I am trying to publish log events to my rest API using logstash http output plugin. It works if there is no authorization or I enable the basic authentication But my requirement is to invoke the API using Oauth 2.0 access tokens. When I specify the Authorization header with access token I am getting 401 error. From SOAPUI I have tested token is working fine. Below are the logstash configs.
output {
if [type] == "error" {
if "loglevelerror" in [tags] {
#*******************************************************************
# Sending Messages to EventAPI
#*******************************************************************
http {
url => "http://serverip:8281/events"
headers => {
"Authorization" => "Bearer c505e8f7-ecb3-346f-8216-f906965edc17"
"RequestSource" => "agent"
"Accept" => "application/json"
}
connect_timeout => 60
socket_timeout => 60
http_method => "post"
format => "json"
mapping => [my mappings]
}
}
}
}
Any help would be a great favour.
Related
I have a VueJS app and a Laravel API in separated projects.
I have some issues to auth with laravel sanctum.
My VueJs is on localhost:8080 and my API on localhost:8000
When i try to set cookie, i have a "This set-cookie domain attribute was invalid with regards to the current host url" issue
I think that laravel cant set cookie, when i try to auth he returned a 419 error status which mean token mismatch.
My config/cors.php
'paths' => [
'api/*',
'sanctum/csrf-cookie',
'login',
'logout'
],
'allowed_methods' => ['*'],
'allowed_origins' => ['*'],
'allowed_origins_patterns' => [],
'allowed_headers' => ['*'],
'exposed_headers' => [],
'max_age' => 0,
'supports_credentials' => true,
I follow the laravel documentation.
Add theses lines to my app/Http/Kernel.php
use Laravel\Sanctum\Http\Middleware\EnsureFrontendRequestsAreStateful;
'api' => [
EnsureFrontendRequestsAreStateful::class,
'throttle:api',
\Illuminate\Routing\Middleware\SubstituteBindings::class,
],
I activated axios credentials in my vue app
axios.defaults.withCredentials = true;
I set my SESSION_DOMAIN=localhost:8080.
In my VueJS login component :
axios
.get('/sanctum/csrf-cookie')
.then(response => {
axios.post('/login', {
email : 'alexandria96#example.com',
password : 'password'
}).then(response => {
console.log('User signed in!');
}).catch(error => console.log(error)); // credentials didn't match
});
enter image description here
The request for csrf-cookie
enter image description here
The request for login
enter image description here
Before logging in you have to check that cookie are setted. Your cookie is not set that's why you have 419 error.
Try to take away ports from configs.
Try
SESSION_DOMAIN=localhost
SANCTUM_STATEFUL_DOMAINS=localhost
And now check cookies. For me works.
I am trying to access Google Adword's api through google's gem google-api-ads-ruby. I was able to oauth in perfectly fine and grabbed the access token, refresh token, and id_token fine. When I try to access the data it gives me the oauth token invalid error. I retrieved my access token and inputed it on this link and it returned me a valid result.
https://www.googleapis.com/oauth2/v1/tokeninfo?access_token=[TOKEN]
The code below is how I am trying to access the Report Definition Service.
config = {
:authentication => {
:method => 'OAuth2',
:oauth2_client_id => #plugin.oauth_client_id,
:oauth2_client_secret => #plugin.oauth_client_secret,
:developer_token => #plugin.developer_token,
:client_customer_id => #plugin.client_customer_id,
:oauth2_token => {"access_token"=>ACCESSTOKEN,
"refresh_token"=>REFRESHTOKEN,
"issued_at"=>"2017-09-18T16:36:55.973-04:00",
"expires_in"=>3600,
"id_token"=>IDTOKEN,
:user_agent => 'Example'
},
:service => {
:environment => 'PRODUCTION'
}
}
api = AdwordsApi::Api.new(config)
report_def_srv = api.service(:ReportDefinitionService, :v201708)
report_type = "ACCOUNT_PERFORMANCE_REPORT"
This code below causes the error
fields = report_def_srv.get_report_fields(report_type)
Why do I keep getting the oauth token is invalid error when it hasn't expired yet?
If the question is still actual..
Try to replace
"expires_in"=>3600
field with
"expires_at"=>"2017-09-18T17:36:55.973-04:00"
It helped to resolve the similar issue in my case.
The problem arises when I get the code and makes a request for a token. For authorization using code that works fine on other projects. I check Credentials in developer console and my config file. Attempts to connect the authorization from other sites and other accounts yielded nothing. I checked redirects, headers, but found nothing.
$request = Google_Client::$io->makeRequest(new Google_HttpRequest('https://accounts.google.com/o/oauth2/token', 'POST', array(), array(
'code' => $_GET['code'],
'grant_type' => 'authorization_code',
'redirect_uri' => $this->redirectUri,
'client_id' => $this->clientId,
'client_secret' => $this->clientSecret
)));
This request return "Error fetching OAuth2 access token, message: 'invalid_grant'"
I'm building an app in Rails using the Spotify web API. I built a method to refresh a user's token, but am receiving a 400 error. According the the Spotify Web API docs, the header of my request needs to be in the following format:
Authorization: Basic <base64 encoded client_id:client_secret>
Using Httparty gem, here's the POST method to refresh the access token:
def refresh_token
client_id = "foo"
client_secret = "bar"
client_id_and_secret = Base64.encode64("#{client_id}:#{client_secret}")
result = HTTParty.post(
"https://accounts.spotify.com/api/token",
:body => {:grant_type => "refresh_token",
:refresh_token => "#{self.oauth_refresh_token}"},
:headers => {"Authorization" => "Basic #{client_id_and_secret}"}
)
end
Here's what "result" ends up being:
=> #<HTTParty::Response:0x7f92190b2978 parsed_response={"error"=>"invalid_client", "error_description"=>"Invalid client secret"}, #response=#<Net::HTTPBadRequest 400 Bad Request readbody=true>, #headers={"server"=>["nginx"], "date"=>["Sun, 31 Aug 2014 22:28:38 GMT"], "content-type"=>["application/json"], "content-length"=>["70"], "connection"=>["close"]}>
I can decode client_id_and_secret and it returns "foo:bar", so I'm at a loss as to why I'm receiving a 400 error. Any insight is much appreciated.
Found the issue... it was with the Base64 encoding in Ruby. Apparently (as shown in Strange \n in base64 encoded string in Ruby) using the Base64.encode64('') method adds an extra line within the code. Using Base64.strict_encode64('') solved the issue.
Updated code:
def refresh_token
client_id = "foo"
client_secret = "bar"
client_id_and_secret = Base64.strict_encode64("#{client_id}:#{client_secret}")
result = HTTParty.post(
"https://accounts.spotify.com/api/token",
:body => {:grant_type => "refresh_token",
:refresh_token => "#{self.oauth_refresh_token}"},
:headers => {"Authorization" => "Basic #{client_id_and_secret}"}
)
end
I've implemented a REST API and protected it with doorkeeper.
I've written a small client program to access it and it works fine using the resource owner credential flow.
Now I'm trying to implement a call using the client credentials flow. So I've followed the example in the link.
Everything works great when I'm using a GET request, but when I'm using a POST request, I'm getting a 401 Unauthorized. This is a call to a method that doesn't require a resource owner.
The only relevant thing I have in my API controller is:
doorkeeper_for :all
I haven't implemented any scopes or nothing of that kind (am I required to?).
My client code looks like this (exactly as in the example in github):
require 'rest-client'
require 'json'
client_id = 'my_client_id...'
client_secret = 'my_client_secret...'
response = RestClient.post 'http://localhost:3000/oauth/token', {
grant_type: 'client_credentials',
client_id: client_id,
client_secret: client_secret
}
token = JSON.parse(response)["access_token"]
# this line works great:
RestClient.get 'http://localhost:3000/api/v1/flights.json', { 'Authorization' => "Bearer #{token}" }
# this line always fails (401 Unauthorized):
RestClient.post 'http://localhost:3000/api/v1/flights.json', { 'Authorization' => "Bearer #{token}" }
Any idea what I may be doing wrong? Is there something special I should do in my application in order to enable the client credentials flow?
I figured it out. The problem was that I didn't use RestClient.post properly. The second parameter should be the payload and the third should be the header. It should be something like this:
RestClient.post 'http://localhost:3000/api/v1/flights.json', {}, { 'Authorization' => "Bearer #{token}" }