I am integrating online payments to a web app. To do this I am using the SumUp API. It takes simple http requests. Here is the part of the documentation I am working with: https://developer.sumup.com/docs/single-payment/
My initial request for an access token from the API works fine. But issues arise when creating a checkout resource. I have checked many times and my JSON appears to be correct. The values all appear fine too. However when I run the code the SumUp server returns me this:
Request failed for https://api.sumup.com returned code 400. Truncated server response: {"error":"Unexpected token a in JSON at position 0"}
Here is my code:
var pay_headers = {
"Authorization": `Bearer ${access_token}`,
"Content-Type": "application/json"
};
var pay_details = {
"checkout_reference": "SH8Q0B5C", //random string of letters and numbers
"amount":10,
"currency":"GBP",
"pay_to_email": "docuser#sumup.com",
"description":"Sample one-time payment"
};
var pay_options = {
"method": "post",
"headers": pay_headers,
"payload": pay_details
};
var pay_response = UrlFetchApp.fetch("https://api.sumup.com/v0.1/checkouts",pay_options).getContentText();
Is there something wrong with this? I would appreciate any help as this has been a problematic issue. Thanks
The final 403 error here is due to a poorly documented requirement on the Sumup API. Basically you have to request that your account (whether test or live) is granted scope for the payments part of the API.
If you don't have this you can get an access token but will then be served a 403 error when creating a Checkout.
Save yourself some time and follow this: (I didn't)
https://github.com/sumup/sumup-ecom-php-sdk/issues/24
i.e. email integration#sumup.com
API docs:
https://developer.sumup.com/docs/authorization/#authorization-scopes
When I saw your provided document, the sample curl is as follows. Ref
curl -X POST \
https://api.sumup.com/v0.1/checkouts \
-H 'Authorization: Bearer 565e2d19cef68203170ddadb952141326d14e03f4ccbd46daa079c26c910a864' \
-H 'Content-Type: application/json' \
-d '{
"checkout_reference": "CO746453",
"amount": 10,
"currency": "EUR",
"pay_to_email": "docuser#sumup.com",
"description": "Sample one-time payment"
}'
If this curl command is converted to Google Apps Script, how about modifying your script as follows?
From:
"payload": pay_details
To:
"payload": JSON.stringify(pay_details)
Note:
When the above modification is reflected to your script, when an error occurs, can you provide the error message?
Added:
When above modification is reflected to your script, the request is the same with the sample curl command. From your following reply,
The thing is with the previous API request made in the script (the one that fetches the access token) the payload works fine without using stringify. I did try it for this payload however and it gave me a 403 forbidden. Here is the error message: Exception: Request failed for https://api.sumup.com returned code 403. Truncated server response: {"error_message":"request_not_allowed","error_code":"FORBIDDEN","status_code":403}. This error can be replicated by removing various other parts of the request too so I'm not sure whether it is beneficial to use stringify...
If your access token and your request body are valid values, from 403 of the status code, I'm worried that in your situation, the access from Google side might not be able to be done.
Reference:
403 Forbidden
Related
I am trying to exchange a Salesforce Marketing Cloud (SFMC) authorization_code for an access_token per the docs here: https://developer.salesforce.com/docs/atlas.en-us.mc-app-development.meta/mc-app-development/access-token-app.htm
curl https://{my_subdomain}.auth.marketingcloudapis.com/v2/token \
--request POST \
--header "Content-Type: application/json" \
--data '{"grant_type": "authorization_code", "code": "{{my_code}}", "client_id": "{{my_client_id}}", "redirect_uri": "https://127.0.0.1:80/", “client_secret: “{{my_client_secret}}”, "scope": "audiences_read list_and_subscribers_write offline"}'
Yet it continually gives me the following error:
{"documentation":"https://developer.salesforce.com/docs/atlas.en-us.mc-apis.meta/mc-apis/error-handling.htm","errorcode":0,"message":"Bad Request"}%
I have no idea where I am going wrong, any help is appreciated.
I was seeing "correct" errors when I was using an expired code and when my client_id and/or client_secret were wrong, but nothing after I pasted in the correct values. Perhaps it is my scopes?
According to the docs linked in the error code, The token was not found in the request, or it is invalid or expired.. This is the only error code that has customcode == 0. It is strange since I am trying to get a token, not pass one in, and that error code is associated with a 401, which may or may not be what I am receiving back.
It turns out my client_secret in my data was using the incorrect double quote. It was a slanted double-quote. I discovered this when I tried using Python3 instead of cURL and was converting my JSON above into JSON to pass to the requests library. I was able to successfully get a token.
So the answer is, the above is correct, just watch your encodings!
I'm sending two post requests using the REST API: http://localhost:8111/app/rest/buildQueue but my second request fails with
403 Forbidden: Responding with 403 status code due to failed CSRF check: no "Origin" header is present and no authentication provided with the request, consider adding "Origin: http://localhost:8111" header.
I'm wondering why is this happening since if I run the build in the UI and change the params ex. build1 has %version=2% and build2 has %version=3% it will run parallel with each other running on different available agents.
Here's my json request:
REST API endpoint: http://localhost:8111/app/rest/buildQueue
JSON body:
{
"branchName": "master",
"buildType": {
"id": "DockerBuild",
"projectId": "Test"
},
"properties": {
"property": [
{
"name": "DOCKER_IMAGE_NAME",
"value": "test-3"
},
{
"name": "SNAPSHOT_DEPENDENCY_VERSION",
"value": "0.6"
}
]
}
}
Am I missing a parameter to be able to run builds in parallel with each other?
When you face problems regarding CSRF protection in TeamCity (for example, you get the "Responding with 403 status code due to failed CSRF check" response from the server), you can follow these steps:
If you use a reverse proxy, make sure you correctly configure Host/Origin headers, as described above. In the meantime, you may want to add the public URL of your server to CORS-enabled origins.
You can temporary disable CSRF protection at all by setting the teamcity.csrf.origin.check.enabled=logOnly internal property.
Information about failed CSRF attempts are logged into TeamCity/logs/teamcity-auth.log files. For more detailed diagnostics of the requests, enable debug-auth logging preset.
Try pass in the request header -H 'Origin: http://localhost:8111'
Maybe this can be useful for someone, I got the same error with a single POST using Postman:
403 Forbidden: Responding with 403 status code due to failed CSRF check: no "Origin" header is present and no authentication provided with the request, consider adding "Origin: http://teamcity:20011" header.
So I followed the recommendation of the error message, and in Header I added "Origin" with the value "http://teamcity:20011" and that fixed the issue. BTW, in Authorization I selected "Bearer Token" and I pasted the token generated previously through TeamCity. This is the call:
http://teamcity:20011/app/rest/buildQueue
I was just testing how to trigger a build using the API and it worked successfully. Now the following step is to implement this call using JavaScript.
Request a CSRF header with the appropriate request:
https://teamcity/authenticationTest.html?csrf
and set it in the "X-TC-CSRF-TOKEN" header of your POST request
If you specify an Access Token to the request header like Authorization: Bearer ..., you don't need to specify a CSRF token, and what you should actually check is if you're not sending Cookies.
This is from the developer in JetBrains:
If you're using a token-based authentication, there should be no need to provide CSRF token header and obtain it with authenticationTest.html call.
In this scenario, it is expected that there are no session Cookies in the HTTP request (otherwise, TeamCity will try to find a token).
I.e. basically, you should be able to do the HTTP call in no-session way by providing the Authorization: Bearer {{token}} header only.
https://youtrack.jetbrains.com/issue/TW-69566/Flaky-builds-with-CSRF-Header-X-TC-CSRF-Token-does-not-match-CSRF-session-value#focus=Comments-27-4644138.0-0
Well, the error and the documentation don't seem to explain this, though...
I would love some insight or pointers into what might be causing this DNS error that I'm encountering. Here's what I'm trying to accomplish:
I would like to pull data from JIRA using their API and have the data placed into a precreated Google Sheet
I can currently connect to our JIRA environment using a curl command and base 64 encoding via the Mac Terminal
curl -D- -X GET -H "Authorization: Basic dXNlcm5hbWU6cGFzc3dvcmQ=” -H "Content-Type: application/json" "https://jira.ourworkdomain.com/rest/api/2/issue/XXX-1000”
I've tried recreating something very similar in a Google Sheet script. It looks like the following:
function connectToJira() {
var encCred = "dXNlcm5hbWU6cGFzc3dvcmQ=";
var url = "https://jira.ourworkdomain.com/rest/api/2/issue/XXX-1000";
var options = {
"content-type": "application/json",
"headers": {"Authorization": "Basic "+encCred},
"muteHttpExceptions" : true
};
var response = UrlFetchApp.fetch(url, options);
Browser.msgBox(response.getContentText());
}
When I run the script in debug mode it highlights...
var response = UrlFetchApp.fetch(url, options);
... and gives me the following error:
DNS error: https://jira.ourworkdomain.com/rest/api/2/issue/XXX-1000
(line 12, file "Code") Dismiss
When I expand all the variables I can see that "response" comes back as undefined.
Any ideas or leads on how I can overcome this issue? There may be a simple step I'm missing some place that I just don't know about it or just a lack of understanding on my part. Thanks!
Is https://jira.ourworkdomain.com accessible publicly on the Internet?
If not, this will not work. The URL Fetch service makes requests from Google public IP addresses to the public Internet.
From the URLFetchApp class documentation:
This service allows scripts to communicate with other applications or
access other resources on the web by fetching URLs.
...
Requests made
using this service originate from a set pool of IP ranges. You can
look up the full list of IP addresses if you need to whitelist or
approve these requests.
I have Miniflux running on an Amazon EC2 instance which I intend to use for my Android application. According to the Miniflux documentation here I should be able to get a JSON response with this URL endpoint:
www.mydomain/miniflux/jsonrpc.php
which in my case is:
{
"jsonrpc":"2.0",
"id":null,
"error":{
"code":-32700,
"message":"Parse error"
}
}
To get more information in JSON format I need to pass in more arguments but the Miniflux documentation does not explain how. The OpenWeatherMap API on the other hand, has a guide on how the URL endpoint may be used with the API key. Any advice on this matter will be greatly appreciated.
first go to miniflix preferences and pick your JSON-RPC URL. it must be something like: API endpoint: https://username.miniflux.net/jsonrpc.php.
there also you will get:
API username: username
API token: swB3/nSo1CB1X2F (example)
type the end point url into your rest client application or chrome extension like postman.
on postman use HTTP Basic Authentication. means put the your login user name in the usename field, api token in the poassword filed then click on Refresh headers button.
chose post method (as all miniflux jsonrpc calls are post) then navigate to "row" tab and write your query like:
{"url": "http://images.apple.com/main/rss/hotnews/hotnews.rss"}, "id": 1}
then you will see the json response.
if you want to use curl it is simple also.
curl \
-u "demo:swB3/nSo1CB1X2F" \
-d '{"jsonrpc": "2.0", "method": "feed.create", "params": {"url": "http://images.apple.com/main/rss/hotnews/hotnews.rss"}, "id": 1}' \
https://demo.miniflux.net/jsonrpc.php
I suggest you to spend sometime reading their JsonRPC code then you will come to understand all the miniflux api calls, response and how it works.
Assuming, for example, your miniflux API reports the following parameters:
API username: username
API endpoint: https://username.miniflux.net/jsonrpc.php
API token: swB3/nSo1CB1X2F
Lift the API method you want from direct the curl -d statements in the miniflux documentation. E.g., for the method to list all feeds (for the sake of convenience, calling it 'payload'):
payload = {"jsonrpc": "2.0", "method": "feed.list", "id": 1}
Assemble a python equivalent of curl's -u command from the username and token API parameters:
auth=('username', 'swB3/nSo1CB1X2F')
Import python's request and json modules and use them to query the miniflux API. The assembled request statement is equivalent to the curl command given in the miniflux documentation:
response = requests.post('https://username.miniflux.net/jsonrpc.php', auth=auth, data=json.dumps(payload), headers=headers).json()
using python3
I would like to create HTTP GET request to REST API using the curl tool that comes with the Cloud Foundry command line interface (cf). The content/format of the request is described here, under "Retrieving a list of all currently deployed models:" subtitle. In short, the description gives me the url that I can make the request to, it also gives me the following "request example":
Content-Type: */*
Parameters:
Query Parameters:
accesskey: access_key from env.VCAP_SERVICES
I know how to retrieve all necessary parameters (i.e. the access keys, etc). The problem is that I am not sure how to interpret the above "request example" (is it header or body of the request?) and how to create curl command that will properly send the request.
I want to briefly describe what I have tried so far. When I try:
cf curl -X GET "http://{my_url}/model?accesskey={my_access_key}"
I always get the following response:
{
"code": 10000,
"description": "Unknown request",
"error_code": "CF-NotFound"
}
, when I try:
cf curl -X 'GET' http://{my_url}/model?accesskey={my_access_key}
, I think I actually get a response from the server:
<html>
<head><title>400 Bad Request</title></head>
<body bgcolor="white">
<center><h1>400 Bad Request</h1></center>
<hr><center>nginx</center>
</body>
</html>
Whenerver I try to use just "normal" curl (not the one that comes with the cf command line interface) the Bluemix Predictive Modeling service doesn't respond at all - the connection always times out. I'm not sure why, since Bluemix documentation says that any programming language can be used to make the REST API calls. In the future I would also like to use POST requests - an explanation of how to make one would be very helpful too.
Any help will be greatly appreciated.
You first need to "bind" an instance of the Predictive Model service to an app. When you have done it, you will have a "Show credentials" link below the app widget in your Bluemix dashboard. Click "Show credentials", and you will see a JSON object (which happens to be the VCAP_SERVICES value that Bluemix sets as environment variable for your app), for example:
{
"pm-20": [
{
"name": "Predictive Modeling-i6",
"label": "pm-20",
"plan": "free",
"credentials": {
"url": "https://ibmpmsrvus1.pmservice.ibmcloud.com:8443/pm/v1",
"access_key": "xxxyyyzzz"
}
}
]
}
(I have just removed my own credentials).
Finally for the Curl command, use the "url" above as root of your API, and add a query parameter "?accesskey=xxxyyyzzz" (whatever credentials you have on your own) to all API calls. For example, I add /model to my URL to query my list of models (none created):
curl -X GET "https://ibmpmsrvus1.pmservice.ibmcloud.com:8443/pm/v1/model?accesskey=xxxyyyzzz"
which returns
[]
(as I have not created any models). Note that you will likely need to quote the URL, since the access key contains characters that may mess up your shell command.
I explicitly used "-X GET": You will want to do "-X PUT" in some commands (PUT HTTP method), and most likely you can use "-d #" to upload a file as form data payload:
curl -X PUT -d #mymodelfile "https://..."