I am trying to use the Basic Authorization method that accepts username and password. I am working in React, using a fetch. It does not seem to work. It sends status 401 Unauthorized. I've no two-factor authentication. And yes, I have used PAT but I want to authenticate using username:password method. Kindly look at the code:
fetch("https://api.github.com/user", {
method: "GET",
headers: {
Authorization: `Basic ${btoa(`${username}:${password}`)}`,
"Content-Length": 0,
},
}).then((response) => response.status);
Related
I m trying to request https://api.github.com/search/issues?q=repo:react+state:open&sort=created&order=desc&per_page=100&page=1 using my personal authentication token but it always returns 422 status. The way i m using the token is on headers like this:
{
headers: {
authorization: `token ${myToken}`
}
}`
I dont know if i m doing something wrong but i supose this code should be working fine.
Just in case, after reading "How to send the authorization header using Axios", try:
axios.get('https://api.github.com/search/issues?q=react+state:open&sort=created&order=desc&per_page=100&page=1', {
headers: {
'Authorization': `token ${access_token}`
}
})
Try also to generate your token, considering its format has recently changed (March 2021)
As commented by the OP Gabriel Mazurco below, no more repo:.
In a bit of a pickle at the moment , I could do a postman request like that and I get my data response back :
URL : https://hiddenurlforexample.com
Authorization : Bearer XXXXXXXX-XXXX-XXXX-XXXX
When I do it on Axios on my website though I get a 401 CORS error. Any idea what the difference is ? This is how my axios request looks like :
axios
.request({
url: 'test/url',
method: 'get',
baseURL: 'https://hiddenurlforexample.com',
headers: {
"Access-Control-Allow-Origin" : "*",
"Content-type": "Application/json",
"Authorization": "Bearer XXXXXXXX-XXXX-XXXX-XXXX"
}
})
.then(response => {
console.log(response.data)
})
.catch(function (error) {
console.log(error)
})
I am a Frontend Developer, I have been told that there was nothing to do in the backend .
What Chris G said, and next to that Postman ignores the CORS validation because it is a dev tool.
Your backend server should return the correct CORS headers. While developing you could go with a wildcard for the CORS headers but it's highly recommended to add the specific domain you're calling the backend from (i.e. the domain of your website).
Also note that the CORS headers are returned via an OPTIONS call, again, your backend should support that. What backend are you running?
I'm trying to post an image to my API.
Logging in works great and authentication works on that part.
Then when I try to authenticate for the POST request, using JWT bearer token that's returned from my identity server I get a 401 unauthorized.
Using the same id_token in postman and posting the same image works and gives me a ``200 success` along with storing the posted image.
Is there something wrong with the way I'm setting up the fetch?
const data = new FormData()
console.log(user)
event.preventDefault()
data.append("file", image, user.profile.unique_name.slice + ".png")
fetch(devUrl, {
method: 'POST',
headers: {
'Authorization': `Bearer ${user.id_token}`
},
body: data
})
.then(response => {
if (response.status === 200) {
setSuccessUpload(true)
}
})
UPDATE:
I'm incompetent and it turns out I was using id_token and not access_token like you should..
I'm trying to do a authorization request with Github Api, passing the username and password.
But it's not working and i'm getting 401 status code.
In the Documentation there's a part saying
To use Basic Authentication with the GitHub API, simply send the username and password associated with the account.
That's my code:
this.api
.post('/user', { username: 'Example', password: '1234' })
.then(res => resolve(res.data))
.catch(err => reject(err));
Not sure if you aim to use the Basic Authentication provided by Github API. If that's the case I think you should use the Axios auth header:
axios.get('https://example.com', {
auth: { user: "username", password: "password" }
});
Here's what Axios docs say:
// `auth` indicates that HTTP Basic auth should be used, and supplies credentials.
// This will set an `Authorization` header, overwriting any existing
// `Authorization` custom headers you have set using `headers`.
// Please note that only HTTP Basic auth is configurable through this parameter.
// For Bearer tokens and such, use `Authorization` custom headers instead.
auth: {
username: 'janedoe',
password: 's00pers3cret'
},
There's another way to manually set the authorization header like this:
axios.get('https://example.com/', {
headers: {
Authorization: 'Basic ' + Base64.encode('username' + ':' + 'password');
}
})
And the last note is that deprecation is coming:
Deprecation Notice: GitHub will discontinue password authentication to the API. You must now authenticate to the GitHub API with an API token, such as an OAuth access token, GitHub App installation access token, or personal access token, depending on what you need to do with the token.
Consider using tokens instead of username and password.
Note that if your account has activated 2FA (two-factor authentication), then you would need to use a PAT (Personal Access Token) as your password.
curl --header 'Authorization: token INSERTACCESSTOKENHERE'
--header 'Accept: application/vnd.github.v3.raw'
--remote-name
--location https://api.github.com/...
See "Passing headers with axios POST request"
const headers = {
'Content-Type': 'application/json',
'Accept': 'application/vnd.github.v3.raw',
'Authorization': 'token INSERTACCESSTOKENHERE'
}
axios.post(url, data, {
headers: headers
})
.then((response) => {
dispatch({
type: yourEvent,
data: response.data[0]
})
})
.catch((error) => {
dispatch({
type: yourError
})
})
Basic authentication requires you to add a header to the ajax request which gets send to the GitHub API. This is already answered in use-basic-authentication-with-jquery-and-ajax.
I'm looking for example of fetch() method to call secured API (I use Azure AD B2C)
To be specific I I don't know how should my headers look like.
Calling API using Postman with authorization works.
My API is hosted on localhost:44320 I didn't deploy it.
In React I use 'react-azure-adb2c' library and it also works. I can log in and after that I'm getting token with all claims which I need.
var token = auth.getToken(); //here is the token which is correct
fetch("https://localhost:44320/api/worker/", {
method: "GET",
headers: {
Authorization: token,
Accept: "application/json",
Host: "localhost:44320"
}
})
.then(res => res.json())
.then(json => this.setState({ listOfWorkers: json.results }));
}
You specify the header as Authorization: Bearer token-value-here.
So Authorization: 'Bearer ' + token in your case.