I am using the Insomnia REST client to debug some mobile API. I need to extract part of one value in the response body and put it into a second request.
Request
The request is an Oauth request for an authorization token. This request is normally sent from a mobile app.
Example Response
The backend responds with a redirect_uri that contains the authorization_code. This format is used in oauth when the request (normally in PROD) comes from a mobile app.
{
"redirect_to": "redirect_uri=com.acme://oauth?client_id=abcde&response_type=code&scope=authenticate_user&authorization=H068bFHTXXXXXXXXXXX.....XXXXXXX"
}
How can I extract the value of the authorization parameter from this response in INSOMNIA?
** How can I extract only the part after "&authorization=....."**
I know how to extract the full value of the "redirect_to" JSON attribute. But then how to parse it? For example with a regex?
it is possible to do so, but it is kind of tricky. The most obvious way would be to use some plugin, but here is what I came up with:
Firt of all you need to make a variable which will save your response redirect_uri=com.acme ... =authenticate_user&authorization=H068bFHTXXXXXXXXXXX.....XXXXXXX.
You can do this by pressing:
CTRL + E
This will open your environment variables, you can really make it in any enviroment, but probably the best would be to do in Base Enviroment so it is accessable no matter which environment you are using.
Create a variable like this:
placeholder variable
Then you need to get the redirect_uri by pressing the following keys between the quotation marks:
CTRL+SPACE
This will bring up the quick menu, where you can type Response and choose body attribute. Click on it, and set it like this.
I am pretty sure most people are familiar till this point.
Now you have saved the response to a variable you can use it. Navigate to the request where you want to use it, and you can type (basically in any field) {{ }}.
Inside this variable write the following (with your own variable name).
{{ redirect_uri.match('authorization=([^&]+)')[1] }}
This is basically javascript, using a simple regex to match the url parameter.
If you did everything correctly you will see something like this, and by clicking on it you should see your token.
Note: It might be red, until you get some values into the variable that you made.
I really hope it helps.
Related
I am currently working on a 1 page HTML app that uses URL parameters to do an API call. the URL parameters are set and used in QR codes so its necessary that they are able to change dynamically. A example URL would be something like app.com/index.html/?environment=demo&location=Kiosk
I currently have this app deployed in AWS Amplify, but I cant get other keywords to chain together. I have the following redirects in place:
These redirects make sure that every URL parameter I pass in the link works EXCEPT some keywords like the "location" keyword, next to some others. Using this keyword as a URL param gives a 502 server error, or if the redirects are not used an access denied error.
does anyone know how to get the location keyword to work? Thanks in advance!
You should be able to use a single rule that will forward everything to index.html EXCEPT urls with a "file extension" from the list below. That lets all your links work, but assets like images, fonts, code will pass through.
Doc for: Using Redirects - Single Page Apps
</^[^.]+$|\.(?!(css|gif|ico|jpg|js|png|txt|svg|woff|woff2|ttf|map|json)$)([^.]+$)/>
I'm trying to update the header for my apis with a sif token that is retrieved from another login call. I know how to do this in Postman. There I go to the Tests tab and add something like this for the login api, which would set my global variable.
var data = JSON.parse(responseBody);
postman.setGlobalVariable("SIF_TEACHER", data.sifToken);
I've read this tutorial from the Insomnia official support page but can't really understand it and couldn't find any other doc on chaining requests there.
Thank you.
In your workspace press CTRL+E to open "Manage Environments" window
Add a variable like "token" to the environment
Put a response function (teal f) as value of this variable by pressing CTRL+SPACE.
Select one to your liking from the dropdown, in your case "Response => Body Attribute" should work well.
This will open a "Tag" form, like this one:
Select your login request and filter the response json or xml for the value containing your token value, f.e. $.access_token. Probably set trigger behaviour to "When Expired" too.
You can now access this variable anywhere in your workspace for other requests by pressing CTRL+SPACE in any form field and selecting the variable (purple x).
If you only need this for one request, you can skip setting up the environment variable for this and directly put the function where you need it, same way as described before.
You can check the link, in the comments there is a mini clip with the indications
https://github.com/Kong/insomnia/issues/2744
There is a plugin that allows you to have variables which you can set its value from different request an use them in others. This is great for when you want to chain requests but you have multiple possible parents and don't want to duplicate the child request, for example you could have "Login with A" and "Login with B" and both save to id, then you can have a "Get info" with the id.
Setting a variable is done using an special tag in the header of the request ("Save variable") and then use its value wherever you want with the "Variable" tag.
You can see more about the plugin in https://insomnia.rest/plugins/insomnia-plugin-save-variables .
I'm trying to send a POST request from iPhone to Django, but for some reason I can't. The request is sent, but the server doesn't receive it properly.
What is the regular expression that accepts POST? In my case, I use this one: /messages/a/s=person1&r=person2&c=hello/.
How do I retrieve the POST arguments in the Django view? request.POST['s'] should work?
Thanks.
POST parameters are not part of the URL, so your regex should simply detail the main part of the url you want to receive it on. To take your example, change it to /messages/a/. Then, in your "messages" app, have a view/function called a: that one will be reached on receiving any POST (or GET, which you're currently (almost) depicting in your url) to that location.
The arguments can then indeed be retrieved using request.POST['keyname']. To make things more convenient, supply a default value when getting the data so you need less error checking: request.POST.get('keyname', None). This will get the value of keyname when available, or None otherwise.
The posting itself... depends on more code then you're currently showing. Can't say anything about that with your current question.
That URL you've pasted in will pass the data through the request.GET dictionary. If you want to change your iPhone app to POST data, you'll have to share your code.
I have this facebook application which adds a custom tab to fan pages. You access the tab by an URL like:
http://www.facebook.com/pages/PAGE-NAME-HERE/PAGE-ID?v=APP-ID
I want to be able to add some extra get parameters to that URL, but it seems they don't get passed correctly because facebook is filtering them. Is there a way to pass those parameters? Even not via GET but some other kind of technique.
If you want to pass multiple querystring params though the app_data param, you can urlencode it.
All querystring params that need to propagate through a Facebook tab should be url-encoded in the app_data var.
In other words, the "&" and the "=" need to be url-encoded (especially if passing more than one param).
Examples
GOOD TAB URL (this passes all 3 params):
https://www.facebook.com/pages/yourpagename/56789?sk=app_12345&app_data=var1%3D123456789%26anothervar%3Drawr%26athird%3Dmeow
In the app_data from this signed request, I got this value: var1=123456789&anothervar=rawr&athird=meow
BAD TAB URL (this passes only the first param through the signed_request):
https://www.facebook.com/pages/yourpagename/12345?sk=app_56789&app_data=var1=123456789&anothervar=rawr&athird=meow
In the app_data from this signed request, I ONLY got this value: var1=123456789 (Facebook dropped the rest)
You can even give your media team instructions like this =)
Media team,
Here is an online utility to urlencode the querysting data you want to
embed in the app_data param: http://meyerweb.com/eric/tools/dencoder/
Base Url: https://www.facebook.com/pages/yourpagename/12345?sk=app_56789&app_data=
Steps:
Go to http://meyerweb.com/eric/tools/dencoder/
Type var1=123456789&anothervar=rawr&athird=meow in the box
Hit the Encode button
You’ll get var1%3D123456789%26anothervar%3Drawr%26athird%3Dmeow which becomes your app_data param. Append that to the baseUrl noted above like this:
https://www.facebook.com/pages/yourpagename/12345?sk=app_56789&app_data=var1%3D123456789%26anothervar%3Drawr%26athird%3Dmeow (this is the URL with the tracking params for the [banner ad] [online media] [etc])
p.s. Querystring params in non-tab pages are handled fine (https://apps.facebook.com/yourappname/Canvas.aspx?var1=123456789&anothervar=rawr&athird=meow does not strip out qs params like what happens in the Tab, for example).
You must pass the app_data parameter in the URL:
http://facebook.com/pages/:page_id/:page_name?sk=app_:app_id&app_data=my_data
You will then access it through the signed_request param. For instance with Ruby and RestGraph:
user = RestGraph.new.parse_signed_request(params[:signed_request)
data = user['app_data'] # => "my_data"
Appending app_data worked for me.
http://www.facebook.com/pages/MyPage/11111111111111?sk=app_22222222229&app_data=foo_bar
Then retrieve signed request using PHP SDK (in my case). app_data is then available in the assoc. array returned.
I was wondering the same, in my case I had needed to pass a parameter "from" to identify if user was using mobile form or web form to login. My app use Spring Security. The way I was able to do that was creating my own SocialAuthenticationFilter:
1) Add a (hidden in my case) parameter to your login form ("from" in this example).
2) Get the right SocialAuthenticationFilter.java source (in accordance with your Spring version).
3) Create your MySocialAuthenticationFilter using it.
4) In method:
getRequestedProviderId(HttpServletRequest request) is where you can
grab your parameter:
private String getRequestedProviderId(HttpServletRequest request) {
String f = request.getParameter("from");
if(f!=null) {
final String dbValue = request.getParameter("from");
request.getSession().setAttribute("from", dbValue);
}
...
And thats all. In this way after a successful authentication you will be able to recover from session your parameter.
Be aware this method is called several times during OAuth exchanging, and when it is called from the authentication provider (Facebook for example) the parameter will be null. That is the reason to check the value before save in session in order to avoid delete your right value.
I answer myself by saying this is not possible.
to connect to an app on facebook, the user types in
www.facebook.com/login.php?api=12312312323123123
how can I add an extra get var to this url and pass it to my script on successful login?
Do you add a redirect_url as part of the login call?
If so you can add the GET parameter to that. For instance let us say you are asking Facebook to redirect to http://tld/fbhandler after user logs in. You can change that to http://tld/fbhandler?extra=value.
This URL is specified at the time of making the (OAuth) login call to Facebook and therefore you can change the value as you see fit.
You cannot do this. Facebook will strip custom query values from the url. I have found that there are two ways to do this. The first is that they will let you have a single query value at the end of the url if you encode the ? to %3F. For example:
redirect_url=http://www.example.com%3FmyextraParameter
You could use this approach to do something like base64url encode your values and add them at the end.
The other thing that I have done is to change the parameters to be path variables
redirect_url=http://www.example.com/realUrl/parameter1/parameter2
Neither are great solutions, but I have yet to find a way to send querystring values without them being stripped off.