Reputation: 371
How to exercise secured app engine hosted REST APIs using curl?
Let us assume that there is an app engine standard python app hosted at https://xyz.appspot.com and that its URLs are protected with:
login: admin
secure: always
How can I exercise the APIs using curl? I guess the real question is how can I authenticate to the app using curl. If the app is used from a browser, one is redirected to Google login but I am wondering how I can simulate the same from curl.
Any help is greatly appreciated.
Thanks, Raghu
Upvotes: 0
Views: 327
Answers (3)
Reputation: 3
You can use a combination of Cloud Endpoints and API Key. In this article https://cloud.google.com/endpoints/docs/frameworks/python/restricting-api-access-with-api-keys-frameworks from Google Cloud Platform you have an example of how to use curl authentication with this combination:
If an API or API method requires an API key, supply the key using a query parameter named key, as shown in this cURL example:
curl \ -H "Content-Type: application/json" \ -X POST \ -d '{"message": "echo"}' \ "${HOST}/_ah/api/echo/v1/echo_api_key?key=${API_KEY}where HOST and API_KEY are variables containing your API host name and API key, respectively. Replace echo with the name of your API, and v1 with the version of your API.
Upvotes: 0
Reputation: 371
Based on the suggestion from @Erfa, I visited the site in Chrome while keeping the dev tools open.
The browser takes you through login procedure and the site appears. At this point, right click on the GET request in "Network" tab and select "Save as HAR with Content" which saves the API information in a text file.
In the file, you will find a cookie that is being sent with the GET request. You can now use this same cookie with curl as follows:
$ curl --cookie "NAME=VALUE" <URL>
Upvotes: 0
Reputation: 713
One way would be to do the authentication in browser first, and then copy the cookie from there to curl. For example in Chrome, you can open the devtools (F12) and select the Network tab.
When you access your secure resource it will appear there. Then you can right click -> Copy -> Copy as cURL (bash).
This will give you a cURL command that is authorized to call your secure resource.
Upvotes: 1
Related Questions
- How to authenticate google cloud functions for access to secure app engine endpoints
- Setting up Authentication for API hosted in Google App Engine Flexible
- curl on app engine
- RESTful API authentication/security
- Logging into Google with curl?
- Securing RESTful API in Google App Engine
- Google App Engine: Endpoints authentication with ID and password
- Google App Engine Authentication
- Endpoints API with authentication
- Secure remote_api in app engine with OpenID