I have an application for which I have recorded Jmeter scripts to conduct load testing. Authorization happens via Azure AD.
I have co-related the auth-related such as access tokens, refresh tokens and id tokens that are generated dynamically and also parameterized them in a request that is responsible for calling the API and which would probably require those tokens to authorize the call to the API.
However, I get an error:-
java.net.URISyntaxException: Illegal character in query at index 98:
at java.base/java.net.URI$Parser.fail(URI.java:2938)
at java.base/java.net.URI$Parser.checkChars(URI.java:3109)
at java.base/java.net.URI$Parser.parseHierarchical(URI.java:3197)
at java.base/java.net.URI$Parser.parse(URI.java:3139)
at java.base/java.net.URI.<init>(URI.java:623)
at java.base/java.net.URL.toURI(URL.java:1063)
at org.apache.jmeter.protocol.http.sampler.HTTPHC4Impl.sample(HTTPHC4Impl.java:615)
at org.apache.jmeter.protocol.http.sampler.HTTPSamplerProxy.sample(HTTPSamplerProxy.java:66)
at org.apache.jmeter.protocol.http.sampler.HTTPSamplerBase.sample(HTTPSamplerBase.java:1281)
at org.apache.jmeter.protocol.http.sampler.HTTPSamplerBase.sample(HTTPSamplerBase.java:1270)
at org.apache.jmeter.threads.JMeterThread.doSampling(JMeterThread.java:630)
at org.apache.jmeter.threads.JMeterThread.executeSamplePackage(JMeterThread.java:558)
at org.apache.jmeter.threads.JMeterThread.processSampler(JMeterThread.java:489)
at org.apache.jmeter.threads.JMeterThread.run(JMeterThread.java:256)
at java.base/java.lang.Thread.run(Thread.java:832)
I am not sure where I am going wrong. I have co-related 3 dynamic tokens which are generated as part of the auth token request.
Screenshots in the below link:-
Regular Expression Extractor
Setting parameters
Error on Jmeter
I faced this issue. What I did wrong, was that I did not put the "$" sign before the parameters in the URL.
How I resolved the issue:
When I got the exception, I counted the characters in the URL till the index (given in the exception) which made me realize that something is wrong with the given index, then I checked the tutorial which I was following, and Hoorah! the issue has been found.
Example Image
I believe these "tokens" should go into the HTTP Header Manager as placing them as request parameters adds them to the request URL.
If your application expects the tokens to be a part of the URL (which is kind of strange) then you either need to tick the URL Encode? boxes or wrap the values which can contain the characters requiring encoding into __urlencode() function
Related
I'm trying to create a GET call in Java on an API with a path variable containing an illegal character.
GET http://api.example.com/key/foo<bar
The path contains the character <. The HTTP client encodes it as %3C but I need to keep it as <, because API server don't decode it.
I have to do this call, and the API provider doesn't want to change anything to be more compliant.
Calling the GET request with illegal character works with Postman.
I'm trying to do it in Java now.
I've tried with Feign, HttpClient, WebClient and OkHttp, I don't find a way to do it.
Do you know a Java Http client that will allow me to do it ? Or the proper encoding option for the clients above ?
I've tried to create a RequestInterceptor with Feign to update uri, but it works only for some characters, as defined in RFC 6570, but not for <, which is re-replaced with %3C after my replacement.
Thanks
Been reading StackOverflow for a long time, and though I have seen people get this error, I am lost on how they resolved it. I am getting
an Unexpected character ('<' (code 60)): expected a valid value (number, String, array, object, 'true', 'false', or 'null') at [Source: <!doctype html>HTTP Status [401] [Unauthorized]h1 ... Status Report Message: Authorization Required. The request has not been applied because it lacks valid authentication credentials for the target resource.
I am getting this particular error when I am executing the following:
Json j = new JsonObject();
json.readTemplateString(rep.toString());
where it's getting the response from:
HttpResponse rep = connector.httpGet(url, "", headers);
The Json portion of the code must be taking in an xml file.
This depends a lot on "where" you are making the call from, and what url you are trying to reach. Depending on the source and destination of the connection, you may be required to provide either authentication credentials or a proxy configuration.
If you're executing this code when connected to a VPN for a company, you'll likely need to set a proxy configuration in order for the connection to work.
On the other hand, the url you're trying to connect to might require basic auth credentials. I have no idea what you're trying to connect to, so it's hard to tell whether that's the case.
When I try to deploy a VM using the deployVirtualMachine API of Apache CloudStack 4.6.0, it works fine without custom options. When I want to deploy a VM with custom cpuSpeed, vCPU and memory, it throw the error given below.
Platform : CloudStack 4.6.0.
ERROR : "unable to verify user credentials and/or request signature"
Given below the request to CloudStack WITHOUT custom offering through application (working):
apiKey=lGMCRQI6maiFCDsKuZAHI63u1upxCrUnNrWbXAnUZZE_qyEv7ozK_yNzYvNfXgX5x5mRcedIKynzSyLA5hf8yg&command=deployVirtualMachine&displayname=admin&displayvm=true&domainid=3776269a-949d-11e5-b907-e06995a35804&keyboard=us&name=priya&networkids=7efa5852-7e1f-4a26-9351-00f9d863aa3e&projectid=527ebed8-23f6-4c9f-9ee0-05926b035b1e&response=json&serviceofferingid=cb9fe060-1870-4bd0-8c0e-3980107acce6&templateid=96e753af-5e1a-4bf9-a28a-9f609ee06202&zoneid=af3ed220-7e36-4459-a6ea-9587a18246c0&signature=FU4xL%2FdGsYoihfWdvT%2FPrwwzthQ%3D
And Given below the request to CloudStack WITH custom offering through application (Not Working):
apiKey=lGMCRQI6maiFCDsKuZAHI63u1upxCrUnNrWbXAnUZZE_qyEv7ozK_yNzYvNfXgX5x5mRcedIKynzSyLA5hf8yg&command=deployVirtualMachine&details%5B0%5D.cpuNumber=3&details%5B0%5D.cpuSpeed=1500&details%5B0%5D.memory=512&hypervisor=KVM&iptonetworklist%5B0%5D.networkid=7efa5852-7e1f-4a26-9351-00f9d863aa3e&response=json&serviceofferingid=a1613485-8cdf-4d84-8b97-8c2695128a2f&templateid=37acb430-949d-11e5-b907-e06995a35804&zoneid=af3ed220-7e36-4459-a6ea-9587a18246c0&signature=FU4xL%2FdGsYoihfWdvT%2FPrwwzthQ%3D
Returned Error : "unable to verify user credentials and/or request signature"
Values are mapped same as CloudStack command string formation.
It generates same signature for both. Noticed difference in CloudStack is cpuSpeed and cpuNumber. In both Speed and Number, first letter in upper case. During signature generation we will convert all the values to lower case.
Mathar!
I believe you have mistakenly used the previous signature in the second request, as the HMAC1 signature could not be the same with different parameters. In any case details[0].xxx should influence final signature
You can use this manual to generate signature for every API call (Python).
In short the algorithm is as following:
Get list of all request parameters
URL Encode parameters and values
Create a param string which looks like param1=foo¶m2=bar¶m3=foobar ( from the request )
Get hash of this string using HMAC1 algorithm
Encode the result string using Base64 encoding
Add the resulted string to the end of request +'&signature=RESULTSIGNATURESTRING'
I have been trying for months to get access to a certain api (which has almost no documentation) to work using signpost. The api has oauth 2.0 authentication. The problem is that I have never used oauth before. But I have spent a long time reseaching so I think I have a functional understanding of how it works. I thought that using the handy singpost api it wouldn't be too much trouble to hack through it, but alas I have encountered a wall. The api docs are here:
https://btcjam.com/faq/api
It gives three URLs that are needed for the oauth authentication, which I am writing as java here for consistency with some code below:
String Authorization= "https://btcjam.com/oauth/authorize";
String Token ="https://btcjam.com/oauth/token";
String Applications = "https://btcjam.com/oauth/applications";
I have an application with a name, key, and secret. I also have set my callback URL to be the localhost, i.e.
http://localhost:3000/users/auth/btcjam/callback.
Now, as I am reading the signpost docs, it tells me that in order to request an access token, I need to do something like the following:
OAuthProvider provider = new DefaultOAuthProvider(
REQUEST_TOKEN_ENDPOINT_URL, ACCESS_TOKEN_ENDPOINT_URL,
AUTHORIZE_WEBSITE_URL);
String url = provider.retrieveRequestToken(consumer, CALLBACK_URL);
However, I am unsure exactly what to put for the URL's in these various spots, and I am getting errors. The problem is that The names of the URLs required above do not correspond to the URLs given. The "authorization" and "callback" URLs seem to match up nicely, but I am not sure how the URLs "REQUEST_TOKEN_ENDPOINT_URL" and "ACCESS_TOKEN_ENDPOINT_URL" required in the signpost docs correspond to the URLs given by the api docs on the serverI am trying to access. Of course, there are only two possible permutations, but when I try them both I get two different errors:
"Authorization failed (server replied with a 401). This can happen if the consumer key was not correct or the signatures did not match."
"Communication with the service provider failed: URLDecoder: Illegal hex characters in escape (%) pattern - For input string: " 1""
Could someone please help explain what might be going on here? Am I very close to getting this to work or do I have to take a bunch of steps back?
Any help is much appreciated.
Thanks,
Paul
I'm developing a program that queries and prints out open data from the local transit authority, which is returned in the form of an XML response.
Normally, when there are buses scheduled to run in the next few hours (and in other typical situations), the XML response generated by the page is handled correctly by the java.net.URLConnection.getInputStream() function, and I am able to print the individual results afterwards.
The problem is when the buses are NOT running, or when some other problem with my queries develops after it is sent to the transit authority's web server. When the authority developed their service, they came up with their own unique error response codes, which are also sent as XMLs. For example, one of these error messages might look like this:
<Error xmlns:i="http://www.w3.org/2001/XMLSchema-instance">
<Code>3005</Code>
<Message>Sorry, no stop estimates found for given values.</Message>
</Error>
(This code and similar is all that I receive from the transit authority in such situations.)
However, it appears that URLConnection.getInputStream() and some of its siblings are unable to interpret this custom code as a "valid" response that I can handle and print out as an error message. Instead, they give me a more generic HTTP/1.1 404 Not Found error. This problem cascades into my program which then prints out a java.io.FileNotFoundException error pointing to the offending input stream.
My question is therefore two-fold:
1. Is there a way to retrieve, parse, and print a custom XML-formatted error code sent by a web service using the plugins that are available in Java?
2. If the above is not possible, what other tools should I use or develop to handle such custom codes as described?
URLConnection isn't up to the job of REST, in my opinion, and if you're using getInputStream, I'm almost certain you're not handling character encoding correctly.
Check out Spring's RestTemplate - it's really easy to use (just as easy as URLConnection), powerful and flexible. You will need to change the ResponseErrorHandler, because the default one will throw an exception on 404, but it looks like you want it to carry on and parse the XML in the response.