I wanna write a groovy script to bulk update my job configuration using Jenkins REST API. But I am quite confused by its API doc (http://localhost:8080/jenkins/job/my_job_name/api/).
Fetch/Update config.xml
To programmatically obtain config.xml, hit this URL. You can also POST an updated config.xml to the same URL[http://localhost:8080/jenkins/job/my_job_name/config.xml] to programmatically update the configuration of a job.
How am I gonna POST an xml file to an url mentioned above?
The below curl command works for me.
curl --user $USER:$API_TOKEN -X POST http://localhost:8080/job/test/config.xml -H 'Content-Type: application/xml' --data-binary "#mymodifiedlocalconfig.xml"
curl -X POST -H 'Content-Type: application/octet-stream' http://<ip>/job/<job name>/config.xml --user uname:upass --data-binary #./test.xml
Many answers set Content-Type: application/xml, and it didn't work in my Jenkins. I try to set Content-Type: application/octet-stream and it work successfully.
I tried cURL and it worked.
curl -F "file=#updated_config.xml" "http://localhost:8080/jenkins/job/my_job_name/config.xml"
Note: U will need to toggle off "Prevent Cross Site Request Forgery exploits" in Jenkins config.
Trying to test Uber Rush API (from localhost and from linux server).
Calling Token works - I get the token
trying to implement sanbox example:
curl -X "PUT /v1/sandbox/deliveries/{delivery_id}" \
-H "Authorization: Bearer <OAUTH TOKEN>" \
-d "{\"status\":\"en_route_to_pickup\"}"
with url https://sandbox-api.uber.com/
and I tried the same request with file_get_contents (in PHP)
So, I always get error "405 Method Not Allowed"
{"message":"Method not supported for this endpoint.","code":"method_not_allowed"}
What I need to do to get access to method from this sandbox example https://developer.uber.com/docs/rush/sandbox?
Corrent syntax
curl -X "PUT" -H "Authorization: Bearer <TOKEN>" -H "Content-Type: application/json" -d "{\"status\":\"en_route_to_pickup\"}" https://sandbox-api.uber.com/v1/sandbox/deliveries/DELIVERY_ID
EDIT: Updated to reflect both issues in your question...
You have a mismatch in your requests and an incorrect syntax for curl.
First off your CURL request is incorrectly specified. It should be:
curl -X "PUT" -H "Authorization: Bearer <OAUTH TOKEN>" -d "{\"status\":\"en_route_to_pickup\"}" https://sandbox-api.uber.com/v1/sandbox/deliveries/{delivery_id}
In addition, your curl command is trying to issue a PUT request to the uber sandbox PUT API. However, your PHP code is not setting the context correctly and so is probably issuing a GET request. I suspect that the server is therefore rejecting the request as a GET as not allowed to do this sort of operation.
To fix it, see Bad request using file_get_contents for PUT request in PHP. This should give you an example of how to pass in the necessary context to issue a PUT request using file_get_contents().
I tested REST services with DHC application for Chrome, and POST requests were successful with these parameters:
DHC_successful_POST
But when I try to create the same request in SoapUI, I always get 500 error. Probably, there should be some other parameters or settings in SoapUI, but I cannot see it. What is wrong? Here is my request:
SoapUI_POST_500_fault
P.S.
In DHC there is such code for my request:
curl -i -X POST \
-H "Content-Type:multipart/form-data" \
-F "file=" \
-F "fileName=rich-text.zip" \
So, I just need to find settings for these parameters in SoapUI (free version).
Are there any suggestions?
As per this (see attachments section)you've to append file: to your parameter value to be able to send the content of file as multipart/form-data
could anyone help me understand what's wrong with this request to pocket?
curl -Li
http://getpocket.com/v3/oauth/request
-X POST
-H "Content-Type: application/json"
-H "X-Accept: application/json"
-d "{\"consumer_key\":\"xxxx-xxxxxxxxx\",\"redirect_uri\":\"http://www.google.com\"}"
I get a
< X-Error: Missing consumer key.
< X-Error-Code: 138
back.
the xxxx bits are really the key I got from the website when I created my App, and I've also tried with and without the -Li options on curl but it makes no difference.
I've followed the guide from here - I'm sure I've made a dumb typo somewhere, but I can't see where it is.
You need to use https, as per API:
All calls to the Pocket Authentication API should be done over HTTPS.
I am currently developing a REST-API which is HTTP-Basic protected for the development environment. As the real authentication is done via a token, I'm still trying to figure out, how to send two authorization headers.
I have tried this one:
curl -i http://dev.myapp.com/api/users \
-H "Authorization: Basic Ym9zY236Ym9zY28=" \
-H "Authorization: Bearer mytoken123"
I could for example disable the HTTP-Authentication for my IP but as I usually work in different environments with dynamic IPs, this is not a good solution. So am I missing something?
Try this one to push basic authentication at url:
curl -i http://username:password#dev.myapp.com/api/users -H "Authorization: Bearer mytoken123"
^^^^^^^^^^^^^^^^^^
If above one doesn't work, then you have nothing to do with it. So try the following alternates.
You can pass the token under another name. Because you are handling the authorization from your Application. So you can easily use this flexibility for this special purpose.
curl -i http://dev.myapp.com/api/users \
-H "Authorization: Basic Ym9zY236Ym9zY28=" \
-H "Application-Authorization: mytoken123"
Notice I have changed the header into Application-Authorization. So from your application catch the token under that header and process what you need to do.
Another thing you can do is, to pass the token through the POST parameters and grab the parameter's value from the Server side. For example passing token with curl post parameter:
-d "auth-token=mytoken123"
Standard (https://www.rfc-editor.org/rfc/rfc6750) says you can use:
Form-Encoded Body Parameter: Authorization: Bearer mytoken123
URI Query Parameter: access_token=mytoken123
So it's possible to pass many Bearer Token with URI, but doing this is discouraged (see section 5 in the standard).
If you are using a reverse proxy such as nginx in between, you could define a custom token, such as X-API-Token.
In nginx you would rewrite it for the upstream proxy (your rest api) to be just auth:
proxy_set_header Authorization $http_x_api_token;
... while nginx can use the original Authorization header to check HTTP AUth.
With nginx you can send both tokens like this (even though it's against the standard):
Authorization: Basic basic-token,Bearer bearer-token
This works as long as the basic token is first - nginx successfully forwards it to the application server.
And then you need to make sure your application can properly extract the Bearer from the above string.
I had a similar problem - authenticate device and user at device. I used a Cookie header alongside an Authorization: Bearer... header. One header authenticated the device, the other authenticated the user. I used a Cookie header because these are commonly used for authentication.
curl --anyauth
Tells curl to figure out authentication method by itself, and use the
most secure one the remote site claims to support. This is done by
first doing a request and checking the response- headers, thus
possibly inducing an extra network round-trip. This is used
instead of setting a specific authentication method, which you can
do with --basic, --digest, --ntlm, and
--negotiate.
There is another solution for testing APIs on development server.
Set HTTP Basic Authentication only for web routes
Leave all API routes free from authentication
Web server configuration for nginx and Laravel would be like this:
location /api {
try_files $uri $uri/ /index.php?$query_string;
}
location / {
try_files $uri $uri/ /index.php?$query_string;
auth_basic "Enter password";
auth_basic_user_file /path/to/.htpasswd;
}
Authorization: Bearer will do the job of defending the development server against web crawlers and other unwanted visitors.
You can use Body with x-www-form-url-encoded to send with multiple headers.
curl --location --request POST 'http://dev.myapp.com/api/users' \
--header 'Authorization: Basic Ym9zY236Ym9zY28=' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'access_token=mytoken123'