I have the following url:
http://10.11.100.163:1080/v1/publish/?category=conf&product=UFED_INFIELD&serial=123&productGUIDs%5B0%5D%5Bproduct%5D=GLOBAL&productGUIDs%5B0%5D%5Bguid%5D=undefinedblabla&productGUIDs%5B1%5D%5Bproduct%5D=UFED_INFIELD&productGUIDs%5B1%5D%5Bguid%5D=undefinedblabla
As you can see there are several parameters that are formed by two names, like "productGUIDs%5B0%5D%5Bproduct%5D=GLOBAL" and this is equal to "productGUIDs[0][product]=GLOBAL"
now in the expectation file on the mock-server I am trying to create the request but without success until now.
this is what I wrote in the expectation file:
await mockServerClient(process.env.mockServerAddress , process.env.mockServerPort).setDefaultHeaders(defaultResponseHeaders, []).mockAnyResponse({
"httpRequest":{
"method": "GET",
"path": "/v1/publish",
"queryStringParameters": {
"category":["conf"],
"product":["UFED_INFIELD"],
"serial":["123"],
"productGUIDs%5B0%5D%5Bproduct%5D" : ["GLOBAL"],
"productGUIDs%5B0%5D%5Bguid%5D" : ["undefinedblabla"],
"productGUIDs%5B1%5D%5Bproduct%5D" : ["UFED_INFIELD"],
"productGUIDs%5B1%5D%5Bguid%5D" : ["undefinedblabla"],
}
},
when sending the request (GET) with POSTMAN, I get 404, means, the mock-server does not recognize the request.
any advice of how to write the query string parameters in the expectation file will be really appreaciated
The correct queryStringParameters syntax is an array of objects with name/values keys, like this:
"queryStringParameters": [
{
"name": "category",
"values": ["conf"]
},
{
"name": "product",
"values": ["UFED_INFIELD"]
},
{
"name": "productGUIDs%5B0%5D%5Bproduct%5D",
"values": ["GLOBAL"]
}
]
Here an example of an expectation in a file.yaml for a POST request with queryStringParameters. To adapt it to the GET method just delete the body and change "POST" by "GET" :
times:
remainingTimes: 1
unlimited: false
httpRequest:
method: POST
path: /accounts/login
queryStringParameters:
urlparameter1: 'value1'
body:
type: PARAMETERS
parameters:
username: myusername
password: mypassword
httpResponse:
body: {
"access_token": "e55etg9c-167e-4841-b0r3-y8fe5d1t7568",
"token_type": "bearer",
"redirectUrl": "/menu/clothes"
}
statusCode: 200
reasonPhrase: OK
The indexation is very important in the .yaml file, so be careful to have the good format for each element, otherwise it won't work.
You can find here the documentation to do expectations :
https://www.mock-server.com/mock_server/creating_expectations.html#button_match_request_by_negative_priority
Maybe you'll find your answer in the example "match request by path parameter and query parameter" in the link above.
Related
I have out form one of the tasks in Logic App:
{
"headers": {
"Connection": "close",
"Content-Type": "application/json"
},
"body": {
"systemAlertId": "....",
"endTimeUtc": null,
"entities": [
{
"$id": "us_1",
"hostName": "...",
"azureID": "someID",
"type": "host"
},
{
"$id": "us_2",
"address": "fwdedwedwedwed",
"location": {
"countryCode": "",
},
"type": "ip"
},
],
}
}
I need initialize some variable named resourceID that contains value someID which is read from above example.
Value someID will always be found in the first member of Entities array, in that case I guess need to use function first
Any idea how expression of Initial variable should look?
Thanks
Considering the mentioned data you are receiving from Http trigger, I have used Parse JSON in order to get the inner values of the mentioned JSON. Here is how you can do it.
and now you can initialize the resourceID using 'Initialise variable' connector and set its value to azureID as per your requirement.
Have a look at the Parse JSON action.
To reference or access properties in JavaScript Object Notation (JSON) content, you can create user-friendly fields or tokens for those properties by using the Parse JSON action. That way, you can select those properties from the dynamic content list when you specify inputs for your logic app. For this action, you can either provide a JSON schema or generate a JSON schema from your sample JSON content or payload.
With the information in the JSON available in an object, you can more easily access it.
I want to get the Name, ID, Name of the assigned Role and the ID of the role of one user in one single request.
To get all the Roles assigned to one user I used this Query:
GET https://graph.microsoft.com/v1.0/rolemanagement/directory/roleAssignments?$filter=principalId eq '55c07278-7109-4a46-ae60-4b644bc83a31'
https://learn.microsoft.com/en-us/azure/active-directory/roles/list-role-assignments-users
The problem with this query is, that it will return the roleDefinitionId (ID of the Role) but it wont return the name of the Role. I could get the name with the next query down below but then it shows me all of the possible roles and not the roles of the specific user.
https://graph.microsoft.com/v1.0/directoryRoles
https://learn.microsoft.com/en-us/graph/api/directoryrole-list?view=graph-rest-1.0&tabs=http
So as I see it I need to combine 3 queries into one to get all the information I need. The Response should look something like this:
"body": {
"value": [
{
"id": "RhIJaeggVsdfglgdbKnqH7iZeBasdGEush5pky7SmE-1",
"principalId": "55c07278-7109-4a46-ae60-4b644bc83a31",
"userDisplayName": "Ben Dover"
"roleDisplayName": "Global Administrator",
"roleDefinitionId": "69091246-20e8-4a56-aa4d-066075b2a7a8"
}
}
To achieve that I tried this:
POST https://graph.microsoft.com/v1.0/$batch
{
"requests": [
{
"id": "1",
"method": "GET",
"url": "directoryRoles/0f564192-5db7-4c5e-a9bc-8d5sdgfaf7af/members"
},
{
"id": "2",
"method": "GET",
"url": "rolemanagement/directory/roleAssignments?$filter=principalId eq 'e065e27e-b675-443c-bac8-79a453bb4a61'"
},
{
"id": "3",
"method": "GET",
"url": "me/?$select=displayName,id"
}
]}
Now this works. And I get all the Information that I need, but the response is pretty long and hard to read even if you know what you are looking for. Is it possible to get the response in a shortened form like in the example above?
I am developing a JAMStack project using keystonejs 6 and nuxtjs. As we know, keystonejs uses prisma and graphql (I guess apollo) to serve CRUD (generic) actions on our data model. So it makes the apis (even graphql or rest) and the errors generated are also generated by keystonejs. Now the problem is when the client send a wrong request to keystonjs, then it will help the client to correct the query and gives hints on it. For example if I query the next request:
await fetch("https://host:port/api/graphql", {
"credentials": "include",
"headers": {
"User-Agent": "Mozilla/5.0 (X11; Linux x86_64; rv:94.0) Gecko/20100101 Firefox/94.0",
"Accept": "*/*",
"Accept-Language": "en-US,en;q=0.5",
"Content-Type": "application/json",
"Sec-Fetch-Dest": "empty",
"Sec-Fetch-Mode": "cors",
"Sec-Fetch-Site": "same-site"
},
"referrer": "https://host:port/",
"body": "{\"operationName\":null,\"variables\":{},\"query\":\"{\\n navigationMenus(where: {status: {not: {equals: \\\"invisible\\\"}}}) {\\n ida\\n title\\n pageURL\\n childrenCount\\n parent {\\n id\\n pageURL\\n __typename\\n }\\n __typename\\n }\\n}\\n\"}",
"method": "POST",
"mode": "cors"
});
as the field ida is not valid, is returns a bad request error with status code 400 (which is ok) and also helps the client with the following response:
errors [ {…} ]
0 Object { message: "Cannot query field \"ida\" on type \"NavigationMenu\". Did you mean \"id\"?", locations: […], extensions: {…} }
message "Cannot query field \"ida\" on type \"NavigationMenu\". Did you mean \"id\"?"
locations [ {…} ]
0 Object { line: 3, column: 5 }
line 3
column 5
extensions Object { code: "GRAPHQL_VALIDATION_FAILED" }
code "GRAPHQL_VALIDATION_FAILED"
So this will lead to some vulnerabilities since if I forget to make currect access controls on some fields, attacker may find field names with some tries and access to those data.
Although I can understand that this is not a very big issue, but is there a way to turn graphql hints off on production?
Keystone is build on top of Apollo and lets you pass additional config though to the Apollo server on start via the graphql.apolloConfig config option:
graphql.apolloConfig (default: undefined): Allows you to pass extra options into the ApolloServer constructor.
– Keystone 6: System Configuration API docs
This can be used to modify the Apollo error handling behaviour and replace it with your own. A simple example may look like this:
import { config } from '#keystone-next/keystone';
import { lists } from './schema';
import { ValidationError } from 'apollo-server-express';
import { GraphQLError } from 'graphql';
export default config({
db: {
provider: 'sqlite',
url: process.env.DATABASE_URL,
},
lists,
graphql: {
apolloConfig: {
formatError: (error: GraphQLError): any => {
if (error instanceof ValidationError) {
return new ValidationError('Invalid request.');
}
}
}
}
});
Any GraphQL queries that attempt to access non-existent field will then receive the response:
{
"errors": [
{
"message": "Invalid request.",
"extensions": {
"code": "GRAPHQL_VALIDATION_FAILED"
}
}
],
"data": null
}
The general problem of Apollo leaking data in this way is being tracked in the Apollo repo, eg: Validation errors can be used to get schema details #2247. It sounds like progress is being made.
I am trying to add a simple mailbox filter to Gmail, and getting error 400. The response text says that "Filter doesn't have any criteria" but of course I believe I do. Here is the payload data:
{
"filter": [{
"id": "ABC12345-2",
"criteria": {
"from": "donald trump"
},
"action": {
"addLabelIds": ["TRASH"]
}
}]
}
This is the URL that I am posting to:
https://gmail.googleapis.com/gmail/v1/users/{userId}/settings/filters
There is no problem with authentication. I have tried it with and without the "id" field. Any ideas about what I am doing wrong?
I'm not sure about your actual script. So I'm not sure about the requirement of {"filter": []}. But when I saw the official document, it seems that the sample request body for the endpoint of POST https://gmail.googleapis.com/gmail/v1/users/{userId}/settings/filters is as follows, when your request body is used.
Sample request body:
{
"id": "###",
"criteria": {"from": "###"},
"action": {"addLabelIds": ["TRASH"]}
}
id: string, The server assigned ID of the filter.
criteria: object (Criteria), Matching criteria for the filter.
action: object (Action), Action that the filter performs.
In this case, even when id is not used, no error occurs.
You can also test above at "Try this API".
References:
Method: users.settings.filters.create
Resource: Filter
I need to create express route for the following url:
www.somesite.com/some-text-goes-here-id
In this case i want to have to parameters:
text: some-text-goes-here
id: id
Official documentation states the following example:
Route path: /flights/:from-:to
Request URL: http://localhost:3000/flights/LAX-SFO
req.params: { "from": "LAX", "to": "SFO" }
However in my case i need to have multiple '-' and only the last one should be id ...
This would be example
Route path: /flights/???
Request URL: http://localhost:3000/flights/some-text-goes-here-123
req.params: { "from": "some-text-goes-here", "to": "123" }
Im not sure if this is even possible to do this way?
Thanks
From docs:
Since the hyphen (-) and the dot (.) are interpreted literally, they
can be used along with route parameters for useful purposes.
So you can write just
Route path: /flights/some-text-goes-here-:id
Request URL: http://localhost:3000/flights/some-text-goes-here-123
req.params: { "id": "123" }
that is not possible. You can either have
/flights/:from/:to
then you can have
req.params: { "from": "some-text-goes-here", "to": "123" }
or have
/flights/:from-to-dest
then you can have
req.params: { "from-to-dest": "some-text-goes-to-123" }
and then split the text by delimiter -to- and take 2nd token
or split just by - and take last token.
I think I found out pretty easy way to do it:
Route path: /site/*-:id
Request URL: http://localhost:3000/site/some-text-goes-here-123
req.params: { "0": "some-text-goes-here", "id": "123" }
And if i just want to handle id below goes another route:
Route path: /site/:id
Request URL: http://localhost:3000/site/123
req.params: { "id": "123" }
Only downside here is that first param is unnamed "0".