You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@ignite.apache.org by sa...@barclays.com on 2021/09/03 10:11:28 UTC
Calling Ignite Rest endpoint using secret key
Hi Team,
Can someone provide example how we can invoke Ignite Rest Endpoint using encoded secret key in header. There is not much example . Any sample will help which is working.
https://ignite.apache.org/docs/latest/restapi
<property name="connectorConfiguration">
<bean class="org.apache.ignite.configuration.ConnectorConfiguration">
<property name="SecretKey" value="these.signatures"/>
</bean>
</property>
setSecretKey(String)
Defines secret key used for client authentication. When provided, client request must contain HTTP header X-Signature with the string "[1]:[2]", where [1] is timestamp in milliseconds and [2] is the Base64 encoded SHA1 hash of the secret key.
Thanks
Satyajit
_________________________________________________________________________________________________________________________________________________________________________________________________________________________________
�This message is for information purposes only, it is not a recommendation, advice, offer or solicitation to buy or sell a product or service nor an official confirmation of any transaction. It is directed at persons who are professionals and is not intended for retail customer use. Intended for recipient only. This message is subject to the terms at: www.barclays.com/emaildisclaimer.
For important disclosures, please see: www.barclays.com/salesandtradingdisclaimer regarding market commentary from Barclays Sales and/or Trading, who are active market participants; https://www.investmentbank.barclays.com/disclosures/barclays-global-markets-disclosures.html regarding our standard terms for the Investment Bank of Barclays where we trade with you in principal-to-principal wholesale markets transactions; and in respect of Barclays Research, including disclosures relating to specific issuers, please see http://publicresearch.barclays.com.�
_________________________________________________________________________________________________________________________________________________________________________________________________________________________________
If you are incorporated or operating in Australia, please see https://www.home.barclays/disclosures/importantapacdisclosures.html for important disclosure.
_________________________________________________________________________________________________________________________________________________________________________________________________________________________________
How we use personal information see our privacy notice https://www.investmentbank.barclays.com/disclosures/personalinformationuse.html
_________________________________________________________________________________________________________________________________________________________________________________________________________________________________
RE: Calling Ignite Rest endpoint using secret key
Posted by sa...@barclays.com.
Hi Stephen,
Thank you very much for your assistance.
Thanks
Satyajit
Restricted - External
From: Stephen Darlington <st...@gridgain.com>
Sent: Tuesday, September 7, 2021 7:48 PM
To: user <us...@ignite.apache.org>
Subject: Re: Calling Ignite Rest endpoint using secret key
CAUTION: This email originated from outside our organisation - stephen.darlington@gridgain.com<ma...@gridgain.com> Do not click on links, open attachments, or respond unless you recognize the sender and can validate the content is safe.
It looks like the implementation doesn't exactly match the comment - should probably open a ticket. But, this works:
#!/usr/bin/env python3
import hashlib
import base64
import time
import requests as req
password = 'password'
millis = int(round(time.time() * 1000))
param = f'{millis}:{password}'
hash_pass = hashlib.sha1(param.encode('utf-8')).digest()
str_pass = base64.b64encode(hash_pass).decode('utf-8')
headers = { 'X-Signature' : f'{millis}:{str_pass}' }
resp = req.get('http://localhost:8080/ignite?cmd=version', headers=headers)
print (resp.text)
Basically, you pass in a X-Signature header with a string in the format "x:y".
X = the time in ms
Y = base64 ( sha1 ( "x:secretkey" ) )
Yes, you include the time and use the time as part of the hash. For this (and other reasons) I'm not sure that this is a good mechanism. If you want to secure it, use TLS, add authentication.
Regards,
Stephen
On 7 Sep 2021, at 12:44, satyajit.mandal@barclays.com<ma...@barclays.com> wrote:
Hi Team,
Can someone please suggest here. There is no example how to call a rest url with secret key as per below documentation.
setSecretKey(String)
Defines secret key used for client authentication. When provided, client request must contain HTTP header X-Signature with the string "[1]:[2]", where [1] is timestamp in milliseconds and [2] is the Base64 encoded SHA1 hash of the secret key.
Thanks
Satyajit
Restricted - External
From: Mandal, Satyajit: IT (PUN)
Sent: Friday, September 3, 2021 3:41 PM
To: 'user' <us...@ignite.apache.org>>
Subject: Calling Ignite Rest endpoint using secret key
Hi Team,
Can someone provide example how we can invoke Ignite Rest Endpoint using encoded secret key in header. There is not much example . Any sample will help which is working.
https://ignite.apache.org/docs/latest/restapi<https://clicktime.symantec.com/3Ft9JRCAq7Phd13THXbqccn6H2?u=https%3A%2F%2Fignite.apache.org%2Fdocs%2Flatest%2Frestapi>
<property name="connectorConfiguration">
<bean class="org.apache.ignite.configuration.ConnectorConfiguration">
<property name="SecretKey" value="these.signatures"/>
</bean>
</property>
setSecretKey(String)
Defines secret key used for client authentication. When provided, client request must contain HTTP header X-Signature with the string "[1]:[2]", where [1] is timestamp in milliseconds and [2] is the Base64 encoded SHA1 hash of the secret key.
Thanks
Satyajit
_________________________________________________________________________________________________________________________________________________________________________________________________________________________________
"This message is for information purposes only, it is not a recommendation, advice, offer or solicitation to buy or sell a product or service nor an official confirmation of any transaction. It is directed at persons who are professionals and is not intended for retail customer use. Intended for recipient only. This message is subject to the terms at: www.barclays.com/emaildisclaimer<https://clicktime.symantec.com/3EYPv6rW8Af52GsfyfEjWJj6H2?u=http%3A%2F%2Fwww.barclays.com%2Femaildisclaimer>.
For important disclosures, please see: www.barclays.com/salesandtradingdisclaimer<https://clicktime.symantec.com/3WsWiDHFq9GMFuabBAiWAQg6H2?u=http%3A%2F%2Fwww.barclays.com%2Fsalesandtradingdisclaimer> regarding market commentary from Barclays Sales and/or Trading, who are active market participants; https://www.investmentbank.barclays.com/disclosures/barclays-global-markets-disclosures.html<https://clicktime.symantec.com/3MydMFf8wFafWGXFJgdhH4U6H2?u=https%3A%2F%2Fwww.investmentbank.barclays.com%2Fdisclosures%2Fbarclays-global-markets-disclosures.html> regarding our standard terms for the Investment Bank of Barclays where we trade with you in principal-to-principal wholesale markets transactions; and in respect of Barclays Research, including disclosures relating to specific issuers, please see http://publicresearch.barclays.com<https://clicktime.symantec.com/3BorrHMcYqWqhDsJGPxhphe6H2?u=http%3A%2F%2Fpublicresearch.barclays.com%2F>."
_________________________________________________________________________________________________________________________________________________________________________________________________________________________________
If you are incorporated or operating in Australia, please see https://www.home.barclays/disclosures/importantapacdisclosures.html<https://clicktime.symantec.com/3EbikRF6KKstQs8HhbDmdG66H2?u=https%3A%2F%2Fwww.home.barclays%2Fdisclosures%2Fimportantapacdisclosures.html>for important disclosure.
_________________________________________________________________________________________________________________________________________________________________________________________________________________________________
How we use personal information see our privacy notice https://www.investmentbank.barclays.com/disclosures/personalinformationuse.html<https://clicktime.symantec.com/3VCTbhtkSGkL3PMJn2g6cj56H2?u=https%3A%2F%2Fwww.investmentbank.barclays.com%2Fdisclosures%2Fpersonalinformationuse.html>
_________________________________________________________________________________________________________________________________________________________________________________________________________________________________
_________________________________________________________________________________________________________________________________________________________________________________________________________________________________
�This message is for information purposes only, it is not a recommendation, advice, offer or solicitation to buy or sell a product or service nor an official confirmation of any transaction. It is directed at persons who are professionals and is not intended for retail customer use. Intended for recipient only. This message is subject to the terms at: www.barclays.com/emaildisclaimer.
For important disclosures, please see: www.barclays.com/salesandtradingdisclaimer regarding market commentary from Barclays Sales and/or Trading, who are active market participants; https://www.investmentbank.barclays.com/disclosures/barclays-global-markets-disclosures.html regarding our standard terms for the Investment Bank of Barclays where we trade with you in principal-to-principal wholesale markets transactions; and in respect of Barclays Research, including disclosures relating to specific issuers, please see http://publicresearch.barclays.com.�
_________________________________________________________________________________________________________________________________________________________________________________________________________________________________
If you are incorporated or operating in Australia, please see https://www.home.barclays/disclosures/importantapacdisclosures.html for important disclosure.
_________________________________________________________________________________________________________________________________________________________________________________________________________________________________
How we use personal information see our privacy notice https://www.investmentbank.barclays.com/disclosures/personalinformationuse.html
_________________________________________________________________________________________________________________________________________________________________________________________________________________________________
Re: Calling Ignite Rest endpoint using secret key
Posted by Stephen Darlington <st...@gridgain.com>.
It looks like the implementation doesn’t exactly match the comment — should probably open a ticket. But, this works:
#!/usr/bin/env python3
import hashlib
import base64
import time
import requests as req
password = 'password'
millis = int(round(time.time() * 1000))
param = f'{millis}:{password}'
hash_pass = hashlib.sha1(param.encode('utf-8')).digest()
str_pass = base64.b64encode(hash_pass).decode('utf-8')
headers = { 'X-Signature' : f'{millis}:{str_pass}' }
resp = req.get('http://localhost:8080/ignite?cmd=version', headers=headers)
print (resp.text)
Basically, you pass in a X-Signature header with a string in the format “x:y”.
X = the time in ms
Y = base64 ( sha1 ( “x:secretkey" ) )
Yes, you include the time and use the time as part of the hash. For this (and other reasons) I’m not sure that this is a good mechanism. If you want to secure it, use TLS, add authentication.
Regards,
Stephen
> On 7 Sep 2021, at 12:44, satyajit.mandal@barclays.com wrote:
>
> Hi Team,
>
> Can someone please suggest here. There is no example how to call a rest url with secret key as per below documentation.
>
> setSecretKey(String)
> Defines secret key used for client authentication. When provided, client request must contain HTTP header X-Signature with the string "[1]:[2]", where [1] is timestamp in milliseconds and [2] is the Base64 encoded SHA1 hash of the secret key.
>
>
> Thanks
> Satyajit
>
>
> Restricted - External
> From: Mandal, Satyajit: IT (PUN)
> Sent: Friday, September 3, 2021 3:41 PM
> To: 'user' <us...@ignite.apache.org>
> Subject: Calling Ignite Rest endpoint using secret key
>
> Hi Team,
>
> Can someone provide example how we can invoke Ignite Rest Endpoint using encoded secret key in header. There is not much example . Any sample will help which is working.
>
>
> https://ignite.apache.org/docs/latest/restapi <https://ignite.apache.org/docs/latest/restapi>
>
>
>
>
>
>
> <property name="connectorConfiguration">
> <bean class="org.apache.ignite.configuration.ConnectorConfiguration">
> <property name="SecretKey" value="these.signatures"/>
> </bean>
> </property>
>
>
>
>
> setSecretKey(String)
> Defines secret key used for client authentication. When provided, client request must contain HTTP header X-Signature with the string "[1]:[2]", where [1] is timestamp in milliseconds and [2] is the Base64 encoded SHA1 hash of the secret key.
> Thanks
>
> Satyajit
>
> _________________________________________________________________________________________________________________________________________________________________________________________________________________________________
> This message is for information purposes only, it is not a recommendation, advice, offer or solicitation to buy or sell a product or service nor an official confirmation of any transaction. It is directed at persons who are professionals and is not intended for retail customer use. Intended for recipient only. This message is subject to the terms at: www.barclays.com/emaildisclaimer <http://www.barclays.com/emaildisclaimer>.
>
> For important disclosures, please see: www.barclays.com/salesandtradingdisclaimer <http://www.barclays.com/salesandtradingdisclaimer> regarding market commentary from Barclays Sales and/or Trading, who are active market participants; https://www.investmentbank.barclays.com/disclosures/barclays-global-markets-disclosures.html <https://www.investmentbank.barclays.com/disclosures/barclays-global-markets-disclosures.html> regarding our standard terms for the Investment Bank of Barclays where we trade with you in principal-to-principal wholesale markets transactions; and in respect of Barclays Research, including disclosures relating to specific issuers, please see http://publicresearch.barclays.com <http://publicresearch.barclays.com/>.
> _________________________________________________________________________________________________________________________________________________________________________________________________________________________________
> If you are incorporated or operating in Australia, please see https://www.home.barclays/disclosures/importantapacdisclosures.html <https://www.home.barclays/disclosures/importantapacdisclosures.html>for important disclosure.
> _________________________________________________________________________________________________________________________________________________________________________________________________________________________________
> How we use personal information see our privacy notice https://www.investmentbank.barclays.com/disclosures/personalinformationuse.html <https://www.investmentbank.barclays.com/disclosures/personalinformationuse.html>
> _________________________________________________________________________________________________________________________________________________________________________________________________________________________________
>
RE: Calling Ignite Rest endpoint using secret key
Posted by sa...@barclays.com.
Hi Team,
Can someone please suggest here. There is no example how to call a rest url with secret key as per below documentation.
setSecretKey(String)
Defines secret key used for client authentication. When provided, client request must contain HTTP header X-Signature with the string "[1]:[2]", where [1] is timestamp in milliseconds and [2] is the Base64 encoded SHA1 hash of the secret key.
Thanks
Satyajit
Restricted - External
From: Mandal, Satyajit: IT (PUN)
Sent: Friday, September 3, 2021 3:41 PM
To: 'user' <us...@ignite.apache.org>
Subject: Calling Ignite Rest endpoint using secret key
Hi Team,
Can someone provide example how we can invoke Ignite Rest Endpoint using encoded secret key in header. There is not much example . Any sample will help which is working.
https://ignite.apache.org/docs/latest/restapi
<property name="connectorConfiguration">
<bean class="org.apache.ignite.configuration.ConnectorConfiguration">
<property name="SecretKey" value="these.signatures"/>
</bean>
</property>
setSecretKey(String)
Defines secret key used for client authentication. When provided, client request must contain HTTP header X-Signature with the string "[1]:[2]", where [1] is timestamp in milliseconds and [2] is the Base64 encoded SHA1 hash of the secret key.
Thanks
Satyajit
_________________________________________________________________________________________________________________________________________________________________________________________________________________________________
�This message is for information purposes only, it is not a recommendation, advice, offer or solicitation to buy or sell a product or service nor an official confirmation of any transaction. It is directed at persons who are professionals and is not intended for retail customer use. Intended for recipient only. This message is subject to the terms at: www.barclays.com/emaildisclaimer.
For important disclosures, please see: www.barclays.com/salesandtradingdisclaimer regarding market commentary from Barclays Sales and/or Trading, who are active market participants; https://www.investmentbank.barclays.com/disclosures/barclays-global-markets-disclosures.html regarding our standard terms for the Investment Bank of Barclays where we trade with you in principal-to-principal wholesale markets transactions; and in respect of Barclays Research, including disclosures relating to specific issuers, please see http://publicresearch.barclays.com.�
_________________________________________________________________________________________________________________________________________________________________________________________________________________________________
If you are incorporated or operating in Australia, please see https://www.home.barclays/disclosures/importantapacdisclosures.html for important disclosure.
_________________________________________________________________________________________________________________________________________________________________________________________________________________________________
How we use personal information see our privacy notice https://www.investmentbank.barclays.com/disclosures/personalinformationuse.html
_________________________________________________________________________________________________________________________________________________________________________________________________________________________________