I would like to use my own Auth service on every request. I found that by creating plugin is the best way to do it. I am just curious, How can I return an error directly after pre function ?
For example:
User access api
Plugin check the token that sent along with the api request
if it is false, then return error directly to user as Error HTTP 401 without
processing into the proxy url.
UPDATE
I got this error when using custom auth plugin:
{ "error": "Session state is missing or unset! Please make sure that auth headers are properly applied."}
And this is how I got there:
https://community.tyk.io/t/create-python-plugin/1369/6
Thanks
Information on how to write custom middleware in order to achieve this goal can be found in the official documentation. Tyk v2.3 currently supports plugins written in Python 3 as well as LuaJIT, ES5 and gRPC-compatible languages (e.g., Ruby, Java, .NET, &c.).
Further details regarding error templates can be found here, if needed.
The Session object does not exist in all the possible hooks, like the Pre Hook.
Related
I successfully used tm1py package and was able to get the cubes information using below code.
from TM1py.Services import TM1Service
with TM1Service(address= "localhost",port="51130",user= "pm",password= "IBMDem0s",namespace="Harmony LDAP",ssl= False) as tm1:
df =tm1.cubes.cells.execute_view_dataframe(cube_name ="PUR_Sales_Planning",view_name="View1",private= False)
Now I need to check the same thing using Postman commands. I tried https://code.cubewise.com/blog/mastering-the-tm1-rest-api-with-postman to test that
.So I used Authorization Type as 'Basic Auth'.User name as pm,password as IBMDemos.And the URL as follows.http://localhost:51130/api/v1/Cubes (I just need all the cube names).
But I got an error from postman '401 Unauthorized'.Can anyone advise what has gone wrong here.Do I need to enter namespace name field in somewhere in postman.
Did you try https instead of http?
Because for me when I tried your example on postman I use HTTPS and it works for me.
And in the example it's HTTPS too.
Moreover you have to put the servername of the server where your TM1server is (instead of localhost). After you have to put the httpportnumber entered in your tm1s.cfg file.
Here is an exemple:
https://'servername':'httpportnumber'/api/v1/Cubes
Please let me know how you handle with it.
Since you are providing namespace in TM1py example, I guess, you are using CAM security.
Postman.
In Authorization tab set Type to 'No Auth'.
Set the following Authorization header:
CAMNamespace base64(user:password:namespace)
In your case the string will look like so:
CAMNamespace cG06SUJNRGVtMHM6SGFybW9ueSBMREFQ
Now you can execute the query.
References:
https://www.ibm.com/docs/en/planning-analytics/2.0.0?topic=api-authenticating-managing-sessions
https://www.base64encode.org/
I started to write a project for Sina Weibo and got a problem from the start.
When I make a get request to API:
http://api.t.sina.com.cn/statuses/public_timeline.json?source=App_key&count=5
I get an error of authentication such as:
{"request":"/statuses/public_timeline.json","error_code":"403","error":"40070:Insufficient app permissions!"}
or another request and answer:
https://api.weibo.com/2/statuses/user_timeline.json?source=Appkey&trim_user=1&count=100&screen_name=michael
{"error":"applications over the unaudited use restrictions!","error_code":21321,"request":"/2/statuses/user_timeline.json"}
Can someone help me to make this request work?
I just don't het If I need to send token somehow or secret-key.. I am new at development and would be glad if someone answers.
Probably to late, but for future uses. Weibo requires all request to be OAuth2 authenticated. So before using that you need to give permissions and generate access tokens. It's common practice. Services like twitter provide smaller limits also for unauthenticated users, to ease developer live, however that's not the case with weibo :(
If you are working with weibo I highly recommend this article ->
https://www.cs.cmu.edu/~lingwang/weiboguide/
I've been working on an AppEngine-based project and I wanted to know if it's possible to ignore a ProtoRPC message field.
With the Java SDK, you can use #ApiResourceProperty to ignore a property (this means it's not contained within the response returned to the browser). However, I have not come across a way of doing this using the Python SDK.
Is there anything like this in the Python SDK?
Thanks, Adil
Nope, unfortunately not (at least not to my knowledge).
Two possible solutions depending on your use-case.
Set field values to None before returning the message in your method. That way they will be skipped/not included in the JSON response.
If your messages are hooked up to datastore models you can use the endpoints-proto-datastore library which allows you to use your ndb models directly in your API methods. Additionally it allows for request_fields and response_fields parameters in the method decorator which will limit the request or response to the specified subset of message/model fields. (internally it creates the necessary message classes for you)
I'm trying to support OAuth2 login through Python Flask, so I want to handle a URL that looks like this:
http://myserver/loggedIn#accessToken=thisIsReallyImportant
but when I handle the callback it just seems to drop all the characters after the # in the URL, which contains the important Oauth access token. How do I get this info? It's not included in request.url
ETA: I can retrieve it in client-side javascript using window.location in Javascript, but then I'd have to pass it back to the server, which feels a little hokey but maybe Oauth2 is meant to be done that way?
From the RFC:
Fragment identifiers have a special role in information retrieval
systems as the primary form of client-side indirect referencing
[...]
the fragment identifier is not used in the scheme-specific
processing of a URI; instead, the fragment identifier is separated
from the rest of the URI prior to a dereference
As such, flask drops everything after the '#'. If you want to forward these to the server, you'll have to extract them on the client and pass them to the server via a query parameter or part of the URL path.
You are using the incorrect OAuth 2 grant type (implicit grant) for what you want to do. Implicit grant supplies the token in the fragment as you observed to be used by a javascript client. There is another type of grant, authorization code, which is similar but supplies it in the URI query which you can access from Flask.
You can tell the two apart from the the redirect URI you create for authorization, if it has response_code=code you are on the right track. You currently use response_code=token.
If you are using Facebook look at https://developers.facebook.com/docs/facebook-login/login-flow-for-web-no-jssdk/
For Google look at https://developers.google.com/accounts/docs/OAuth2WebServer
You might also be interested in https://flask-oauthlib.readthedocs.org/en/latest/ which can help you with OAuth.
I'm writing a Django app requesting permission to post on facebook.
I can access authorization and callback, but I can't get the parameter 'code' that facebook needs to continue with oauth.
def connect_fb(request):
return redirect("https://graph.facebook.com/oauth/authorize?"
+"client_id=MY_ID&"
+"redirect_uri=MY_URL"
+"&type=user_agent&display=popup&scope=publish_stream")
def callback_facebook(request):
code=request.REQUEST.get("code")
What's the right way to get 'code' so I can continue the oauth process?
I tried several things but I keep getting None instead of a code.
Thanks
I've used django-facebook-oauth in the past, but if you really want to roll your own solution then I'd suggest just looking through their source.
From just glancing through it, the only thing I can see you doing differently is the
&type=user_agent&display=popup
in the URL. The app I linked you to doesn't appear to do that as far as I can tell.
The problem comes from type=user_agent that is used in javascript authentication, and not here.
Removing it allows to get code as above.