Undocumented Wunderlist update user endpoint - wunderlist

There appears to be an endpoint on the Wunderlist API for updating the wunderlist user (at https://a.wunderlist.com/api/v1/user) which does not appear in the official docs
User information can be updated by sending a PUT request to it, e.g. :
curl \
-H "X-Access-Token: $WL_ACCESS_TOKEN" \
-H "X-Client-ID: $WL_CLIENT_ID" \
-H "Content-Type: application/json" \
-XPUT -d '{"revision":1234,"name":"some-name"}' \
https://a.wunderlist.com/api/v1/user
Assuming the data is valid, this returns with HTTP 200.
Is this endpoint supported?

Related

How to Star a Topic on GitHub with API?

Star a topic can be done on the website. But how to do the same operation via GitHub API v3 or v4? I read through the reference but got no clues.
For the v3 REST API it's documented at Star a repository for the authenticated user
The curl example is:
curl \
-X PUT \
-H "Accept: application/vnd.github.v3+json" \
https://api.github.com/user/starred/octocat/hello-world
But this doesn't show how to insert your token, so you actually need something more like:
curl \
-X PUT \
-H "Authorization: token $GITHUB_API_TOKEN" \
-H "Accept: application/vnd.github.v3+json" \
https://api.github.com/user/starred/octocat/hello-world
Where GITHUB_API_TOKEN has been previously set like:
GITHUB_API_TOKEN="ghp_16C7e42F292c6912E7710c838347Ae178B4a"
Per comments to this earlier question how to star a repo with github api make sure that the token used has the correct permissions to do the starring, which means having the repo scope (or at least repo_public) enabled.
I'd also love to know how to do this with the v4 GraphQl API.

How to get an unobfuscated client-secret for keycloak client-secret REST call

When calling the keycloak REST api (see below) the output value is a string of asterisks (stars) - is it possible to get this information in clear text?
curl \
--silent \
--request GET \
-H "Authorization: bearer <MYACCESSTOKEN>" \
--header 'Content-Type: application/x-www-form-urlencoded' \
"http://keycloakserver:8180/auth/admin/realms/myrealm/clients/<MYCLIENTID>/client-secret"
returns/output:
{"type":"secret","value":"**********"}
How can it be retrieved in a text (not stars) format?
The client is configured with:
clientt protocol: openid-connect
access type: confidential
standard flow: enabled
First, you need to generate the secret. Either via Admin Console:
Or via keycloak REST api, in your case (using POST instead of GET):
curl \
--silent \
--request POST \
-H "Authorization: bearer <MYACCESSTOKEN>" \
--header 'Content-Type: application/x-www-form-urlencoded' \
"http://keycloakserver:8180/auth/admin/realms/myrealm/clients/<MYCLIENTID>/client-secret"

How to set user attribute value in Keycloak using API?

How I can set user attribute value using Keycloak Rest API?
Update: The /auth path was removed starting with Keycloak 17 Quarkus distribution. So you might need to remove the /auth from the endpoint calls presented on this answer.
To set a user attribute using the Keycloak Admin REST API; you use the endpoint:
PUT <KEYCLOAK_HOST>/auth/admin/realms/<YOUR_REALM>/users/<USER_ID>
with the payload
{"attributes":{"<ATTRIBUTE_NAME>":["<ATTRIBUTE_VALUE>"]}}
the <USER_ID> you can get it using the endpoint:
GET <YOUR_KEYCLOAK_DOMAIN>/auth/admin/realms/<YOUR_REALM>/users/?username=<THE_USERNAME>
from the JSON response, extract the field id.
Step-by-Step:
You can get that information using the Keycloak Admin REST API; to call that API, you need an access token from a user with the proper permissions. For now, I will be using the admin user from the master realm:
curl https://${KEYCLOAK_HOST}/auth/realms/master/protocol/openid-connect/token \
-d "client_id=admin-cli" \
-d "username=$ADMIN_NAME" \
-d "password=$ADMIN_PASSWORD" \
-d "grant_type=password"
You will get a JSON response with the admin's token. Extract the value of property access_token from that response. Let us save it in the variable $ACCESS_TOKEN for later reference.
To get the user id from your realm $REALM_NAME:
curl -X GET https://${KEYCLOAK_HOST}/auth/admin/realms/${REALM_NAME}/users/?username=${USERNAME}&exact=true \
-H "Content-Type: application/json" \
-H "Authorization: bearer $ACCESS_TOKEN"
From the response extract the user id for example as follows
jq -r .[].id
Or even cleaner is to passed to the
To set the user attribute:
curl -X PUT https://${KEYCLOAK_HOST}/auth/admin/realms/${REALM_NAME}/users/${USER_ID} \
-H "Content-Type: application/json" \
-H "Authorization: bearer $ACCESS_TOKEN" \
-d '{"attributes":{"<ATTRIBUTE_NAME>":["<ATTRIBUTE_VALUE>"]}}'
You can also have a look at setUser script on my GitHub repo.

Getting IAM token using curl fails

I have been trying to generate an IBM Cloud IAM token using the following command:
curl -ik -X POST --header "Content-Type: application/x-www-form-urlencoded" --header "Accept: application/json" --data-urlencod
e "grant_type=urn:ibm:params:oauth:grant-type:apikey" --data-urlencode "apikey=rzQV6ahSbPLzXjzhzuAEtbXXXXXXXXXXXXXXXX" --data-urlencode "response_type=cloud_iam,uaa&uaa_client_id=cf&uaa_client_secret=" "https://iam.ng.bluemix.net/oidc/passcode"
But it keeps giving me 405 method not allowed. What is the right way to generate the token? Is there any documentation which could be followed?
The problem is with the endpoint you are using. Here's the working curl command to generate an IBM Cloud IAM token
curl -ik -X POST \
--header "Content-Type: application/x-www-form-urlencoded" \
--header "Accept: application/json" \
--data-urlencode "grant_type=urn:ibm:params:oauth:grant-type:apikey" \
--data-urlencode "apikey=<APIKEY>" \
"https://iam.cloud.ibm.com/identity/token"
You can generate an IAM token by using either your IBM Cloud API key or a service ID's API key.
Here's the link to the documentation

Accessing Box Api using Refresh token

How can we access the Box API using the refresh token that is generated? I have followed all the steps to generate the access token and refresh token but I cannot find it anywhere how can I access the API using refresh token.
This is what I have right now:
curl -X GET -H "Authorization: Bearer <Access-Token>" "https://api.box.com/2.0/folders/0"
I am not able to do this :
curl -X GET -H "Authorization: <Refresh-Token>" "https://api.box.com/2.0/folders/0"
or
curl -X GET -H "Authorization: Bearer <Refresh-Token>" "https://api.box.com/2.0/folders/0"
Any idea how we can use the Refresh token in an API call?
The access_token is used to make Box Content API calls.
The refresh_token is used to obtain a new access_token & refresh_token pair since access_tokens expire in around 60 minutes.
curl https://api.box.com/oauth2/token
-d 'grant_type=refresh_token' \
-d 'refresh_token=<MY_REFRESH_TOKEN>' \
-d 'client_id=<MY_CLIENT_ID>' \
-d 'client_secret=<MY_CLIENT_SECRET>' \
-X POST