Getting IAM token using curl fails - ibm-cloud

I have been trying to generate an IBM Cloud IAM token using the following command:
curl -ik -X POST --header "Content-Type: application/x-www-form-urlencoded" --header "Accept: application/json" --data-urlencod
e "grant_type=urn:ibm:params:oauth:grant-type:apikey" --data-urlencode "apikey=rzQV6ahSbPLzXjzhzuAEtbXXXXXXXXXXXXXXXX" --data-urlencode "response_type=cloud_iam,uaa&uaa_client_id=cf&uaa_client_secret=" "https://iam.ng.bluemix.net/oidc/passcode"
But it keeps giving me 405 method not allowed. What is the right way to generate the token? Is there any documentation which could be followed?

The problem is with the endpoint you are using. Here's the working curl command to generate an IBM Cloud IAM token
curl -ik -X POST \
--header "Content-Type: application/x-www-form-urlencoded" \
--header "Accept: application/json" \
--data-urlencode "grant_type=urn:ibm:params:oauth:grant-type:apikey" \
--data-urlencode "apikey=<APIKEY>" \
"https://iam.cloud.ibm.com/identity/token"
You can generate an IAM token by using either your IBM Cloud API key or a service ID's API key.
Here's the link to the documentation

Related

How to get an unobfuscated client-secret for keycloak client-secret REST call

When calling the keycloak REST api (see below) the output value is a string of asterisks (stars) - is it possible to get this information in clear text?
curl \
--silent \
--request GET \
-H "Authorization: bearer <MYACCESSTOKEN>" \
--header 'Content-Type: application/x-www-form-urlencoded' \
"http://keycloakserver:8180/auth/admin/realms/myrealm/clients/<MYCLIENTID>/client-secret"
returns/output:
{"type":"secret","value":"**********"}
How can it be retrieved in a text (not stars) format?
The client is configured with:
clientt protocol: openid-connect
access type: confidential
standard flow: enabled
First, you need to generate the secret. Either via Admin Console:
Or via keycloak REST api, in your case (using POST instead of GET):
curl \
--silent \
--request POST \
-H "Authorization: bearer <MYACCESSTOKEN>" \
--header 'Content-Type: application/x-www-form-urlencoded' \
"http://keycloakserver:8180/auth/admin/realms/myrealm/clients/<MYCLIENTID>/client-secret"

Paypal gives invalid refresh token error and no consent were granted Oauth2

I am trying to refresh the PayPal access token using the refresh token, I have checked that my credentials are right and I am using sandbox credentials.
Here is my curl request
curl --location --request POST 'https://api-m.sandbox.paypal.com/v1/oauth2/token' \
--header 'Authorization: Basic QWNRamY0eHFfOS1JWkpSM3htNURac2hteFhvTFNRb1h3SnZvbFJCM0pfZ0RpcnZpLXFKd21yX2JlYUhRV2gtS2NfRGFOZ19sWXJ1clk3UGw6RUlQVlpRekFqSkZRTmIyTXdsenYtYnRPR2pxejBFUHN5UHpKWF9ObllMSnkydnM3TEFZczBiNGNuUG9ScGZ6RWQ4ZG1manNnelsswrfgth4eGpmTHk=' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'grant_type=refresh_token' \
--data-urlencode 'refresh_token=R23.AAJhMawaln1gQ_bkXioY9SG_Xp5X6CENyIBIcw7F-ocj37o5Io9LN8PKd9EcreWbaQk6LQQuUBXWQmMMaTWokK5eFcD1b0SUjYzS1-YCFLId4vKGmk1q7cELtQc5J477scwsk7cXJEuHwXng-vebMlw'
it gives me the response of invalid refresh token and no consent were granted.
{"error":"invalid_refresh_token","error_description":"No consent were granted"}
access token request:
curl --location --request POST 'https://api-m.sandbox.paypal.com/v1/oauth2/token' \
--header 'Authorization: Basic QWNRamY0eHFfOS1JWkpSM3htNURac2hteFhvTFNRdddb1h3SdsdnZvbFJCM0pfZ0RpcnZpLXFKd21yX2JlYUhRV2gtS2NfRGFOZ19sWXJ1clk3UGw6RUlQVlpRekFqSkZRTmIyTXdsenYtYnRPR2pxejBFUHN5UHpKWF9ObllMSnkydnM3TEFZczBiNGNuUG9ScGZ6RWQ4ZG1manNnelh4eGpmTHk=' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'grant_type=authorization_code' \
--data-urlencode 'code=C21AAL7QWYekW8pCXkw9xIlsicTcxlytFJfhNCqk3Fvt-WSsjdgpnJF5U5jbP_NB_0xRqOFdSbjdRkcvyDefsoK8Oui6gqj0A'
Any idea how to solve this ?

AutoResizeLimit for Cloud SQL

How can I set AutoResizeLimit when creating a Cloud SQL MySQL instance?
The GCP API defines it here: https://cloud.google.com/sql/docs/mysql/admin-api/v1beta4/instances
The terraform provider has disk_autoresize, which is a boolean:
https://www.terraform.io/docs/providers/google/r/sql_database_instance.html#disk_autoresize
But, there is no attribute to set the auto_resize_limit.
A way to create a Cloud SQL instance with auto_resize_limit is to create it directly with querying an API e.g. with cURL and setting storageAutoResizeLimit.
The query should look like this:
ACCESS_TOKEN="$(gcloud auth application-default print-access-token)"
curl --header "Authorization: Bearer ${ACCESS_TOKEN}" \
--header 'Content-Type: application/json' \
--data '{"name":"[INSTANCE_NAME]", "region":"[REGION]",
"settings": {"tier":"[MACHINE_TYPE]",
"storageAutoResizeLimit":[SIZE],
"backupConfiguration": {"binaryLogEnabled":true, "enabled":true}}}' \
-X POST \
https://www.googleapis.com/sql/v1beta4/projects/[PROJECT-ID]/instances
Note that storageAutoResize is set to True by default.

Creating authorization token for google cloud sql

I am writing an application to fetch query logs from google cloud sql using stack driver monitoring. I am able to retrieve the logs using API explorer. I will be using a curl call to download the logs.
curl --header "Authorization: Bearer ACCESS_TOKEN" --header
'Content-Type: application/json' --header 'x-referer:
https://developers.google.com' -X POST --data
'{"resourceNames":["projectname"],"filter":"logName=logname"}'
"https://content-logging.googleapis.com/v2/entries:list?fields=entries(jsonPayload%2ClogName%2Coperation%2CreceiveTimestamp%2CtextPayload%2Ctimestamp)&key=APIkey"
API key is available in the interface. I have downloaded the json with client details. But I am not able to find any documentation on how to generate ACCESS_TOKEN in this case. Can someone please help me on this?
You can try:
curl -H "Authorization: Bearer "$(gcloud auth application-default
print-access-token) ...
or set:
ACCESS_TOKEN="$(gcloud auth application-default print-access-token)"
and then:
curl --header "Authorization: Bearer ${ACCESS_TOKEN}" ...

Undocumented Wunderlist update user endpoint

There appears to be an endpoint on the Wunderlist API for updating the wunderlist user (at https://a.wunderlist.com/api/v1/user) which does not appear in the official docs
User information can be updated by sending a PUT request to it, e.g. :
curl \
-H "X-Access-Token: $WL_ACCESS_TOKEN" \
-H "X-Client-ID: $WL_CLIENT_ID" \
-H "Content-Type: application/json" \
-XPUT -d '{"revision":1234,"name":"some-name"}' \
https://a.wunderlist.com/api/v1/user
Assuming the data is valid, this returns with HTTP 200.
Is this endpoint supported?