I'm trying to connect to Microsoft Power BI using the Mule Power BI connector but the connector configuration is very confusing with respect to OAuth. Has anyone successfully connected to Power BI with Mule? Here is my config:
<power-bi-rest:config name="Power_Bi_Rest_Connector_Config" doc:name="Power Bi Rest Connector Config" doc:id="d9dbee0f-50fe-46ca-977e-2b3c6ce1ff3b" >
<power-bi-rest:oauth2-authorization-code-connection >
<power-bi-rest:oauth-authorization-code consumerKey="xxx" consumerSecret="yyy" authorizationUrl="https://login.microsoftonline.com/69f2560d-6d2a-4768-989e-d35ed85aeab2/oauth2/v2.0/authorize" accessTokenUrl="https://login.microsoftonline.com/69f2560d-6d2a-4768-989e-d35ed85aeab2/oauth2/v2.0/token" scopes="api://96eb9d1c-6dfb-4acf-9950-d4af04038693/Mule"/>
<power-bi-rest:oauth-callback-config listenerConfig="HTTP_Listener_config" callbackPath="https://login.microsoftonline.com/common/oauth2/nativeclient" authorizePath="https://login.microsoftonline.com/common/oauth2/nativeclient" />
</power-bi-rest:oauth2-authorization-code-connection>
</power-bi-rest:config>
I have not specifically used Power BI but I can tell the what the issue probably is.
The oAUthCallbackConfig is where you will need to make the changes.
External Callback URL: While configuring the OAuth credentials in your MS account, you must have provided a callback URL that should be pointing to your Mule application. You need to put that URL here.
Callback Path: Here you need to mention where the Mule App should be expecting to get the call back with the authorization code. For example of you have configured external path as https://localhost:8082/oauth/callbackthis parameter could be oauth/callback. (Note that you will need to consider the base path that you may have configured in the http listener)
Authorize path: This should not be a URL pointing to a Microsoft api, but it is the path that you will use to hit you mule app to start the oAuth dance. You can put something like /oauth/authorize. Then when you try https://localhost:8082/oauth/authorize the mule app will trigger the oAuth dance and will redirect you to the login screen of everything else is setup correctly.
Related
I am trying to use the spring-cloud-dataflow-rest-client v2.6.0 in an application to launch spring cloud tasks. I followed the instructions on this page https://docs.spring.io/spring-cloud-dataflow/docs/current/reference/htmlsingle/#appendix-identity-provider-azure to secure Spring-cloud-dataflow-server using Azure AD. However, I am unable to get the setup that was provided for dataflow-shell to work with the SCDF rest client. I know shell internally uses SCDF-rest-client. So, not sure why it won't work for me.
Which properties should I use if my application which uses SCDF-rest-client is to launch tasks like the shell?
I tried with the following properties but I keep getting an invalid scope error.
-Dspring.cloud.dataflow.client.authentication.client-id=yhas7wqh-2a5d-4795-babb-b6213f896b52
-Dspring.cloud.dataflow.client.authentication.client-secret=asjajd8hhsasajdassakja
-Dspring.cloud.dataflow.client.authentication.oauth2.client-registration-id=Batch-Launcher
-Dspring.cloud.dataflow.client.authentication.token-uri=https://login.microsoftonline.com/d8bb2fd3-e835-4d68-b9db-7402a9bf39f1/oauth2/v2.0/token
-Dspring.cloud.dataflow.client.authentication.scope=api://dataflow-server/dataflow.deploy,api://dataflow-server/dataflow.view,offline_access
-Dspring.cloud.dataflow.client.authentication.oauth2.username=abcddemo#afdemo12.onmicrosoft.com
-Dspring.cloud.dataflow.client.authentication.oauth2.password=abcdPwd
-Dspring.cloud.dataflow.client.authentication.basic.username=abcddemo#afdemo12.onmicrosoft.com
-Dspring.cloud.dataflow.client.authentication.basic.password=abcdPwd
The exception that I get
Caused by: org.springframework.security.oauth2.core.OAuth2AuthorizationException: [invalid_scope] AADSTS70011: The provided request must include a 'scope' input parameter. The provided value for the input parameter 'scope' is not valid. The scope api://dataflow-server/dataflow.deploy offline_access is not valid.
Can someone from SCDF team update the Azure provider docs to include also how one can use SCDF rest client like shell to invoke SCDF API.
I am trying to build a Custom Connector in the Power Platform to connect to the BMC Helix (formerly Remedy) system to create work orders and such. I am using OAuth2 and was given a callback URL, auth URL, token URL, client ID and client secret.
I went to create a connector from scratch. I populated the fields, but I wasn't sure what to put for the 'Refresh URL', so I used the token URL there too.
I am trying to accomplish testing this connector and my successful test would be to get a JWT from doing a POST to the /api/jwt/login endpoint of BMC Helix. It should return a JWT which I can use to make subsequent calls.
Upon testing this, I go to create a connection, but a window opens (which I believe should be a prompt for authentication), but instead it contains an error saying 'unauthorized_client' coming back from the BMC Helix system at the /rsso/oauth2/authorize endpoint. It also contains a property within the URL of redirect_uri = https://global.consent.azure-apim.net/redirect.
Is there something on the Helix side I need to further configure? Not sure why I am getting this....
It sounds like you need TWO METHODS in your connector. A POST to call the token server, a GET (or another POST) to call the API (using the token received from Call 1).
One approach I've successfully used in the past is:
Use Postman to get your token server call working with OAUTH
Then use Postman to get your subsequent API calls working with the token appended
Save both requests to a single Postman collection
Export the Postman collection (as a V1 (deprecated) if I recall correctly)
Import this collection into PowerApps Custom Connector (create new/import from Postman Collection)
You'll have to massage it a bit after import, but it will give you a good headstart and you're starting from a known-good place (working Postman calls)
Good luck!
I am doing a POC to call restFul API using ADF CopyData.
The restFul API details are available on this link
http://www.groupkt.com/post/f2129b88/free-restful-web-services-to-consume-and-test.htm
from this page, i want to rest below service
http://services.groupkt.com/country/get/iso3code/IND
The linked service to base URL is successfully created in ADF
http://services.groupkt.com/country/get
in the next steps when I try to lookup data or do next steps i get error
Error using the REST connector - "Failed to get schema from"
Let me know if you have come across this issue in ADF V2
I was able to make this POC work by changing the relative URL which i was initially giving "/iso3code/IND"
Below is how the URLs should be
Absolute URL should be http://services.groupkt.com/country/get : this is used for creating the Linked Service of the CopyData
Relative URL should be http://services.groupkt.com/country/get/iso3code/IND
This is used for getting the mapping details of the Restful service
I'm using Apache Wink to access a service, and trying to debug a problem where the server apparently does not recieve my request in the intended format (details below, but are probably immaterial). Is there a way I can make the Wink client to log the HTTP requests that it makes to the server, so that I can see what is being sent down the wire?
Details: I'm using Eclipse Lyo to create a ChangeRequest in RTC (rational team concert) using their OSLC v2 REST APIs.(Eclipse Lyo internally uses Apache Wink). In doing so, even though I've set a "Filed Against" property in the ChangeRequest being submitted, RTC does not recognize it and complains that it is missing.
I think it's better to use a proxy to monitor the traffic. If your client runs on Windows, Fiddler is a very nice tool.
Premise
I'm attempting to make a windows service act as a signalR client to a web server (MVC3 project running on IIS Express). When trying to connect to the server, a 401 Unauthorized is returned.
Now, as far as I understand, the windows service runs under the account NETWORK_SERVICE, and it makes sense that this is not a valid user name to connect to the IIS. However, I've tried configuring SignalR in the following way:
Init
private static Connection WebUIConnection = new Connection("http://localhost:54193/IISWebsite");
Set credentials
WebUIConnection.Credentials = new System.Net.NetworkCredential("?", "?")
The settings of the IIS:
The IIS is almost a standard MVC3 project, and it has windows authentication enabled.
What I've tried
I've tried setting SignalR's credentials as my local windows username + pw, and also tried using the local network AD uname + pw, but I don't see this as being the way to do it.
So what I'm asking is, what should I consider when I try to make my windows service act as a client to the signalR-server, and is there a way to configure IIS to give client access to the Network_Service user? Is it in fact possible to make a windows service act as a client to a web server running in IIS like I'm trying to do?
Thanks,
Lari
I was able to solve what seems to be the problem. With the SignalR.Client the URL you need to give in the connection string looks like this:
private static Connection WebUIConnection = new Connection("http://localhost:54193/IISWebsite/signalr/hubs");
In addition to this I had to provide it with my local admin username and password for it to be able to connect. This is not how it should be done I feel, and I'd appreciate if anyone can enlighten me on how to make the network user have access to IIS from a local machine.
However, I think making a separate administrator account and making my windows service run under that account in the production environment is a solution I'm willing to accept. This way, it will be able to connect to the local IIS without a hitch.
Hope this information is helpful to others :)
Lari
If you're using hubs then that code is incorrect. There's a HubConnection you should be using. More info here:
https://github.com/SignalR/SignalR/wiki/SignalR-Client-Hubs