We Keep Coding

How to get an unobfuscated client-secret for keycloak client-secret REST call

When calling the keycloak REST api (see below) the output value is a string of asterisks (stars) - is it possible to get this information in clear text?
curl \
--silent \
--request GET \
-H "Authorization: bearer <MYACCESSTOKEN>" \
--header 'Content-Type: application/x-www-form-urlencoded' \
"http://keycloakserver:8180/auth/admin/realms/myrealm/clients/<MYCLIENTID>/client-secret"
returns/output:
{"type":"secret","value":"**********"}
How can it be retrieved in a text (not stars) format?
The client is configured with:
clientt protocol: openid-connect
access type: confidential
standard flow: enabled

First, you need to generate the secret. Either via Admin Console:
Or via keycloak REST api, in your case (using POST instead of GET):
curl \
--silent \
--request POST \
-H "Authorization: bearer <MYACCESSTOKEN>" \
--header 'Content-Type: application/x-www-form-urlencoded' \
"http://keycloakserver:8180/auth/admin/realms/myrealm/clients/<MYCLIENTID>/client-secret"

Paypal gives invalid refresh token error and no consent were granted Oauth2

I am trying to refresh the PayPal access token using the refresh token, I have checked that my credentials are right and I am using sandbox credentials.
Here is my curl request
curl --location --request POST 'https://api-m.sandbox.paypal.com/v1/oauth2/token' \
--header 'Authorization: Basic QWNRamY0eHFfOS1JWkpSM3htNURac2hteFhvTFNRb1h3SnZvbFJCM0pfZ0RpcnZpLXFKd21yX2JlYUhRV2gtS2NfRGFOZ19sWXJ1clk3UGw6RUlQVlpRekFqSkZRTmIyTXdsenYtYnRPR2pxejBFUHN5UHpKWF9ObllMSnkydnM3TEFZczBiNGNuUG9ScGZ6RWQ4ZG1manNnelsswrfgth4eGpmTHk=' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'grant_type=refresh_token' \
--data-urlencode 'refresh_token=R23.AAJhMawaln1gQ_bkXioY9SG_Xp5X6CENyIBIcw7F-ocj37o5Io9LN8PKd9EcreWbaQk6LQQuUBXWQmMMaTWokK5eFcD1b0SUjYzS1-YCFLId4vKGmk1q7cELtQc5J477scwsk7cXJEuHwXng-vebMlw'
it gives me the response of invalid refresh token and no consent were granted.
{"error":"invalid_refresh_token","error_description":"No consent were granted"}
access token request:
curl --location --request POST 'https://api-m.sandbox.paypal.com/v1/oauth2/token' \
--header 'Authorization: Basic QWNRamY0eHFfOS1JWkpSM3htNURac2hteFhvTFNRdddb1h3SdsdnZvbFJCM0pfZ0RpcnZpLXFKd21yX2JlYUhRV2gtS2NfRGFOZ19sWXJ1clk3UGw6RUlQVlpRekFqSkZRTmIyTXdsenYtYnRPR2pxejBFUHN5UHpKWF9ObllMSnkydnM3TEFZczBiNGNuUG9ScGZ6RWQ4ZG1manNnelh4eGpmTHk=' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'grant_type=authorization_code' \
--data-urlencode 'code=C21AAL7QWYekW8pCXkw9xIlsicTcxlytFJfhNCqk3Fvt-WSsjdgpnJF5U5jbP_NB_0xRqOFdSbjdRkcvyDefsoK8Oui6gqj0A'
Any idea how to solve this ?

AutoResizeLimit for Cloud SQL

How can I set AutoResizeLimit when creating a Cloud SQL MySQL instance?
The GCP API defines it here: https://cloud.google.com/sql/docs/mysql/admin-api/v1beta4/instances
The terraform provider has disk_autoresize, which is a boolean:
https://www.terraform.io/docs/providers/google/r/sql_database_instance.html#disk_autoresize
But, there is no attribute to set the auto_resize_limit.

A way to create a Cloud SQL instance with auto_resize_limit is to create it directly with querying an API e.g. with cURL and setting storageAutoResizeLimit.
The query should look like this:
ACCESS_TOKEN="$(gcloud auth application-default print-access-token)"
curl --header "Authorization: Bearer ${ACCESS_TOKEN}" \
--header 'Content-Type: application/json' \
--data '{"name":"[INSTANCE_NAME]", "region":"[REGION]",
"settings": {"tier":"[MACHINE_TYPE]",
"storageAutoResizeLimit":[SIZE],
"backupConfiguration": {"binaryLogEnabled":true, "enabled":true}}}' \
-X POST \
https://www.googleapis.com/sql/v1beta4/projects/[PROJECT-ID]/instances
Note that storageAutoResize is set to True by default.

Creating authorization token for google cloud sql

I am writing an application to fetch query logs from google cloud sql using stack driver monitoring. I am able to retrieve the logs using API explorer. I will be using a curl call to download the logs.
curl --header "Authorization: Bearer ACCESS_TOKEN" --header
'Content-Type: application/json' --header 'x-referer:
https://developers.google.com' -X POST --data
'{"resourceNames":["projectname"],"filter":"logName=logname"}'
"https://content-logging.googleapis.com/v2/entries:list?fields=entries(jsonPayload%2ClogName%2Coperation%2CreceiveTimestamp%2CtextPayload%2Ctimestamp)&key=APIkey"
API key is available in the interface. I have downloaded the json with client details. But I am not able to find any documentation on how to generate ACCESS_TOKEN in this case. Can someone please help me on this?

You can try:
curl -H "Authorization: Bearer "$(gcloud auth application-default
print-access-token) ...
or set:
ACCESS_TOKEN="$(gcloud auth application-default print-access-token)"
and then:
curl --header "Authorization: Bearer ${ACCESS_TOKEN}" ...

Undocumented Wunderlist update user endpoint

There appears to be an endpoint on the Wunderlist API for updating the wunderlist user (at https://a.wunderlist.com/api/v1/user) which does not appear in the official docs
User information can be updated by sending a PUT request to it, e.g. :
curl \
-H "X-Access-Token: $WL_ACCESS_TOKEN" \
-H "X-Client-ID: $WL_CLIENT_ID" \
-H "Content-Type: application/json" \
-XPUT -d '{"revision":1234,"name":"some-name"}' \
https://a.wunderlist.com/api/v1/user
Assuming the data is valid, this returns with HTTP 200.
Is this endpoint supported?