In case of Oauth2 security type in swagger, there is one custom generated value(CSRF Token) that needs to be passed in order to execute the service for our flow to execute.
But we are not able to pass the value if it is not present in header, cookie or query string. Isn't there any way to pass a String type of input in request header using swagger?
Related
We are using KeyCloak as SSO directory for our application. We use OAuth 2.0 protocol.
We have defined one custom attribute in KeyCloak, and this attributed has "MultiValued" properties on.
Then, each user has multiple values entered as value1##value2##value3
For some users Keycloak correctly send the attribute in the ID token as an array of values, such as ["value1", "value2", "value3"]
But for some other users, the string is passed as it is entered "value1##value2##value3", which is not correct.
I'm struggling finding why these different behaviours occur.
Has anyone seen the same problem ?
Thanks a lot
Keycloak uses ## as a delimiter internally, this is ok. Make sure you have marked the value as multivalued in the clients mapper.
After doing this i went from getting only the last element to getting all elements.
I have 2 keys (api key, sub key), one is a querystring parameter, the other is a header. In Zapier, in an app that you've already created, you can "Manage Authentication Settings", and whether you have one Header Key, and a Querystring key, a username, a pass, you only have one "Manage Authentication Settings" button.
Inside the Manage menu, you can select settings that are then applied to ALL FIELDS AT ONCE. You can select the Auth Type, either ApiKey(querystring), or ApiKey(headers), one or the other, but you cannot designate one field as being a querystring, and the other field as a header. On the bottom, you can select the Access Token Placement. Whether, header, querystring, or both, again, applied to all auth fields.
So far as I can tell, the "Both" token placement does nothing.
Long story short, I need to specify which one is the header, and which one is the query string. Currently, the querystring side is working fine, and I'm getting an error from our server for the header being missing. Is this something that can be done in Zapier? If so, how?
I'm using restkit in my project and trying to post object to our rest api server with postObject request:
postObject:path:parameters:success:failure:
Restkit documentation says: parameters - the parameters to be reverse merged with the parameterization of the given object and set as the request body.
But what if I want my parameters to be like in getObject so "The parameters to be encoded and appended as the query string for the request URL."
What is the idea behind? Why Restkit developers made parameters to be merged with body? If I want them to be merged with body I would make those fields in my model class to be mapped in body.
Is there any way to make request with query parameters to be added to url and body?
Thanks in advance.
It's like an unwritten rule for working restful API's. Whenever you use GET you just reach to an endpoint with required query parameters. You are just giving the key parameters to reach (im)mutable data. For example;
.../accounts?name={name}
There is just no need to send a whole body for this when all backend needs is just an id to search.
There is nothing like you can't send body within GET or use POST with query parameters but these API's are tend to work like that.
Whenever you POST something to a restful API you are actually saying that I want to create something on your side with this given data. Representing objects are easier with a body if you are going to submit that value to the backend.
Also there is something called JSON-rpc. I might be wrong but it basically use POST for everything. You are even using for GET-like actions and sending body within. So you can even do GET actions with POST and bodies.
It's not a must but easier to work with this representation.
Based on the information here http://docs.valence.desire2learn.com/res/course.html#actions I would expect that to 'update' a courseOffering I would specify a PUT with a CourseOfferingInfo block, which only contains a few attributes. Every time I try this, I get a 404, not found - even using the same route for a successful GET (404 says org doesn't exist OR org is not an offering - neither is true). However, if I specify a CreateCourseOffering block (directly from a previous GET), the PUT works fine. Is this correct and the documentation not? Or are there other things I should look for in this scenario? The documentation says use CreateCourseOffering for the POST to create an offering… I simply want to update one attribute of that offering and as such thought the PUT was the way to go.
If you use the "create" POST route with a CreateCourseOffering block, this will create a new course offering, and send back the CourseOffering block for the newly created course offering (this will include the org unit ID value for the new org unit you've built).
If you want to update an existing course offering, you should, as you suspected, use the "update" PUT route with a CourseOfferingInfo block. Note that you must provide valid information for all the fields in this block, since when used successfully, the LMS will use all the properties you specify in that block for new values for the org unit. The StartDate and EndDate fields are particularly finicky: you must provide either a valid UTCDateTime value (notice that the three-digit millisecond specifier in these values is mandatory) or a JSON null value if the field is not applicable.
Why a 404? What you're seeing with the 404s and the data you're passing is likely down to the way the back-end service is doing data binding. It tries to de-serialize your provided JSON data (and query parameters) into data objects it can read/manipulate -- if you provide a JSON block that contains a superset of the properties it's expecting, then this may work (for example, if you provide a CourseOffering block when you're expected to provide a CourseOfferingInfo) as the binding layer may ignore fields it doesn't need. If the binding process fails, because you provide a value for a property that can't be bound to the data type expected, or because you fail to provide a JSON property field it expects, then this can cause the service to return a 404 (because binding/de-serializing incoming parameterized data happens at the same time as matching the URL route to an underlying service handler).
If you provide a JSON structure (and query parameters) that the web-service can bind to its expected data objects, but the values you provide are invalid or nonsensical, then this can cause the underlying service handler to respond with a 400 (signalling an Invalid Request). But in order to get this far, your parameterized data still needs to get properly deserialized and bound into data objects for the underlying service to examine.
We'll be updating the documentation to more explicitly draw out this fact. The safest policy from the calling client perspective is to pass valid JSON structures that are exactly what's expected by the individual routes, especially since the underlying back-end service implementation might change how it handles incoming requests.
I'm getting up to speed with the WCF Web API. I want to expose an endpoint that can accept notes, via the POST method. My issue is, I want to support multiple representations for notes. For example, I might want to accept a note using a custom XML serialization that we're using elsewhere, or as an atom:entry element. I already have formatters that can deserialize these into a Note class (our own custom class) or as a SyndicationItem.
The question comes though, how do I define the method? I've currently got this:
[WebInvoke(UriTemplate = GetNotesUriRoot,Method="POST")]
public HttpResponseMessage PostNote(ObjectContent item,HttpRequestMessage request)
Which fails when starting up:
The service operation 'PostNote' will never receive a value for the input parameter 'item' of type 'ObjectContent'. Ensure that a request HttpOperationHandler has an output parameter with a type assignable to 'ObjectContent'.
I initially tried having two separate methods (with appropriately typed parameters), but they can't share the same endpoint name. The current effort (using ObjectContent) was based on other posts I could find that suggested that it could be a parameter. There is no common base type or interface between Note and SyndicationItem
We're using v0.6.0 of the WCF Web API
You need to have a parameter / return type of type Note and your formatters will (de-)serialize it to / from the required representation.
[WebInvoke(UriTemplate = GetNotesUriRoot,Method="POST")]
public HttpResponseMessage PostNote(Note note)
then in your request the content-type header will determine how the object is deserialised. You don't need to worry about deciding how to deserialise, the decision is made for you, as long as the relevant formatter exists (I've not delved in to formatters yet as json/xml have been enough for me so far)