I use self hosted Jira and I'm currently trying to connect to the Jira api using a python script (and the requests library) having 2fa enabled by my organization. I'm not an admin of the project and after creating a personal access token and using it as a Bearer token I only got so far to get a response from the server telling me to put in the OTP to proceed.
I was thinking whether I could possibly pass the OTP as part of the authorization header when making the request to the api but couldn't find any useful hints on how to do that. I have also been looking into OAuth tokens but from my understanding I'm unable to create one since I don't have the option to create an application link within Jira (since I'm not an admin).
Does anyone have an idea on how I could manage to establish the connection to the api?
Any help would be appreciated!!
Cheers,
Liz
Hey #Liz try this project for inspiration - https://github.com/dren79/JiraScripting_public
I built it out on the below examples from the API documentation.
#This code sample uses the 'requests' library:
#http://docs.python-requests.org
import requests
from requests.auth import HTTPBasicAuth
import json
url = "https://your-domain.atlassian.net/rest/api/3/issue/{issueIdOrKey}"
auth = HTTPBasicAuth("email#example.com", "<api_token>")
headers = {
"Accept": "application/json"
}
response = requests.request(
"GET",
url,
headers=headers,
auth=auth
)
print(json.dumps(json.loads(response.text), sort_keys=True, indent=4, separators=(",", ": ")))
Related
I am trying to build a Custom Connector in the Power Platform to connect to the BMC Helix (formerly Remedy) system to create work orders and such. I am using OAuth2 and was given a callback URL, auth URL, token URL, client ID and client secret.
I went to create a connector from scratch. I populated the fields, but I wasn't sure what to put for the 'Refresh URL', so I used the token URL there too.
I am trying to accomplish testing this connector and my successful test would be to get a JWT from doing a POST to the /api/jwt/login endpoint of BMC Helix. It should return a JWT which I can use to make subsequent calls.
Upon testing this, I go to create a connection, but a window opens (which I believe should be a prompt for authentication), but instead it contains an error saying 'unauthorized_client' coming back from the BMC Helix system at the /rsso/oauth2/authorize endpoint. It also contains a property within the URL of redirect_uri = https://global.consent.azure-apim.net/redirect.
Is there something on the Helix side I need to further configure? Not sure why I am getting this....
It sounds like you need TWO METHODS in your connector. A POST to call the token server, a GET (or another POST) to call the API (using the token received from Call 1).
One approach I've successfully used in the past is:
Use Postman to get your token server call working with OAUTH
Then use Postman to get your subsequent API calls working with the token appended
Save both requests to a single Postman collection
Export the Postman collection (as a V1 (deprecated) if I recall correctly)
Import this collection into PowerApps Custom Connector (create new/import from Postman Collection)
You'll have to massage it a bit after import, but it will give you a good headstart and you're starting from a known-good place (working Postman calls)
Good luck!
I want to implement Oauth2 protocol from scratch for study purposes.
I'm following the Github guide after having created an App with a Client ID and Client Secret.
The two information sources are pretty simple and are:
https://developer.github.com/apps/building-oauth-apps/authorizing-oauth-apps/
https://gist.github.com/technoweenie/419219
In particular, I'm starting from the first step pasting on my browser:
https://github.com/login/oauth/authorize?client_id=&redirect_uri=http://localhost:8080/auth/temp&scope=user&state=&allow_signup=true
I have a Spring application listening on port 8080 (I don't want to use Spring Security because I want to implement the protocol from scratch) with the following and working endpoint exposed:
#RequestMapping("/auth/temp")
public String redirectAuth(HttpServletRequest request) {
//TODO implement next steps
return "here we are!";
}
but when I go to the github link I get a 404 not found error, as my localhost application wouldn't exist.
I expect the official guide has some mandatory information missing, such as some other endpoints which my application must expose in order to be queried, for instance, about the client secret.
So, what am I missing?
Github only supports the auth code oauth 2 flow. It might be helpful to read up on that.
I have a blog and a video on the auth code flow that may help.
Disclaimer: I work at and created them for Ping Identity, but I think
they'll be helpful even for your study purposes.
https://developer.pingidentity.com/en/blog/posts/2019/what-are-oauth-2-0-grant-types-part-1-authorization-code-flow.html
https://youtu.be/eg7I8x-u0sc
You haven't included your client_id in the authorisation url:
https://github.com/login/oauth/authorize?client_id=&redirect_uri=http://localhost:8080/auth/temp&scope=user&state=&allow_signup=true
The authorization server (GitHub) needs this value to identify the client you have registered.
There are only a few RPC methods that include the HTTP reference endpoint in the reference documentation.
I got the Google Ads Service's Mutate method to work with
https://googleads.googleapis.com/v3/customers/{customer-id}/googleAds:mutate
However, trying to call the Keyword Plan Idea service fails, reporting there is no such URL on the server:
https://googleads.googleapis.com/v2/customers/{customer-id}/keywordPlanIdea:generateKeywordIdeas
I have tried it with and without the customers/{customer-id}, and with GET, POST, and even PUT. No luck.
Does anyone know the correct endpoint?
Thanks!
John
For generateKeywordIdeas, the URL endpoint is
https://googleads.googleapis.com/v6/customers/{customer-id}/generateKeywordIdeas
This information is listed here: https://github.com/googleapis/googleapis/blob/master/google/ads/googleads/v6/services/keyword_plan_idea_service.proto
Specifically, this code from that file:
rpc GenerateKeywordIdeas(GenerateKeywordIdeasRequest) returns (GenerateKeywordIdeaResponse) {
option (google.api.http) = {
post: "/v6/customers/{customer_id=*}:generateKeywordIdeas"
body: "*"
};
}
You can find the endpoints for all other Google Ads services in this way, by going here: https://github.com/googleapis/googleapis/tree/master/google/ads/googleads/v6/services
However, this doesn't tell you the request payload format. For that, I suggest looking into their API clients, like this: https://github.com/googleads/google-ads-php/blob/master/examples/Planning/GenerateKeywordIdeas.php. You can run some of those examples and inspect the network to see how the request is structured.
I'm trying to access our students gmail data from our google apps for domains with xoauth2.
I've been around the block with this one, googles documentation is very poorly organised, and there is still alot of old docs that don't work any more that you are directed to, so it's been alot of fun.
I've basically got the following code to work using googles oauth2client in python using a service account that I created that has domain delegation enabled.
from oauth2client.client import SignedJwtAssertionCredentials
client_email = 'serviceaccount#developer.gserviceaccount.com'
with open("testserviceaccount.p12") as f:
private_key = f.read()
credentials = SignedJwtAssertionCredentials(client_email, private_key,
'https://www.googleapis.com/auth/gmail.readonly', sub='student email address')
from httplib2 import Http
http_auth = credentials.authorize(Http())
from apiclient.discovery import build
service = build('gmail', 'v1', http=http_auth )
messages = service.users().messages().list(userId='student email address').execute()
print messages
The app I need this to work in is in ruby on rails however, so I'm looking for any tips or help on what to use in Ruby on Rails to achieve the same effect.
Any help or tips greatly appreciated.
UPDATE: All calls to the API receive the following response:
failed [500] An error has occurred
Weirdly, my auth process (documented here) works perfectly, while all calls to the API (documented here), fail.
The Bigcommerce API is in transition from basic auth to oAuth. The documentation is consequently a little confusing.
I am trying to create a webhook using the new oAuth methodology. The documentation states that I need an oAuth access_token for the relevant store, which I have obtained.
The documentation also includes sample http request data:
{
"scope": "store/order/*",
"headers": {
"X-Custom-Auth-Header": "{secret_auth_password}"
},
"destination": "https://app.example.com/orders",
"is_active": true
}
In this context, I am assuming that {secret_auth_password} refers to the store's access_token. However, when I include the access_token here I get the following error:
failed [401] You are not authorized.
Thinking that this might be a scoping/permission issue, I have given my app the highest possible level of access through the app settings, but this did not work either.
Thanks in advance for any pointers.
Well after a couple of days of serious head-scratching (not to mention hair out-tearing) I worked out that this was all down to an error in my SSL intermediate certificate, which I have now fixed.
It was the old API returning an error of “UNABLE_TO_VERIFY_LEAF_SIGNATURE” that put me on the right track – the new API just returned:
500 – there is an error
or
404 – you are not authorized.
If you are using PHP I would recommend using the the Webhooks pull request combined with the OAuth pull request. They are both working fine together (I personally use them).
Webhooks pull - https://github.com/bigcommerce/bigcommerce-api-php/pull/101
OAuth pull - https://github.com/bigcommerce/bigcommerce-api-php/pull/88
Then to create a webhook you can just call createWebhook($object)
Object needs to include scope and destination.
Also - a side note.. Are you using SSL for the destination address. It won't work otherwise. You can use a self-signed cert to get around this though.
This will only work for setting up the webhooks though.
To actually receive them you need a valid certificate (else you get nothing).
Hope this helps.
I came across this same part of the documentation and was also confused by it. The proper headers to send for webhooks are the following:
"X-Auth-Client":"[YOUR_APPS_CLIENT_ID]",
"X-Auth-Token":"[OAUTH_ACCESS_TOKEN]"
In addition to using the headers that #FlyingL123 suggested, also take note of of the requirements as noted by BigCommerce:
Requirements
The following properties of the webhooks are required. The request
won’t be fulfilled unless these properties are valid.
scope
destination