I have been using MediaWiki API for some time using properly formatted URLs, but i need to access a wiki with a required login.
I tried using fetch to make the request, and also axios, and the result is the same: the HTML page of the API, the same I would get if i just put the URL of the api in a browser.
My axios call is this:
axios.post('/wiki/api.php', {
logintoken: "this. Token",
action: "clientlogin",
username: "xxxxx",
password: "yyyyyy",
loginreturnurl: "http://localhost/",
format: "json"
}).then(function (response) {
console.log(response. Data);
})
It is as if the post request is simply not made. I tested using the Wikipedia api, and the result is the same.
Any help?
I believe you should add a ?format=json parameter?
Even though it is a post request
In the end it all came down to the fact that the MediaWiki API was expecting the parameters in the application/x-www-form-urlencoded format, and not application/json or text/plain ones.
When I changed that, I was able to login as expected, regardless of using axios or simply fetch.
The final code looks like this (token obtained via another API call):
const opts = {
method: 'POST',
headers: {'Content-Type': 'application/x-www-form-urlencoded'},
body: new URLSearchParams({
"logintoken": this.token,
"action": "clientlogin",
"username": "username",
"password": "password",
"loginreturnurl": "http://localhost/",
"format": "json"
})
};
const res = await fetch('/wiki/api.php', opts).
Related
I am creating a company page (outside Foundry) which will use Foundry for authentication. I would like to show the name and email of the person who logged in in my website, is there a way to get it from the obtained token?
I checked the (internal) documentation pages for multipass and resource policy manager but could not see anything that would help.
You can call the user_info endpoint of multipass:
def get_user_info(self, hostname: str, auth_token: str) -> dict:
"""
Returns the multipass user info
Returns: dict, example:
{
'id': '1234bda5-686e-4fcb-ad52-d95e4281d99f',
'username': '<username>',
'attributes': {'multipass:email:primary': ['...'],...}
}
"""
response = requests.get(
f"{hostname}/multipass/api/me", headers={
"content-type": "application/json",
"authorization": f"Bearer {auth_token}",
}
)
response.raise_for_status()
return response.json()
Describe what are you trying to do
In one of my applications, I need to upload a file to my server from my angular website.
Basically, to do this I use the FormData object to which append several informations, like the file name, and others.
To send the file itself I will append to the FormData an fs.readStream().
Then I post this via axios to my server endpoint.
Exemple of code (postman request using form-data):
var axios = require('axios');
var FormData = require('form-data');
var fs = require('fs');
var data = new FormData();
data.append('avatar', fs.createReadStream('/home/file.mp3'));
data.append('title', 'test');
data.append('description', 'test');
var config = {
method: 'post',
url: 'localhost:8080/upload-file',
headers: {
...data.getHeaders()
},
data : data
};
axios(config)
.then(function (response) {
console.log(JSON.stringify(response.data));
})
.catch(function (error) {
console.log(error);
});
Concerning the server, it is developed in node.js and I use the "multer" middleware to retrieve the file.
Exemple of an endpoint code :
import {Response, Request} from "express";
public static async UploadFile(req: Request, res: Response): Promise<any> { }
Without krakend gateway, it's works perfectly and I can then retrieve the file in my endpoint so that: req.file
The others informations sent like "title", "description" are in req.body
Using krakend, I get all the information on the server side except the file, in the request, I only find the req.body and not the req.file
So my question is, how come krakend is not sending the file data to the backend and what would be the solution in order to send file via POST request a FormData to krakend ?
Your configuration file
The content of your krakend.json:
{
"version": 3,
...
{
"endpoint": "/upload",
"method": "POST",
"output_encoding": "no-op",
"backend": [
{
"method": "POST",
"encoding": "no-op",
"url_pattern": "/upload-file",
"host": [
"http://containername:8080"
]
}
]
}
}
I tried to use the different "no-op" annotations but nothing works, I have the impression that krakend does not interpret my file upload
Commands used
How did you start the software?
I use docker-compose:
krakend:
container_name: 'Gateway'
image: devopsfaith/krakend
volumes:
- ./KrakenD/dev/:/etc/krakend
ports:
- "8080:8080"
- "1234:1234"
- "8090:8090"
links:
- some containers
- ...
restart: always
network_mode: bridge
Logs
I don't have a specific log, only my backend which returns a 400 code as it can't find the file information in the request.
for those who are going through the same problem. Please note that postman was the cause of the problem for me, KrakenD does support sending bodies as multipart/form-data, so don't forget to let the headers through as needed.
The problem is that when passing through postman, I can't explain but the file is badly sent to krakenD. Use Insomnia, or a simple Curl to do your tests.
Maybe you have to include "Content-Type" at input-headers.
"input_headers": [
"Authorization",
"Content-Type"
],
Here you can find more info about it.
I'm trying to use the built in tool to get an OAuth 2.0 token for my requests. This seems pretty straightforward when reading the documentation and I set it up like this:
The issue is that the request for the token is sent with a content type of application/x-www-form-urlencoded. So the response I'm getting from the server is a 415 Unsupported Media Type I do not see a way to change the request content-type to application/json.
Am I missing something or is the only way to create a custom pre-request script?
https://github.com/oauthjs/node-oauth2-server/issues/92
application/x-www-form-urlencoded , is the supported content-type for Oauth
https://www.rfc-editor.org/rfc/rfc6749#section-4.1.3
If you want to create , you can use pre-requisite script something like:
https://gist.github.com/madebysid/b57985b0649d3407a7aa9de1bd327990
// Refresh the access token and set it into environment variable
pm.sendRequest({
url: pm.collectionVariables.get("zoho_accounts_endpoint") + "/oauth/v2/token",
method: 'POST',
header: {
'Accept': 'application/json',
'Content-Type': 'application/x-www-form-urlencoded',
},
body: {
mode: 'urlencoded',
urlencoded: [
{key: "client_id", value: pm.collectionVariables.get("zoho_client_id"), disabled: false},
{key: "client_secret", value: pm.collectionVariables.get("zoho_client_secret"), disabled: false},
{key: "refresh_token", value: pm.collectionVariables.get("zoho_refresh_token"), disabled: false},
{key: "grant_type", value: 'refresh_token', disabled: false}
]
}
}, function (err, res) {
pm.collectionVariables.set("zoho_access_token", 'Zoho-oauthtoken ' + res.json().access_token);
});
Change it to JSON or what ever you want and store the value to a variable and use that as bearer {{token}}
I'm adding Strava to an iOS application, Strava uses Auth2.0, every Strava API call needs a token to prove the user is authenticated and the app has permission to access the API. After obtaining a special "code" from user login response, I need to exchange it with Strava to get a token. I try to retrieve the token using the "code" I got from the login like this:
var headers : HTTPHeaders {
get {
return [
"Accept": "application/json",
]
}
}
let par =
["client_secret": "671333e8c4a7726a5160adb615b74a428535f86e",
"client_id": "32573",
"code": "4/7wAZ8rA_jMXwponVhwGKuPmCDP4UGuCViojCq-K5KRiZ1CI1Gzqc2TdglTJ7k1DU2wIxH22fNguNNXTfIGpaD8g"] as [String : Any]
Alamofire.request("https://www.strava.com/oauth/token", method: .post, parameters: par, encoding: JSONEncoding.default, headers: headers)
.validate()
.responseJSON { response in
print("Response -> \(response.debugDescription)")
}
The problem is that I always get a 400 Bad request, if anyone have experience with the Strava API or any idea of what I'm doing wrong please advise.
You have to specify grant_type=authorization_code to tells the token endpoint that the application is using the authorization code grant type:
https://www.strava.com/oauth/token?
client_id=<YOUR_CLIENT_ID>&
client_secret=<YOUR_CLIENT_SECRET>&
code=<AUTHORIZATION_CODE_FROM_STRAVA>&
grant_type=authorization_code
I'm getting a 404 - File name not provided in url response when creating an upload session.
My request looks like (without any body):
POST /v1.0/drives/{drive-id}/items/{item-id}/createUploadSession
Authorization: bearer <token>
Content-Type: application/json
This problem is only with the consumer OneDrive, OneDrive for Business works fine.
It worked for me:-
POST - https://graph.microsoft.com/v1.0/me/drive/root:/filename.txt:/createUploadSession
In Headers:-
Content-Type : application/json
Authorization: Bearer EwCIA8l6BAAUO...9chh8cJaAg==
In Body:-
{
"item": {
"#odata.type": "microsoft.graph.driveItemUploadableProperties",
"#microsoft.graph.conflictBehavior": "rename",
"name": "filename.txt"
}
}
I could upload a file in a personal account using this URL for create the storage session:
https://graph.microsoft.com/v1.0/me/drive/items/{folderID}:/{fileID}:/createUploadSession
var config = {
method: 'post',
url: 'https://graph.microsoft.com/v1.0/me/drive/items/{folderID}:/{fileID}:/createUploadSession',
headers: {
'Content-Type': 'application/json',
'Authorization': 'Bearer
}
Response:
{
"#odata.context": "https://graph.microsoft.com/v1.0/$metadata#microsoft.graph.uploadSession",
"expirationDateTime": "2020-11-06T14:25:27.662Z",
"nextExpectedRanges": [
"0-"
],
"uploadUrl": {url}
}
Then:
To create the file you gonna need to send a PUT request for the
{uploadUrl} that you got in the response.
I've never run across your particular scenario but I suspect this is due to the folder that was shared with you via OneDrive for Business being part of the same tenant as your own OneDrive for Business. When you're accessing a shared folder from a consumer OneDrive however, you are effectively accessing a drive in a completely separate tenant.
Since using the root:/{path}:/ method I suggested works, it sounds like this scenario may cause some issues with the API determining the file's information from the {itemId}. I'm looking to confirm this so I can update the documentation going forward.