My server has to ensure the connectivity by receiving the request with API Key in the header from the client. I am finding it difficult to incorporate this using Flask decorator.
We provided API key to our Client which will be used to receiving the request.
When every request is made, we check and authenticate the Client for posting updates into our database.
The Swagger API definition has the parameter of API key located in Header which needs to be implemented using the Flask Decorator and corresponding function.
I have written the following Flask app code. And when It comes to receiving the API in the header, I am failing to rectify this server Error.
from flask import Flask, render_template, url_for, request, session, redirect,jsonify
from flask_pymongo import PyMongo
import json
from bson.json_util import dumps
import bcrypt
import os
from binascii import hexlify
app = Flask(__name__)
app.config['MONGO_DBNAME'] = 'demo'
app.config['MONGO_URI'] = 'mongodb://xxxx:xxxx#xxxxxxx.mlab.com:57158/demo'
mongo = PyMongo(app)
#app.route('/addapi')
def addapi():
users = mongo.db.users
api_key=users.insert({"name":"apikey","X-API-Key":"69222c9b-7858-4eef-a218-039c8cd2bc6e"})
return 'API Key stored'
#app.route('/test/<string:apikey_given_by_user_in_the_header>',methods=['GET'])
"""I have a doubt in the above line that How Can I receive the API Key in the header and check if that is available in my database. This is for testing the connectivity using the Valid API Key."""
def test(apikey_given_by_user_in_the_header):
users=mongo.db.users
api_record=users.find_one({'name':"apikey"})
actual_API_key=api_record['X-API-Key']
if actual_API_key==apikey_given_by_user_in_the_header
return "API is available"
return "Invalid API Key"
The Swagger API definition for Parameter is as below:
"parameters": [
{
"name": "X-API-Key",
"in": "header",
"required": true,
"type": "string"
},
Can You kindly advise How can I incorporate this API key authentication where the Client will have to input the API key based upon which my server needs to check and authenticate? Thanks.
To access incoming request data, you can use the global request object.
when client send a request with header which you need, you can access incoming request header request.headers, header is dictionary like object:
from flask import request
#app.route('/api')
def home():
key = request.headers.get('API-Key')
print(key)
return 'Got %s key'%key
To test with curl or httpie
$ http get localhost:port/api API-Key:key-goes-here12458
$ curl -H "API-Key:key-goes-here12458" localhost:port/api
Related
I've used zeep against a SOAP-service, and it works perfectly. However, when this service is placed behind Gravitee API Manager, I'm unable to get it to work any longer, just get a 404 response.
Here's my code :
from zeep import Client, Settings
import base64,sys, logging, traceback
from requests import Session
from zeep.transports import Transport
import requests
from lxml import etree
wsdl= 'https://link_to_service_on_gravitee'
session = Session()
session.verify = False
session.headers['Api-Key']= 'xxxxx'
transport = Transport(session=session)
settings = Settings(raw_response=True, strict=False, xml_huge_tree=True)
client = Client(wsdl, transport=transport, settings=settings)
data = []
data.append(
{'ServerProcessId': 'GL07',
'OrderNumber': 1}
)
cdata = []
cdata.append(
{'Username': 'xxx',
'Client': 'yyy',
'Password': 'zzz'}
)
node = client.create_message(client.service, 'GetResult',input=data, credentials=cdata)
print('*** SOAP Message')
print(etree.tostring(node))
print('*** End SOAP Message')
response = requests.Response()
try:
response = client.service.GetResult(input=data, credentials=cdata)
print(response)
except Exception as e:
print(response.headers)
logging.error(traceback.format_exc())
When I test the message generated by Python (etree.tostring(node)) in SOAPUI, it works correctly. Also, if I alter the api-key, I get an error about authentication problems, so Gravitee seems to accept the key from my code.
But the response I get, with correct api-key, is always [404].
Got it to work when I downloaded the wsdl to a local file, but don't want to do this for every wsdl.
Any ideas ?
There are multiple reasons for getting a 404 from Gravitee:
* Did you create an API
* Did you create a simple plan for this API
* Did you deploy the API to the gateway.
Once all those steps are done, you should be able to consume your API.
Hope it helps,
Regards,
I am writing a groovy script to consume the SOAP web service. First i imported my
WSDL in SOAP and created a project.
Then all the SOAP request are generated automatically.
Now am trying to write a groovy to call the SOAP service using the SOAP request generated.
Now here it is my groovy script
import org.apache.commons.httpclient.methods.PostMethod;
import org.w3c.dom.*;
class Example {
static void main(String[] args) {
String serviceInput="";
PostMethod post = new PostMethod("http://server:30280/so_ws/SO?WSDL");
post.setRequestHeader("Accept", "application/soap+xml,application/dime,multipart/related,text/*");
post.setRequestHeader("SOAPAction", "");
// access CreateNote SOAP request here to call PostMethod
}
}
I want to access the same SOAP request generated in SOAP UI - CreateNote.
How can I access it?
My actuall requirement is to access all SOAP request in the groovy script - so that i can write one single script to test all the SOAP services in one go and that too in the sequence as per required
Here is the Groovy Script which gets the request from its previous step of the same test case like you have your test case currently.
Script
def req = context.testCase.getTestStepAt(context.currentStepIndex - 1).httpRequest.requestContent
log.info req
In order to have repeatable deployments of keycloak I'm trying to use the import feature to create clients in keycloak. I have noticed that when I import a client, as opposed to the realm, the 'Authorization Enabled' flag is not set to true even if I have set it to true in the JSON that I'm importing. If I try to set it to true after importing I get an error unless I first turn off 'Service Accounts Enabled' and then attempt to enable 'Authorization Enabled'.
The JSON that I'm sending is provided below:
{
"clientId" : "hello-world-authz-service",
"secret" : "secret",
"authorizationServicesEnabled" : True,
"enabled" : True,
"redirectUris" : [ "http://localhost:8080/hello-world-authz-service/*" ],
"baseUrl": "http://localhost:8080/hello-world-authz-service",
"adminUrl": "http://localhost:8080/hello-world-authz-service",
"directAccessGrantsEnabled" : True
}
The JSON above is actually based upon one of the examples that was provided in the keycloak source code and it works when I import everything as a realm, but not when I use just the client portion.
Can anyone provide guidance in regards to how I can import JSON into Keycloak in order to setup a specific client?
I'm using Keycloak 2.5.0.Final Community.
It looks like this issue might have been resolved by this pull request:
https://github.com/keycloak/keycloak/commit/0b5b27ea3a9d68a26e9cd592a1b087ea7478a07c
I can see in the pull request that the code references the authorizationServicesEnabled field.
I am trying to get successfully integrate Spring security rest plugin
But I am constantly failed,I am using the memcahed for token storage. Config.groovy Setup which I used to implement the plugin is :
//login end point url
grails.plugin.springsecurity.rest.login.active=true
grails.plugin.springsecurity.rest.login.endpointUrl='/api/login'
grails.plugin.springsecurity.rest.login.failureStatusCode='401'
//for memcached
grails.plugin.springsecurity.rest.token.storage.useMemcached=false
grails.plugin.springsecurity.rest.token.storage.memcached.hosts='localhost:11211'
grails.plugin.springsecurity.rest.token.storage.memcached.username=''
grails.plugin.springsecurity.rest.token.storage.memcached.password=''
grails.plugin.springsecurity.rest.token.storage.memcached.expiration=3600
//token generation
grails.plugin.springsecurity.rest.token.generation.useSecureRandom=true
grails.plugin.springsecurity.rest.token.generation.useUUID=false
I making a request on /api/login via Post man rest client with
{
"username": "john.doe",
"password": "dontTellAnybody"
}
json data but it gives me spring security auth page's html in response, Am I doing some wrong configuration?Is there any futher configuration is required.I mentioned that I am using memcache for token storage.Any Idea will be helpfull for me.
Edit: please see the logs file
Edit2 : please check this log file
I have a working spring-mvc application with rest services and some rest-assured tests which are fine :
#Test
public void createFoobarFromScratchReturns201(){
expect().statusCode(201).given()
.queryParam("foo", generateFoo())
.queryParam("bar", generateBar())
.when().post("/foo/bar/");
}
=> OK
Then I implemented a digest authentication. Everything is working well, now I have to log in to use my services :
curl http://localhost:8089/foo/bar
=> HTTP ERROR 401, Full authentication is required to access this resource
curl http://localhost:8089/foo/bar --digest -u user_test:password
=> HTTP 201, CREATED
But when I try to upgrade my tests with the most obvious function, I still have a 401 error :
#Test
public void createFoobarFromScratchReturns201(){
expect().statusCode(201).given()
.auth().digest("user_test", "password") // Digest added here
.queryParam("foo", generateFoo())
.queryParam("bar", generateBar())
.when().post("/foo/bar/");
}
=> Expected status code <201> doesn't match actual status code <401>
I found some clues with the preemptive() function, but it seems to be only implemented for basic :
// Returns an AuthenticatedScheme and stores it into the general configuration
RestAssured.authentication = preemptive().basic("user_test", "password");
// Try a similar thing, but it didn't work :
RestAssured.authentication = RestAssured.digest("user_test", "password");
Currently, I am trying to achieve two things :
I need to upgrade a couple of my tests to support digest
I need to amend the #Before of the rest of my tests suites (whose are not related to auth issues), to be already logged in.
Any ideas or documentation ?
Try enabling support for cookies in the HTTP client embedded inside Rest Assured with:
RestAssuredConfig config = new RestAssuredConfig().httpClient(new HttpClientConfig().setParam(ClientPNames.COOKIE_POLICY, CookiePolicy.BEST_MATCH));
expect().statusCode(201).given()
.auth().digest("user_test", "password") // Digest added here
.config(config)
.queryParam("foo", generateFoo())
.queryParam("bar", generateBar())
.when().post("/foo/bar/");
The HTTP client (and therefore Rest Assured) supports digest authentication and the configuration of RestAssured using the digest method works well.