Update actions.json withouth using gactions CLI - actions-on-google

I've built an Action on Google using the Actions SDK. I want to be able to update the actions.json programmatically on my server. I don't want to have to use the Assistant CLI. Is there a REST API or some other way of updating that file?

I was able to sniff the communication between Google and the actions cli.
Updating the action
Here is the curl request which you can use. Don't forget to add your Bearer (authorization) and after --data-binary you will include your actions.json. The last thing is, to change the endpoint URL at the end with your action id (replace testskill).
curl
-H 'Host: actions.googleapis.com'
-H 'content-type: application/json'
-H 'authorization: Bearer AuthorisationKeyAsRandomStrings'
-H 'user-agent: Gactions-CLI/2.2.4 (darwin; amd64; dev/NsZwRCulTKhlPxMfp)'
--data-binary '{"localizedActionPackages":{"de":{"actions":[{"description":"Default welcome intent","fulfillment":{"conversationName":"testskill"},"intent":{"name":"actions.intent.MAIN","trigger":{"queryPatterns":["sprechen mit test skill"]}},"name":"MAIN"},{"description":"test intent","fulfillment":{"conversationName":"testskill"},"intent":{"name":"test_intent","parameters":[{"name":"color","type":"org.schema.type.Color"}],"trigger":{"queryPatterns":["suchen ein $org.schema.type.Color:color schuhe","kaufen ein $org.schema.type.Color:color shuhe","kaufen"]}},"name":"Test"},{"description":"ciao","fulfillment":{"conversationName":"testskill"},"intent":{"name":"ciao_intent","trigger":{"queryPatterns":["ciao","bye","pa"]}},"name":"Ciao"}],"conversations":{"testskill":{"name":"testskill","url":"https://ae8e6xx.ngrok.io/testskill"}},"locale":"de"}},"name":"agents/testskill"}'
--compressed 'https://actions.googleapis.com/v2/agents/testskill:batchUpdateAllDraftActionPackages'
But there is no guarantee, that this will work in the future because Google can change the endpoint without notifying anybody. So I recommend to stick with actions cli.
Obtaining token without gactions CLI
You need to visit this url:
https://accounts.google.com/signin/oauth/oauthchooseaccount?access_type=offline&client_id=237807841406-o6vu1tjkq8oqjub8jilj6vuc396e2d0c.apps.googleusercontent.com&redirect_uri=urn%3Aietf%3Awg%3Aoauth%3A2.0%3Aoob&response_type=code&scope=https%3A%2F%2Fwww.googleapis.com%2Fauth%2Factions.builder&state=state&o2v=1&as=ZmeGyvTUA3FLgRPS1_rd1A&flowName=GeneralOAuthFlow
After authorization you will get the token. This needs to be send with another curl request. You need to replace PlaceYourUrlEncodedTokenHere with your token, but it needs to be url encoded.
curl
-H 'Host: accounts.google.com'
-H 'content-type: application/x-www-form-urlencoded'
-H 'authorization: Basic MjM3ODA3ODQxNDA2LW82dnUxdGprcThvcWp1YjhqaWxqNnZ1YzM5NmUyZDBjLmFwcHMuZ29vZ2xldXNlcmNvbnRlbnQuY29tOjZ1TlVQakZvd3pVRThTbGlWWlg2a2VZMA=='
-H 'user-agent: Go-http-client/2.0'
--data-binary "code=PlaceYourUrlEncodedTokenHere&grant_type=authorization_code&redirect_uri=urn%3Aietf%3Awg%3Aoauth%3A2.0%3Aoob"
--compressed 'https://accounts.google.com/o/oauth2/token'
After that you will receive json response from google which conatins access_token. This you will add to your request as Bearer.

Since yesterday i'm having a problem with actions cli, when i try to update my actions.json i have this error with oauth
Error 401: disabled_client
The OAuth client was disabled.
enter image description here

Related

Github api request returning bad credentials even with admin privledged oauth token

I am trying to make a call https://api.github.com/repos/OWNER/REPO/actions/runners/registration-token with an users personal access token that has repo permissions.
To do so I am testing with:
curl -I -X POST -H "Authorization: token <OAUTH_TOKEN> Accept: application/vnd.github.v3+json" https://api.github.com/repos/<owner>/<repo-name>/actions/runners/registration-token which gives me Bad Credentials error
curl -I -H "Authorization: token <OAUTH_TOKEN>" https://api.github.com/users/<USER_NAME> ->
x-oauth-scopes: repo
x-accepted-oauth-scopes:
According to this: https://docs.github.com/en/rest/actions/self-hosted-runners I need to provide an oauth token with repo access.
If I curl the user curl -H "Authorization: token <OAUTH_REPO_TOKEN>" https://api.github.com/users/<USER>/repos -> []. But if I go to the repo and check settings -> Collaborators And Teams, the user is listed as part of the team with admin privledges, and I have also added an entry for the user directly.
Is there something I am missing? What permissions do I need to add to fix this?
I needed to call the API with a user name as well. For example:
curl -I -X POST -u <USER>:<OAUTH_REPO_TOKEN> -H "Accept: application/vnd.github.v3+json" https://api.github.com/repos/<owner>/<repo-name>/actions/runners/registration-token. Passing a -v option reveals that it was not setting a username, and causing github to reject the call.

Thinksboard - Authentication in API rest call failing

I have to use thingsboard by rest API as it is showed on the guide https://thingsboard.io/docs/reference/rest-api/
In particular, I have a live-demo server and a custom user with administration permission.
I can authenticate it with the username/password on the thingsboard interface
Unfortunately, when I try the following command
curl -X POST --header 'Content-Type: application/json' --header 'Accept: application/json' -d '{"username":, "password":}' 'https://THINGSBOARD_URL/api/auth/login'
I receive the following output:
{"status":401,"message":"Authentication failed","errorCode":10,"timestamp":"..."}
Anybody can help me?
I will glad,
Gianluca
Solved
It was certifciate problem,
I bypass it by the following command:
tokenAuthResp = requests.post(url, headers=headers, json=loginJSON, verify=False).json()

REST API cURL Token - Paylocity

This should be very simple, but for the life of me I can not form my cURL request so that Paylocity will accept it. https://www.paylocity.com/integrations/apis/
I keep getting HTTP/1.1 400 Bad Request with json response {"error":"invalid_client"}, which I believe indicates that the data I am sending is not formatted properly. If I mess with the data I can get different response codes. In this case I am simply trying to obtain a bearer token.
curl -v https://apisandbox.paylocity.com/IdentityServer/connect/token \
-H 'Content-Type: application/x-www-form-urlencoded' \
-H 'Authorization:Basic <base64 encoded clientid:clientsecret>' \
-d 'grant_type = client_credentials&scope = WebLinkAPI'
Anything obviously wrong with the above?
Finally found the answer thanks to postman compiled for Windows (FYI, for us postman on Windows gives different output than postman on Linux). When postman sends the request it does NOT use a base64 authentication header as described by Paylocity's documentation. Instead it places the client_id and client_secret in the body. In addition, postman would url encode the id and secret strings.
i.e. "==" becomes "%3D%3D", "+" becomes "%2B", and "/" becomes "%2F"
Also, using the api sandbox did not work. We had to authenticate against the production server as well.
curl -X POST -i \
-H 'Content-Type: application/x-www-form-urlencoded' \
-d 'grant_type=client_credentials&scope=WebLinkAPI&client_id=<client ID>&client_secret=<client secret>' \
https://api.paylocity.com/IdentityServer/connect/token

Upload SSH public key to bitbucket cloud using curl/REST and token

I have a bitbucket cloud account. Under: https://id.atlassian.com/manage/api-tokens I have generated an API Token which I am trying to use in a REST call to upload
a public SSH key to my account. Based on:
https://docs.atlassian.com/bitbucket-server/rest/5.6.2/bitbucket-ssh-rest.html?utm_source=%2Fstatic%2Frest%2Fbitbucket-server%2F5.6.2%2Fbitbucket-ssh-rest.html&utm_medium=301#idm45427244388592
https://community.atlassian.com/t5/Answers-Developer-Questions/Bitbucket-REST-API-POST-using-token-instead-of-basic-auth/qaq-p/474823
I have tried:
curl -X POST -d '{"text":"ssh-rsa AAAAB3... me#127.0.0.1"}' -H "Authorization: Bearer ADasdaEeasAsd..." https://bitbucket.org/[my-account]]/rest/ssh/latest/keys
But when I run that I get:
{"type": "error", "error": {"message": "Access token expired. Use your refresh token to obtain a new access token."}}
I have tried to re-create the token and re-run the above command again - with the new token - but I get the same error.
Any suggestions?
Based on below answer and link I have now tried:
curl -X POST \
-H "Content-Type: application/json" \
-H "Authorization: Bearer wxdrtblabla..." \
-d '{"key": "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKqP3Cr632C2dNhhgKVcon4ldUSAeKiku2yP9O9/bDtY myuser#bitbucket.org/myuser"}' \
https://api.bitbucket.org/2.0/users/myuser/ssh-keys
But I get the exact same error:
{"type": "error", "error": {"message": "Access token expired. Use your refresh token to obtain a new access token."}}
So still no luck. Also if I access:
https://api.bitbucket.org/2.0/users/[myuser]/ssh-keys
directly in a browser I get:
type "error"
error
message "This API is only accessible with the following authentication types: session, password, apppassword"
EDIT/ANSWERED: Based on the updated answer below I have no tried to create an app password and grant it account: read/write in bitbucket and it works. I run it with:
curl -v -u myuser:my-generated-app-password -X POST \
-H "Content-Type: application/json" \
-d '{"key": "ssh-rsa AAA....ro"}' \
https://api.bitbucket.org/2.0/users/myuser/ssh-keys
You're looking at Bitbucket Server documentation but using Bitbucket Cloud. (The giveaways: the "bitbucket-server" part of the doc path, and the "bitbucket.org" in the path where you're pushing your key.)
Check out https://developer.atlassian.com/bitbucket/api/2/reference/resource/users/%7Busername%7D/ssh-keys#post instead - that's the Bitbucket Cloud documentation to do what you're trying to do. Your URL will be more like https://api.bitbucket.org/2.0/users/[your-account]/ssh-keys.
EDIT: The error you received indicates the problem: you either need to make that call from within an existing session (i.e. from the GUI), use your password, or use an app password. I'd recommend the app password, since it's scoped, meant to be disposable, and won't let you log onto the GUI. Your curl call then becomes something like curl -u myuser:myapppassword -X POST -H "Content-Type: application/json" -d '{"key": "key content goes here"}' https://api.bitbucket.org/2.0/users/myuser/ssh-keys.

Keycloak admin API flow bindings

I've created custom authorization flow and I'd like to change browser binding flow to this custom made with API call.
I've figured that out if anyone's interested.
curl -X PUT -H "Content-Type: application/json" -H "Authorization: Bearer $KEYCLOAK_TOKEN" -d '{"browserFlow": "Custom flow"}' 'http://keycloak:8080/auth/admin/realms/master/'