I successfully used tm1py package and was able to get the cubes information using below code.
from TM1py.Services import TM1Service
with TM1Service(address= "localhost",port="51130",user= "pm",password= "IBMDem0s",namespace="Harmony LDAP",ssl= False) as tm1:
df =tm1.cubes.cells.execute_view_dataframe(cube_name ="PUR_Sales_Planning",view_name="View1",private= False)
Now I need to check the same thing using Postman commands. I tried https://code.cubewise.com/blog/mastering-the-tm1-rest-api-with-postman to test that
.So I used Authorization Type as 'Basic Auth'.User name as pm,password as IBMDemos.And the URL as follows.http://localhost:51130/api/v1/Cubes (I just need all the cube names).
But I got an error from postman '401 Unauthorized'.Can anyone advise what has gone wrong here.Do I need to enter namespace name field in somewhere in postman.
Did you try https instead of http?
Because for me when I tried your example on postman I use HTTPS and it works for me.
And in the example it's HTTPS too.
Moreover you have to put the servername of the server where your TM1server is (instead of localhost). After you have to put the httpportnumber entered in your tm1s.cfg file.
Here is an exemple:
https://'servername':'httpportnumber'/api/v1/Cubes
Please let me know how you handle with it.
Since you are providing namespace in TM1py example, I guess, you are using CAM security.
Postman.
In Authorization tab set Type to 'No Auth'.
Set the following Authorization header:
CAMNamespace base64(user:password:namespace)
In your case the string will look like so:
CAMNamespace cG06SUJNRGVtMHM6SGFybW9ueSBMREFQ
Now you can execute the query.
References:
https://www.ibm.com/docs/en/planning-analytics/2.0.0?topic=api-authenticating-managing-sessions
https://www.base64encode.org/
Related
I am struggling to understand exactly how JWT-based authentication should be implemented in Django (I am using simplejwt). I am just a beginner, so please brace yourselves for some silly questions. The rest-framework-simplejwt documentation is very minimal and does not provide enough detail for a newbie like me.
path('token/obtain', jwt_views.TokenObtainPairView.as_view(), name='token_create'),
path('token/refresh', jwt_views.TokenRefreshView.as_view(), name='token_refresh'),
So, I've created the paths in my urls.py as suggested by the official documentation. Where do I go from here? I guess my confusion comes from the fact that I am not sure where exactly in the code I have to issue my tokens. Let's say, I am logging in the user. So, in order to obtain the token, do I have to send a request to the 'token_create' endpoint from inside my view? Or do I have to somehow indicate it in one of my serializers? What about the 'refresh_token' endpoint? Is there a specific method that I need to use?
Then, what do I do with the token once it has been issued? Clearly, I shouldn't save it in the database since it defeats the entire purpose of using JWTs in the first place. From my understanding, I should attach it to the headers so that the subsequent requests by the user contain the tokens in the headers.
The frontend will be written in ReactJS and will be on a separate server from my Django backend API, and the communication between the two will be configured through CORS.
In this case, how do I attach the token to the headers and make it so that the user's browser sends in the token with each request? Is there some sort of package that could be useful for that?
I think you just mixed everything up, I'm gonna explain everything however you may already know some stuff.
JWT simply is a way to authorize users, you usually create an endpoint to create a token for the users, this endpoint can be named login, create_token, 'generate_token', or anything! doesn't really matter!
However maybe if u use a specific library maybe it forces you to use a specific endpoint but in Flask it's really what you like.
This login (whatever you call it) endpoint will take a username and password and checks if it exists and it's correct, then generates a JWT with a library like PyJWT, You can configure the JWT to be expired in for example 20 mins or more, then you encrypt a dictionary(JSON?) which usually contains user_id which you query from the database. example of the JSON you provide to the user with:
{
"user_id": something,
"role": something,
...
}
Then it will be encrypted to a long string.
now when the user sends a request, he/she needs to have that long string as the Authorization header of the request.
In postman --> Authorizations, choose Bearer Authorization and then insert that long string.
We also give the user a refresh_token.
This is the example of the JSON you provide the user with when he/she calls the login endpoint:
{
token: some_long_string,
refresh_token: some_long_string,
}
So what is refresh Token?
it's just the token that when the main token expires instead of making the user enter username and password again, he just sends the refresh token we gave him while he called login.
One more point: This was the whole flow and logic you need to implement. Do it as you like, libraries or anything you like, doesn't really matter.
So, I'm trying to use the ebaysdk-python module, to connect to ebay and get a list of orders. After struggle a little bit with the connection, I've finally have found the ebay.yaml syntax. I have then configured the user and password, but I'm receiving this Error 16112.
So, this is my question: is there a way to connect to ebay without interactivity? I mean, without the need to give the permission to get the token and such (oauth)?
I've finally found the way to do this: I have created a user token using the method auth'n'auth. This user token have almost a year of validity, so it can be used for my purpose. Now, there is another question around that.
I would like to use my own Auth service on every request. I found that by creating plugin is the best way to do it. I am just curious, How can I return an error directly after pre function ?
For example:
User access api
Plugin check the token that sent along with the api request
if it is false, then return error directly to user as Error HTTP 401 without
processing into the proxy url.
UPDATE
I got this error when using custom auth plugin:
{ "error": "Session state is missing or unset! Please make sure that auth headers are properly applied."}
And this is how I got there:
https://community.tyk.io/t/create-python-plugin/1369/6
Thanks
Information on how to write custom middleware in order to achieve this goal can be found in the official documentation. Tyk v2.3 currently supports plugins written in Python 3 as well as LuaJIT, ES5 and gRPC-compatible languages (e.g., Ruby, Java, .NET, &c.).
Further details regarding error templates can be found here, if needed.
The Session object does not exist in all the possible hooks, like the Pre Hook.
I'm trying to support OAuth2 login through Python Flask, so I want to handle a URL that looks like this:
http://myserver/loggedIn#accessToken=thisIsReallyImportant
but when I handle the callback it just seems to drop all the characters after the # in the URL, which contains the important Oauth access token. How do I get this info? It's not included in request.url
ETA: I can retrieve it in client-side javascript using window.location in Javascript, but then I'd have to pass it back to the server, which feels a little hokey but maybe Oauth2 is meant to be done that way?
From the RFC:
Fragment identifiers have a special role in information retrieval
systems as the primary form of client-side indirect referencing
[...]
the fragment identifier is not used in the scheme-specific
processing of a URI; instead, the fragment identifier is separated
from the rest of the URI prior to a dereference
As such, flask drops everything after the '#'. If you want to forward these to the server, you'll have to extract them on the client and pass them to the server via a query parameter or part of the URL path.
You are using the incorrect OAuth 2 grant type (implicit grant) for what you want to do. Implicit grant supplies the token in the fragment as you observed to be used by a javascript client. There is another type of grant, authorization code, which is similar but supplies it in the URI query which you can access from Flask.
You can tell the two apart from the the redirect URI you create for authorization, if it has response_code=code you are on the right track. You currently use response_code=token.
If you are using Facebook look at https://developers.facebook.com/docs/facebook-login/login-flow-for-web-no-jssdk/
For Google look at https://developers.google.com/accounts/docs/OAuth2WebServer
You might also be interested in https://flask-oauthlib.readthedocs.org/en/latest/ which can help you with OAuth.
Let's say we have an image in the Google App Engine and sites are hotlinking it.
How can I find the domain names of the sites?
My first thought was:
request.client
and then do a reverse lookup but that it's not possible in GAE and would take a lot of time.
I am pretty sure that there is a property that allows me to get the url of the site that is requesting the file
(somewhere in request?). GAE has a Request class but I couldn't make it work inside web2py.
Any ideas?
You can easily get the referrer from the request headers. This referrer can be spoofed, but most people do not spoof it and it is already resolved.
There is no automatic way to resolve the DNS other than manually resolving it. Like you said, a DNS resolution takes extra time and it makes no sense for Web2Py or any other framework to do it.
If you're just looking to find out the domain names (not to block the requests by running a script when the image URL is requested), then they'll be in the request logs. In the admin thingy go to "Logs", select "Requests only" from the drop-down. If you expand "Options" you can filter on the relevant filename.
Then expand each request log entry, and the referer is either a hyphen, or the string in quotes immediately following the 200 (or whatever) status code and the size transferred. Chances are very high that not all of the clients have blocked or spoofed the header, so you'll see the URLs linked from.
You can also download the logs using the SDK, and search/process them locally:
appcfg.py --email=whatever request_logs some_filename