Cannot use searchParams on Zoho People API (HTTP Status 400) - rest

(related to Giving HTTP Status 400 – Bad Request | Zoho API | searchParams | - following the official documentation at https://www.zoho.com/people/api/forms-api/search-record.html)
When sending a GET request via Postman to fetch leave-records for today by using the following (exported as curl)
curl --location -g \
--request GET "https://people.zoho.eu/people/api/forms/leave/getRecords?searchParams={searchField:'To',searchOperator:'After',searchText:'02-Mar-2022'}|{searchField:'From', searchOperator: 'Before', searchText : '02-Mar-2022'}" \
--header "Authorization: Zoho-oauthtoken 1000.abcd1234.abcd1234"
as provided by the documentation, I receive only a HTTP Status 400 – Bad Request error response.
However, sending the same request without the searchParams, getting all leave records as a response, does work. So the URL region and the Auth to the API are correct in my case.
I authenticated as documented and received the token, using my clientId and clientSecret using the ZOHOPEOPLE.forms.ALL scope.

(similar answer as for Giving HTTP Status 400 – Bad Request | Zoho API | searchParams |)
The documentation does say GET here (at least at the time of writing) - but the request does actually work with a POST and sending the searchParams as form-data.
curl example:
curl --location --request POST 'https://people.zoho.eu/people/api/forms/leave/getRecords' \
--header 'Authorization: Zoho-oauthtoken [...]' \
--form 'searchParams="{searchField: To, searchOperator: After, searchText: 10-Mar-2022}|{searchField: From, searchOperator: Before, searchText: 10-Mar-2022}"'
Also note that I could actually omit the quotes in the searchParams for better legibility with less escaping.

Related

Keycloak: All API response with 404

I followed this tutorial to setup Keycloak and create user but the response for the step of Generating Access Tokens With Keycloak's API 404. I'm using Keycloak version 18.0.0
In the logs of keycloak I found this error
2022-06-12 23:59:57,177 DEBUG [org.keycloak.services.error.KeycloakErrorHandler] (executor-thread-3) Error response 404: javax.ws.rs.NotFoundException: RESTEASY003210: Could not find resource for full path: http://localhost:8080/auth/realms/test/protocol/openid-connect/token
From keycloak 17+ there are changes in resource or token URIs. Try removing auth from your request URL.
If you are using Keycloak version < 17
curl -k -H "Content-Type: application/x-www-form-urlencoded" -d "client_id=your-client" -d "username=some-user" -d "password=hardpassword" -d "grant_type=password" -X POST http://localhost:8080/auth/realms/yourrealm/protocol/openid-connect/token
If you are using Keycloak version > 17
curl -k -H "Content-Type: application/x-www-form-urlencoded" -d "client_id=your-client" -d "username=some-user" -d "password=hardpassword" -d "grant_type=password" -X POST http://localhost:8080/realms/yourrealm/protocol/openid-connect/token
You did set in Headers instead of Body.
Move the Key & Values to Body.
You can verify Token URL by click "OpenID Endpoint Configuration" link
It will show Token URL

Stripe filter transfer by creation date

I'm trying to retrieve yesterday's transfer for one of our customers. Please check the following curl request
curl --request GET \
--url https://api.stripe.com/v1/transfers \
--header 'Authorization: Basic ourPrivateKeyEncoded' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data destination=acct_anAccount \
--data created.gt=1629676800
I'm able to retrieve all the transfers of my customer, but the created filter is not accepted. Meaning the above request without the created.gt is ok.
With this filter Stripe respond me a 400 with this body
{
"error": {
"code": "parameter_unknown",
"doc_url": "https://stripe.com/docs/error-codes/parameter-unknown",
"message": "Received unknown parameter: created.gt. Did you mean created?",
"param": "created.gt",
"type": "invalid_request_error"
}
}
I'm following this documentation, the created filter seems to exist. Does someone have an idea why Stripe doesn't accept my filter?
Replacing created.gt by created[gt] filter key made my request works.
The documentation seems to be outdated

Keycloak cannot verify user information with a valid token

I'm setting up Keycloak as an authentication server https://github.com/keycloak/keycloak/releases/download/12.0.0/keycloak-12.0.0.zip
Java 11
Documentation: https://github.com/keycloak/keycloak-documentation/blob/master/securing_apps/topics/oidc/oidc-generic.adoc
I can generate the access_token via /realms/{realm-name}/protocol/openid-connect/token
but I cannot call the userinfo endpoint /realms/{realm-name}/protocol/openid-connect/userinfo using a valid access_token which I get from the first API.
POST http://127.0.0.1:8080/auth/realms/test/protocol/openid-connect/token
{
client_secret: ...,
grant_type: ...,
client_id: ...,
}
response
{
"access_token": "eyJhbGciOiJSUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICIxOE..."
"expires_in": 3600,
"refresh_expires_in": 0,
"token_type": "Bearer",
"not-before-policy": 0,
"scope": "create"
}
But here is the result when I call the get user info API
GET http://127.0.0.1:8080/auth/realms/test/protocol/openid-connect/userinfo
Header: Bearer ${access_token}
Are there any suggestions?
Thank you
Post man test
Keycloak server's log is same
Keycloak bug
I think this is an issue on KC 12.0
When I use KC 11.0.3, above APIs work fine
https://github.com/keycloak/keycloak-community/issues/224
The Jira story:
https://issues.redhat.com/browse/KEYCLOAK-17217
Make sure you are calling the endpoint as follows.
First getting the token:
curl -d "client_id=$YOUR_CLIENT_ID" \
-d "client_secret=$YOUR_CLIENT_SECRET" \
-d "grant_type=client_credentials" \
http://127.0.0.1:8080/auth/realms/test/protocol/openid-connect/token)
Extract from the JSON response the access_token field (e.g., jq -r .access_token)
Then call the userinfo as follows:
curl -X GET http://127.0.0.1:8080/auth/realms/test/protocol/openid-connect/userinfo \
-H "Content-Type: application/json" \
-H "Authorization: Bearer $ACCESS_TOKEN"
With Postman:
For a setup with Realm Name = "test", client_id = "test", client_secret = "63b61af0-5a99-41d7-8f9b-4e3059b8b9ab" and using client_credentials grant_type.
Getting the token:
and getting the userinfo:
EDIT
The approach below works with Keycloak 10.0.x, and 11.0.x, but gets exactly the same issues as OP's for the version Keycloak 12.0.x (including the latest release Keycloak 12.0.2).
This seams to be regression added with Keycloak 12.0.0 follow this issue for update information.

Sonos Cloud API HTTP POST always returns 500

I'm trying to control my Sonos One (Gen 1) speaker through cloud APIs but all the POST request return 500 Internal Server Error without error message.
I generated an access_token as described in the documentation and was able to obtain information about the 'households' inside my network, finally both the group id and the player id.
I tried to obtain information about the status of the group by performing a GET on the following endpoint and it worked:
https://api.ws.sonos.com/control/api/v1/groups/{{group_id}}/playback
Same with other GET requestes (e.g. groupVolume).
The problem arise when I try to make a POST (e.g. changing the volume or playing an audioClip), it returns 500 Internal Server Error without any body.
For all the requests I am using Postman including as Headers:
Content-Type: application/json
Authorization: Bearer [token]
Content-Length: ??? (automatically inserted by postman)
while for the body of the change volume request I select the raw option and then select JSON(application/json) option.
The body is:
{
"volume": 80
}
The endpoint is the following: https://api.ws.sonos.com/control/api/v1/groups/{{group_id}}/groupVolume
I also tried controlling the player with node (Package) and it works.
Also tried to use Wireshark to see what requests the node-sonos package is performing but it seems it's not using the Cloud APIs.
I expect the player to change volume, but the API doesn't do anything and doesn't return any error message.
EDIT:
The cURL request from POSTMAN is the following:
curl -X POST \
https://api.ws.sonos.com/control/api/v1/players/<playerID>/audioClip \
-H 'authorization: Bearer XXX' \
-H 'cache-control: no-cache' \
-H 'content-type: application/json' \
-H 'postman-token: XXX' \
-d '{
"appId": "edu.myInstitute.myName",
"clipType": "CUSTOM",
"name": "Test",
"streamUrl": "http://...mp3_file_url"
}'

PayPal Invoicing API error ID 580001

The example call in the PayPal Invoicing API documentation is returning an error?
Request
curl -s --insecure -H "X-PAYPAL-SECURITY-USERID: caller_1312486258_biz_api1.gmail.com" -H "X-PAYPAL-SECURITY-PASSWORD: 1312486294" -H "X-PAYPAL-SECURITY-SIGNATURE: AbtI7HV1xB428VygBUcIhARzxch4AL65.T18CTeylixNNxDZUu0iO87e" -H "X-PAYPAL-REQUEST-DATA-FORMAT: JSON" -H "X-PAYPAL-RESPONSE-DATA-FORMAT: JSON" -H "X-PAYPAL-APPLICATION-ID:APP-80W284485P519543T" https://svcs.sandbox.paypal.com/Invoice/CreateAndSendInvoice -d {\"requestEnvelope\":{\"errorLanguage\":\"en_US\"},\"invoice\":{\"merchantEmail\":\"caller_1335455804_biz#x.com\",\"payerEmail\":\"sender_1335455648_per#x.com\",\"currencyCode\":\"USD\",\"paymentTerms\":\"DueOnReceipt\",\"itemList\":{\"item\":[{\"name\":\"BananaPlant\",\"quantity\":\"1\",\"unitPrice\":\"38.95\"},{\"name\":\"PeachTree\",\"quantity\":\"2\",\"unitPrice\":\"14.95\"}]}}}
Response
{"responseEnvelope":{"timestamp":"2013-08-22T23:58:47.340-07:00","ack":"Failure","correlationId":"4838886d6636b","build":"7236486"},"error":[{"errorId":"580001","domain":"PLATFORM","subdomain":"Application","severity":"Error","category":"Application","message":"Invalid request: {0}"}]}
Try wrapping the payload in the -d switch within "". Running the curl snippet with the -v switch as-is will show you that the payload gets truncated and hence the "Invalid request" error.
Also, you will see a "Invalid token" error when the merchantEmail in the request is not the same as the API caller. If you need to generate invoices on behalf of a third party (in which case the API caller and merchantEmail are naturally different), you must obtain third party permissions and attach a X-PAYPAL-AUTHORIZATION header to your request.