I am trying to query kibana to retrieve logs with the help of token received from authentication
Scenario: 1) Get a bearer token from a site by passing email and password
2) Use the above bearer token to query kibana host _msearch with body to get the json response (POST request returns a 302 and autoforwards to the content page)
The above works in postman and when i try to emulate the same in nodejs using the request library i get the status 302 and when i set the followAllRedirects:true flag i get redirected to the login page rather than the page with the contents.
Can you let me know where i am going wrong
var options = {
url: kibanaEndpoint,
headers: {
'Authorization': 'bearer token',
'kbn-xsrf': 'reporting',
'Content-type': 'application/x-ndjson',
},
body: jsonModified,
followAllRedirects:true
}
request.post(options, function (err, response, body) {
if (err) {
console.dir(err)
return
}
console.log(response.statusCode);
console.log(body);
})
Related
I'm trying to post an image to my API.
Logging in works great and authentication works on that part.
Then when I try to authenticate for the POST request, using JWT bearer token that's returned from my identity server I get a 401 unauthorized.
Using the same id_token in postman and posting the same image works and gives me a ``200 success` along with storing the posted image.
Is there something wrong with the way I'm setting up the fetch?
const data = new FormData()
console.log(user)
event.preventDefault()
data.append("file", image, user.profile.unique_name.slice + ".png")
fetch(devUrl, {
method: 'POST',
headers: {
'Authorization': `Bearer ${user.id_token}`
},
body: data
})
.then(response => {
if (response.status === 200) {
setSuccessUpload(true)
}
})
UPDATE:
I'm incompetent and it turns out I was using id_token and not access_token like you should..
I'm trying to do a authorization request with Github Api, passing the username and password.
But it's not working and i'm getting 401 status code.
In the Documentation there's a part saying
To use Basic Authentication with the GitHub API, simply send the username and password associated with the account.
That's my code:
this.api
.post('/user', { username: 'Example', password: '1234' })
.then(res => resolve(res.data))
.catch(err => reject(err));
Not sure if you aim to use the Basic Authentication provided by Github API. If that's the case I think you should use the Axios auth header:
axios.get('https://example.com', {
auth: { user: "username", password: "password" }
});
Here's what Axios docs say:
// `auth` indicates that HTTP Basic auth should be used, and supplies credentials.
// This will set an `Authorization` header, overwriting any existing
// `Authorization` custom headers you have set using `headers`.
// Please note that only HTTP Basic auth is configurable through this parameter.
// For Bearer tokens and such, use `Authorization` custom headers instead.
auth: {
username: 'janedoe',
password: 's00pers3cret'
},
There's another way to manually set the authorization header like this:
axios.get('https://example.com/', {
headers: {
Authorization: 'Basic ' + Base64.encode('username' + ':' + 'password');
}
})
And the last note is that deprecation is coming:
Deprecation Notice: GitHub will discontinue password authentication to the API. You must now authenticate to the GitHub API with an API token, such as an OAuth access token, GitHub App installation access token, or personal access token, depending on what you need to do with the token.
Consider using tokens instead of username and password.
Note that if your account has activated 2FA (two-factor authentication), then you would need to use a PAT (Personal Access Token) as your password.
curl --header 'Authorization: token INSERTACCESSTOKENHERE'
--header 'Accept: application/vnd.github.v3.raw'
--remote-name
--location https://api.github.com/...
See "Passing headers with axios POST request"
const headers = {
'Content-Type': 'application/json',
'Accept': 'application/vnd.github.v3.raw',
'Authorization': 'token INSERTACCESSTOKENHERE'
}
axios.post(url, data, {
headers: headers
})
.then((response) => {
dispatch({
type: yourEvent,
data: response.data[0]
})
})
.catch((error) => {
dispatch({
type: yourError
})
})
Basic authentication requires you to add a header to the ajax request which gets send to the GitHub API. This is already answered in use-basic-authentication-with-jquery-and-ajax.
I have http patch request with Bearer Token Authorization. But the Http Request get a Unauthorized error from the Server, when making the exact same Request(console.log(url + token) and then copy it from the console) in Postman, it works.
What could be the Problem ?
this.getToken().subscribe((data: FormData) => {
const httpOptions = {
headers: new HttpHeaders({
'Authorization': ('Bearer ' + data['access_token'])
})
}
console.log("URL with " + httpOptions.headers.get("Authorization"));
this.http.patch("URL",httpOptions).subscribe((articledata: Article)=>
{
console.log(articledata);
})
});
So this should work, since copying the output and using it in Postman works, but i get a 401 Unauthorized.
For Anyone that needs it, i used http.patch wrong, the headers are the 3rd parameter after url and body.
I'm trying to send a token from the client to fetch that on my node.js server.
then I want the response of the server to set this token in the header so that each further request from the client will send along with the token.
I'm using vanilla javascript for the front end and express on my backend
here's the fetch request:
data = {
id: idToken
};
fetch("http://localhost:5000/check", {
method: "POST",
headers: {
"Content-Type": "application/json"
},
body: JSON.stringify(data)
}).then(response => {
console.log(response);
});
this is the server code:
app.post("/check", (req, res) => {
console.log(req.body.id);
res.setHeader("token", req.body.id);
res.redirect("/");
});
where am I wrong?
Headers are a generic way to send metadata with an HTTP message. They aren't a generic way to persist session data.
The tool designed to do what you want is a cookie.
Use res.cookie() to set a cookie and the cookie-parser middleware to read it back.
Consider using cookie based sessions instead.
curl -H "Authentication: <security token>" "https://a.bcsc.com/app/api/v2/<api-key>/<query type>?<optional parameters>"
request({
url: <<endpoint>>,
headers: {
Authentication: mpulseAuthToken
}
},function (error, response, body) {
if(error) {
console.log(error.message);
} else {
console.log(body);
}
});
How can I make the above curl request in Node JS using the request module. I already have the security token handy with me.
This is simple:
const request = require('request');
request({
url: 'https://a.bcsc.com/app/api/v2/',
headers: {
Authentication: '<security token>'
}
},
function(error, response, body)
console.log(response);
});
Check the documentation on Github
#sarnath-jegadeesan, Depending on the context of where the request is made to the mPulse API endpoints, it may be blocked. This happens typically when the request is made from within a browser. A simple workaround for this scenario is to proxy the requests. I've done this using a property configuration on Akamai CDN and it works well.
You can find decent documentation here on how to make requests to the Akamai mPulse query API: https://developer.akamai.com/api/web_performance/mpulse_query/v2.html