When adding a connection using the Twitter connector offered by the Unification Engine, what are the parameters that need to be used and how are they to be passed in the URI?
To send tweet use
curl -XPOST https://apiv2.unificationengine.com/v2/message/send \
--data "{ \"message\": { \"receivers\": [{\"name\": \"name\", \"address\": \"TWITTER_HANDLE\" , \"Connector\": \"UNIQUE_CONNECTION_IDENTIFIER\"}],\"parts\": [{\"id\": \"1\",\"contentType\": \"text/plain\", \"data\":\"MESSAGE_CONTENT\" ,\"size\": MESSAGE_CONTENT_SIZE,\"type\": \"body\",\"sort\":0}]}}" \
-u USER_ACCESSKEY:USER_ACCESSSECRET -k
Where USER_ACCESSKEY:USER_ACCESSSECRET is got when you add the user using UE_APPKEY:UE_APPSECRET
curl -XPOST https://apiv2.unificationengine.com/v2/user/create -u UE_APPKEY:UE_APPSECRET \
--data '{}' -k
Response data:
{"status":200,"info":"200 OK","uri":"user://USER_ACCESSKEY:USER_ACCESSSECRET"}
Let me explain the commands used to add a twitter connection in #UnificationEngine
To add twitter connection in #UnificationEngine use
curl -XPOST https://apiv2.unificationengine.com/v2/connection/add \
-u USER_ACCESSKEY:USER_ACCESSSECRET \
--data '{"uri":"twitter://ACCESS_TOKEN:SECRET#twitter.com","name":"UNIQUE_CONNECTION_IDENTIFIER"}' \
-k
ACCESS_TOKEN:SECRET - is the one got by authentication the twitter connection in the user application.
UNIQUE_CONNECTION_IDENTIFIER - specified here will be further used to address this connection in UE.
f.e to send a tweet the user will have to use the variable specified under UNIQUE_CONNECTION_IDENTIFIER
Related
I do have a simple AWS API Gateway implementation protected by an AWS_IAM Authorization.
I just want to test from command line via cURL :
curl --location --request GET 'https://<API_ID>.execute-api.eu-west-1.amazonaws.com/stage?type=type&category=category&lc=lc&passprhase=passprhase&product=product'
--header 'Authorization: AWS4-HMAC-SHA256 Credential=<AWS_ACCESS_KEY>/20200127/eu-west-1/execute-api/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date, Signature=<AWS_SECRET_ACCESS_KEY>' --header 'Content-Type: application/json' \
--data-raw '{"query":"","variables":{}}'
but keep getting the follow error :
Authorization header requires existence of either a 'X-Amz-Date' or a 'Date' header.
Can someone advice what am I doing wrong ?
AWS V4 signature authentication is supported in curl starting from version 7.75, so you should be able to call your AWS resource this way:
curl --location --request GET 'https://$API-ID.execute-api.eu-west-1.amazonaws.com/stage?type=type&category=category&lc=lc&passprhase=passprhase&product=product' \
--header 'Content-Type: application/json' \
--user $ACCESS_KEY:$SECRET_KEY \
--aws-sigv4 "aws:amz" \
--data-raw '{"query":"","variables":{}}'
Note that you may need to add in the --aws-sigv4 value your region and service.
For example: --aws-sigv4 "aws:amz:eu-west-2:execute-api"
You can find more documentation here: https://curl.se/libcurl/c/CURLOPT_AWS_SIGV4.html
And the documentation for the CLI option here: https://curl.se/docs/manpage.html#--aws-sigv4
AWS_IAM authorization uses Sigv4 and its calculation process requires values certain headers - Date being one of them. You are passing x-amz-date as a part of the "SignedHeaders" field, but not actually passing it with the other headers.
One way to create the right curl command to invoke an API with AWS_IAM would be to use Postman application. Add in the API URL and select "AWS Signature" under Authorization tab. You can then select the "Code" option and get the full curl command which would look something like this -
curl -X POST \
https://$API-ID.execute-api.$AWS_REGION.amazonaws.com/$STAGE/$RESOURCE \
-H 'authorization: AWS4-HMAC-SHA256 Credential=$ACCESS_KEY/20200128/$AWS_REGION/execute-api/aws4_request, SignedHeaders=content-type;host;x-amz-date, Signature=$SIGNATURE_VALUE' \
-H 'cache-control: no-cache' \
-H 'content-type: application/x-www-form-urlencoded' \
-H 'host: API-ID.execute-api.$AWS_REGION.amazonaws.com' \
-H 'postman-token: 15f9498e-95b7-f22b-eed9-016cdea07424' \
-H 'x-amz-date: $DATE_STAMP'
Create a Canonical Request for Signature Version 4
I could suggest to use awscurl which is much easier.
To install awscurl click here. For documentation you can refer here.
Example to call apigateway to call lambda for POST query is below.
awscurl --service execute-api -X POST -d '{ "alias" : "xyx", "type" : "LDAP" }' https://.execute-api.us-west-2.amazonaws.com/Prod/user/groups/get --region us-west-2 --access_key ACCESS_KEY --secret_key mfBl0YJRsXDue4C5F5B6rz1eUpQpA8uC24RtSnsg --security_token SECURITY_TOKEN
I'm trying to send messages following this guide, but i'm getting 403.
The bot is deployed on Azure using Web App Bot template.
I got the bearer token
curl -X POST \
https://login.microsoftonline.com/botframework.com/oauth2/v2.0/token \
-H 'Content-Type: application/x-www-form-urlencoded' \
-H 'Postman-Token: ea607e32-4939-4005-85f4-440bc71d6e12' \
-H 'cache-control: no-cache' \
-d 'grant_type=client_credentials&client_id=655fde6d-0086-4b7c-b82c-8033b05555e5&client_secret=C*bd%3B%7D%5Ed1%3F7_(D%5Dq%5E%2B%2Bm6c%5E%5BQ-%7D&scope=https%3A%2F%2Fapi.botframework.com%2F.default&undefined='
Send message with auth
curl -X POST \
https://webchat.botframework.com/v3/conversations/26573ac9cd7c4242aaa3c9692248b11a/activities \
-H 'Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsIng1dCI6Ii1zeE1KTUxDSURXTVRQdlp5SjZ0eC1DRHh3MCIsImtpZCI6Ii1zeE1KTUxDSURXTVRQdlp5SjZ0eC1DRHh3MCJ9.eyJhdWQiOiJodHRwczovL2FwaS5ib3RmcmFtZXdvcmsuY29tIiwiaXNzIjoiaHR0cHM6Ly9zdHMud2luZG93cy5uZXQvZDZkNDk0MjAtZjM5Yi00ZGY3LWExZGMtZDU5YTkzNTg3MWRiLyIsImlhdCI6MTU0OTIxNTIyOSwibmJmIjoxNTQ5MjE1MjI5LCJleHAiOjE1NDkyMTkxMjksImFpbyI6IjQySmdZSGo1NGU3TzZVOGI1Mlo2dk1yTUxWQXBBQUE9IiwiYXBwaWQiOiI2NTVmZGU2ZC0wMDg2LTRiN2MtYjgyYy04MDMzYjA1NTU1ZTUiLCJhcHBpZGFjciI6IjEiLCJpZHAiOiJodHRwczovL3N0cy53aW5kb3dzLm5ldC9kNmQ0OTQyMC1mMzliLTRkZjctYTFkYy1kNTlhOTM1ODcxZGIvIiwidGlkIjoiZDZkNDk0MjAtZjM5Yi00ZGY3LWExZGMtZDU5YTkzNTg3MWRiIiwidXRpIjoiSnRmU3dTMEt0VWUzTl8xTldfNWJBQSIsInZlciI6IjEuMCJ9.B4837ahaYuc00_dU8v-RyuC0CC0NXXKSGaNFyj5VcjkGsMUfKRBfXtDfebv0mMbDz7Vaw_VSmO4Y-WSn_LOrYv6qqB1-vGhD6zf3DkZ3SUnSUVkNmTS93Vc2N18C6pvAm129P2-YYlCJu-bQJtX-ZKXFjcJ2oQ70P-X3A-zFrVj1rSzd6pyRqRLJJw58ZnaAUosBs7KgEzDoRCRn61lcrDqIny-BoWrlGsTPMUWl2hAsZnj-0-QR0CE1oxTTfkRYElZua1zwsKf6-VaOxvQNhtkHemzqpo5ctUyQMmlkHEVyUCXhUPzPNYdgPyF87pLJq7fhimgRAe5YAjJMlbRANA' \
-H 'Content-Type: application/json' \
-H 'Postman-Token: f19c7788-3933-4b4a-9ce6-ebfcc953903f' \
-H 'cache-control: no-cache' \
-d '{
"type": "message",
"from": {
"id": "NotificationApi",
"name": "Notification"
},
"text": "Haircut on Saturday"
}'
The serviceUrl and conversation I got from session.message.address
Then, the response code is 403- Forbiden.
Can someone help me ?
I think the mistake here is that you're attempting to authenticate the WebChat channel with an OAuth based bearer token rather than using token based authentication. OAuth token acquisition happens over the channel once it's connection is established.
This blog post does a pretty good job explaining the difference between the two and walking through the various steps of configuring an DirectLine channel (which supports more advanced scenario for acquiring tokens), fetching a token from it for the WebChat to use and then, later, performing the OAuth token exchange via the Bot Framework Service.
I am playing around with hyperledger fabric sample apps. In "Balance transfer" app, they have provided sample requests to login user, create channel and more.....
But whatever the username i provide, it logged it in successfully.
Request:
curl -s -X POST \
http://localhost:4000/users \
-H "content-type: application/x-www-form-urlencoded" \
-d 'username=Jim&orgName=org1'
Response
{
"success": true,
"secret": "GSHPwdfBQyzB",
"message": "Jim enrolled Successfully",
"token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE1MTI0MjkxNzYsInVzZXJuYW1lIjoiSmltIiwib3JnTmFtZSI6Im9yZzIiLCJpYXQiOjE1MTIzOTMxNzZ9.AAH5A9V08QfMvPmsDpoHVkYsFNbQX-nRMU025NziZRc"
}
No matter what username i provide it log it in successfully.
Can anyone explain, what is actually going on.
The command
curl -s -X POST \
http://localhost:4000/users \
-H "content-type: application/x-www-form-urlencoded" \
-d 'username=Jim&orgName=org1'
registers and enrolls a user. You are sending the POST request as an admin with registration privileges.
I have the following POST call I need to make. However, even if I provided the right client id and secret id, my call is getting rejected.
curl POST https://login.microsoftonline.com/f02....e3/oauth2/token
-H 'Content-Type: application/x-www-form-urlencoded' --data 'grant_type=authorization_code&redirect_uri=https://requestb.in/ac&
source=https://graph.microsoft.com&client_id=1e1....-913d9
&client_secret=YmbSFYz.....4Uk=&scope=mail.read&code=AaAAA........on0a569'
This is the error I receive:
curl: (6) Could not resolve host: POST
{"error":"invalid_client","error_description":"AADSTS70002:
Error validating credentials. AADSTS50012: Invalid client secret is
provided.\r\nTrace ID: 78d...a2b\r\nCorrelation ID:
01....ab2\r\nTimestamp: 2016-12-14 01:46:47Z","error_codes":[70002,50012],"timestamp":"2016-12-14 01:46:47Z","trace_id":"78d....a2b","correlation_id":"018.....ab2"}
How could I resolve this ?
EDIT: I am trying to achieve the second section(i.e getting token) in this documentation
The post you provided is leveraging AAD V2 endpoint. But according your code snippet, you were using V1 endpoint https://login.microsoftonline.com/f02....e3/oauth2/token. For acquire access token via V1 endpoint, you can refer to https://graph.microsoft.io/en-us/docs/authorization/app_authorization for more details.
For the V2 authorization endpoint, you may check out the endpoints you are using:
GET https://login.microsoftonline.com/common/oauth2/v2.0/authorize?...
POST https://login.microsoftonline.com/common/oauth2/v2.0/token
And also it is required a v2.0 ad application:
This article assumes a v2.0 registration, so you'll register your app on the Application Registration Portal.
It was due to client_secret. It may contain special characters.
The encodeURIComponent() function encodes a URI component.
This function encodes special characters. In addition, it encodes the following characters: , / ? : # & = + $ #
Use the below one:
encodeURIComponent(client_secret);
In my case:
in configs You have to use the client secret "Value", not ID.
This Value is visible only when it is generated. So you can copy/paste it, in this moment.
See: https://learn.microsoft.com/en-us/answers/questions/370508/getting-34invalid-client-secret-is-provided34-erro.html
I am using the npm package:
Microsoft Azure Active Directory Passport.js Plug-In
with the v1 tenant-specific endpoint.
I was initially receiving the same error message after successfully logging into Microsoft: "Invalid Client Secret".
I was using the "Application ID" as the Client Secret. Then I discovered that you need to go onto the "Settings" tab in the Microsoft Azure Portal
Microsoft Azure
and create a new "Key". It doesn't matter what you name the key. When you click the "Save" button, the value of the key will be filled in the web form. Copy this right away, since it will not be displayed again if the web page is refreshed.
This is the "Client Secret" that you need to add to your configuration.
I hade the same problem today and with help of #muthu I sorted it out.
When client secret is generated with app registration in azure. The secret is plain. But when to use it in the rest call you must urlencode it.
Use an encoder like visual code or other. But it must be encoded else you ge the error
AADSTS7000215: Invalid client secret is provided.
You need to base 64 encode client_secret in the POST body.
For example (using curl):
# Authn details
LoginURL='https://login.microsoftonline.com'
TenantDomain='********.onmicrosoft.com'
ClientID='********'
ClientSecret='********'
# Endpoint details
Resource='https://graph.microsoft.com'
TenantGUID="********"
# Authenticate with OAuth v1
URL="$LoginURL/$TenantDomain/oauth2/token?api-version=1.0"
json=`
curl \
-s \
-k \
-X POST \
-H "Content-Type: application/x-www-form-urlencoded" \
-u "$ClientID:$ClientSecret" \
-d "grant_type=client_credentials" \
-d "resource=$Resource" \
-d "client_id=$ClientID" \
--data-urlencode "client_secret=$ClientSecret" \
$URL \
| python -m json.tool
`
access_token=`echo $json | python -c 'import sys, json; print json.load(sys.stdin)["access_token"]'`
token_type=`echo $json | python -c 'import sys, json; print json.load(sys.stdin)["token_type"]'`
#echo "access_token:$access_token"
#echo "token_type:$token_type:"
# Access resource
URL="$Resource/v1.0/directoryRoles/$TenantGUID/members"
curl \
-s \
-k \
-X GET \
-H "Content-Type: application/x-www-form-urlencoded" \
-H "Authorization: $token_type $access_token" \
$URL \
| python -m json.tool
I'm using the IoT Agent Ultra-Light module to communicate with the Orion context broker. I can create services and devices and I have checked that the observations reach the context broker too.
curl -X POST XXX.XXX.XXX.XXX:8090/iot/services \
-i \
-H "Content-Type: application/json" \
-H "Fiware-Service: sanitysrv " \
-H "Fiware-ServicePath: / sanitysspath " \
-d '{"services": [{"apikey": "", "cbroker": "http://127.0.0.1:1026", "entity_type": "Dispositivo_tmp", "resource": "/iot/d"}]}'
curl -X POST XXX.XXX.XXX.XXX:8090/iot/devices \
-i \
-H "Content-Type: application/json" \
-H "Fiware-Service: sanitysrv" \
-H "Fiware-ServicePath: /sanitysspath" \
-d '{"devices":[{"device_id":"CE_BDM_3","protocol":"PDI-IoTA-UltraLight", "commands": [], "attributes": [{"type":"int","name":"temperature","object_id":"t"}]}]}'
My problem is that I don´t know how to register a device that contains lazy attributes, and I haven´t found any documentation with related examples. The examples from other IoT Agents that I have tried are not working here.
¿How can it be done?
Lazy attributes are not supported in the UL2.0/MQTT Agent so far but in IoT Agents developed with node.js.
We'll let you know as soon as this feature is available.
Cheers,