I'm pretty new for GitHub API usage. I'm trying to get GitHub pull request data through API from my org.'s enterprise github enterprise where SAML SSO is enabled. I have generated Private Access Token for the same. But I'm unable to get correct response.
Every time I'm getting html page as response showing link to redirect to SAML SSO login page.
Kindly let me know where I'm missing something.
I copied few request cURL from browser and ran those via Postman, noticed that cookies are enabling UI requests to success, But I'm not sure how to create that cookies for different users who will run my API script. Below authentications I've tried till now:
import requests
headers = {'Authorization': 'Bearer ' + 'MY_TOKEN'}
login = requests.get('https://git.<org_name>.com/<org>/<repo_name>/pull/400', headers)
print(login.text)
import requests
headers = {'Authorization': 'token ' + 'MY_TOKEN'}
login = requests.get('https://git.<org_name>.com/<repo_name>/pull/400', headers)
print(login.text)
import requests
headers = {'Authorization': 'Basic ' + '<Base64 version of username:token>'}
login = requests.get('https://git.<org_name>.com/<repo_name>/pull/400', headers)
print(login.text)
import requests
login = requests.get('https://git.<org_name>.com/<repo_name>/pull/400', auth=(<username>,<PAT>))
print(login.text)
I'm expecting that PR's details in response.
Related
I am building an application using discord oauth. I used discord-oauth2 node module to get access_token from discord and was able to get user data from /users/#me endpoint.
So the request would look like this
Request URL: https://discord.com/api/v9/users/#me
Request Headers
authorization: `access_token here`
The above request works but if I change the url to https://discord.com/api/v9/users/{user_id}/profile to get user profile, it returns 401: Unauthorized error.
I am accessing API gateway end point from Front end react application and it was working fine. Recently, I have enabled Api key in AWS API gateway and deploy API. I have created API key and set up that to Usage plan. I test this API from Postman, I added x-api-key in header and it works perfect in postman. Same API when I access through axios from my front end react application it always failed in preflight and give me CORS error. Below is my front end code. It seems that it doesn't send X-Api-Key at all to API end point. I would appreciate your response.
import axios from "axios";
export default axios.create({
baseURL: ${process.env.BASE_URL},
headers: {
"Content-Type": "application/json",
"Accept": "application/json",
"X-Api-Key": ${process.env.APPKEYID},
},
});
I am using the github /repos api. I am specifically trying to find which apps have access to the protected branch in github (https://docs.github.com/en/free-pro-team#latest/rest/reference/repos#get-apps-with-access-to-the-protected-branch)
The url should basically be /repos/REPONAME/branches/BRANCH/protection/restrictions/apps
My headers look like this:
headers = {
'Authorization': 'token ' + token,
"Accept": "application/vnd.github.machine-man-preview+json",
}
I am using a token from a github app I have installed on that repo. I know that app has access and that the pem is correct because when I hit the endpoint: /branches/BRANCH/protection, I get a valid response.
I will mention I am attempting this on a forked repo. Thanks!
I keep getting the following CORS error when trying to consume the JIRA ReST API:
Fetch API cannot load
https://jira.our-domain-name.com/jira/rest/api/2/search?jql=project=tcc%20and%20cf[10809]~8423362.
Response to preflight request doesn't pass access control check: No
'Access-Control-Allow-Origin' header is present on the requested
resource. Origin 'https://application-url.our-domain-name.com' is therefore not allowed
access. If an opaque response serves your needs, set the request's
mode to 'no-cors' to fetch the resource with CORS disabled.
However, this search URL works 100% when I paste it directly into the browser, or running it through Postman, or using CURL from command line.
My app is calling the API, using the javascript fetch API. I set the following headers when making the GET request:
headers: {
"content-type": "application/json",
"authorization": "Basic <<encrypted>>"
}
I have ensured that the requesting host has been whitelised in JIRA admin - I have tested the host using the test feature on the whitelist page.
When I change the whitelist from wildcard to Domain Name, I suddenly get this:
Fetch API cannot load
https://jira.our-domain-name.com/jira/rest/api/2/search?jql=project=tcc%20and%20cf[10809]~8423362.
Request header field authorization is not allowed by
Access-Control-Allow-Headers in preflight response.
Any ideas?
You have 2 options.
The easiest way is to proxy your request through your backend (if that's possible) since the CORS restrictions are enforced on JavaScript running within the browser.
The other way would be to reconfigure the Tomcat server that Jira is running on to support sending a CORS header. This can have other security implications if not done right.
How can I call a rest api with authentication from meteor, appreciate if you can guide to an example, I have added the http package to the meteor project. Using advanced rest client chrome app, I am able to get the data by passing the following URL and 2 headers. This app is using the already logged in browser session.
URL: https://xxxxx:9443/ccm/oslc/contexts/_ZoC0QNS3EeGPlow7Bl9IAw/workitems
headers: Accept", "application/json"
OSLC-Core-Version", "2.0"
How can I pass the headers and user name password of the rest api service.