Trying to use 'Postman' and having trouble setting Basic access authentication Headers - rest

I have an API endpoint that I am trying to test with the google app: 'Postman'. I need to set the headers which use 'Basic authentication'. I am not sure what should go in 'Header: Value'
This is how the admin said the headers should be set:
"The head value is the word 'Basic' followed by your org name and your Api key separated by a colon and base64 encoded."
I have tried numerous things but I am not getting it quite right. The error I get is "Message: Token not set".

Your header field should look like this:
Header : Authorization
Value : Basic base64('YourOrgName:YourAPIKEY');
You can get the base64 value of your string here:
https://www.base64encode.org/
For example, for my-org-name:123key4api it should be bXktb3JnLW5hbWU6MTIza2V5NGFwaQ==.
The complete header would look like:
Authorization: Basic bXktb3JnLW5hbWU6MTIza2V5NGFwaQ==

Looks like you are facing trouble in getting the base64 value. Well you can make use of in-built function in Javscript as below.
Simply run below code in any JS runtime, (Simplest would be - open console tab in chrome developer tool)
"username:password!" // Here I used basic Auth string format
// Encode the plain string to base64
btoa("username:password!"); // output: "dXNlcm5hbWU6cGFzc3dvcmQh"
// Decode the base64 to plain string
atob("dXNlcm5hbWU6cGFzc3dvcmQh"); // output: "username:password!"

It's 2019 and with Version 6.5.3 we have a separate tab to use different kind of Authentication techniques.
For basic auth you just have to give username and password after selecting "Basic Auth" under Authentication tab

Putting it all together in a pre-request script
(and then use the access_token for oauth).
var Base64={_keyStr:"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=",encode:function(e){var t="";var n,r,i,s,o,u,a;var f=0;e=Base64._utf8_encode(e);while(f<e.length){n=e.charCodeAt(f++);r=e.charCodeAt(f++);i=e.charCodeAt(f++);s=n>>2;o=(n&3)<<4|r>>4;u=(r&15)<<2|i>>6;a=i&63;if(isNaN(r)){u=a=64}else if(isNaN(i)){a=64}t=t+this._keyStr.charAt(s)+this._keyStr.charAt(o)+this._keyStr.charAt(u)+this._keyStr.charAt(a)}return t},decode:function(e){var t="";var n,r,i;var s,o,u,a;var f=0;e=e.replace(/[^A-Za-z0-9\+\/\=]/g,"");while(f<e.length){s=this._keyStr.indexOf(e.charAt(f++));o=this._keyStr.indexOf(e.charAt(f++));u=this._keyStr.indexOf(e.charAt(f++));a=this._keyStr.indexOf(e.charAt(f++));n=s<<2|o>>4;r=(o&15)<<4|u>>2;i=(u&3)<<6|a;t=t+String.fromCharCode(n);if(u!=64){t=t+String.fromCharCode(r)}if(a!=64){t=t+String.fromCharCode(i)}}t=Base64._utf8_decode(t);return t},_utf8_encode:function(e){e=e.replace(/\r\n/g,"\n");var t="";for(var n=0;n<e.length;n++){var r=e.charCodeAt(n);if(r<128){t+=String.fromCharCode(r)}else if(r>127&&r<2048){t+=String.fromCharCode(r>>6|192);t+=String.fromCharCode(r&63|128)}else{t+=String.fromCharCode(r>>12|224);t+=String.fromCharCode(r>>6&63|128);t+=String.fromCharCode(r&63|128)}}return t},_utf8_decode:function(e){var t="";var n=0;var r=c1=c2=0;while(n<e.length){r=e.charCodeAt(n);if(r<128){t+=String.fromCharCode(r);n++}else if(r>191&&r<224){c2=e.charCodeAt(n+1);t+=String.fromCharCode((r&31)<<6|c2&63);n+=2}else{c2=e.charCodeAt(n+1);c3=e.charCodeAt(n+2);t+=String.fromCharCode((r&15)<<12|(c2&63)<<6|c3&63);n+=3}}return t}};
var userPass = pm.environment.get("oauth_key") + ':' + pm.environment.get("oauth_secret")
pm.sendRequest({
url: pm.environment.get("basepath")+"/oauthpreview/token",
method: 'POST',
header: {
'Accept': 'application/json',
'cache-control':"no-cache",
'Authorization' : 'Basic ' + Base64.encode(userPass),
'Content-Type': 'application/x-www-form-urlencoded'
},
body: {
mode: 'urlencoded',
urlencoded: [
{key: "grant_type", value: "client_credentials", disabled: false}
]
}
}, function (err, res) {
pm.environment.set("access_token", res.json().access_token);
})

Related

How to convert this curl example to google apps script / javascript? [duplicate]

I have experience making CURL calls in GAS using headers and payload, but I have never done a CURL command using the -u option before. According to the API spec, I must use the -u option. I just don't know how to convert that to GAS. Here is my code so far:
function updateStatus()
{
//Build header.
var header =
{
'Content-Type': 'application/json', //Set content type to JSON.
};
//Put it all together.
var options =
{
'method' : 'get',
'headers' : header
};
//Make Login call to When I work.
var responseGetPlan = UrlFetchApp.fetch('my url', options);
var strResponseGetPlan = responseGetPlan.getContentText();
Logger.log('Get Plan Response: ' + strResponseGetPlan); //Log response.
var parsedData = JSON.parse(strResponseGetPlan); //Parse into JSON format.
var strId = parsedData.id;
Logger.log(strId);
}
curl -u uses Basic authentication, which is a simple base64 encoding of a concatenated "username:password" string. You would send the following as headers.
Authorization: 'Basic ' + Utilities.base64Encode('username:password')
References:
RFC7617
curl Basic Authentication
Utilities

how to send apikey when using IBM Cloud API?

I'm trying to call IBM cloud speech to text API directly from my angular project.
getAudioFile (text: string) {
return this.http.post(this.apiUrl, {
text: text
}, {
headers: {
'Content-Type' : 'application/json',
'Accept' : 'audio/wav',
'authorization' : 'apikey:' + this.apiKey
},
params: {
voice: 'en-US_AllisonV3Voice'
}
}).pipe(map(res => console.log(res)), catchError(this.handleError))
}
I got the apiKey and apiUrl from the website specifically for my account (which works as a token). I'm just not sure if I'm sending it the right way. Please help me if you have done this before.
See the API documentation and its authentication section. If you want to use the API key, then it is used with Basic access authentication. The username would be "apikey", the password the actual API key. The username and password are base64 encoded. Conceptually, your code would need to look like this:
'Authorization' : 'Basic ' + Base64Encoded("apikey"+this.apiKey)

Escape " in axios

I am making an api call to WuFoo forms
to do a dateCreated filter it needs to look like this (note double quote):
Filter1=DateCreated+Is_greater_than+"2019-11-13 12:00:00"
However, Axios urlencodes it to look like this:
Filter1=DateCreated%2BIs_greater_than%2B%222019-11-13+12:00:00%22'
and WuFoo unfortunately returns incorrect response to that.
I have tried escaping the encoding by using paramSerializer:
const instance = axios.create({
baseURL: 'https://subdomain.wufoo.com/api/v3',
timeout: 1000,
headers: { 'Authorization': 'Basic fjdkalfjkdafldklaskflsdkl' },
paramsSerializer: function(params) { return params }
});
....
instance.get('/forms/form/entries.json',{
params:{
Filter1: qDateFilter
}
})
qDateFilter = DateCreated+Is_greater_than+"2019-11-13 12:00:00"
However I now have the following error:
TypeError [ERR_UNESCAPED_CHARACTERS]: Request path contains unescaped characters
at new ClientRequest (_http_client.js:139:13)
at Object.request (https.js:309:10)
at RedirectableRequest._performRequest (/home/node/app/node_modules/follow-redirects/index.js:169:24)
at new RedirectableRequest (/home/node/app/node_modules/follow-redirects/index.js:66:8)
at Object.wrappedProtocol.request (/home/node/app/node_modules/follow-redirects/index.js:307:14)
at dispatchHttpRequest (/home/node/app/node_modules/axios/lib/adapters/http.js:180:25)
at new Promise (<anonymous>)
at httpAdapter (/home/node/app/node_modules/axios/lib/adapters/http.js:20:10)
at dispatchRequest (/home/node/app/node_modules/axios/lib/core/dispatchRequest.js:59:10)
at processTicksAndRejections (internal/process/task_queues.js:93:5) {
code: 'ERR_UNESCAPED_CHARACTERS'
}
Attempts to just use a straight full string as a URL don't work either, it still encodes it.
Using straight " in postman works fine, same with curl.
Any other options?
WuFoo got back to me. It wasn't the " it was actually the encoding of the + sign. I replaced with spaces and it worked.

Error while generating access_token using Ebay 's REST API - Python requests

I'm trying to use the ebay REST-API for the first. I am simply trying to generate an access_token using the client credentials grant-request. I followed the instructions here https://developer.ebay.com/api-docs/static/oauth-client-credentials-grant.html
HTTP method: POST
URL (Sandbox): https://api.sandbox.ebay.com/identity/v1/oauth2/token
HTTP headers:
Content-Type = application/x-www-form-urlencoded
Authorization = Basic <B64-encoded_oauth_credentials>
Request body (wrapped for readability):
grant_type=client_credentials&
redirect_uri=<RuName-value>&
scope=https://api.ebay.com/oauth/api_scope
I'm getting this error: {'error': 'invalid_client', 'error_description': 'client authentication failed'} and my code looks like this:
path = 'https://api.sandbox.ebay.com/'
app_json = 'application/json'
headers = {
'Content-Type': 'application/x-www-form-urlencoded',
'Authorization': base64.b64encode(b'Basic CLIENT_ID:CLIENT_SECRET')
}
payload = 'grant_type=client_credentials&redirect_uri=Searchez&scope=https://api.ebay.com/oauth/api_scope'
def get_oath_token():
url = 'https://api.sandbox.ebay.com/identity/v1/oauth2/token'
r = requests.post(url, headers=headers, data=payload)
print(r.json())
get_oath_token()
What do I have configured incorrectly? Thanks.
You're base64encoding "Basic " and shouldn't be.
The doc says just encode your Client ID + ":" + Client Secret, and leave the word "Basic" and the space that follows it alone.
In your code, i can see sandbox endpoint URI but in the request body scope, you have used production URL, instead of sandbox

how to set basic authorization header for GET service in sapui5?

Can I get a sample code to set basic authorization as header along with other headers ( like x-csrf-token : fetch) in eclipse ?
You can do something like this with jQuery (which is of course included with UI5) for basic authentication:
function ajaxBeforeSend(xhr) {
xhr.setRequestHeader("Authorization", "Basic " + btoa(user + ":" + password));
}
$.ajax({
type: "GET",
url: url,
dataType: "json",
beforeSend: function(xhr) {
ajaxBeforeSend(xhr);
}
}).done(function(data) { /* do something */ }
This is what I've used in some developments and it works well. You can set other headers this way as well.
See http://www.w3schools.com/jsref/met_win_btoa.asp for details on btoa() which base64 encodes the user:pass string.
Your question says: "in eclipse". I don't know what that means as the javascript will work regardless of what editor you use.
Here's the jQuery doco which describes the method used above: http://api.jquery.com/jQuery.ajax/.
(Watch out for CORS issues if service is not on the same host as your app. For CORS I find you also need to add xhr.withCredentials = true; inside the above ajaxBeforeSend() function.)