Atlassian STASH REST API 401 - rest

I'm trying to use the Stash REST API in order to get a list of all open pull requests using the URI https://stash.myserver.com/stash/rest/api/1.0/projects/TEST/repos/testrepo
But I always get a 401 Unauthorized with the following content:
{"errors":[{"context":null,"message":"You are not permitted to access this resource","exceptionName":"com.atlassian.stash.exception.AuthorisationException"}]}
I use HTTP Basic Auth and the user definitely has proper permission to the repository. It also works if I open the REST URL in the browser while I'm logged in or when I use the JSESSIONID-Cookie.
Is it possible that I need to enable basic auth in Stash? I couldn't find such an option in the admin settings.

Related

Jenkins Embeddable Build Status plugin gets redirected due to SSO

I'm trying to add Jenkins build status using the Embeddable Build Status plugin onto Github README.md file. I have SSO for Github and Jenkins and I assumed it will have the login info in the browser cookies or wherever it stored that info but looks like it doesn't work that way (The same URL works and picks up SSO info and doesn't prompt me when I open it from a browser. It just doesn't like Github pulling that info)
I see a 302 redirect on the Jenkins status badge link that is getting redirected to the SSO page and is expecting JS to be enabled for it to work which isn't possible on a Github README.md page (Even if that was possible I would not see a login prompt)
The console has a warning for this redirected URL request as Cross-Origin Read Blocking (CORB) blocked cross-origin response <the-URL> with MIME type text/html. See https://www.chromestatus.com/feature/5629709824032768 for more details.
I also set the Jenkins config to ViewStatus for anonymous uses based on JENKINS-17798 and I'm using the unprotected link but it still needs SSO
Is there a way I can fix this?
Read this first. Cors-Filter Plugin for Jenkins.
Before you go debugging. First make sure that CORS is enabled for the Jenkins instance. You can go to configure system in jenkins and then to CORS Filter:
A very short summary.
Access-Control-Allow-Origins - List domains that may access the jenkins url.
Access-Control-Allow-Headers - Headers that can be used to make actual request
Access-Control-Expose-Headers - List of headers browser are allowed to access.
Whenever one tries to go authenticating from one domain to another it usually gets redirected in jenkins if CORS Filter is not active. So try this first.

Why does the PayPal API not recognize my client id and secret

The Paypal API doesn't recognize my Client ID and Secret I got from https://developer.paypal.com/developer/applications/
I wanted to include a server side checkout according to this tutorial https://developer.paypal.com/docs/archive/checkout/how-to/server-integration/
When I do the request to https://api-m.paypal.com/v1/payments/payment I always get a 401 Error with the message "Authentication failed due to invalid authentication credentials or a missing Authorization header.".
I checked multiple times if my credentials were correctly included into the request. I also tested the endpoint in my server environment and as well via Postman.
I also tried the route https://api-m.sandbox.paypal.com/v1/oauth2/token to exchange my credentials with an access token and got the same problem.
I also tried to create multiple Sandbox and Live Accounts and always got the same error.
Has anyone an idea what the problem could be?
There are two separate issues here.
You first need to use /v1/oauth2/token to obtain an access token, and then use that access token to call any of the other actual APIs.
The credentials you obtain from PayPal Developer will be for either "Sandbox", or "Live". Make sure you choose the correct tab (sandbox, for development). Sandbox credentials will only work for api-m.sandbox.paypal.com , and Live credentials will only work for api-m.paypal.com . The two environments are completely separate.
If you still have issues, post the SANDBOX client ID and secret you are using, and the full request and response to the api-m.sandbox.paypal.com endpoint. There should be a PayPal-Debug-Id in any error response, in the headers if nowhere else.

IBM Weather REST API 401 Keep getting CORS issues when access

I am getting a 401 and some cross domain issues when trying to access IBM Weather REST API from either client (browser) or server.
If I generate a URL and try and access it directly from a browser (eg paste it in it works fine and the JSON weather report is returned).
When I try and run the Javascript HTTP request from either the browser or server it seems like it's only allowed to run from an ibm.com domain.
Failed to load https://twcservice.au-syd.mybluemix.net/api/weather/v1/geocode/-33.00/151.00/forecast/daily/7day.json?units=m&language=en-US: The 'Access-Control-Allow-Origin' header contains multiple values 'https://*.ibm.com, https://*.ibmcloud.com', but only one is allowed. Origin 'http://localhost:3000' is therefore not allowed access.
I am using the free service on Bluemix. Is this restricted to only run via a Bluemix server? or are there some options I can pass when I create the service on Bluemix
Note, when I make the request I am using the credentials supplied via the Bluemix console. Again, this works via the browser URL bar, but not via code.
Update/More info: if I hit past the URL above into the browser (with creds) it works as above, then if hit it via the web app in the same session it works.
Hmmm. So the IBM server is sending the following response header:
Access-Control-Allow-Origin: https://*.ibm.com, https://*.ibmcloud.com
That's an invalid response from IBM. Unfortunately, I think your only option is to complain to IBM, and convince them to
Return a valid Access-Control-Allow-Origin response header (with only one value)
Allow people outside of IBM to access it
Without that, I fear you're out of luck.

Loopback and passport - AccessToken 401 Permission denied

I'm trying to see how to use loopback-passport. So I clone this repo: loopback-example-passport and got it working with Facebook and local login. However, if I go to the API explorer and try to GET some users, or my own accessToken, I always get 401-permision denied.
What I am doing is this:
Open up the example application
Log in using Facebook Provider
Get the token stored in local-storage and set it in the API explorer
Make a request
So in the API explorer I'm using the same access token I got from the Facebook provider. What I'm I doing wrong here?
Thanks!

How to post an issue on GitHub with GitHub API

I'm trying to post an issue on GitHub with the GitHub API.
I looked at the API documentation,
https://developer.github.com/v3/issues/#create-an-issue
but I can't figure out where the account information should go in the request body.
How should I authenticate this request?
You can see example of scripts posting issues in:
"'mapserver-trac-importer" (authentication github_post, with user/password)
"simple basic-auth node github api" (authentication here, with user/password)
".bashrc" (authentication in curl, with oauth)
As described in API V3 authentication, you can either user username/password, or an oauth token.
Note that if you have activated the 2FA (2 Form Authentication), you will need an oauth token.
I prefer oauth anyway, because you can revoke the token at any time (token that you can create just for this script), without having the hassle to change your password (which you could use in multiple other instances).