Problem
What are the best practices to test REST requests to APS controller?
Resolution
From command line:
There are two security contexts in APS,
- To test requests in application context:
you should run queries on endpoint authenticating with application certificate:
cd /var/www/html/<ENDPOINT_FOLDER>
then
curl -k -E config/<GUID>.pem https://<MN>:6308/aps/2/resources/
if you know the GUID, or
curl -kE config/$(ls config | grep '^[a-z0-9-]\{36\}\.pem$') https://<MN>:6308/aps/2/resources/
if you want more universal way. Here:
ENDPOINT_FOLDER
is the folder where your scripts reside
GUID
is the id of you provider instance, in case you have only one instance there will be only one certificate matching this mask
MN
is IP address or hostname of Operations Automation Management Node
You can add RQL filters after /aps/2/resources/
or specify resource id.
- To test requests in *account context:
You need to get account token, there are many ways to do this, one of the easier ways:
Execute this on management node, the number in should be the id of account you want to get token for:
curl -d"<?xml version='1.0'?><methodCall><methodName>pem.APS.getAccountToken</methodName><params><param><value><struct><member><name>account_id</name><value><i4>$PA_ACCOUNT_ID</i4></value></member><member><name>subscription_id</name><value><i4>0</i4></value></member></struct></value></param></params></methodCall>" http://localhost:8440
Now the request to APS controller would look like this:
curl -k -H 'APS-Token:JEFFUy0xMjgtQ0JDJFh2cUFoY1pBK3FSR2cyKzM4QW90UVE9PSRZTitIRGtwWlRUbWpHaG9UYlF0Szk1YkhSOXZNaHhOZDNmYWVRSUJua3E5VS9PR1RMendpNE5hMHViWk1rcUl0akovblhlK3BRMy9xL3BSUmxMR2FEVU44cmFuVUFpYUtZR1BJYTR1WGo4cHlyOGl1aWRuNW1STFk3YnNIbUNpSnZXa2xHcStsN0tQTTFRWkNXUkxFeE5QU2U1cDR1MEZScERsRnpTSFRscG5VeThFZmFkUU9VODkxOWYvekx3U3dNQXdMMUVyYjRyejJRdU5UWHRpS0RER3ZwUVh1VXhuY3BDRnpaUVVOVzZ4MDNRR2VmZ1VnZ2hXYjhadkVMNzBP' https://localhost:6308/aps/2/resources/
From RESTClient-APS
This is an extension for Firefox 30+, download it here.
If Operations Automation API is available from you machine, you just need to fill the parameters of token-fetching request and hit
Refresh Token
to get token.- Then you can issue requests to
http://<YOUR_MN_HOSTNAME>:8080/aps/2/resources/
or similar URL and it will use token automatically.
From any other RESTful API clients (for example Chrome plugin Advanced REST client
)
get account token either from browser debugger (it is sent in headers for every request to controller in custom UI) or using Operations Automation API (see above)
add
'APS-Token'
header- specify
http://<YOUR_MN_HOSTNAME>:8080/aps/2/resources/
as request endpoint