We have a container-based service running in AWS ECS with the front end hosted by AWS Cloudfront, and authorization handled by AWS Cognito. I'm trying to configure Wiremock to be a proxy for this service so I can record the calls and mappings to later use in unit tests for a client app I'm writing in python.
I'm running the Wiremock server in standalone mode, and have it proxying to calls to the url of our service. However, Cloudfront keeps returning either a 403-Bad Request error or 403-Forbidden error when I connect via Wiremock.
When I use curl, and pass all the correct headers (Content-Type: application/json, Authentication: Bearer ) it works just fine when I use https://myservice.example.com/api/foo. But as soon as I swap out "myservice.example.com" for "localhost:8000", I get the Cloudfront generated errors.
I'm guessing I have some mis-configuration where, despite passing the headers to Wiremock, I haven't properly told Wiremock to pass those headers on to "the service", which is really Cloudfront.
Not being a Java guy, I'm finding the Wiremock docs a little difficult to understand, and am trying to use the command-line arguments to configure Wiremock like this:
/usr/bin/java -jar \
./wiremock-jre8-standalone-2.35.0.jar \
--port=8000 \
--verbose \
--root-dir=test_data/wiremock \
--enable-browser-proxying \
--preserve-host-header \
--print-all-network-traffic \
--record-mappings \
--trust-proxy-target=https://myservice.example.com \
--proxy-all=https://myservice.example.com
Request:
$ curl -k -X GET -H "Content-Type: application/json" \
-H "Authorization: Bearer ${JWT}" \
http://127.0.0.1:8000/api/foo
Response:
<html>
<head><title>403 Forbidden</title></head>
<body>
<center><h1>403 Forbidden</h1></center>
<hr><center>CloudFront</center>
</body>
</html>
When using exactly the same curl command, but changing the URL to point directly at my service instead of the proxy, I get the response I expected (hoped for?) through the proxy:
curl -k -X GET -H "Content-Type: application/json" \
-H "Authorization: Bearer ${JWT}" \
https://myservice.example.com/api/foo
[
{
"id": "09d91ea0-7cb0-4786-b3fc-145fc88a1a3b",
"name": "foo",
"created": "2022-06-09T02:32:11Z",
"updated": "2022-06-09T20:08:43Z",
},
{
"id": "fb2b6454-4336-421a-bc2f-f1d588a78d12",
"name": "bar",
"created": "2022-10-05T06:23:24Z",
"updated": "2022-10-05T18:34:32Z",
}
]
Any help would be greatly appreciated.
Thanks.
Related
Here is my dead simple flow:
from prefect import flow
import datetime
#flow
def firstflow(inreq):
retval={}
retval['type']=str(type(retval))
retval['datetime']=str(datetime.datetime.now())
print(retval)
return retval
I run prefect orion and prefect agent.
Make a trigger using web ui (deployments run) ... the agent succesfully pull and do the job.
My question is how to do the trigger using just curl?
Note : I already read http://127.0.0.1:4200/docs.
but my lame brain couldn't find how to do it.
note:
Lets say my flow id is : 7ca8a456-94d7-4aa1-80b9-64894fdca93b
Parameters I want to be processed is {'msg':'Hello world'}
blindly Tried with
curl -X POST -H 'Content-Type: application/json' http://127.0.0.1:4200/api/flow_runs \
-d '{"flow_id": "7ca8a456-94d7-4aa1-80b9-64894fdca93b", "parameters": {"msg": "Hello World"}, "tags": ["test"]}'
but prefect orion say
INFO: 127.0.0.1:53482 - "POST /flow_runs HTTP/1.1" 307 Temporary Redirect
Sincerely
-bino-
It's certainly possible to do it via curl but it might be painful especially if your flow has parameters. There's much easier way to trigger a flow that will be tracked by the backend API - run the flow Python script and it will have exactly the same effect. This is because the (ephemeral) backend API of Prefect 2.0 is always active in the background and all flow runs, even those started from a terminal, are tracked in the backend.
Regarding curl, it looks like you are missing the trailing slash after flow_runs. Changing your command to this one should work:
curl -X POST -H 'Content-Type: application/json' http://127.0.0.1:4200/api/flow_runs/ \
-d '{"flow_id": "7ca8a456-94d7-4aa1-80b9-64894fdca93b", "parameters": {"msg": "Hello World"}, "tags": ["test"]}'
The route which might be more helpful, though, is this one - it will create a flow run from a deployment and set it into a scheduled state - the default state is pending, which would cause the flow run to be stuck. This should work directly:
curl -X POST -H 'Content-Type: application/json' \
http://127.0.0.1:4200/api/deployments/your-uuid/create_flow_run \
-d '{"name": "curl", "state": {"type": "SCHEDULED"}}'
I am trying to integrate paypal payment gateway in my Node app in which i'm calling KillBill api provided for Paypal gateway in itsw documentation it is described that we will recieve a url in location header.
But on hitting it in postman i'm recieving html of that page instead of its url in Headers with key "location".
How to integrate it in node app so that if i make request to its url i get back the url of page to be redirected and can do anything i want.
KillBill docs link https://github.com/killbill/killbill-paypal-express-plugin
following is the api i'm using of paypal integration provided by kill bill
curl -v \
-X POST \
-u admin:password \
-H 'X-Killbill-ApiKey: bob' \
-H 'X-Killbill-ApiSecret: lazar' \
-H 'X-Killbill-CreatedBy: admin' \
-H 'Content-Type: application/json' \
-d '{
"kb_account_id": "13d26090-b8d7-11e2-9e96-0800200c9a66",
"currency": "USD",
"options": {
"return_url": "http://www.google.com/?q=SUCCESS",
"cancel_return_url": "http://www.google.com/?q=FAILURE",
"billing_agreement": {
"description": "Your subscription"
}
}
}' \
http://127.0.0.1:8080/plugins/killbill-paypal-express/1.0/setup-checkout
I have sort it some way i just converted that response html into a circular Json array and than found the URL of that html page in some index of that array as a key value pair of an object. Don't know that if it is a perfect solution but it works fine and according to my requirements.
I'm setting up a full node instance on my aws server for Cardano (ada), but cardano documents display a popup that this document is not fully updated. Can anyone help how to install full node on my server.
How to use json RPC calls to access this ada blockchain in testnet or mainnet. Because the example-
*curl -X POST https://localhost:8090/api/v1/wallets \
-H "Accept: application/json; charset=utf-8" \
-H "Content-Type: application/json; charset=utf-8" \
--cert ./scripts/tls-files/client.pem \
--cacert ./scripts/tls-files/ca.crt \
-d '{
"operation": "create",
"backupPhrase": ["squirrel","material","silly","twice","direct","slush","pistol","razor","become","junk","kingdom","flee"],
"assuranceLevel": "normal",
"name": "MyFirstWallet",
"spendingPassword": "5416b2988745725998907addf4613c9b0764f04959030e1b81c603b920a115d0"
}'*
in ada documentation used certificate verifications. Can anyone help how it can be implemented in nodejs.
I have already installed Daedalus wallet, nix.
I have created a IBM cloud Object storage service and i have created objects i.e image files in it.
I am looking for the steps to access the images as public URLs. I did some initial research and found there are cURL commands using swift Client to do this.
Reference links
How to access files in container in Object Storage Service in Bluemix? AND
Public URLs For Objects In Bluemix Object Storage Service
from the above links, it says the following steps
Set up the swift CLI . Can you link me the steps to set up Swift CLI ? ( the link in the reference link dosen't work anymore ).
2.Change the container ACL to read with following PUT request
curl -X PUT "https://dal.objectstorage.open.softlayer.com/v1/AUTH_123/mycontainer" \
-H "X-Auth-Token: token123" \
-H "X-Container-Read: .r:*"
But i am not sure what to input on X-Auth-Token header ? i have the following information from the service credentials of COS.
{
"apikey": "X7aDm6yu123123hXwqvq1231232HgOtIGeZiAOEg",
"endpoints": "https://cos-service.bluemix.net/endpoints",
"iam_apikey_description": "Auto generated apikey during resource-key operation for Instance - crn:v1:bluemix:public:cloud-object-storage:global:a/f9aabca54c702be8386b2a3f9815b4e4:d145a33e-e8b1-446f-a87d-69431eaec0b1::",
"iam_apikey_name": "auto-generated-apikey-bed16ed5-1373-47bc-b268-5e0f521bc802",
"iam_role_crn": "crn:v1:bluemix:public:iam::::serviceRole:Writer",
"iam_serviceid_crn": "crn:v1:bluemix:public:iam-identity::a/f9aabca54c702be8386b2a3f9815b4e4::serviceid:ServiceId-36c373a0-4bb9-4316-bc4b-86ea4c98dcd7",
"resource_instance_id": "crn:v1:bluemix:public:cloud-object-storage:global:a/f9aabca54c702be8386b2a3f9815b4e4:d145a33e-e8b1-446f-a87d-69431eaec0b1::"
}
Any help would be really appreciated. Thanks
The bearer token is from IAM.
https://console.bluemix.net/docs/services/cloud-object-storage/getting-started-cli.html#gather-key-information
See this doc on generating pre-signed urls (temporary).
https://console.bluemix.net/docs/services/cloud-object-storage/api-reference/api-reference-objects.html#object-operations
To do a one-off request like that, you can get oauth tokens from the command line using ibmcloud iam oauth-tokens. To specifically get an IAM Token, I use:
export IAM_TOKEN=`ibmcloud iam oauth-tokens | head -n 1 | awk ' {print $4} '`
Then follow that up with your cURL command:
curl -H "Authorization: Bearer $IAM_TOKEN" ...
An application should request tokens based on the apiKey as mentioned.
curl -X POST -H "Content-Type: application/x-www-form-urlencoded" -H "Cache-Control: no-cache" -d 'apikey=<your api key here>&grant_type=urn:ibm:params:oauth:grant-type:apikey' "https://iam.bluemix.net/identity/token"
Here's an example using NPM's request-promise:
const response = await rp({
url: 'https://iam.bluemix.net/identity/token',
headers: {
'Content-Type': 'application/x-www-form-urlencoded',
},
method: "POST",
body: `apikey=${apiKey}&grant_type=urn%3Aibm%3Aparams%3Aoauth%3Agrant-type%3Aapikey`,
json: true
});
const token = response.access_token;
I just created a qna knowledge base but i'm finding it difficult to consume the endpoint api. I have actually done this before Microsoft changed the endpoint configuration features. please find below my test credentials
POST /knowledgebases/6a523867-3606-480e-9179-bd7e06df4b4d/generateAnswer
Host: https://kb12.azurewebsites.net/qnamaker
Authorization: EndpointKey 604c416d-ef24-402d-b889-cbbb4c16a396
Content-Type: application/json
{"question":"hi"}
i used `Ocp-Apim-Subscription-Key: 604c416d-ef24-402d-b889-cbbb4c16a396 but i keep getting 502 error
.
keep getting 502 error
I do a test using fiddler and can reproduce same issue, to solve the issue, you can go Tools > Options > HTTPS to make tls1.2 allowable.
Test result:
Curl example that works for me -
replace xxxx..., yyyy...., and myazureresourcename with your own values shown on the publish page.
curl \
--header "Content-type: application/json" \
--header "Authorization: EndpointKey xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx" \
--request POST \
--data '{"question":"what is my endpoint?"}' \
https://myazureresourcename.azurewebsites.net/qnamaker/knowledgebases/yyyyyyyy-yyyy-yyyy-yyyy-yyyyyyyyyyyy/generateAnswer