I need to customize the method handler for a REST API endpoint and point it to SQS instead of a Lambda function. I'm stalling out trying to get a full reference to the RestApi object...
The RestApi object I get back from RestApi.fromRestApiId is incomplete; I can't do this:
const restApi = apigateway.RestApi.fromRestApiId(this, 'RestApi', dependencies.api.rest.ApiId);
const queueResource = restApi.root.resourceForPath('/webhooks');
...without getting this error:
Error: root is not configured when imported using fromRestApiId(). Use fromRestApiAttributes() API instead.
I can't use RestApi.fromRestApiAttributes as that requires the rootResourceId -- which I can't seem to find a reference to. The documentation for RestApi.fromRestApiAttributes shows this, but I don't have props:
const api = RestApi.fromRestApiAttributes(this, 'RestApi', {
restApiId: props.restApiId,
rootResourceId: props.rootResourceId,
});
Does anyone know how to access the rootResourceId?
The root resource (/) id is a alphanumeric string like 4cfzeywftb, which can be found in the console breadcrumbs:
APIs > API (076t2zozc0) > Resources> / (4cfzeywftb)
or by calling get-resources:
aws apigateway get-resources --rest-api-id 076t2zozc0
{
"items": [
{
"id": "4cfzeywftb",
"path": "/",
"resourceMethods": {
"ANY": {}
}
},
{
"id": "36g7tq",
"parentId": "4cfzeywftb",
"pathPart": "{proxy+}",
"path": "/{proxy+}",
"resourceMethods": {
"ANY": {}
}
}
]
}
Related
The Keycloak documentation here says you need to add ACR with claims in the request in order to do authentication step up to a higher level. But how is this accomplished from either the keycloak.js client library, or the keycloak-js npm client library?
So basically, how do you get the following claims query param to be passed?
https://{DOMAIN}/realms/{REALMNAME}/protocol/openid-connect/auth?client_id={CLIENT-ID}&redirect_uri={REDIRECT-URI}&scope=openid&response_type=code&response_mode=query&nonce=exg16fxdjcu&claims=%7B%22id_token%22%3A%7B%22acr%22%3A%7B%22essential%22%3Atrue%2C%22values%22%3A%5B%22gold%22%5D%7D%7D%7D
The format of the claims is like this as seen in the documentation:
claims= {
"id_token": {
"acr": {
"essential": true,
"values": ["gold"]
}
}
}
Doing this off the top of my head, but I think this should do it.
const keycloak = Keycloak({
url: {DOMAIN},
realm: {REALMNAME},
clientId: {CLIENT-ID}
});
keycloak.login({
... your login options
acr: { values: ["silver", "gold"], essential: true }
})
The adapter will take the acr option and apply it to claims.id_token
How to disable the inheritance in Azure pipelines using a Rest API?
The REST API is not documented, however you can track it by tools such as Fiddler or press F12 in Chrome browser then select Network.
e.g. I can use below REST API to disable inheritance for Azure pipeline code test-CI in below sample:
POST https://dev.azure.com/{Org name}/_apis/Contribution/HierarchyQuery/project/{Project name}?api-version=6.0-preview
Request body:
{
"contributionIds": [
"ms.vss-admin-web.security-view-update-data-provider"
],
"dataProviderContext": {
"properties": {
"changeInheritance": true,
"permissionSetId": "{permissionSetId }",
"permissionSetToken": "{project id}/{build definition ID}",
"inheritPermissions": false,
"sourcePage": {
"url": "https://dev.azure.com/{Org name}/{Project name}/_build?definitionId={Build definition ID}",
"routeId": "ms.vss-build-web.pipeline-details-route",
"routeValues": {
"project": "{Project name}",
"viewname": "details",
"controller": "ContributedPage",
"action": "Execute",
"serviceHost": "{Service account ID} (Org name)"
}
}
}
}
}
Note: If we need to enable inheritance for Azure pipelines, just change the field inheritPermissions value to true
Update1
permissionSetId is namespaceID, we could get it via below REST API:
GET https://dev.azure.com/{Org name}/_apis/securitynamespaces?api-version=6.0
And then search name": "Build" to get the namespaceId
permissionSetToken is {project id}/{build definition ID}, we could get the project id via below REST API:
GET https://dev.azure.com/{organization}/_apis/projects?api-version=6.0
serviceHost value is service account id (Org name), we could get it via below REST API:
GET https://vssps.dev.azure.com/{Org}/_apis/graph/users?api-version=6.0-preview.1
And then search Project Collection Build Service in the request body, the principalName is the service account id
"paths": {
"/{x}/{y}": {
"put": {
x-amazon-apigateway-integration": {
"uri": "https://hostname/contextpath/{x}/{y}"
"httpMethod": "PUT",
"type": "http"
}
}
}
If I do have query params for that resource then my invoke url would be https://apiid.execute-api.us-east-2.amazonaws.com/dev/x/y?queryparam1=value1&queryparam2=value2&queryparam3=value3&queryparam4=value4.
what would be my uri type in the integration request for my http backend?
How do I pass query params when calling it https://hostname/contextpath/{x}/{y}?=&= ? Can anyone suggest me how to pass query params when integrating with http type?
The firebase doc sys this is how it is supposed to be done:
curl -X PATCH -d '{"last":"Jones"}' \
'https://[PROJECT_ID].firebaseio.com/users/jack/name/.json'
But I dont know how to convert this to a rest based request.
TO be clear I need to send a web request from javascript/java, hence I want to know what should be the body , and header and operation type for this request.
Can someone please help?
If you use the documentation for curl, you can figure out what that command line you showed is trying to tell you.
The HTTP method is: PATCH
The request body is: {"last":"Jones"}
The url is: https://[PROJECT_ID].firebaseio.com/users/jack/name/.json
Where PROJECT_ID is the name of your project. That's all there is to it.
You need teh following structure:
HTTP Request:
https://firestore.googleapis.com/v1/projects/*YOUPROJECT_ID*/databases/(default)/documents/users_admin/*DOCUMENT_ID*?**updateMask.fieldPaths=user_name&updateMask.fieldPaths=permisos.Administrador&updateMask.fieldPaths=user_email**
JSON Body (must be exactly the same structure and type as your database):
{
"fields": {
"user_name": { "stringValue": "Test ActualizaciĆ³n 2" },
"permisos": {
"mapValue": {
"fields": {
"Administrador": {
"booleanValue": true
}
}
}
},
"user_email": { "stringValue": "veviboj548#eyeremind.com" }
}
}
I would like to know the name of the user, however I cannot use the nodejs sdk since I use another language.
How can I ask for permission?
I would prefer a way with the normal json responses.
I hacked this minimal script to get the JSON reponse which the nodejs sdk would return:
gaction.js:
const DialogflowApp = require('actions-on-google').DialogflowApp;
const app = new DialogflowApp({
request: {
body: {
result: {
action: 'Test',
contexts: []
}
},
get: (h) => h
},
response: {
append: (h, v) => console.log(`${h}: ${v}`),
status: (code) => {
return {send: (resp) => console.log(JSON.stringify(resp, null, 2))}
}
}
});
function testCode(app) {
app.askForPermission('To locate you', app.SupportedPermissions.DEVICE_PRECISE_LOCATION);
}
app.handleRequest(new Map().set('Test', testCode));
I'm still no node.js expert so this might be not an optimal solution. When you have installed node and run the command npm install actions-on-google, this will install the necessary dependencies.
When done you just need to run node gaction which will create this output:
Google-Assistant-API-Version: Google-Assistant-API-Version
Content-Type: application/json
{
"speech": "PLACEHOLDER_FOR_PERMISSION",
"contextOut": [
{
"name": "_actions_on_google_",
"lifespan": 100,
"parameters": {}
}
],
"data": {
"google": {
"expect_user_response": true,
"no_input_prompts": [],
"is_ssml": false,
"system_intent": {
"intent": "assistant.intent.action.PERMISSION",
"spec": {
"permission_value_spec": {
"opt_context": "To locate you",
"permissions": [
"DEVICE_PRECISE_LOCATION"
]
}
}
}
}
}
}
If you send now the JSON above you will be asked from Google Home. Have fun!
The request/response JSON formats for the API.AI webhooks with Actions is documented at https://developers.google.com/actions/apiai/webhook
As you've discovered, the data.google.permissions_request attribute contains two fields regarding the request:
opt_context contains a string which is read to give some context about why you're asking for the information.
permissions is an array of strings specifying what information you're requesting. The strings can have the values
NAME
DEVICE_COARSE_LOCATION
DEVICE_PRECISE_LOCATION
If you are using Java or Kotlin there is an Unofficial SDK. It matches the official SDK api nearly exactly.
https://github.com/TicketmasterMobileStudio/actions-on-google-kotlin