how to test jwt sample? and what are userid? - oauth

My development Environment : eclipse java
I would like test a requestJWTuserToken sample, but I'm getting an error.
Test code:
OAuth.OAuthToken oAuthToken = apiClient.requestJWTUserToken(IntegratorKey, userId, scopes, privateKeyBytes, 3600);
Assert.assertNotSame(null, oAuthToken);
apiClient.setAccessToken(oAuthToken.getAccessToken(), oAuthToken.getExpiresIn());
UserInfo userInfo = apiClient.getUserInfo(oAuthToken.getAccessToken());
Assert.assertNotSame(null, userInfo);
Assert.assertNotNull(userInfo.getAccounts());
Assert.assertTrue(userInfo.getAccounts().size() > 0);
Error message:
com.docusign.esign.client.ApiException: Error while requesting an access token:
class OAuthToken {
accessToken: null
tokenType: null
refreshToken: null
expiresIn: 0
at com.docusign.esign.client.ApiClient.requestJWTUserToken(ApiClient.java:719)
at smartsuite.app.util.DocuSignUtil.settingAuthentication(DocuSignUtil.java:112)
what are userid?
I found a admin sendbox at user > API username
enter image description here

This error is sometimes encountered when there is a problem with the RSA private key that you are using in your JWT request. Start by verifying how you are passing your key's private data into the request, if you are reading from a environment variable for example make sure the key's value is contained on a single line, otherwise it might be getting truncated.
If your key spans multiple lines as an environment variable try doing a regular expression find/replace where you replace all newline \n characters with the string literal "\n" and then pass that through to see if it resolves your issue.

Related

AWS CDK DocDB::DBCluster fails with 'not a valid password'

I am trying to use AWS CKD (JAVA) to create a DocumentDB instance.
This works with a "simple" plaintext password, but fails when I try to use a DatabaseSecret and a password stored in Secrets Manager.
The error I get is this:
1:44:42 PM | CREATE_FAILED | AWS::DocDB::DBCluster | ApiDocDb15EB2C21
The parameter MasterUserPassword is not a valid password. Only printable ASCII characters besides '/', '#', '"', ' ' may
be used. (Service: AmazonRDS; Status Code: 400; Error Code: InvalidParameterValue; Request ID: c786d247-8ff2-4f30-9a8a-5
065fc89d3d1; Proxy: null)
which is clear enough, but it continues to happen, even if I set the password to something such as simplepassword - so I am now somewhat confused as to what am I supposed to fix now.
Here is the code, mostly adapted from the DocDB documentation:
String id = String.format(DOCDB_PASSWORD_ID);
return DatabaseSecret.Builder.create(scope, id)
.secretName(store.getSsmSecretName())
.encryptionKey(passwordKey)
.username(store.getAdminUser())
.build();
where the ssmSecretName is the name of the secret in SecretManager:
└─( aws secretsmanager get-secret-value --secret-id api-db-admin-pwd
ARN: arn:aws:secretsmanager:us-west-2:<ACCT>:secret:api-db-admin-pwd-HHxpFf
Name: api-db-admin-pwd
SecretString: '{"api-db-admin-pwd":"simplepassword"}'
This is the code used to build the DbCluster:
DatabaseCluster dbCluster = DatabaseCluster.Builder.create(scope, id)
.dbClusterName(properties.getDbName())
.masterUser(Login.builder()
.username(properties.getAdminUser())
.kmsKey(passwordKey)
.password(masterPassword.getSecretValue())
.build())
.vpc(vpc)
.vpcSubnets(ISOLATED_SUBNETS)
.securityGroup(dbSecurityGroup)
.instanceType(InstanceType.of(InstanceClass.MEMORY5, InstanceSize.LARGE))
.instances(properties.getReplicas())
.storageEncrypted(true)
.build();
The question I have is: should I use a DatabaseSecret? or just retrieve the password from SM and be done with it?
A sub-question then: what is one supposed to use the DatabaseSecret for then?
(NOTE -- this is the same class, almost, as in the rds package; but here I am using the docdb package)
Thanks for any suggestion!
Turns out that the DatabaseSecret creates a key/value pair as the secret:
{
"username": <value of username()>,
"password": <generated>
}
However, the call to Login.password() completely ingnores this, and treats the whole JSON body as the password (so the " double quotes trip it).
The trick is to use DatabaseSecret.secretValueFromJson("password") in the call to Login.password() and it works just fine.
This is (incidentally) inconsistent with the behavior of rds.DatabaseCluster and the rds.Credentials class behavior (who take a JSON SecretValue and parse it correctly for the "password" field).
Leaving it here in case others stumble on this, as there really is NO information out there.

How do I encode the secret for the 'create-passenger-name-record-sample-nodejs' Sabre API example?

I'm trying to run the 'create-passenger-name-record-sample-nodejs' example code. It requires a secret and PCC as shown below:
endpoint: 'https://api.test.sabre.com',
secret: process.env.SWS_API_SECRET || '',
pcc: process.env.SWS_API_PCC || '',
};
According to the documentation, the secret above is a base64 encoding of 'V1:userid:group:domain'.
I have created an account but it is not clear to me where to obtain the pieces necessary to construct the concatenated string above and also where to obtain the PCC.
Is anyone able to provide some guidance?
Thanks.
_Username and password should be provided by your account executive if you have a Sabre subscription. If you do not have a Sabre subscription, you should be able to obtain sample credentials to test in test environments. You can find your test credentials under "Applications" when you click on "My account". The procedure to encode a token, if needed, is located at https://developer.sabre.com/guides/travel-agency/developer-guides/rest-apis-token-credentials.
The solution is to base64 encode the ClientID. Then base64 encode the ClientSecret. Then join those results with a ':' and base64 encode the joined string. This then is used as the value of the 'secret' field in the JSON snippet above.

Cannot Read Cookies in Http Response

I am attempting to automate some tasks on my router. In order to do this a login is required to get a value called 'stok'. This value is returned as a cookie from the authentication request.
This is an example of the cookie captured in browser developer tools:
Set-Cookie: sysauth=34b2202d165b4316eb87c621df0ae0c9; path=/cgi-bin/luci/;stok=3ced8f80e529c0a378d79e279abfc456
The code snippet below is my attempt to log in. The problem is that the the cookieValue being returned is '34b2202d165b4316eb87c621df0ae0c9' as a string. The value that I need is the value identified as 'stok'.
let authResponse = Http.Request("http://192.168.1.2/cgi-bin/luci",
body = FormValues [ "username", username;
"password", password ])
let cookieValue = match authResponse.Cookies.TryFind("sysauth") with
| Some x -> x
| None _ -> ""
I cannot find any method to get at the 'path' and 'stok' values in the cookie. What am I missing?
Once you have the cookieValue, it should be an HttpCookie instance. And HttpCookie has a Values property that "Gets a collection of key/value pairs that are contained within a single cookie object."
I suspect that cookieValue.Values.["stok"] will contain the token you're looking for. If not, try looking through cookieValue.Values.AllKeys and see what it contains.

Get data from sawtooth address on clientside

I have stored data on sawtooth in protobuf format at an address (address made from public key and transaction family).
Get request was made on
http://rest-api:8008/state/
to get data in the format
{
"data": "CkIwM2FjNjA3MTUzZmRlMzJhNzhiNDFlMzkxN2QwZDlkZmJmMmM2NjZmOWFhZGMzMWRiNTNjODZhNzFkNDMyNmZkNGUSBnNlbGxlchoROTc4LTAtNTc2LTUyMzk1LTAiETgxOS02OTAtNzk4Nng1MTE5Kg0xLTk4MTAtMTE0NS01",
"head": "bea2911b4d84b897300fc4a9eb6b56b7ddc59c88c115dab6c09935d658b57cf229b538a3cb3d407647211c8847e46db07f9cff65af2835dfc7732be9b443fae3",
"link": "http://192.168.1.13:8008/state/318c9fa678220444fb9b209a57c849320a7f61c984e5b8a6a56880030728bdb530a5d0?head=bea2911b4d84b7c7300fc4a9eb6b56b7ddc59c88c115dab6c09935d658b57cf229b538a3cb3d407647211c8847e46db07f9cff65af2835dfc7732be9b443fae3"
}
I posted Account data on the sawtooth-rest-api, if the details are correct(checked by processor), Account with additional "Public Key" is inserted onto the blockchain. This is the account protobuf class, which was serialized before it was inserted onto the blockchain.
message Account {
string public_key = 1;
string user_type = 2;
string adhaar_number = 3;
string phone_number = 4;
string pan_card_number = 5;
}
transaction = Account()
transaction.ParseFromString( base64.b64decode(data.encode()))
THat just gave a number 129.
Update:
The account data serialization output is
b'\nB033c10fa02a3b602f008e7837a48d4492f5105417111404c4404b49f51222d30c1\x12$60405711-dd32-47c1-a914-3e19ee5177b1\x1a\x06seller"
\x11978-1-61207-456-6*\x10+64(0)19727879362\r0-609-80129-5'
when I base64 encoded it, it gives exactly the same string which i got from sawtooth api under the data key.
but somehow transaction.ParseFromString gives just an integer of 3 digits, Couldnt get the account back.
Sorry I figured this out:
After
account=transaction.ParseFromString(<serializedBytes>)
The account details can be accessed like normal class variables.
account.public_key
account.adhaar_number
If my understanding is correct, you retrieve data vis-a-vis the REST API /state/xxxx or /state?address=xxxx.
When data is put on the chain in a TransactionProcessor via setState or similar call, it does a base64 encoding first.
You will need to do a base64 decode and then ParseFromString on that result.

Why is the Etrade API returning a missing parameters error?

I have successively obtained a request token, and am now using it in conjunction with my consumer key to create the following request
https://us.etrade.com/e/etws/authorize?key=2fc*******c323d6&token=IIrs6BsIrGQ********duC60GAmLq8
where the asterisks have been substituted for my consumer key and request token. I give this as an argument to getAuthorizeURL This returns an ETWSException and output in the terminal reading
ERROR OAuthClientImpl - Mandatory parameters missing
I have the two required arguments for the getAuthorizeURL method, and I am sure they are formatted correctly. Can anyone tell me what is going wrong here?
Also, if it helps to know, calling the getAuthorizeURL causes my default browser to open and brings me to the address that I entered above, but it returns a 404 error.
If you're using the sample code from the Docs.. they are missing 1 piece.
(java)
client = OAuthClientImpl.getInstance(); // Instantiate IOAUthClient
request = new ClientRequest(); // Instantiate ClientRequest
request.setEnv(Environment.SANDBOX); // Use sandbox environment
request.setConsumerKey(oauth_consumer_key); //Set consumer key
request.setConsumerSecret(oauth_consumer_secret); // Set consumer secret
token= client.getRequestToken(request); // Get request-token object
oauth_request_token = token.getToken(); // Get token string
oauth_request_token_secret = token.getSecret(); // Get token secret
request.setToken(oauth_request_token);
request.setTokenSecret(oauth_request_token_secret);
String authorizeURL = null;
authorizeURL = client.getAuthorizeUrl(request);
URI uri = new URI(authorizeURL);
Desktop desktop = Desktop.getDesktop();
desktop.browse(uri);
The Documentation sample forgot to mention, you'll need to set the Token Key/Secret on the Request object, before you make the call the get AuthorizeUri.
request.setToken(oauth_request_token);
request.setTokenSecret(oauth_request_token_secret);

Resources