I am studying vertx.io web client and I am already blocked doing a simple get... Uff. Here is what I put together (I am very new at vertx.io):
private void getUserEmail(String accessToken, Handler<AsyncResult<String>> handler) {
String url = "https://graph.facebook.com/me";
HttpRequest<JsonObject> req = webClient.get(url).as(BodyCodec.jsonObject());
req.addQueryParam("access_token", accessToken);
req.addQueryParam("fields", "name,email");
MultiMap headers = req.headers();
headers.set("Accept", "application/json");
req.send(h -> {
if (h.succeeded()) {
log.info(h.result().toString());
handler.handle(new FutureFactoryImpl().succeededFuture(h.result().bodyAsString()));
} else {
log.error(h.cause());
handler.handle(new FutureFactoryImpl().failedFuture(h.cause()));
}
});
}
I think it should be enought but instead it's not. When I send request I get this error back:
io.vertx.core.json.DecodeException: Failed to decode: Unrecognized token 'Not': was expecting 'null', 'true', 'false' or NaN
at [Source: Not Found; line: 1, column: 4]
Of course if I do the same get by browser I get the expected data. I read the tutorial and examined the examples, what am I missing?
You're receiving a 404 error with the body: Not Found and the codec tries to parse it as JSON and fails. You need to verify if the request you're sending is correct.
Related
I am getting a CORS error when I try to use my HTTP Delete method.
My Frontend is Angular-ionic and my Server is a Java server. Both are self-made.
I tried to disable CORS in the Browser, by doing so I managed the Request to work and the Error to disappear. Although that's fine, my goal is to make it work every time for EVERY user.
Here is my Code with a bit of Background:
console.log('User Management Service Delete User()');
const myParams = new HttpParams().set('id', this.cookieService.get('AccessToken'));
console.log(myParams);
return this.http.delete(this.endpoint + 'users/delete', { params: myParams});
}
The code above is my FRONTEND (clientside) code. I am simply trying to delete a user.
public int serveUserDelete(HTTPServer.Request req, HTTPServer.Response resp) throws IOException {
Map<String, String> params = req.getParams();
String response;
String paramvalue;
String accessToken;
resp.getHeaders().add("Content-Type", "application/json");
resp.getHeaders().add("Access-Control-Allow-Origin", "*");
resp.getHeaders().add("Access-Control-Allow-Headers", "*");
resp.getHeaders().add("Access-Control-Allow-Credentials", "true");
resp.getHeaders().add("id", "*");
resp.getHeaders().add("Access-Control-Allow-Methods", "OPTIONS, DELETE, POST, GET, PATCH, PUT");
response = "";
//Id aus dem Parameter auslesen
if (params.containsKey("id")) {
//es gibt einen Parameter id. Suche den Wertd dazu
accessToken = params.get("id");
System.out.println(accessToken);
} else {
accessToken = null;
}
response = um.userDelete(accessToken);
resp.send(200, response);
return 0;
}
The Code above now, is my Java server.
The headers were added cause of trial and error.
Here the error I am getting:
Access to XMLHttpRequest at 'http://localhost:8080/umyServerUrl/users/delete?id=u#Yy0NZPLx%266HxYNF%23tv'
from origin 'http://localhost:8100' has been blocked by CORS policy: Response to preflight request doesn't pass access control check:
No 'Access-Control-Allow-Origin' header is present on the requested resource.
threw testing (with disabled browser cors etc.) I found out that the methods on my server work just fine.
Here you can see my "PARAMS" and the Observable of my delete Request printed in the Console:
HttpParams
{updates: Array(1),
cloneFrom: HttpParams,
encoder: HttpUrlEncodingCodec,
map: null}
cloneFrom:
nullencoder:
HttpUrlEncodingCodec {}[[Prototype]]:
Objectconstructor: class
HttpUrlEncodingCodecdecodeKey: ƒ
decodeKey(key)decodeValue: ƒ
decodeValue(value)encodeKey: ƒ
encodeKey(key)encodeValue: ƒ
encodeValue(value)[[Prototype]]:
Objectmap:
Map(1)[[Entries]]0: {"id" => Array(1)}
key: "id" value: ['hTxYusBwuB7pbUUCkW9E']size: 1[[Prototype]]:
Mapupdates: null[[Prototype]]:
Object
user-management.service.ts:35
**Oberservabel:**
Observable {_isScalar: false, source: Observable,
operator: MapOperator}
operator: MapOperator
project: res => res.body
length: 1
name: ""
arguments: (...)
caller: (...)
[[FunctionLocation]]: http.mjs:1300
[[Prototype]]: ƒ ()
[[Scopes]]: Scopes[2]
thisArg: undefined
[[Prototype]]: Object
call: ƒ call(subscriber, source)
constructor: class MapOperator
[[Prototype]]: Object
source: Observable
operator: FilterOperator {thisArg: undefined, predicate: ƒ}
source: Observable {_isScalar: false, source: Observable, operator: MergeMapOperator}
_isScalar: false
[[Prototype]]: Object
_isScalar: false
[[Prototype]]: Object
PLEASE HELP
This combination of Access-Control headers is invalid.
resp.getHeaders().add("Content-Type", "application/json");
resp.getHeaders().add("Access-Control-Allow-Origin", "*");
resp.getHeaders().add("Access-Control-Allow-Headers", "*");
resp.getHeaders().add("Access-Control-Allow-Credentials", "true");
You cannot set Access-Control-Allow-Origin to * and also allow Access-Control-Allow-Credentials.
For requests without credentials, the literal value "*" can be specified as a wildcard; the value tells browsers to allow requesting code from any origin to access the resource. Attempting to use the wildcard with credentials results in an error.
This might be a large scale issue of the system architecture.
For now you could test setting the Allow-Origin header like this:
resp.getHeaders().add("Access-Control-Allow-Origin", "http://localhost:8100");
However if it's supposed to work from an arbitrary number of clients another architecture might be necessary.
CORS is a security feature. Do not "trial and error" around with security features!
I am trying to read data from reddit using java. I am using JRAW.
Here is my code:
public class Main {
public static void main(String args[]) {
System.out.println('a');
String username = "dummyName";
UserAgent userAgent = new UserAgent("crawl", "com.example.crawl", "v0.1", username);
Credentials credentials = Credentials.script(username, <password>,<clientID>, <client-secret>);
NetworkAdapter adapter = new OkHttpNetworkAdapter(userAgent);
RedditClient reddit = OAuthHelper.automatic(adapter, credentials);
Account me = reddit.me().about();
System.out.println(me.getName());
SubmissionReference submission = reddit.submission("https://www.reddit.com/r/diabetes/comments/9rlkdm/shady_insurance_work_around_to_pay_for_my_dexcom/");
RootCommentNode rcn = submission.comments();
System.out.println(rcn.getDepth());
System.out.println();
// Submission submission1 = submission.inspect();
// System.out.println(submission1.getSelfText());
// System.out.println(submission1.getUrl());
// System.out.println(submission1.getTitle());
// System.out.println(submission1.getAuthor());
// System.out.println(submission1.getCreated());
System.out.println("-----------------------------------------------------------------");
}
}
I am making two requests as of now, first one is reddit.me().about(); and the second is reddit.submission("https://www.reddit.com/r/diabetes/comments/9rlkdm/ shady_insurance_work_around_to_pay_for_my_dexcom/");
The output is:
a
[1 ->] GET https://oauth.reddit.com/api/v1/me?raw_json=1
[<- 1] 200 application/json: '{"is_employee": false, "seen_layout_switch": true, "has_visited_new_profile": false, "pref_no_profanity": true, "has_external_account": false, "pref_geopopular": "GL(...)
dummyName
[2 ->] GET https://oauth.reddit.com/comments/https%3A%2F%2Fwww.reddit.com%2Fr%2Fdiabetes%2Fcomments%2F9rlkdm%2Fshady_insurance_work_around_to_pay_for_my_dexcom%2F?sort=confidence&sr_detail=false&(...)
[<- 2] 400 application/json: '{"message": "Bad Request", "error": 400}'
Exception in thread "main" net.dean.jraw.ApiException: API returned error: 400 (Bad Request), relevant parameters: []
at net.dean.jraw.models.internal.ObjectBasedApiExceptionStub.create(ObjectBasedApiExceptionStub.java:57)
at net.dean.jraw.models.internal.ObjectBasedApiExceptionStub.create(ObjectBasedApiExceptionStub.java:33)
at net.dean.jraw.RedditClient.request(RedditClient.kt:186)
at net.dean.jraw.RedditClient.request(RedditClient.kt:219)
at net.dean.jraw.RedditClient.request(RedditClient.kt:255)
at net.dean.jraw.references.SubmissionReference.comments(SubmissionReference.kt:50)
at net.dean.jraw.references.SubmissionReference.comments(SubmissionReference.kt:28)
at Main.main(Main.java:36)
Caused by: net.dean.jraw.http.NetworkException: HTTP request created unsuccessful response: GET https://oauth.reddit.com/comments/https%3A%2F%2Fwww.reddit.com%2Fr%2Fdiabetes%2Fcomments%2F9rlkdm%2Fshady_insurance_work_around_to_pay_for_my_dexcom%2F?sort=confidence&sr_detail=false&raw_json=1 -> 400
... 6 more
As it can been that my first request gives me a response of my username but in the second response i am getting a bad request 400 error.
To check whether my client ID and client secret were working correctly I did the same request using python PRAW library.
import praw
from praw.models import MoreComments
reddit = praw.Reddit(client_id=<same-as-in-java>, client_secret=<same-as-in-java>,
password=<same-as-in-java>, user_agent='crawl',
username="dummyName")
submission = reddit.submission(
url='https://www.reddit.com/r/redditdev/comments/1x70wl/how_to_get_all_replies_to_a_comment/')
print(submission.selftext)
print(submission.url)
print(submission.title)
print(submission.author)
print(submission.created_utc)
print('-----------------------------------------------------------------')
This gives the desired result without any errors so the client secret details must be working.
The only doubt I have is in the user agent creation in java UserAgent userAgent = new UserAgent("crawl", "com.example.crawl", "v0.1", username);.
I followed the following link.
What exactly does the target platform, the unique ID or the version mean. I tried to keep the same format as in the link. Also using the same username as in other places. On the other hand the user_agent in python was a string crawl.
Please tell me if I am missing anything and what could be the issue.
Thank you
P.S. I want to do this in java. not python.
Since your first query is working the credentials are correct. In JRAW don't give the whole URL but only the id in the submission function.
Change this
SubmissionReference submission = reddit.submission("https://www.reddit.com/r/diabetes/comments/9rlkdm/shady_insurance_work_around_to_pay_for_my_dexcom/");
to this
SubmissionReference submission = reddit.submission("9rlkdm");
where the id is the random string after /comment/ in the URL.
Hope this helps.
If we try to parse an expired JWT, results in expired exception.
Is there a way to read claims even the JWT was expired.
Below is used to parse JWT in java:
Jwts.parser().setSigningKey(secret.getBytes()).parseClaimsJws(token).getBody();
There is a better approach to do this.
if you see JWT Exception handler object e.g. ExpiredJwtException, expection object itself contains the following:-
header, claims and message
so claims can easily extracted through this object i.e. e.getClaims().getId() where e is ExpiredJwtException object.
ExpiredJwtException consturct is as follow:-
public ExpiredJwtException(Header header, Claims claims, String message) {
super(header, claims, message);
}
Example:-
try{
// executable code
}catch(ExpiredJwtException e){
System.out.println("token expired for id : " + e.getClaims().getId());
}
JWT objects are Base64URL encoded. This means that you can always read headers and payload by manually Base64URL-decoding it. In this case you will simply ignore exp attribute.
For instance you can do like this (I'm using Java8 built-in Base64 class, but you can use any external library, such as Apache Commons Codec):
Base64.Decoder decoder = Base64.getUrlDecoder();
String src = "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCIsImV4cCI6IjEzMDA4MTkzODAifQ.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiYWRtaW4iOnRydWV9.2GpoV9q_uguSg0Ku6peI5aZ2qBxO5qOA42zaS25gq_c";
String[] parts = src.split("\\."); // Splitting header, payload and signature
System.out.println("Headers: "+new String(decoder.decode(parts[0]))); // Header
System.out.println("Payload: "+new String(decoder.decode(parts[1]))); // Payload
and the output is:
Headers: {"alg":"HS256","typ":"JWT","exp":"1300819380"}
Payload: {"sub":"1234567890","name":"John Doe","admin":true}
Please note also that the exp attribute is set to 1300819380, which corresponds to 16 january 2016.
this might be old but for anyone whose facing this issue, the java's io.jsonwebtoken
ExpiredJwtException already got the claims in it, you can get it by calling e.getClaims().
If you use io.jsonwebtoken you try my function:
public Claims getClaimsFromToken(String token) {
try {
// Get Claims from valid token
return Jwts.parser()
.setSigningKey(SECRET)
.parseClaimsJws(token)
.getBody();
} catch (ExpiredJwtException e) {
// Get Claims from expired token
return e.getClaims();
}
}
If Someone comes in looking for jose4j library then below works:
invalidJwtException.getJwtContext().getJwtClaims()
Just set the ValidateLifetime property of the TokenValidationParameters to false before calling ValidateToken.
TokenValidationParameters tokenValidationParameters = new TokenValidationParameters();
tokenValidationParameters.ValidateLifetime = false;
JwtSecurityTokenHandler jwtSecurityTokenHandler = new JwtSecurityTokenHandler();
ClaimsPrincipal principal = jwtSecurityTokenHandler.ValidateToken(token, tokenValidationParameters, out SecurityToken validatedToken);
Then you can read the claims like this:
string name = principal.Claims.FirstOrDefault(e => e.Type.Equals(ClaimTypes.Name)).Value;
string email = principal.Claims.FirstOrDefault(e => e.Type.Equals(ClaimTypes.Email)).Value;
I have built an app for Shopify Shops and it was working fine until yesterday. Link to the documentation followed to create a Shopify app: https://docs.shopify.com/api/authentication/oauth
But now there seems to be an error while generating an access token. I have been getting the error in response:
{"error":"795: unexpected token at 'code=<my-code>\u0026client_secret=<my-secret>\u0026client_id=<my-client-id>'"}
Here is the gist of code written in Google App Script.
function doPost(e)
{
try
{
var client_id = e.parameter['client_id'];
var client_secret = e.parameter['client_secret'];
var code = e.parameter['code'];
var shopUrl = e.parameter['shopUrl'];
var headers = {
"Accept":"application/json",
"Content-Type":"application/json"
};
var payload = {
"client_id" : client_id,
"client_secret" : client_secret,
"code": code
};
var options =
{
"method" : "POST",
"payload" : payload,
"headers" : headers,
"muteHttpExceptions":true
};
var response = UrlFetchApp.fetch(shopUrl, options);
var data = response.getContentText().split('"')[3];
//response variable gives the following response
// {"error":"795: unexpected token at 'code=<my-code>\u0026client_secret=<my-client-secret>\u0026client_id=<my-client-id>'"}
return ContentService.createTextOutput(data).setMimeType(ContentService.MimeType.TEXT);
}//try
catch(e)
{
//log the exception
}//catch
}//doPost
Did anybody encounter the same error? Please help
Make sure that you requested to right URL, it just likes as
"https://[YOUR_SHOP_DOMAIN]/admin/oauth/access_token".
Make sure that you gave right ID&secret.
Check my PHP-code here for getting Shopify access-token:
ShopifyClient.php (scroll to the function "getAccessToken")
I can't seem to figure out how to add headers to my restlet response. When I look at the available methods in the Response object, all I see is setStatus, setEntity, and setAttributes but none of these tell me how to set custom http headers on the response.
For example, I have a GET call the returns something like the following:
HTTP/1.1 200 OK
Content-Type: text/json
Content-Length: 123
Some-Header: the value
Some-Other-Header: another value
{
id: 111,
value: "some value this could be anything",
diagnosis: {
start: 12552255,
end: 12552261,
key: "ABC123E11",
source: "S1",
}
}
Whatever it maybe. In the handleGet method, I handle it like so:
final MediaType textJsonType = new MediaType("text/json");
#Override
public void handleGet() {
log.debug("Handling GET...");
final Response res = this.getResponse();
try {
final MyObject doc = this.getObj("hello", 1, "ABC123E11", "S1");
final String docStr = doc.toString();
res.setStatus(Status.SUCCESS_OK);
res.setEntity(docStr, textJsonType);
// need to set Some-header, and Some-other-header here!
}
catch(Throwable t) {
res.setStatus(Status.SERVER_ERROR_INTERNAL);
res.setEntity(new TextRepresentation(t.toString()));
}
}
Because Restlet is more about the REST architectural principles than HTTP, it tries to be protocol agnostic and doesn't expose the HTTP headers directly. However, they are stored in the org.restlet.http.headers attribute of the response (as a Form). Note that you can only set custom headers this way, not standard ones (these are handled directly by the framework, e.g. Content-Type depends on the Representation's MediaType).
See this for an example:
http://blog.arc90.com/2008/09/15/custom-http-response-headers-with-restlet/ (link content also available from the Internet Archive Wayback Machine).