i'm trying to create a connector inside Syncari SDK to get Orders from Ebay using this SDK
https://pypi.org/project/syncari-sdk/
in ebay am using Production environment using Auth'n'Auth
and with this Token am using:
1. Trading API
2.API CALL : GetOrders
3.API VERSION : 967
HTTP headers
X-EBAY-API-SITEID:0
X-EBAY-API-COMPATIBILITY-LEVEL:967
X-EBAY-API-CALL-NAME:GetOrders
Request Body
<?xml version="1.0" encoding="utf-8"?>
<GetOrdersRequest xmlns="urn:ebay:apis:eBLBaseComponents">
<RequesterCredentials>
<eBayAuthToken></eBayAuthToken>
</RequesterCredentials>
<ErrorLanguage>en_US</ErrorLanguage>
<WarningLevel>High</WarningLevel>
<OrderIDArray>
<!-- Enter one or more of the seller's Order IDs in separate OrderID fields. Only legacy Order IDs are supported in GetOrders and not the ExtendedOrderIDs that are supported in eBay REST APIs calls like the Fulfillment API. The legacy Order ID values are actually the concatenation of ItemID and TransactionID, with a hyphen in between these two values. In legacy API calls, the OrderLineItemID and OrderID values are the same for single line item orders. Note that the TransactionID for an auction listing is always '0', which is demonstrated below -->
<OrderID>XXXXXXXXXXXX-XXXXXXXXXXXXX</OrderID>
<OrderID>XXXXXXXXXXXX-0</OrderID>
</OrderIDArray>
<OrderRole>Seller</OrderRole>
</GetOrdersRequest>
Inside SDK we have a method called : synapse_Info() to connect to ebay using token
Read the document here : https://support.syncari.com/hc/en-us/articles/4580013102868-Custom-Synapse-SDK-Documentation
i want to know how to add Headers, Toekn , Body to get Orders From Ebay API and add all of this here
def synapse_info(self):
return SynapseInfo(
name='lysiSynapse', category='other',
metadata=UIMetadata(displayName='Lysi Synapse'),
supportedAuthTypes=[AuthMetadata(authType=AuthType.BASIC_TOKEN, label='API Key', fields=[AuthField(name='token', label='API Key', dataType=DataType.PASSWORD)])],
configuredFields=[AuthField(name='endpoint', label='Endpoint URL', dataType=DataType.STRING)])
we can see response usning Method : Test() in the SDK
def test(self, connection: Connection):
self.client.get("/users",headers=self.__auth_headers())
if not connection.metaConfig:
connection.metaConfig={}
return connection
The synapse_info info method is meant to be used to declare the Synapse’s UI elements and authentication options and not to add headers and tokens directly. The method returns a SynapseInfo object that defines fields in the Syncari’s UI. It is possible later in the framework to access those defined fields from the connection object, which persist through the framework.
We recommend first is to define the Syncari rest client in the Synapse class:
def __init__(self, request: Request) -> None:
super().__init__(request)
self.client = SyncariRestClient(self.connection.authConfig.endpoint, self.connection.authConfig)
This way it’s possible to use the Syncari client that will have access to the endpoint and authentication data that the user inputs in the UI of Syncari.
Since Ebay's API uses XML queries we’d recommend creating helper methods to assist with constructing the queries. For this particular example:
def xmlQueryConstructorGetOrderByID(eBayAuthToken, Orders):
return f"<?xml version=\"1.0\" encoding=\"utf-8\"?><GetOrderRequest xmlns=\"urn:ebay:apis:eBLBaseComponents\"><RequesterCredentials><eBayAuthToken>{eBayAuthToken}</eBayAuthToken></RequesterCredentials><ErrorLanguage>en_US</ErrorLanguage><WarningLevel>High</WarningLevel><OrderIDArray>{Orders}</OrderIDArray><OrderRole>Seller</OrderRole></GetOrderRequest>""
Additionally, we recommend to hardcode the required headers in a constant:
HEADERS = {"Content-Type":"application/xml", "x-ebay-api-call-name": "GetOrders", "x-ebay-api-compatibility-level" : "967", "X-EBAY-API-SITEID" : "0"}
We can now use all of this to make a call in the test method, which is used to test the credentials a user imputed in the UI of Syncari application:
def test(self, connection: Connection):
self.client.get("", headers=HEADERS, data=self.client.post("",headers=HEADERS,
data=xmlQueryConstructorGetOrderByID(self.connection.authConfig.token,"<OrderID>XXXXXXXXXXXX-XXXXXXXXXXXXX</OrderID>")))
return connection
In an actual use case the would be replaced with an actual existing order’s ID and the authentication data is accessed from the connection object.
We also recommend using a python library like xmltodict to convert the received XML data into JSON, so it is easier to pass it to Syncari.
We hope this answers the question but if you need any further assistance please reach out to our support at developers#syncari.com.
Related
I have an MSAL app that creates authentication tokens for accessing various Microsoft APIs.
I provide the app specific scopes, and it creates a corresponding authentication token bearing those scopes. This app works perfectly fine for all types of endpoint I tried up
def _create_or_get_msal_app_client(
self, client_id: str, tenant_id: str | None = None, is_confidential_client: bool = False
) -> msal.ClientApplication:
"""
Create public or confidential msal app client to generate tokens
:param client_id: the client id (also known as application id)
:param tenant_id: the tenant id to use as authority, if not provided will use common authority
:return: the msal app
"""
if self._msal_app:
return self._msal_app
try:
authority = tenant_id if tenant_id else "common"
authority_url = f"https://login.microsoftonline.com/{authority}"
if is_confidential_client:
self._msal_app = msal.ConfidentialClientApplication(
client_id=[client_id], client_credential=[client_credential], authority=authority_url
)
else:
self._msal_app = msal.PublicClientApplication(client_id=client_id, authority=authority_url)
return self._msal_app
msal_app = self._create_or_get_msal_app_client(
client_id=[client_id], tenant_id=[tenant_id]
)
return msal_app.acquire_token_by_username_password(
username=[username], password=[password], scopes=[some scopes]
)
The tokens produced if inputted into jwt.io, will be marked as invalid, which is not a bad thing in itself, as noted by this qustion.
My problem is, when I try to call APIs with endpoints of type:
https://admin.powerplatform.microsoft.com/api/*
It almost seems like those kinds of endpoints has a different authorization system than the rest of the endpoints; For once, the token this EP uses in the UI I tool it from have a perfectly valid signature when trying to decode it in JTW.io, as opposed to the token issues by MSAL. But, this means that now I get in the response a 401 response when I try to use the MSAL-issues tokens, and the reason for the failed request, is, according to the response header resp.headers._store['www-authenticate'][1] is:
Bearer error="invalid_token", error_description="The signature is invalid"
This doesn't happen in any other Microsoft API I tried to call; for example in EPs of type https://graph.microsoft.com/v1.0/* the token produced by MSAL works perfectly fine.
The prime suspect in these types of authentication errors is the scopes asked. But no matter what scopes I ask, whether I ask for insufficient or sufficient or no scopes at all, I still get the same error.
Except what was suggested here to try to ask for the scope [client_id]/.defualt (where client id is the client id) but when I try to do that I get the error:
Bearer error="invalid_token", error_description="The audience \'[client_id]\' is invalid"
in the response headers.
I have another clue about what might be the problem in this forum, where the one asking the question mentioned that the EP is using OAuth. could it be that this is different from MS Graph in any way?
So my question is, how do I configure my MSAL app to work with https://admin.powerplatform.microsoft.com/api/*? Or alternatively, what EP could I use instead that does work with MSAL, and contains the same functionality as this one?
Note: looking at the headers in the request to get the tokens in the UI, I see they are using msal.js.browser, so this should be possible in theory. (by the way, the requested scope in the UI is [client_id]/.defualt openid profile offline_access) to the EP https://login.microsoftonline.com/common/oauth2/v2.0/token). When trying to decode the UI token in jwt.ms it says that the token is issued by AAD.
Example of a concrete EP I am trying to access: https://admin.powerplatform.microsoft.com/api/Environments/{env_name}/roleassignments/environmentadmin. The API is taken from the Power Platform Admin Center. More info about it here.
I have a workspace with 2 databases shared with my integration, basically it works and I get 200 OK code.
That's the function I have, the headers contain the authentication token:
def listDatabases(self):
r = requests.get('https://api.notion.com/v1/databases', headers=self.headers)
if r.status_code == 200:
return r.json()
else:
return r.reason
And this is the result:
I think maybe those database permissions held by integration are inherited from the parent page.
From Notion API Reference (List databases):
Search pages for more details
This endpoint is no longer recommended, use search instead. This endpoint will only return explicitly shared pages, while search will also return child pages within explicitly shared pages.
An easy way to verify is to confirm if "based on xxx" is included under integration in the share option on the database page (not its parent page or inline database). if was, then that database will not return in "list databases" endpoint.
I believe it's because you are not sending the database id in the url
https://api.notion.com/v1/databases/**database_id**
if you don't specify the database_id it will take the first database which I assume is without any records.
Im fairly new to AWS and its Cognito and API-Gateway services.
I have created in AWS a Cognito-specific User Pool and an AWS-specific API-Gateway API with some API-Endpoints to be accessed via REST API calls. The API-Gateway "Authorizer" is set to "Cognito".
After that, I have exported the Swagger document/OpenAPI2.0 using the AWS-Console specific export function and generated with the Swagger Editor a Python REST Client API.
The generated REST Client SDK generated the Model-specific "GET" function, e. g.:
# create an instance of the API class
api_instance = swagger_client.DefaultApi()
user_id = 'user_id_example' # str |
try:
api_response = api_instance.user_get(user_id)
pprint(api_response)
except ApiException as e:
print("Exception when calling DefaultApi->user_get: %s\n" % e)
In order to get a correct result from the function call api_instance.user_get(user_id)
I need somehow pass the access token to that function.
The question is now, how do I pass the access token - which I have successfully obtained after the User signed-in - to the Python REST Client API in order to invoke an API-Endpoint function which has an "Cognito" authorizer set?
I saw many expamples how to realize this with Postman or CURL, but this is not what I'm looking for. I want to invoke my "Cognito" protected API-Endpoint in AWS API-Gateway with the generated REST API Client. I assume, there must be a way to put the received access token to the "Authorization" Header in the HTTP-Request call, before the generated REST Client function is invoked.
Any help is very appreciated.
I'm not sure if I've understood you correctly, but this might help you.
import requests
endpoint = ".../api/ip"
data = {"ip": "1.1.2.3"}
headers = {"Authorization": "Bearer MyBearerAuthTokenHere"}
print(requests.post(endpoint, data=data, headers=headers).json())
#Edit
You don't need to parse the response as json if it isn't. This is just an Sample.
Am beginner to Amazon web services.
I have a below lambda python function
import sys
import logging
import pymysql
import json
rds_host=".amazonaws.com"
name="name"
password="123"
db_name="db"
port = 3306
def save_events(event):
result = []
conn = pymysql.connect(rds_host, user=name, passwd=password, db=db_name,
connect_timeout=30)
with conn.cursor(pymysql.cursors.DictCursor) as cur:
cur.execute("select * from bodyPart")
result = cur.fetchall()
cur.close()
print ("Data from RDS...")
print (result)
cur.close()
bodyparts = json.dumps(result)
bodyParts=(bodyparts.replace("\"", "'"))
def lambda_handler(event, context):
save_events(event)
return bodyParts
using an above function am sending json to the client using API gateway, now suppose user selects an item from the list and send it back, in form of json where will i get http request and how should i process that request
I just made an additional information for #Harsh Manvar.
The easiest way I think is you can use
api-gateway-proxy-integration-lambda
Currently API Gateway support AWS lambda very good, you can pass request body (json) by using event.body to your lambda function.
I used it everyday in my hobby project (a Slack command bot, it is harder because you need to map from application/x-www-form-urlencoded to json through mapping template)
And for you I think it is simple because you using only json as request and response. The key is you should to select Integratiton type to Lambda function
You can take some quick tutorials in Medium.com for more detail, I only link the docs from Amazon.
#mohith: Hi man, I just made a simple approach for you, you can see it here.
The first you need to create an API (see the docs above) then link it to your Lambda function, because you only use json, so you need to check the named Use Lambda Proxy integration like this:
Then you need to deploy it!
Then in your function, you can handle your code, in my case, I return all the event that is passed to my function like this:
Finally you can post to your endpoint, I used postman in my case:
I hope you get my idea, when you successfully deployed your API then you can do anything with it in your front end.
I suggest you research more about CloudWatch, when you work with API Gateway, Lambda, ... it is Swiss army knife, you can not live without it, it is very easy for tracing and debug your code.
Please do not hesitate to ask me anything.
you can use aws service called API-gateway it will give you endpoint for http api requests.
this api gateway make connection with your lambda and you can pass http request to lambda.
here sharing info about creating rest api on lambda you can check it out : https://docs.aws.amazon.com/apigateway/latest/developerguide/how-to-create-api.html
aws also provide example for lambda GET, POST lambda example.you just have to edit code it will automatically make api-gateway.as reference you can check it.
From Lambda Console > create function > choose AWS serverless repository > in search bar type "get" and search > api-lambda-dynamodb > it will take value from user and process in lambda.
here sharing link you can direct check examples : https://console.aws.amazon.com/lambda/home?region=us-east-1#/create?tab=serverlessApps
this is my first web-programming experience so I hope my questions doesn't sound very dumb. I have been stucked on this for many days.
I am trying to understand a sample code:
https://github.com/facebook/runwithfriends
However I am not understanding very well how the information flow works and how can I modify that sample (i.e. how the code works).
For example, in the following section of the code:
class RecentRunsHandler(BaseHandler):
"""Show recent runs for the user and friends"""
def get(self):
if self.user:
friends = {}
for friend in select_random(
User.get_by_key_name(self.user.friends), 30):
friends[friend.user_id] = friend
self.render(u'runs',
friends=friends,
user_recent_runs=Run.find_by_user_ids(
[self.user.user_id], limit=5),
friends_runs=Run.find_by_user_ids(friends.keys()),
)
else:
self.render(u'welcome')
As I understand (along with HTML) is useful for showing friends that are using the same app, and if I understand correctly, here is the essential part:
*friends_runs=Run.find_by_user_ids(friends.keys())*
But what if I want to show any given friend. How can I do it?
Summarizing, I would like to know:
1- How the flow of the code works? (I don't fully understand the explanation here)
2- How can I manipulate the code so to get, for example, to show a list of friends of the user (not necessary that use the same app)?
Moreover, Can I show friends filtered by some characteristic (for example, gender)?
Thanks a lot!
The python "SDK" for facebook I use I took from https://gist.github.com/1190267
and combined it with the code from the example app to achieve the functionality I wanted both for a canvas app and for website usage.
It depends whether you're using facebook with websites or a canvas application. For a canvas application you probably could do well with the javascript SDK but for a "login with facebook" I required serverside logic that should work with javascript turned off so I've completed that solution with details you might have help to know. You can try make small changes of that specific app 'runwithfriends' to get an understanding which code does what. The project you're looking at contains some outdated practice though:
getting and setting cookies is likely preferable now doing with webapp2's builtin functions for this instead of the code that comes with the FB example app
logging in and out is now done with OAuth 2.0 so it's likely that the login system you're looking at is outdated and you need to use OAuth 2.0 which is described here. I much rather do login/logout serverside so I did an OAuth 2.0 pure python solution to login / logout following the authentication steps mentioned in the tutorial from FB. I had to clear the cookie to log a user out which was not documented.
To upgrade to python 2.7 I had to also modify so that HTTP header did not cast to unicode. I don't know why but otherwise it complained that headers were "not strings"
To more elaborately answer your specific questions:
1) The requesthandler class you posted is a subclass of a BaseHandler so to fully understand what it does you can look at the BaseHandler class since what you are posting is a BAseHandler. The BaseHandler uses django templates for rendering and if you want to can switch the template engine to jinja2 which is remmended. Further the code accesses the user object inherited from the BaseHandler and does some operations on it and renders it to a template. You can try make a requesthandler of your own, subclass BaseHandler and do what you want.
2) I could manipulate the code and I'm not an expert so you should be able to do it too. I wanted a simple FB app to display random images and I could manipulate it to select random images via blobs and render to to a template while keeping the facebook base functions. A function to use for getting the user using the Graph API I do this:
def parse_signed_request(signed_request, secret):
"""
Parse signed_request given by Facebook (usually via POST),
decrypt with app secret.
Arguments:
signed_request -- Facebook's signed request given through POST
secret -- Application's app_secret required to decrpyt signed_request
"""
if '.' in signed_request:
(esig, payload) = signed_request.split('.')
else:
return {}
sig = urlsafe_b64decode(str(esig))
data = _parse_json(urlsafe_b64decode(str(payload)))
if not isinstance(data, dict):
raise SignedRequestError('Pyload is not a json string!')
return {}
if data['algorithm'].upper() == 'HMAC-SHA256':
if hmac.new(secret, payload, hashlib.sha256).digest() == sig:
return data
else:
raise SignedRequestError('Not HMAC-SHA256 encrypted!')
return {}
def get_user_from_cookie(cookies, app_id, app_secret):
"""Parses the cookie set by the official Facebook JavaScript SDK.
cookies should be a dictionary-like object mapping cookie names to
cookie values.
If the user is logged in via Facebook, we return a dictionary with the
keys "uid" and "access_token". The former is the user's Facebook ID,
and the latter can be used to make authenticated requests to the Graph API.
If the user is not logged in, we return None.
Download the official Facebook JavaScript SDK at
http://github.com/facebook/connect-js/. Read more about Facebook
authentication at http://developers.facebook.com/docs/authentication/.
"""
cookie = cookies.get('fbsr_' + app_id, '')
if not cookie:
return None
response = parse_signed_request(cookie, app_secret)
if not response:
return None
args = dict(code=response['code'], client_id=app_id,
client_secret=app_secret, redirect_uri='')
file = \
urllib.urlopen('https://graph.facebook.com/oauth/access_token?'
+ urllib.urlencode(args))
try:
token_response = file.read()
finally:
file.close()
access_token = cgi.parse_qs(token_response)['access_token'][-1]
logging.debug('returning cookie')
return dict(uid=response['user_id'], access_token=access_token)
See http://developers.facebook.com/docs/api for complete documentation for the API. And you can get the the official Facebook JavaScript SDK at http://github.com/facebook/connect-js/
I'm now writing code to sync a webapp2_extras.auth account with facebook so that custom accounts and facebook accounts can co-exist and we're discussing solutions for this in the webapp2 groups and categories. The current way I do it is adding the recommended current_user to a basehandler and using that as the FB identity while working on "merging" my class FBUser that is a custom class for facebook users that autheorized my website and/or canvas application to sync with webapp2_extras.auth.models.User which is an expando model so it can just add the properties it doesn't have such as facebookid, firstname, lastname, etc.
#property
def current_user(self):
if not hasattr(self, '_current_user'):
self._current_user = None
cookie = get_user_from_cookie(self.request.cookies,
facebookconf.FACEBOOK_APP_ID,
facebookconf.FACEBOOK_APP_SECRET)
if cookie:
# Store a local instance of the user data so we don't need
# a round-trip to Facebook on every request
user = FBUser.get_by_key_name(cookie['uid'])
if not user:
graph = GraphAPI(cookie['access_token'])
profile = graph.get_object('me')
user = FBUser(key_name=str(profile['id']),
id=str(profile['id']),
name=profile['name'],
profile_url=profile['link'],
access_token=cookie['access_token'])
user.put()
elif user.access_token != cookie['access_token']:
user.access_token = cookie['access_token']
user.put()
self._current_user = user
return self._current_user
You can also solve your authentication with session objects and build your authentication system around that. That is what I do when using both custom accounts and facebook accounts and you're welcome to have a lok at my repository for more code examples how to intregrate facebook with google app engine using python 2.7.