Completely lost!!
We get this code from a service : curl -H "Authorization: Bearer ${TOKEN}" https://theaddress.domain.com/v1/spaces
How do I connect to the data that will be received using jQuery or Javascript?
I searched everywhere and can't find the answer.
Related
I'm trying to throttle the number of requests a client can make to my translator service which uses Azure Translation API.
The following link from Microsoft describes how to limit requests, but it's not clear where in the request this throttling information should be added. I assume the request headers?
https://learn.microsoft.com/en-us/azure/api-management/api-management-sample-flexible-throttling
Here is the curl. Note the rate limiting headers at the end. Is this the way to do it?
// Pass secret key and region using headers to a custom endpoint
curl -X POST " my-ch-n.cognitiveservices.azure.com/translator/text/v3.0/translate?to=fr" \
-H "Ocp-Apim-Subscription-Key: xxx" \
-H "Ocp-Apim-Subscription-Region: switzerlandnorth" \
-H "Content-Type: application/json" \
-H "rate-limit-by-key: calls=10 renewal-period=60 counter-key=1.1.1.1" \
-d "[{'Text':'Hello'}]" -v
The link you've shared is from API Management, a managed API Gateway available on Azure. The idea is to generate "products" and let your users to subscribe to them. This way, you'll be able to track the requests and perform the throttle using a rate limit policy (the link you've shared).
if needed, please watch this quick video showing this functionality in use:
https://www.youtube.com/watch?v=dbF7uVkGOw0
I'm trying to go to the WA Secretary of State Corporations website (https://ccfs.sos.wa.gov/#/AdvancedSearch) to scrape data on newly incorporated companies. All of this data is publicly available.
I filter the data by setting Business Type to WA PROFIT CORPORATION (towards bottom), Business Status to ACTIVE, and any random 30 day window for Start Date and End Date for the Date of Incorporation date range. I then click Search.
The first thing I notice is there is no query string, so the DB isn't accessible via a query string. So, I opened up Chome Dev Tools and went to the Network tab. If you refresh the page you'll notice that there's an AngularJS XHR file that loads in under the Name GetAdvanceBusinessSearchList.
If I Preview this file, all of the data I need is neatly structured in JSON format. If I try opening the file in another tab to see the query string I receive an error "The requested resource does not support http method 'GET'".
I've tried accessing the data using the Node Request module. I've tried both GET requests and POST requests. I assumed POST was the correct route once I received the GET error mentioned above. When fired off my POST request I also included some Form Data that I found in the Dev Tools, but the response I received was that it didn't support multipart/form-data.
I've also tried using the Puppeteer module, and I can get to the search results, but then because the content is loaded in using an Angular file, none of the HTML elements have IDs and it becomes a sloppy mess trying to mine all of the data.
const request = require('request');
request.get('https://cfda.sos.wa.gov/api/BusinessSearch/GetAdvanceBusinessSearchList', (err, res, body) => { console.log(body) });
My goal is to get access to the JSON structured data that can be found by previewing the GetAdvanceBusinessSearchList file in the Network tab of the Chrome Dev Tools once you've submitted a search.
Any help would be hugely appreciated.
This worked for me:
curl 'https://cfda.sos.wa.gov/api/BusinessSearch/GetAdvanceBusinessSearchList' -H 'User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.11; rv:68.0) Gecko/20100101 Firefox/68.0' -H 'Accept: application/json, text/plain, */*' -H 'Accept-Language: en-US,en;q=0.8,es-AR;q=0.5,es;q=0.3' --compressed -H 'Referer: https://ccfs.sos.wa.gov/' -H 'Content-Type: application/x-www-form-urlencoded; charset=utf-8' -H 'Origin: https://ccfs.sos.wa.gov' -H 'Connection: keep-alive' --data 'Type=Agent&BusinessStatusID=0&SearchEntityName=&SearchType=&BusinessTypeID=0&AgentName=&PrincipalName=&StartDateOfIncorporation=&EndDateOfIncorporation=&ExpirationDate=&IsSearch=true&IsShowAdvanceSearch=true&&&AgentAddress%5BIsAddressSame%5D=false&AgentAddress%5BIsValidAddress%5D=false&AgentAddress%5BisUserNonCommercialRegisteredAgent%5D=false&AgentAddress%5BIsInvalidState%5D=false&AgentAddress%5BbaseEntity%5D%5BFilerID%5D=0&AgentAddress%5BbaseEntity%5D%5BUserID%5D=0&AgentAddress%5BbaseEntity%5D%5BCreatedBy%5D=0&&AgentAddress%5BbaseEntity%5D%5BModifiedBy%5D=0&&AgentAddress%5BFullAddress%5D=%2C%20WA%2C%20USA&AgentAddress%5BID%5D=0&&&&AgentAddress%5BState%5D=WA&&AgentAddress%5BCountry%5D=USA&&&&&&&&PrincipalAddress%5BIsAddressSame%5D=false&PrincipalAddress%5BIsValidAddress%5D=false&PrincipalAddress%5BisUserNonCommercialRegisteredAgent%5D=false&PrincipalAddress%5BIsInvalidState%5D=false&PrincipalAddress%5BbaseEntity%5D%5BFilerID%5D=0&PrincipalAddress%5BbaseEntity%5D%5BUserID%5D=0&PrincipalAddress%5BbaseEntity%5D%5BCreatedBy%5D=0&&PrincipalAddress%5BbaseEntity%5D%5BModifiedBy%5D=0&&PrincipalAddress%5BFullAddress%5D=%2C%20WA%2C%20USA&PrincipalAddress%5BID%5D=0&&&&PrincipalAddress%5BState%5D=&&PrincipalAddress%5BCountry%5D=USA&&&&&&PageID=1&PageCount=25'
I want to convert this cURL to angular 2 post request
curl -X POST -H "Content-Type: application/x-www-form-urlencoded" -H "Authorization: Basic cGJob2xlOmlJelVNR3o4" -H "Origin: http://localhost:4200/form" -H "Postman-Token: fbf7ede1-4648-a330-14ee-85e6c29ee80d" -d 'content=Queue: tsi-testdesk' "https://testdesk.ebi.ac.uk/REST/1.0/ticket/new?user=USER&pass=PASS"
here is the code i wrote but its not working.
addForm(form: Form): Observable<Form> {
console.log(" SUBMITTING FORM");
let headers = new Headers();
this.loginService.writeAuthToHeaders(headers);
// JSON.stringify(headers);
// headers.append('Accept', 'application/x-www-form-urlencoded');
headers.append('Content-Type', 'application/x-www-form-urlencoded');
// let text = JSON.stringify(form)
let content = ('content:Queue: tsi-testdesk');
console.log(content);
return this.http.post('https://testdesk.ebi.ac.uk/REST/1.0/ticket/new?user='+this.credentialsService.getUsername()+'&pass='+this.credentialsService.getPassword(), content, { headers: headers })
// .map(response => <Form>response.json())
.catch(this.handleError);
}
It is giving me pre-flight response fail error but it works fine with cURL as well as POSTMAN and also I Dont have access to server side I am contacting it through API
CORS is a policy that is enforced by the web browser. Ultimately, it is up to the browser, whether or not it will allow a cross-origin request. In the case of cURL or Postman, there is no browser, there is no current HOST, so there is not even the concept of a cross-origin request. Technically Postman is a Chrome extension, but it is not at all the same thing as loading a web page and making cross-origin requests.
Public-facing API's (probably like the one you are trying to access) already have CORS enabled. The likely culprit is your own server. You must enable CORS requests on your web server so it will allow you to make requests to outside APIs.
I need get user's profile in wso2 api manager, how could i do that?
Until now, i've done get access token, refresh token and revoke token:
https://localhost:9443/oauth2/token --> access and refresh token
https://localhost:9443/oauth2/revoke --> revoke token
Thanks for help me.
if you define openid as one of the scope, then you would be able to use userinfo endpoint to get the user related info.
Generate token with scope openid
curl -k -d "grant_type=password&username=admin&password=admin&scope=openid" -H "Authorization: Basic NzhfQURZNGdBMWJ6djd0ZVc0Zk11VkpMM0xVYTpQWE55RmZ1ZjlmbkVhUW9NYksyaUxjTFE1dndh" https://localhost:9443/oauth2/token
use that token to request userinfo
curl -k -H "Authorization: Bearer 14e78b764c91a1f18b5566ddbd88c5ff" https://localhost:9443/oauth2/userinfo?schema=openid
by default, response would only contain the sub value.
{"sub":"admin#carbon.super"}
You can define which parameters you should send by configuring the claims in the service provide application in API Manager
for that log in to carbon management console and select the service provider application
under the claim configuration you can set email, lastname, and any other claims you need as 'Requested claims'
ex: http://wso2.org/claims/emailaddress for email
once configured, you would get following kind of response for previous request
{"sub":"admin#carbon.super","family_name":"adhikarinayake","email":"chamilaa#wso2.com"}
I am making a Chrome Extension that talks to a website via an api. I want it to pass information about a current tab to my website via a cors request.
I have a POST api request already working. It looks like this:
...
var url = "https://webiste.com/api/v1/users/sendInfo"
...
xhr.send(JSON.stringify({user_name:user_name, password:password, info:info}));
Its corresponding curl statement is something like this:
curl -X POST https://website.com/api/v1/users/sendInfo -d '{ username:"username", password:"password", info: "Lot's of info" }' --header "Content-type: application/json
But, this is not as secure as we want. I was told to mirror the curl command below:
curl --basic -u username:password <request url> -d '{ "info": "Lot's of info" }'
But, one cannot just write curl into javascript.
If someone could either supply javascript that acts like this curl statement or explain exactly what is going on in that basic option of the curl script I think that I could progress from there.
The curl command is setting a basic Authorization header. This can be done in JavaScript like
var url = "https://webiste.com/api/v1/users/sendInfo",
username = "...",
password = "...";
xhr.open('POST', url, true, username, password);
xhr.send(...);
This encodes the username/password using base 64, and sets the Authorization header.
Edit As arcyqwerty mentioned, this is no more secure than sending username/password in the request body JSON. The advantage of using the basic authentication approach is that it's a standard way of specifying user credentials which integrates well with many back-ends. If you need security, make sure to send your data over HTTPS.
curl is the curl binary which fetches URLs.
--basic tells curl to use "HTTP Basic Authentication"
-u username:password tells curl supply a given username/password for the authentication. This authentication information is base64 encoded in the request. Note the emphasis on encoded which is different from encrypted. HTTP basic auth is not secure (although it can be made more secure by using an HTTPS channel)
-d tells curl to send the following as the data for the request
You may be able to specify HTTP basic authentication in your request by making the request to https://username:password#website.com/api/v1/users/sendInfo