In my rails app I am using balanced payments api for credit card transactions. According to the documentation after I collect the info I must run these curl commands. However, I cant figure out what's what. So I can't really use it because I don't know what variables to replace and how to even get them. This is a snippet of their documentation.
Let's charge the card:
First, let's create an account to associate the card token with:
curl https://api.balancedpayments.com/v1/marketplaces/TEST-MP6NFmfjuy4Os0LSSywJbmk0/accounts \
-u df6000d8f2ec11e294cf026ba7cd33d0: \
-d "card_uri=/v1/marketplaces/TEST-MP6NFmfjuy4Os0LSSywJbmk0/cards/CCwpuGSqIjnOxUoUrSE4IdV"
Associate the token with an account:
curl https://api.balancedpayments.com/v1/marketplaces/TEST-MP6NFmfjuy4Os0LSSywJbmk0/accounts/AC6VSiS3WD7G1z1BjrMIL4Kk \
-u df6000d8f2ec11e294cf026ba7cd33d0: \
-X PUT \
-d "card_uri=/v1/marketplaces/TEST-MP6NFmfjuy4Os0LSSywJbmk0/cards/CC6XpIuz7jymGcPIkCREtx2K"
Debit the account:
curl https://api.balancedpayments.com/v1/marketplaces/TEST-MP6NFmfjuy4Os0LSSywJbmk0/accounts/ACwPcWVArKDYEdOJ8bRHg9w/debits \
-u df6000d8f2ec11e294cf026ba7cd33d0: \
-d "amount=1000"
So I can understand that /v1/marketplaces/TEST-MP6NFmfjuy4Os0LSSywJbmk0 is my test marketplace URI but what are these other values?
df6000d8f2ec11e294cf026ba7cd33d0
CCwpuGSqIjnOxUoUrSE4IdV
AC6VSiS3WD7G1z1BjrMIL4Kk
Any thoughts would be appreciated. Thanks!
Have you considered using the balanced ruby client?
https://github.com/balanced/balanced-ruby
https://docs.balancedpayments.com/current/api.html?language=ruby
Also, I believe they have an example marketplace Rails app:
https://github.com/balanced/rentmybikes-rails
Related
We are trying to migrate the TOTP factor from Authy to Verify API in Twilio. We reference the following article for the same
https://www.twilio.com/docs/authy/export-totp-secret-seed-for-migrating-to-verify-totp#export-totp-secret-seed-of-a-user
From above URL, we were able to pinpoint how to extract the secret created in the Authy. But, we are unsure as to how a secret extracted from the Authy can be used to create a factor in the Verify API. Can you please tell us in detail how to achieve the same?
Since I don't know what programming language you're using, I'll use cURL commands and you can translate those HTTP requests into your language of choice.
First, you'll need to ask Twilio support to enable the migration tools for your Authy app. They will ask you for Authy app ID which you can find in the URL of the Twilio Console when you navigate to your Authy app.
Then you can use the export TOTP secret API that you linked earlier:
curl -i "https://api.authy.com/protected/json/users/$AUTHY_USER_ID/secret/export" \
-H "X-Authy-API-Key: $AUTHY_API_KEY"
$AUTHY_USER_ID is the individual Authy User ID for which you are
trying to move their TOTP factor to the Verify service.
$AUTHY_API_KEY is the API key for your Authy App.
The output will look like this:
{"secret":"[REDACTED]","otp":"[REDACTED]","success":true}
The secret is what you need to create a Factor in the Verify service
The otp is the one time passcode, the same as what the user would see in their TOTP consumer app (Authy/Google Authenticator/etc).
Now you can use the Verify API to create a new Factor:
curl -X POST "https://verify.twilio.com/v2/Services/$VERIFY_SERVICE_SID/Entities/$IDENTITY/Factors" \
--data-urlencode "Binding.Secret=$EXPORTED_AUTHY_SECRET" \
--data-urlencode "Config.Alg=sha1" \
--data-urlencode "Config.TimeStep=30" \
--data-urlencode "Config.CodeLength=6" \
--data-urlencode "Config.Skew=1" \
--data-urlencode "FriendlyName=John's Phone" \
--data-urlencode "FactorType=totp" \
-u $TWILIO_ACCOUNT_SID:$TWILIO_AUTH_TOKEN
$VERIFY_SERVICE_SID is the SID of your Verify Service.
$IDENTITY is a unique ID for your user, length between 8 and 64 characters, generated by your external system, such as your user's UUID, GUID, or SID. If the identity does not exist yet, it'll be created automatically as part of this API call.
$EXPORTED_AUTHY_SECRET is the secret that was returned by the Authy Export API earlier.
$TWILIO_ACCOUNT_SID is your Twilio Account SID.
$TWILIO_AUTH_TOKEN is your Twilio Auth Token.
This API call is documented here: https://www.twilio.com/docs/verify/quickstarts/totp#create-a-new-totp-factor
You can use the otp returned by the Authy Export API to verify the new Factor you created:
curl -X POST "https://verify.twilio.com/v2/Services/$VERIFY_SERVICE_SID/Entities/$IDENTITY/Factors/$FACTOR_SID" \
--data-urlencode "AuthPayload=$OTP_CODE" \
-u $TWILIO_ACCOUNT_SID:$TWILIO_AUTH_TOKEN
$FACTOR_SID is the SID of your newly created Factor.
$OTP_CODE is the otp code returned by the Authy Export API.
This API call is documented here: https://www.twilio.com/docs/verify/quickstarts/totp#verify-that-the-user-has-successfully-registered
That's it! If you want to verify your user's OTP code, you can create a challenge like this:
curl -X POST "https://verify.twilio.com/v2/Services/$VERIFY_SERVICE_SID/Entities/$IDENTITY/Challenges" \
--data-urlencode "AuthPayload=$OTP_CODE" \
--data-urlencode "FactorSid=$FACTOR_SID" \
-u $TWILIO_ACCOUNT_SID:$TWILIO_AUTH_TOKEN
$OTP_CODE is the otp code given to your application by your user.
This API call is documented here: https://www.twilio.com/docs/verify/quickstarts/totp#validate-a-token
When exporting from Authy API and creating new factors in Verify, you need to do this quickly so you can verify the new factor using the OTP code given from the Authy export. Here's how I did it for a single Authy user using a bash script:
#!/bin/bash
EXPORTED_RESPONSE=$(
curl -s "https://api.authy.com/protected/json/users/$AUTHY_USER_ID/secret/export" \
-H "X-Authy-API-Key: $AUTHY_API_KEY"
)
echo "$EXPORTED_RESPONSE"
EXPORTED_AUTHY_SECRET=$(echo -n "$EXPORTED_RESPONSE" | jq -r .secret)
OTP_CODE=$(echo -n "$EXPORTED_RESPONSE" | jq -r .otp)
IDENTITY=$(uuidgen)
NEW_FACTOR_RESPONSE=$(curl -s -X POST "https://verify.twilio.com/v2/Services/$VERIFY_SERVICE_SID/Entities/$IDENTITY/Factors" \
--data-urlencode "Binding.Secret=$EXPORTED_AUTHY_SECRET" \
--data-urlencode "Config.Alg=sha1" \
--data-urlencode "Config.TimeStep=30" \
--data-urlencode "Config.CodeLength=6" \
--data-urlencode "Config.Skew=1" \
--data-urlencode "FriendlyName=John's Phone" \
--data-urlencode "FactorType=totp" \
-u $TWILIO_ACCOUNT_SID:$TWILIO_AUTH_TOKEN)
echo "$NEW_FACTOR_RESPONSE"
FACTOR_SID=$(echo -n "$NEW_FACTOR_RESPONSE" | jq -r .sid)
VERIFY_FACTOR_RESPONSE=$(curl -s -X POST "https://verify.twilio.com/v2/Services/$VERIFY_SERVICE_SID/Entities/$IDENTITY/Factors/$FACTOR_SID" \
--data-urlencode "AuthPayload=$OTP_CODE" \
-u $TWILIO_ACCOUNT_SID:$TWILIO_AUTH_TOKEN)
echo "$VERIFY_FACTOR_RESPONSE"
The various environment variables that were described earlier should be set prior to executing this.
I'm working on a docker image that connects to postgres using psql.
My entrypoint:
psql analytics \
--host=${INPUT_HOST} \
--username=analytics \
--port=32648
If I run this I'm prompted for a password, I enter it and am able to connect. Great.
But if I try to make the password entry automatic I get an error:
psql analytics \
--host=${INPUT_HOST} \
--username=analytics \
--port=32648 \
--password=${INPUT_PASSWORD}
/usr/lib/postgresql/13/bin/psql: option '--password' doesn't allow an argument
Try "psql --help" for more information.
I found some docs on using .pgpass and this file which is to be added to a users home directory takes the form:
hostname:port:database:username:password
Now I'm going to have to do something like:
${INPUT_HOST}:5432:analytics:analytics:${INPUT_PASSWORD}
Then envsubst or sed on this file before adding to the image.
Open ended question, is there a better/more convenient way? ${INPUT_PASSWORD} comes from a docker secret. Is there anyway I can pass a password to my call to psql?
The best way is to use a connection string:
psql "password='${INPUT_PASSWORD}' dbname=analytics host='${INPUT_HOST}' user=analytics port=32648"
In our application We have multiple firm setup and Within the firm, there are multiple users. So We want two way communication between firm number and user's number. In this, Whenever User registers a firm, we have to setup firm's phone number as long codes on Twilio account through programming way so that this firm can use this phone number for sending or receiving sms to/from firm's user. How can we do it in Twilio? Please provide specific link or advice.
Twilio Evangelist here.
Check out the Phone Numbers API docs.
The AvailablePhoneNumbers resource lets you search for phone numbers:
curl -G https://api.twilio.com/2010-04-01/Accounts/ACXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX/AvailablePhoneNumbers/US/Local.json \
-d "AreaCode=510" \
-u 'ACXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:your_auth_token'
the IncomingPhoneNumbers resource lets you purchase phone numbers:
curl -X POST https://api.twilio.com/2010-04-01/Accounts/ACXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX/IncomingPhoneNumbers.json \
--data-urlencode "FriendlyName=My Company Line" \
--data-urlencode "PhoneNumber=+15105647903" \
--data-urlencode "VoiceMethod=GET" \
--data-urlencode "VoiceUrl=http://demo.twilio.com/docs/voice.xml" \
-u ACXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:your_auth_token
and update purchased phone numbers:
curl -X POST https://api.twilio.com/2010-04-01/Accounts/ACXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX/IncomingPhoneNumbers/PN2a0747eba6abf96b7e3c3ff0b4530f6e.json \
--data-urlencode "AccountSid=ACXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX" \
--data-urlencode "SmsUrl=http://demo.twilio.com/docs/sms.xml" \
--data-urlencode "VoiceUrl=http://demo.twilio.com/docs/voice.xml" \
-u ACXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:your_auth_token
Hope that helps.
I'm working on some automation for Gerrit. I have used following API to check access
curl -X POST --digest -k --user username:password https://gitAccess/access/
But returns authentication required. Can you please help me
3 things to note as I was also getting an "unauthorized" when trying to access Gerrit APIs
Make sure you have your HTTP password. This is different from the
password you use to login to Gerrit. To get it, go to gerrit ->
click on your username -> Settings -> HTTP Password -> Click on
generate password. Use this password when making HTTP requests
Prefix /a to the endpoint URL as mentioned here. For example /changes becomes /a/changes when using authentication
Use the --digest option if you are using curl as mentioned here
Example
curl --digest -u <USERNAME> -i -H "Accept: application/json" "https://<GERRIT SERVER>/a/changes"
# curl will prompt you for the password. You can also do it as below
curl --digest --user <USERNAME:PASSWORD> -i -H "Accept: application/json" "https://<GERRIT SERVER>/a/changes"
I hope someone can help, I am about to intergrate with Instagram, I have followed instructions I have authrorised the app and received code=""
curl \-F 'client_id=CLIENT-ID' \
-F 'client_secret=CLIENT-SECRET' \
-F 'grant_type=authorization_code' \
-F 'redirect_uri=YOUR-REDIRECT-URI' \
-F 'code=CODE' \https://api.instagram.com/oauth/access_token
I do this curl to get an access token but I can't find anywhere for "authorization_code"
Am I missing something here?
Thanks!
Found the answer for future people:
authorization_code is the param.