'Verify the JWS E256 signature using the server's pulbic key'.
so i tried to call the public key
headers1 = {'content-type': "application/json"}
test = requests.get('https://appleid.apple.com/auth/keys', headers=headers1)
print("test : ", test)
it returned this. that's all
test : <Response [200]>
i want to below information
spacially 'n' and 'e' value
help me bro!!!!!!!!!!!!!!!!
Related
I am trying to call a 3rd party service that uses Oauth2 Password Credentials to get an authentication token. Ballerina is returning the following messages.
2020-04-23 15:07:35,414 ERROR [ballerina/oauth2] - Received an invalid response with status-code: 406; and payload: {"fault":{"faultstring":"Raising fault. Fault name : RF.Raise-406-Exception","detail":{"errorcode":"steps.raisefault.RaiseFault"}}}
2020-04-23 15:07:35,418 ERROR [ballerina/oauth2] - Failed to generate OAuth2 token. : error {ballerina/oauth2}Error message=Received an invalid response with status-code: 406; and payload: {"fault":{"faultstring":"Raising fault. Fault name : RF.Raise-406-Exception","detail":{"errorcode":"steps.raisefault.RaiseFault"}}}
error {ballerina/http}AuthenticationFailed message=Failed to prepare request at bearer auth handler. cause=error {ballerina/auth}Error message=Failed to generate OAuth2 token. cause=error {ballerina/oauth2}Error message=Received an invalid response with status-code: 406; and payload: {"fault":{"faultstring":"Raising fault. Fault name : RF.Raise-406-Exception","detail":{"errorcode":"steps.raisefault.RaiseFault"}}}
It's the 406 code that is confusing me as I have set both the content type & accept headers to "application/json" which is what the service requires.
However, the second message says "Failed to generate OAuth2 token" so could it be the call to get the oauth token that is returning the 406? If so how do I set the accept header on the token service call?
Using Ballerina I have called the token endpoint and successfully got a token but if I try to call a service using a PasswordGrantConfig those are the errors I get. I've tried everything I can think of and have successfully got other services using ClientCredentialsGrantConfig to work.
Any help gratefully received.
The relevant code is below. The three sections below are parts of the code in 3 different .bal files.
// configure the Oauth2 Config
import ballerina/config;
import ballerina/http;
import ballerina/oauth2;
public function getOauth2Handler() returns http:BearerAuthHandler {
oauth2:PasswordGrantConfig passwordGrantConfig = {
tokenUrl: config:getAsString("experian.authentication.tokenUrl"),
username: config:getAsString("experian.authentication.username"),
password: config:getAsString("experian.authentication.password"),
clientId: config:getAsString("experian.authentication.clientId"),
clientSecret: config:getAsString("experian.authentication.clientSecret"),
credentialBearer: http:AUTH_HEADER_BEARER
};
oauth2:OutboundOAuth2Provider oauth2Provider = new (passwordGrantConfig);
return new (oauth2Provider);
}
// Configure the API Client
http:ClientConfiguration delphiSelectClientConfig = {
auth: {
authHandler: experian:getOauth2Handler()
}
};
experian:DelphiSelectClientConfig delphiSelectConfig = {
serviceUrl: config:getAsString("experian.services.delphi-select.serviceUrl"),
clientConfig: delphiSelectClientConfig
};
experian:DelphiSelectClient delphiSelectClient = new (delphiSelectConfig);
// Call the endpoint using the Oath2 configuration
import ballerina/http;
import ballerina/io;
public type DelphiSelectClientConfig record {
string serviceUrl;
http:ClientConfiguration clientConfig;
};
//==============================
//============Client============
//==============================
public type DelphiSelectClient client object {
public http:Client clientEp;
public http:ClientConfiguration config;
public function __init(DelphiSelectClientConfig config) {
http:Client httpEp = new (config.serviceUrl, {auth: config.clientConfig.auth});
self.clientEp = httpEp;
self.config = config.clientConfig;
}
public remote function newApplication() returns #untainted json|error {
io:println("In newApplication function");
http:Request request = new;
json requestBody = newApplicationBody; // get test data from json in another file
request.setJsonPayload(requestBody);
var response = check self.clientEp->post("/application", request);
var payload = check response.getJsonPayload();
return payload;
}
};
I have also modified my test code to call the token EP and deliberately set accept to an unacceptable value, for example, "text/csv". In this case I get the same error response. However setting accept to "*/*" does work. Final test; accept of "" (empty) also fails so I suspect that the BearerAuthHandler is not setting any value for accept.
So can I force the BearerAuthHandler to set an accept of "application/json"?
Thanks.
See picture below.
Also, the example in the Oath2 spec you referenced shows a content-type value being set. Even a value of “*/*” would work but I suspect Ballerina leaves it blank.
I have raised the GitHub issue Need to be able to set http header values for OutboundOAuth2Provider
The main objective of http:OutboundAuthHandler objects are to prepare the http:Request with authentication information that needs to be authenticated with external endpoint you are calling to.
The http:BearerAuthHandler is responsible for adding Authorization header with the value of Bearer <token>. "token" is prepared with the provided information. So, there is no option to force http:BearerAuthHandler to set any header for the request.
But in this case, if the API successfully respond if there is Accept header with the value of application/json, you can simply add that header to the http:Request before calling the POST request as follow:
request.addHeader("Accept", "application/json");
I have integrated messaging with Twilio and am using Twilio callback to update status of the message in my system. When twilio is responding back with the status, it's always failing for POST api.
I have followed the steps from twilio documentation https://www.twilio.com/docs/usage/security#validating-requests
Below is what I am doing :
1. Extract request URL and append query parameters
2. Get parameter map, filter out any request param that is part of this map
3. Validate by calling validate from twilio sdk
I have found that my generated signature is never matching the signature coming from twilio for POST method
Here is my code for getting complete request URL :
StringBuilder requestURL = new
StringBuilder(request.getRequestURL().toString());
String queryString = request.getQueryString();
String requestURLString = "";
if (StringUtils.isBlank(queryString))
{
requestURLString = requestURL.toString();
}
else
{
requestURLString = requestURL.append('?').append(queryString).toString();
}
And then I am getting request parameter map like this :
Map<String, String[]> requestParameterMap = request.getParameterMap();
Later on I am filtering any extra request parameter that is part of my requestParameterMap :
if (StringUtils.isNotBlank(request.getQueryString()))
{
Arrays.asList(request.getQueryString().split("&")).stream()
.forEach(p -> params.remove(p.split("=")[0]));
}
And then calling twilo util to calculate the signature :
RequestValidator validator = new RequestValidator(authToken);
isValid = validator.validate(serverURL, params, expectedSignature);
Inspecting my request from Twilio console this is how my request is looking like :
Request : http://7096a2e1.ngrok.io/api/text/textMessage/updateStatus
Parameters :
ApiVersion 2010-04-01
MessageStatus delivered
SmsSid SMa72ee979a8374b218107081b04d7eb9a
SmsStatus delivered
From +17326418522
To +19086160992
MessageSid SMa72ee979a8374b218107081b04d7eb9a
AccountSid AC134c1c93ef7ef868e85ba9264b4024a1
While debugging in my local server I can see request URL and parameter map are all forming as expected.
Can anyone please help here.
My development Environment : eclipse java
I would like test a requestJWTuserToken sample, but I'm getting an error.
Test code:
OAuth.OAuthToken oAuthToken = apiClient.requestJWTUserToken(IntegratorKey, userId, scopes, privateKeyBytes, 3600);
Assert.assertNotSame(null, oAuthToken);
apiClient.setAccessToken(oAuthToken.getAccessToken(), oAuthToken.getExpiresIn());
UserInfo userInfo = apiClient.getUserInfo(oAuthToken.getAccessToken());
Assert.assertNotSame(null, userInfo);
Assert.assertNotNull(userInfo.getAccounts());
Assert.assertTrue(userInfo.getAccounts().size() > 0);
Error message:
com.docusign.esign.client.ApiException: Error while requesting an access token:
class OAuthToken {
accessToken: null
tokenType: null
refreshToken: null
expiresIn: 0
at com.docusign.esign.client.ApiClient.requestJWTUserToken(ApiClient.java:719)
at smartsuite.app.util.DocuSignUtil.settingAuthentication(DocuSignUtil.java:112)
what are userid?
I found a admin sendbox at user > API username
enter image description here
This error is sometimes encountered when there is a problem with the RSA private key that you are using in your JWT request. Start by verifying how you are passing your key's private data into the request, if you are reading from a environment variable for example make sure the key's value is contained on a single line, otherwise it might be getting truncated.
If your key spans multiple lines as an environment variable try doing a regular expression find/replace where you replace all newline \n characters with the string literal "\n" and then pass that through to see if it resolves your issue.
There are already topics on this topic, but I have not been able to solve the problem on my side.
I develop a driver of auth for AdonisJS Ally and Tumblr, I get this error after the callback. However, oAuthToken, requestToken.oAuthTokenSecret and oAuthVerifier are correct (at least, I think).
The response is:
error { statusCode: 401, data: 'oauth_signature does not match
expected value' }
The request token URL:
https://www.tumblr.com/oauth/request_token?oauth_consumer_key=Vv3XfKpkZAXAehLxk9h76cjPkUyq7iDnqMjmEKwqKrOriGSVoG&oauth_nonce=fd47a26a06ceb6ce20121bc98ac78a01&oauth_signature=Hkhvn1n5kgjg9P0IeKwvqKT9j3I%3D&oauth_signature_method=HMAC-SHA1&oauth_timestamp=1323327331&oauth_version=1.0
var request = require("request");
var oauth ={
consumer_key: "****************************",
consumer_secret: "****************************"
};
var url = 'https://www.tumblr.com/oauth/request_token'
request.post({url:url, oauth:oauth}, function (e, r, body) {
var temp1 = body.split("&");
var auth_token=temp1[0].split("=")[1];
var auth_secret=temp1[1].split("=")[1];
var tokens=[auth_token,auth_secret];
console.log(temp1)
cb(undefined,{d:tokens});
})
this code worked to me, try this.
There is no proper documentation for tumblr, but from the doc what i understood is there are 3 ways to get authenticated in tumblr and receive auth_token and auth_token secret the above code might not work because there is change of auth_nonce and auth_signature and hence you receive the error as
oauth_signature does not match expected value so i would suggest to use my method to generate the auth_token and auth_token_secret. this code works without adding any signature and nonce
I need help in understanding a problem of token when trying to get an offer's information using https://api.ebay.com/sell/inventory/v1/offer/OFFER_ID endpoint.
I've got 2 types of tokens:
User token and Access token.
Documentation clearly gives me the explanation that I must use the USER TOKEN.
I made it using Auth'n'Auth method, I agreed to give permission as a seller. Now I am trying to use this token like that:
public void getOffer(#RequestBody Map<String, String> args) throws IOException {
HttpClient client = HttpClientBuilder.create().build();
HttpGet httpGet = new HttpGet("https://api.ebay.com/sell/inventory/v1/offer/OFFER_ID");
httpGet.setHeader("Authorization", "Bearer " + args.get("token"));
httpGet.setHeader("Content-Language", "en-US");
HttpResponse response = client.execute(httpGet);
System.out.print(EntityUtils.toString(response.getEntity()));
}
It keeps returning me:
{
"errors" : [ {
"errorId" : 1001,
"domain" : "OAuth",
"category" : "REQUEST",
"message" : "Invalid access token",
"longMessage" : "Invalid access token. Check the value of the Authorization HTTP request header."
} ]
}
What can be wrong and what steps I missed?
Thank you in advance
Well it's giving you the exact error that is occurring:
"Invalid access token. Check the value of the Authorization HTTP request header."
That means you have an issue with this line of code...
httpGet.setHeader("Authorization", "Bearer " + args.get("token"));
Something is wrong with the Authorization header, so either the token is wrong, the value isn't correct, or it's just not receiving it. Is the word "Bearer" supposed to be send with the header? And does the value of the args.get("token") contain the correct value?
Another issue that happens a lot with REST services, sometimes you have to use an HTML entities function to encode the strings/ldata you are attaching to a web request. Because you have a space in the authorization, perhaps the space isn't interpreting correctly from eBay and you have to use HTML entities on the string. Something like this...
httpGet.setHeader("Authorization", HttpUtility.HtmlEncode("Bearer " + args.get("token"));
I made it using Auth'n'Auth method
There are two versions of an User Token. eBay provides an older style called "Auth 'n' Auth" and a newer OAuth version. The "Auth 'n' Auth" token does not work with the new RESTFul APIs. You need to generate an OAuth User Token following the process found in the documentation.