I want to get the current user's data from spotify.
The documentation says I have to use this command:
curl -X GET "https://api.spotify.com/v1/me" -H "Authorization: Bearer
{your access token}"
I successfully get the token string from Spotify.
My question is: How should I transform this CURL command to java?
You need language bindings and an HTTP client. A lot of this work has been done already in the Android client made by Kaaes.
In your very specific case, you'd use the getMe method as documented here. This returns a UserPrivate object, which contains birthdate, product, email, country, as well as the fields available in the UserPublic object, like display_name.
Full documentation
Related
I've reset the user password and set it as temporary in keycloak.
Is there some REST API to change temporary password to regular when user will log in? It is important not to use keycloak's user interface. I've heard about experimental API but I can't find any of its documentation. Thanks for help
I've heard about experimental API but i can't find any its
documentation.
I think you are referring to this Keycloak Admin API
Assuming that:
I've reset user password and set it to new temporary in keycloak.
is done via endpoint already, then what you can do is to get the ID from that user, which you can get by using the endpoint:
curl -X GET <KEYCLOAK_HOST>/auth/admin/realms/<REALM_NAME>/users/?username=<USER_NAME>
From the JSON response, extract the user ID. Then you call the following endpoint:
PUT <KEYCLOAK_HOST>/auth/admin/realms/<REALM_NAME>/users/<USER_ID>/reset-password
with the request payload:
{"type":"password","value":"<THE_PASSWORD_THAT_YOU_WANT_TO_SET>","temporary":false}
If what you want is to first set the password as temporary, and then when the user logs in for the first time, force the user to set to a new non-temporary password, then you need to call the following endpoint:
PUT <KEYCLOAK_HOST>/auth/admin/realms/<REALM_NAME>/users/<USER_ID>
with the request payload:
{"requiredActions":["UPDATE_PASSWORD"]}
Hello people i have a question about how to get JSON pagingObject in my response with a http curl get (curl running on jokto-linux-system).
i wanted to get a special page over the parameter $offset=0 and $limit=0.
But i dont know where to put the parameter to get on the right page of the serviceressource. I get all the ressources back but i need to see how much pages are used also i didnt see this too.
So my basic problem is the visibility and changing of the parameter $offset and $limit of the pagingObject of an Service/Ressource with amount of Ressourceelements.
Thank you very much for evry answer
This my basic "GET" i try: curl -i http://127.0.0.1:80/service/ressource/Elementuri
Tried to get an the object over header: curl -X GET -H "$offset" -H "$limit" http://127.0.0.1:80/service/ressource/elementuri
I tried it to set after the uri: curl -X GET http://127.0.0.1:80/service/ressource/elementuri?$offset=0&$limit=1
Dollar sign is probably not necessary.
curl http://127.0.0.1:80/service/ressource/elementuri?limit=2&offset=2
I am new to WSO2 API Manager (APIM) using version 1.9.1. I am referring to link : https://docs.wso2.com/display/AM170/Token+API, in this link they've given curl command
curl -k -d "grant_type=password&username=<username>&password=
<password>&scope=<scope1> <scope2>" -H "Authorization: Basic
SVpzSWk2SERiQjVlOFZLZFpBblVpX2ZaM2Y4YTpHbTBiSjZvV1Y4ZkM1T1FMTGxDNmpzbEFDVzhh,
Content-Type: application/x-www-form-urlencoded" https://localhost:8243/token
Now I am trying to understand above curl command in order to create Junit to map all these headers and body values to my Spring RestTemplate API's. I understand all parameters, but I don't understand below
Authorization: Basic
SVpzSWk2SERiQjVlOFZLZFpBblVpX2ZaM2Y4YTpHbTBiSjZvV1Y4ZkM1T1FMTGxDNmpzbEFDVzhh
Could you please explain what is the use of it? What we called long hex string by name?
You have to decode above string(SVpzSWk2SERiQjVlOFZLZFpBblVpX2ZaM2Y4YTpHbTBiSjZvV1Y4ZkM1T1FMTGxDNmpzbEFDVzhh) and decoded string is IZsIi6HDbB5e8VKdZAnUi_fZ3f8a:Gm0bJ6oWV8fC5OQLLlC6jslACW8a
Normally these strings are combined with colon(clientId:clientSecret) and encoded with base64. IZsIi6HDbB5e8VKdZAnUi_fZ3f8a is the client ID and Gm0bJ6oWV8fC5OQLLlC6jslACW8a is the client secret.
Usage of it:-
You are trying to take the access token using above curl command. when you use above grant type, you have to provide client id and client secret to get access token.
As far as i understood (by reading the same doc) that is base64 encoded string
And it also says that it "Combine the consumer key and consumer secret keys in the format consumer-key:consumer-secret and encode the combined string using base64."
You can get more info regarding this on http://base64encode.org and What is base 64 encoding used for?
This question already has answers here:
HTTP GET with request body
(23 answers)
Closed 7 years ago.
I don't understand why this curl invocation gives me a 400 bad request.
curl -v -XGET -H "Content-Type:application/json" -d '{"match":{"first":"james"}}' http://localhost:8080/geocon/search/
Considered that this is the code part who should handle everything
#Path(Paths.SEARCH)
public class SearchService {
#GET
#Produces(MediaType.APPLICATION_JSON)
#Consumes(MediaType.APPLICATION_JSON)
public String search(#DefaultValue(NO_TYPE) #QueryParam("type") String type, String query) {
// do interesting stuff with the query
System.out.println(type);
System.out.println(query);
return //the result of the query
}
Obviously, I don't see in the console the two print lines and the answer from the web service is 400 Bad request
If I change the verb in curl and in the code (POST instead of GET), the results are OK and everything works as it should.
Why?
Can't I use GET passing data? If you think about it, I am not modifying stuff, I'd just receive data so GET should be the most RESTful translation for it.
You are allowed to send a body with a GET request, but it must not have any semantics; it should essentially be ignored. Not doing so violates the HTTP/1.1 specification. I suggest avoiding this practice because no one expects a request body with a GET request.
Now I'm not sure if the MVC framework you're using is stricter in the sense that it automatically rejects any GET request sent with a body, because in general a server can accept a GET request with a body, but is just supposed to ignore it.
Hence, what you're doing is not RESTful. The only way you can pass in data through a GET is through query parameters.
UPDATE
This is in response to your comment.
You could expose an explicit resource called searchResult or search. To create a searchResult or search resource instance, you pass in a body that is essentially a query. If you are using semantic media types (as you should for proper RESTfulness), your search-result resource could have the media type application/vnd.myservice.search-result+json and the query can have the media type application/vnd.myservice.search-query+json. Then, you can POST a request to /searchResults that has a request body that contains the complex query. The media-type of the response would be application/vnd.myservice.search-result+json and it can contain the search results.
So how does this play out? A search query comes in and you parse out the body and run the query. Then you should persist the results (not for ever; give it some sane TTL value). Once you have done that, you return a 303 See Other with a Location header that has a link to the search results (maybe something like /searchResults/4334, where 4334 is the id of this particular result). The client can then access this URI to retrieve the search results. If the client requests a search result that has expired (i.e., the server cleaned it up because the TTL expired), then the server should respond with a 410 Gone.
Also read this for more pointers.
It seems that syntax you are using has a typo.Try using the below ones for json and xml format. -XGET is wrong. it should be -X GET.
For xml
curl -H "Accept: application/xml" -H "Content-Type: application/xml" -X GET http://hostname/resource
For JSON
curl -i -H "Accept: application/json" -H "Content-Type: application/json" -X GET http://hostname/resource
I am stucking with the following problem like one month already, I am trying to verify an inapp purchase by using the following api :https://developers.google.com/android-publisher/authorization
I followed every step from the documentation(doing everthing with Postman Rest Client from Chrome), I can retrieve an accesstoken and a refresh token, but whenever when I try to query a purchase it results in error code 403 access not configured, BUT I CONFFIGURED IT IN THE SETTINGS!
anybody with an idea maybe?
It is far from straightforward to get an accesstoken for this API. This blog post helped get me started in the right direction, but I've outlined my own process that does not depend on using any external scripts to work. The steps are:
Obtain a client ID and secret (one-time)
Obtain a Refresh Token (one-time)
Use the Refresh Token to obtain an Access Token (once per hour)
4 Use the access token to access the API
Each of these steps are detailed below:
Obtaining Client ID and Secret
Go to the the Google Developer's console
Go to your project page
Select "Consent Screen" on the left side and make sure that the email address and Product name fields are set
Select "Credentials" from the left menu, and select "create a new client id"
Leave Application type set to "Web application" and set "Authorized redirect URI" to https://localhost. You do not need to change the Authorized JavaScript Origins.
Click "Create Client ID" and record the Client ID and Client secret that result.
Obtaining a Refresh Token
In web browser, enter the following URL (substituting correct value for client_id):
https://accounts.google.com/o/oauth2/auth?scope=https://www.googleapis.com/auth/androidpublisher&response_type=code&access_type=offline&redirect_uri=https://localhost&client_id=XXXX
Accept any requests for authorization that appear
You will then be redirected to a URL like this:
https://localhost/?code=4/k0TenvwICIgmBoQOazJy4_EnJr6-.clLqtp_vVAIbEnp6UAPFm0GASPqQigI
Copy the code from the latter part of this URL
Use wget to convert this code into refresh token; substitute CODE, CLIENT_ID, and CLIENT_SECRET
wget --debug --post-data="grant_type=authorization_code&code=CODE&client_id=CLIENT_ID&client_secret=CLIENT_SECRET&redirect_uri=https://localhost" https://accounts.google.com/o/oauth2/token
The resulting JSON file will contain an access_token and a refresh_token. Record the refresh_token value
Obtaining an Access Token
send a POST request to https://accounts.google.com/o/oauth2/token with the following fields set (substitute REFRESH_TOKEN, CLIENT_ID, CLIENT_SECRET)
grant_type=refresh_token
refresh_token=REFRESH_TOKEN
client_id=CLIENT_ID
client_secret=CLIENT_SECRET
You will get back a JSON string containing an access_token that will be good for one hour.
Using the Access Token to make API request
Fetch from
https://www.googleapis.com/androidpublisher/v1.1/applications/PACKAGENAME/inapp/SKU/purchases/PURCHASETOKEN
with an Authorization header containing the access token, e.g:
Authorization: Bearer ya29.1.AADtN_WoM4-4Fb1voFL-emcUWluijCzwvc9Z-FYM9SPvK03HCbGkdROJTVVPSLHK2IlVJQ
You may also be able to pass the access token as an HTTP query parameter, e.g.
https://www.googleapis.com/androidpublisher/v1.1/applications/PACKAGENAME/inapp/SKU/purchases/PURCHASETOKEN?authorization_token=AUTHTOKEN
I had a similar problem as you. Answer by mmigdol is helpful, but it didn't help me. I finally managed to solve it by looking at links generated here: https://developers.google.com/oauthplayground/
Apparently, Android publisher scope
https://www.googleapis.com/auth/androidpublisher
needs to be added into the link requesting authorisation code (before even generating refresh token) by adding:
&scope=https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fandroidpublisher
to get this:
https://accounts.google.com/o/oauth2/auth?redirect_uri=<YOUR_REDIRECT_URI>&response_type=code&client_id=<YOUR_CLIENT_ID>&scope=https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fandroidpublisher&approval_prompt=force&access_type=offline