I have 2 GAE apps running (GAE1 and GAE2). I have to update the datastore of GAE2 from GAE1. How can I achieve this in Java? Does GAE provide any APIs for cross GAE datastore updates?
Note:
I tried making a PUT request through the browser, by enabling CORS on the source and destination GAEs. Unfortunately CORS works only for GET and HEAD.
This issue is fixed in the following way, (Note my requirement is I should not use Remote API from GAE.)
Open an URL in the destination GAE allow this url alone, if it contains a secure request header.
For example:
public void filter(ContainerRequestContext requestContext) {
if (requestContext.getUriInfo().getPath().contains("intgr")
}
Check for the request header that you pass, if it is present in the destination GAE.
Write your REST service in this url path /intgr and send back the response to the Source GAE.
In addition to the Cloud Datastore API mentioned previously, you can also use the Remote API to access services across different App Engine applications including Datastore.
Related
From my application I have to invoke external http service which uses google authentication. It works when I invoke it from browser. I found out that it happens because I have cookie which contains
GCP_IAAP_AUTH_TOKEN_<random_string>
GCP_IAP_UID
So my cookie look like this:
cookie: GCP_IAP_UID=111111111111; GCP_IAAP_AUTH_TOKEN_1234567891234567890B=verylongstringhere"
I tried to set this cookie directly in my restTemplate and it works properly but I expect that I have to get token based on some kind of credentials.
webClient.post()
.uri(uploadUrl)
.header("cookie", "GCP_IAP_UID=12345678901234567890; GCP_IAAP_AUTH_TOKEN_12345678907645456546B=verylongstringhere")
Could you please provide example of correct usage GCP auth ? How to update token? Based on what?
Google APIs use the OAuth 2.0 protocol for authentication and authorization
You can obtain OAuth 2.0 client credentials from the Google API Console. Then your client application requests an access token from the Google Authorization Server, extracts a token from the response, and sends the token to the Google API that you want to access.
Before your application can access private data using a Google API, it must obtain an access token that grants access to that API.
There are several ways to make this request, and they vary based on the type of application you are building. For example, a JavaScript application might request an access token using a browser redirect to Google, while an application installed on a device that has no browser uses web service requests.
I recommend you to go trough OAuth 2.0 to Access Google APIs article to choose the best method for your application, there are a couple of documented scenarios to explain how GCP uses application authentication
I have a Java Application running on Tomcat. I want to get the details of all machines installed in Microsoft Azure portal by taking user's subscription details as input. Preferably a REST API. I am expecting response same like what we get in azure resource explorer.
I made a request with this url "https://management.core.windows.net/"+subscriptionId+"/services/disks" following this method. It gives me result like this
<Disks xmlns="http://schemas.microsoft.com/windowsazure" xmlns:i="http://www.w3.org/2001/XMLSchema-instance">
<Disk>
<AttachedTo>
<DeploymentName>TEST1</DeploymentName>
<HostedServiceName>TEST1</HostedServiceName>
<RoleName>TEST1</RoleName>
</AttachedTo><OS>Linux</OS>
<Location>South Central US</Location>
<LogicalDiskSizeInGB>30</LogicalDiskSizeInGB>
<MediaLink>link.vhd</MediaLink>
<Name>TEST1-TEST1-0-20</Name>
<SourceImageName>imageName</SourceImageName>
When I call the same method with
"https://management.azure.com/subscriptions/"+subscriptionid+"/providers/Microsoft.Compute/virtualMachines?api-version=2016-03-30" I am getting 401 error.
I even tried downloading the SDK , ListVirtualMachines.java is listing some 600 images, not the one under my subscription.
How Can I achieve it using JAVA REST API?
Per my experience, this issue is due to the authentication method. I do all the requests that you have made and I get the same results with you.
The 401 error code means "Unauthorized". Your authentication method is right for the old REST API request, but not for new.
The new authentication is handled by Azure Active Directory(AD).
The followings may be useful for you.
You could figure out Virtual Machines Rest API by this URL https://msdn.microsoft.com/en-us/library/mt163647.aspx.
You could understand how to authenticate Azure Resource Manager Request by Azure Active Directory by this URL https://msdn.microsoft.com/en-us/library/dn790557.aspx.
Hope it helps. Any concerns, please feel free to let me know.
I am looking for something similar to this but using JAVA rest API calls.
I want to get the list of all the resources (including virtual machines, storage disks, network devices etc) and their basic properties(like ip address, disk space etc)
I have tried making API calls following this link.
When I make an http request to this url
"https://management.azure.com/subscriptions/"+subscriptionId+"/resourceGroups/"+resourceGroupName+"/providers/Microsoft.Compute/virtualMachines?api-version="+apiVersion
But I am getting a 401 error. Am I calling the right URL ? if not which URL I should be calling ?
But I am getting a 401 error. Am I calling the right URL ? if not
which URL I should be calling ?
You're calling the right URL however you're providing incorrect parameters to the API call. The link you mentioned is for making Azure Service Management API calls however what you need to dod is make Azure Resource Manager (ARM) API calls.
Like Azure Service Management API, ARM API requests need to be authenticated. In case of former, the requests are authenticated by using a management certificate. In case of latter, you would need to use a token that you get by authenticating the user against an Azure AD.
Please see this link for more details on authenticating/authorizing ARM API requests: https://azure.microsoft.com/en-us/documentation/articles/resource-manager-api-authentication/.
In order to list all resources in a resource group, you can definitely make use of ARM REST API. However now SDKs are available for you that you can consume directly. To learn more about these SDKs, please see this link: https://azure.microsoft.com/en-in/blog/azure-resource-manager-preview-sdks/.
I have an application deployed on Google App Engine (GAE) for Java. I'm using Google Identity Toolkit for authentication (and not the standard Google Account based authentication provided by GAE). The front-end is GWT based.
I have some static content (image files) that is located in war/static/images folder. I want to restrict access to these files only to a subset of signed in users i.e. add authorization around these files. GAE provides security-constraits but that doesn't work for me as I'm not using Google Accounts, and even then, it doesn't provide full authorization based on my requirements.
What's the best way to add authorization around these static assets?
Google Appengine stores static files in another servers and not in the same application server as your app resides.
So you can't add any authorization check on it, you can use Google Cloud Storage and set acl's but again thats going to work only for google users , you cannot have your own authorization there as well.
So the answer is, you have to change statics files as resource files, and add routes to thoses files instead of direct access, then in your endpoints or controller you can add custom authorization based on session or access token or any other identity options, once the user authorized to access those files, you can serve those files as response.
I have a local API service that is under a sub domain:
http://sub.192.168.1.1/api/endpoint
By adding the IP redirect to my machine's Hosts file, I can test and consume the API well when using browser tools like Postman, and even opening them via the browser itself (some don't have security at all and just returns plain JSON). Now I tried adding the IP redirect to my device's hosts file too so it can access the subdomain as well as my dev machine. All goes well and I can directly access the APIs via the browser, but when using the app, the endpoints can't be found.
I'm using Retrofit with OkHttp as of now. Hoping anyone can shed a light with this problem.
Did you try at retrofit object to add slash at the end of URL?
.baseUrl("http://sub.192.168.1.1/api/endpoint/")
.build();