include the following fields:
code - The authorization code that was sent to your Redirect URI at the end of the OAuth login process (see above).
grant_type - The type of authorization grant in use. In this case code for the authorization code.
redirect_uri - The redirect URI for the application, URL encoded.
Any idea of how to do this in Paw would be greatly appreciated! Right now the only way I can figure it to do each call manually as a request and pass along the pertinent items.
thanks!
Mark
From what I see here, it should be nicely supported by Paw. Here's an example config that should fit your needs:
In Paw, if you do NOT check "Set client credentials in the body", it will set the Client Key and Secret in the Authorization header exactly as you described (base64, separated by a :, that's the Basic Auth format).
Otherwise, things should be working ok. Let me know if you need any help.
I am rewriting a legacy JSON API application in Rails 5 (in API mode, so we're using ActionController::API). For the sake of API consistency, the new application needs to be accessed like so:
$ curl -u my-api-token: http://foo.bar/baz
(Note that no password is provided).
From there, we ostensibly authenticate based on the API token and life is grand.
The issue I am having is my inability to access the my-api-token component of the request using Rails' request object in the controller (which is an ActionDispatch::Request object) or through the params hash -- in either case, my-api-token appears to be absent. The act of curling is otherwise successful, in that it hits the right endpoint and the right controller action.
The documentation for curl and for ActionDispatch::Request seem to be not particularly useful yet, and searching for my-api-token when inspecting the request object turns up nothing. Other threads in SO seem to be mostly about how to get curl working in the first place, rather than this particular use case.
What am I doing incorrectly? Or, perhaps better, what do I need to do differently to make this work?
Thanks in advance.
It looks like you are misunderstanding what the -u option does in cURL. With the -u option, you are telling cURL to use Basic Authentication. Thus, your API token is being sent in the HTTP Authorization header, not in the request params.
I see a few options to fix your problem.
The first option is to look in the request headers to extract the Authorization header value, base64 decode it, and you can then grab your API token. I'm not very familiar with Rails, but it looks like this is fairly easy to do: http://api.rubyonrails.org/classes/ActionDispatch/Request.html#method-i-headers
The second option is to send the API token via GET params or a POST request. I believe using a POST request is most common for authentication.
For example, using a POST request, you might do something like
curl --data "token=API_TOKEN" https://example.com/resource.cgi
Then you should be able to access the data in the request params.
Also, please consider using HTTPS. With HTTP, any of the solutions I mentioned are susceptible to having your API token intercepted. You can read this question to understand why this is so: https://superuser.com/questions/919859/is-curl-u-usernamepassword-http-example-com-secure
I have a question regarding the auth-scheme. I stumble across JSON Web Tokens and one of the official page:
https://jwt.io/introduction/
They use
Authorization: Bearer <token>
In the past, I am familiar with the Authorization: JWT <token> and had assume that was correct until today, I read the official JWT webpage and they used Bearer <token> instead.
I was testing the Knock Rails gem: https://github.com/nsarno/knock and with this library, I was able to make a Postman request to my Rails API with random auth-scheme:
I could even get rid of the auth-scheme completely:
When I remove my JWT token from the Authorization header, however, it returns 401 Unauthorized response as expected, so I know it's...working?
So I began to think...is there a purpose to the auth-scheme ?
Is a library or web server suppose to honour/respect/enforce the correct usage of auth-scheme in the Authorization header?
I came across this Stackoverflow post in my quest for answer:
Custom HTTP Authorization Header
It showed the official format is:
credentials = auth-scheme #auth-param
The example given was even more bizarre:
Authorization: FIRE-TOKEN apikey="0PN5J17HBGZHT7JJ3X82", hash="frJIUN8DYpKDtOLCwo//yllqDzg="
I don't know if this qualifies as a programming question. I can blindly follow/use a third party library.
What's the purpose of the auth-scheme ?
I'm no cryptography/computer security expert.
Maybe someone can shed some light on the issue (or maybe non-issue?) ?
The authorization scheme is just an indication to the server of what type of credentials are following. A client can use basic scheme
Authorization: Basic <base64(username:password)>
Or bearer scheme
Authorization: Bearer <base64(JWT)>
Or the Hawk scheme
Authorization: Hawk id="...", ts="...", nonce="...", ext="...", mac="..."
Or any other scheme it can agree on with the server.
I have built an API in C# ASP.NET 5.
This is current the code library I use to generate and validate OAUTH tokens https://github.com/mrsheepuk/ASPNETSelfCreatedTokenAuthExample
The logged in user calls my API (passing the Bearer token in the header) to retrieve their saved notes from my NoteController. In my NoteController I retrieve the userNo from the Auth token claims and retrieve the users notes from the database. If the user's Auth token is invalid then I send them back a HTTP 401.
I have added code in my Startup.cs to enable Authorization:
// Enable the use of an [Authorize("Bearer")] attribute on methods and classes to protect.
services.AddAuthorization(auth =>
{
auth.AddPolicy("Bearer", new AuthorizationPolicyBuilder()
.AddAuthenticationSchemes(JwtBearerDefaults.AuthenticationScheme)
.RequireAuthenticatedUser().Build());
});
My problem: as good as the code library (ASPNETSelfCreatedTokenAuthExample) is, it does not provide an OAuth refresh token mechanism.
I have tried to find a decent library to replace the one I am currently using.
I want a library that uses refresh tokens etc.
I have looked at IdentityServer4 but the examples are just for generating tokens in a dedicated server
I don't quite understand what to do :(
Can someone point me in the right direction please?
Thanks
DONE IT!!! :D
found this amazing blog post
http://capesean.co.za/blog/asp-net-5-jwt-tokens/
It took me a few mins to get his source code to work.
I actually had to use someone's fork of the solution to get it to work
https://github.com/VoronFX/openiddict-test
My steps to get it to work:
1. Download https://github.com/VoronFX/openiddict-test
Next steps are copied from (https://github.com/openiddict/openiddict-core)
run these commands:
set DNX_UNSTABLE_FEED=https://www.myget.org/F/aspnetcidev/
dnvm upgrade -u
Update your project.json to import the OpenIddict package:
"dependencies": {
"OpenIddict": "1.0.0-*"
},
Direction -> If I would have such a task, probably I would get familiar with the official AspNetCore middleware and try to implement my own middleware based on the official OAuth middleware. Have a look here -> https://github.com/aspnet/Security/tree/dev/src/Microsoft.AspNetCore.Authentication.OAuth.
More authentication middlewares: https://github.com/aspnet/Security
I want to send authorize request to twitter API in order to get followers ids, i got access token and access token secret by creating a new application as shown here. I have no idea how to send authorize request in pharo smalltalk.
I want to get followers ids by performing this in pharo smalltalk .
I wanna know if there is any documentation or packages that can help me with this.
Here is the code i tried to work with.
|client|
client:= ZnClient new.
client https;
host: 'www.api.twitter.com/1.1/followers/ids.json';
queryAt: 'q' put: 'cursor=-1&screen_name=my name'.
client request headers at: 'Authorization' put:' OAuth oauth_consumer_key="Hp6FpBU7Bbqv89RqrHJzHw", oauth_nonce="9677be3a12e128702b06348677319e75", oauth_signature="GUQR%2FI%2Bd0XhQLJP5B0IHtDfiiLE%3D", oauth_signature_method="HMAC-SHA1", oauth_timestamp="1387729271", oauth_token=" my acess token", oauth_version="1.0" '.
client get.
Welcome to Pharo community, Irfan.
You should take a look at Zinc framework. Here is a very nice documentation, you should be able to solve your problem after reading it.
Also as far as I know there is work in progress on the OAuth protocol, you can take a look here: https://github.com/svenvc/docs/blob/master/zinc/zinc-sso-paper.md. You definitely want to take a look at it because there are also 2 demos where you can interact with twitter