I am currently building an ETL job in Talend Open Studio, that calls a banking API in order to retrieve customer data. The API works with OAuth 2.0. Using Postman, I can easily get an Access Token, which I then use in Talend to retrieve the customer data in JSON format. However, before I get the access token, the customer whose data I want to pull from the API, has to grant me permission for doing so. Using Postman, this is easy enough, as I get redirected to a page where the customer enters his/her credentials and then gives my App permission to pull the data:
My plan was, to setup the Talend job in a way, that this gets done automatically. My current approach is to use a tRESTClient component which calls the page on above screenshot and enters the credentials. Now there are several options with the tRESTClient component, but none of it works. First I tried to make a GET call with "Use Authentication Basic HTTP", parsing username and password of the user. That does not end with an error, but the response is just the html of the login page itself. When I try to make a POST call parsing the customer credentials to the TRESTClient component in JSON format, I am getting a 400 Bad Request. This is how my component looks in this case:
I also asked that question in the Talend Community forum, but so far no one replied to it. I dont know if I am completely off-trail here?! Any hint would be greatly appreciated, I am struggling with that task for 3 days now...
EDIT: to be more straightforward:Is it possible to perform these 2 steps in Talend alone:
Related
I was asked by a potential client if I can have my software interact with Esri/ArcGIS Online.
Use case: users is logged into SomeRandomSoftwareApp and is looking at a Widget, this Widget includes an Esri asset id, the user clicks a link that passes that ID to Esri/ArcGIS Online and behind the scenes the user is logged into Esri and they see the data associated with the Esri/ArcGIS Online.
Thanks, Keith
If I understand correctly, you have two options for this: API Keys or Application Credentials.
The first one, is a permanent token generated by the owner of the data that will allow the application easy access to it. This is still in beta, and it was not ready for use the last time I check some time ago.
The second one, the owner of the data will generate credentials for your application. With this credentials you will have to request a token each time you want to access the data, all this via OAuth 2.0.
Check the docs for more details ArcGIS Services - Security
I've read a lot of questions and look after a lot of sources, but I could not get the idea. That's because there is lot redirects happening with my application, let's see a quick look over the steps.
Step1. Login with [MyApp1]
1.1 get tokens via POST method
Step2. [Save tokens temporarily] < Stuck here.
Step3. Login with [MyApp2]
3.1 get tokens via POST method
Step4. Encrypt all tokens
4.1 Save it to MySQL Database
I do not know what is best to save the data temporarily, I looked over sessions and Redis, I am working on Node.js Web Application, HTML with a Server and MySQL Database.
Perhaps store them in the query? OAuth2 provides a state query parameter that is applied on redirect so your application can pass some information to itself after redirecting.
I am trying to get data of attendance API from zoho people in postman application .. so for this i already get access token and now i am trying to access all data ..
I tried this link and paste in get
https://www.zoho.com/people/help/api/attendance-api.html
That is the URL for the help page. (Please note that Zoho has announced they are doing away with authtokens and transitioning to OAuth). Having said that, the URL I am currently using to access an employee's attendance data looks like this:
https://www.zoho.com/people/api/attendance/getAttendanceEntries?authtoken=[YOUR AUTH TOKEN]&empId=[EMPLOYEE ID]
I want to implement JWT authentication for my project since this seems to be the most simple one out of all the authentication procedures - but I don't quite understand how an User can actually login using the JWT-auth. It would be helpful if anyone could share some reading materials or provide some insights on the workflow of the login of an user using JWT.
My own thoughts were somewhat along these lines:
The frontend sends a obtain_jwt request to the backend via drf api
The api returns a token in json format, if username and password were provided
It's from here I don't understand what needs to done going forward. Does the backend need to do anything else to complete the authentication/login process? Do I need to do anything else with DRF Permissions?
If this completes the login process, then there is something else which bugs me. For example, I have an APIView LoginView which has a post method to handle the login process. Now, does the frontend need to call the obtain_jwt function to get the function and then do another post-method to the LoginView? Or is there a way to return the json-web-token from that LoginView?
It would be really helpful if someone could answer these questions for me or provide some reading materials which would help me better understand the total workflow for this login process. Thanks.
Edit: My login process is being made to handle a facebook login - just to let the viewer know :)
It's not that complicated after its explained to you. General workflow is:
Client sends a username and password with a POST request via javascript(ajax).
DRF receives it, authenticates and return a token to the client in json format.
Client receives the token and stores it. Token is stored on the header of ajax setup, so all subsequent calls in this app have the token in the header.
Now just make regular api calls, and authetication is submitted automatically through the header that DRF reads and accepts.
See this.
I am writing end-to-end tests using Protractor for an Angular application. The application uses an API service to retrieve data from the back-end and this data is then used to populate pages in the Angular application.
I would like to utilize this API to get data to use in my jasmine tests, the tests will confirm that the back-end data is correctly and completely populated on applicable pages in the UI. I definitely DO NOT want to mock the server, I want to hit the actual server and work with the actual data from the JSON response.
My question is 2 sided; how to call the API service from my protractor tests and secondly, how to retrieve data from the JSON response from this API.
Any (detailed) information, examples you can provide as to how this can be done would be appreciated
Thanks in advance.
Protractor is used to test the ui of an application. What it does is click buttons and enter text in text boxes and wait for responses. For example if I have a login form and want to test the scenario when a user enters an email address wrong and an error message pops up. Protractor would navigate to the email field, enter an incorrect email address and then find the element that contains the error and verify the error showed up.
So as long as you have an environment setup that has a ui connected to an API service, the API service will be called as normal. Protractor will click buttons and if a button click triggers a call to the API service it will go straight to that service.
As for the JSON response access, this is probably not a good use for protractor. Protractor is used to click events and wait for responses. So if you are displaying that JSON response in some form or way protractor could verify it is displayed. For example, if you are displaying some data from the server in a table on a button click, you could have protractor click that button and verify the table has the correct values. But you would not want to verify the JSON object is as expected. That would be unit-tests on the API itself.
Hope this helps.
We have two options
Make a request by require(...) and using a request library.
This allows you to make direct HTTP Service calls, as discussed in this Stack Overflow post
Use some data from a .json file by require(...) it directly:
https://github.com/angular/protractor/issues/978#issuecomment-47250364