I am working on a project in which I have to get existing Jira issues for a specific user. I have implemented the Jira REST API exactly how they show it on Baeldung.com but I have not found any api to get all issues for a user without having to use an ID.
The client library you mentioned from the article doesn't provide any method for retrieval of all the issues. You need to call search REST api directly which uses jql.
https://developer.atlassian.com/server/jira/platform/jira-rest-api-examples/#searching-for-issues-examples
There is parameter jql where you can query for a user
jpql=assignee%20%3D%20557058%3Ac64112ec-589f-4b56-8bb6-9eea49e26364
The string after jpql= must be url encoded
Related
When I try to fetch the list of tables present in a particular dataset I get this error. I was unable to find any solution online. Any ideas?
The problem is I was able to use this method last month. There are no changes to the code and to the environment. I'm not able to understand why it has suddenly stopped working.
com.google.appengine.api.appidentity.AppIdentityServiceFailureException
at com.google.appengine.api.appidentity.AppIdentityServiceImpl.getAccessToken(AppIdentityServiceImpl.java:290)
at com.google.api.client.googleapis.extensions.appengine.auth.oauth2.AppIdentityCredential.intercept(AppIdentityCredential.java:100)
at com.google.api.client.googleapis.extensions.appengine.auth.oauth2.AppIdentityCredential$AppEngineCredentialWrapper.intercept(AppIdentityCredential.java:245)
at com.google.api.client.http.HttpRequest.execute(HttpRequest.java:897)
at com.google.api.client.googleapis.services.AbstractGoogleClientRequest.executeUnparsed(AbstractGoogleClientRequest.java:499)
at com.google.api.client.googleapis.services.AbstractGoogleClientRequest.executeUnparsed(AbstractGoogleClientRequest.java:432)
at com.google.api.client.googleapis.services.AbstractGoogleClientRequest.execute(AbstractGoogleClientRequest.java:549)```
As mentioned in the documentation AppIdentityService (Google App Engine API for Java):
getAccessToken(java.lang.Iterable scopes) OAuth2 access token to act on behalf of the application.
This clarifies that the method getAccessToken() is needed to use in the authentication, as it's using OAuth2, that requires further authentication.
In the below documentation, there is more information on how to use the method on your application and confirm that the token will be sent and received in your system.
Asserting identity to Google APIs
Let me know if the information helped you!
How to find the correct json schema to post to the magento endpoint and create an account?
Am able to create account only from the front end, I need to be able to do from the backend using curl or Postman.
http://{ipaddress}/index.php/customer/account/create/
This is an external api , i need to consume.
I want to post to this end point from java, however am not able to find the correct request schema of the json endpoint.
Any help to find the swagger end point or schema would be great
I am assuming you are talking about magento 1? Have you tried the REST API by chance? It's well written out on how you should make a call to it here.
If you need more functionality than just creating an account, you can also take a look at the SOAP API which handles more things, but does not support JSON from the box. They did implement the WS-I complaint mode to support Java calls, so maybe that's something you'd be interested in as well.
Good luck!
I created endpoint apis but problem is anyone with my project id can go to api explorer and execute those apis. I have put only android client id (using debug keystore) on top of endpoint class declaration but still I can go to incognito mode and execute the apis. How can I restrict the apis so that only my android apps have access and all others will be thrown with some exception?
The APIs can be protected by adding a key parameter that has to be correct for API to be invoked. If the user of the API does not know the key, he won't be able to use the API even with API Explorer.
Advantages of this approach is that it is simple to do, allow you yourself to experiment with the API if you need.
Disadvantages include being very easy to circumvent by a determined user, just by looking at the traffic.
You need to make sure that you have coded your API/backend correctly to only accept the clientId for your app; make sure that you do not see com.google.api.server.spi.Constant.API_EXPLORER_CLIENT_ID as one of the clientIds in your #Api annotation on the API class:
#Api(
name = "myApi",
version = "v1",
clientIds = {<your android clientId>},
)
public class myApi {
// your API code here
}
If the API Explorer client ID is present, it will allow it to execute your API from the API. I am not 100% sure, but I think you may still see your API form the explorer without the client ID, but execution will be prevented with an error.
This article has more info: https://cloud.google.com/appengine/docs/java/endpoints/auth#Specifying_authorized_clients_in_the_API_backend
You may want to think about putting proper auth around the endpoint calls (i.e. per-user auth checks around each method) if it is particularly sensitive. Just adding a User parameter to the #ApiMethod should be enough for force users to auth before executing each method.
Hope that helps.
You can use on each api allowed_client_ids to be ANDROID_CLIENT_ID only, can be a possible workaround.
I think this could help if you haven't followed it yet : https://cloud.google.com/appengine/docs/python/endpoints/auth#Python_Creating_OAuth_20_client_IDs
Use symmetric key cryptography along with digital signatures for this. However, you'll need to share the key with the Android app first.
Here's how it would work.
Whenever the Android app is making a network request, you take the URL & the parameters, then you Hash it and then encrypt it using the shared private key. You then append the signature as another parameter to the URL.
At the receiving end, your web API will validate whether the request came from your Android app ONLY.
Please note, that this will work ONLY for your app. It will not work as a way to catch all generic Android requests/
Here are some points for consideration :
Cloud Endpoints has been supporting the ANDROID CLIENT ID and
package signing, so that should atleast take care of the fact that
only a signed Android application from your side can access the
endpoint
.
If you wish to remove the Web Clients from access, then I would
probably look into the HTTP Headers and Agents to see if there is a
sure way of identifying these web clients.However, this would
require that you write your own Authorization logic in the method
since I do not believe that the endpoints infrastructure can take
care of this automatically for you
.
Remove access for everyone via the Annotations could be
problematic if you want a quick way to use the API Explorer to test
out the API. So do keep the API Explorer access available.
I am trying to create a Java wrapper for Vtiger REST API. I want to avoid the use of vtwsclib library because I could not find its Maven artifact. I want to use Spring RestTemplate. Actually, I don't understand why I need some special library to access REST API of a webservice.
First a got into problem with login process. Even when I followed the instructions from this link, I was not be able to retrieve sessionName. Finally, I resolved it after some research of vtwsclib library.
Next problem is with the retrieve operation. Even when I had sessionName and tried to retrieve some object by id with request (a ticket I can see in client app)
GET .../webservice.php?operation=retrieve&sessionName=xxxxx&id=xxxxx
I got:
{"success":false,"error":{"code":"ACCESS_DENIED","message":"Permission to perform the operation is denied for id"}}
Last problem is documentation, even when I visited their wiki Vtiger WIKI I could not find attributes of Ticket entity to create fields map.
So the work with this API is a bit painful for me. My questions are:
Is there some tutorial how to obtain sessionName using only Spring RestTemplate?
Why retrieve operation failed? update: bad id format
This is the main question. Is there some better documentation (tutorial, blog, file, ect.) for Vtiger REST API and descriptions of objects like Ticket?
I am also using Spring RestTemplate for Vtiger rest api.
For Retrieving details of record using REST API we need to pass id as moduleId x recordID (2x1234) format, otherwise it will give ACCESS_DENIED Error
We're using the SecureSocial module to authenticate users with the LinkedIn API https://github.com/jaliss/securesocial. This works well, and the user is authorized. However, we want to populate the user profile with information from LinkedIn afterwars, and I don't know how to properly make that API call.
We have the access token (containing the oauth_token and oauth_secret), but I'm not sure how to use these fields in the next call. According to the LinkedIn API docs, I need the following fields to make another successful call to the API: oauth_consumer_key, oauth_token, oauth_signature_method, oauth_signature, oauth_timestamp and oauth_nonce. I don't know how to get access to, or generate, these values. I tried using this URL: "http://api.linkedin.com/v1/people/~?&" to no avail.
We're using Play! Framework 2.0.2 and Java.
Any help would be greatly appreciated!
Have you already looked at the SecureSocial source code for the LinkedIn provider?
Even if it is Scala, I think it is possible to write a Java class based on it.