lets-fiware / ngsi-go Goto Github PK
View Code? Open in Web Editor NEWThe NGSI Go is a command-line interface supporting FIWARE Open APIs for FIWARE developers.
Home Page: https://ngsi-go.letsfiware.jp/
License: MIT License
The NGSI Go is a command-line interface supporting FIWARE Open APIs for FIWARE developers.
Home Page: https://ngsi-go.letsfiware.jp/
License: MIT License
This is a small improvement suggestion.
With ngsi broker get
you can get information like this:
$ ngsi broker get --host orion-alumbrado
brokerHost http://localhost:1026
ngsiType v2
FIWARE-Service alcobendas
FIWARE-ServicePath /alumbrado
IdmType thinkingcities
IdmHost http://idmhost:5001/v3/auth/tokens
Username admin_user
Password user_password
The problem is that when the broker setting is using an IDM (I have observed it for ThinkingCities one but I guess that for other IDM types it would be the same) the password appears in clear text.
Maybe a possible improvement would be by default ofuscating that information, i.e:
$ ngsi broker get --host orion-alumbrado
brokerHost http://localhost:1026
ngsiType v2
FIWARE-Service alcobendas
FIWARE-ServicePath /alumbrado
IdmType thinkingcities
IdmHost http://idmhost:5001/v3/auth/tokens
Username admin_user
Password ****
and require an explicit parameter to see it in clear text, i.e.:
$ ngsi broker get --host orion-alumbrado --cleartextPassword
brokerHost http://localhost:1026
ngsiType v2
FIWARE-Service alcobendas
FIWARE-ServicePath /alumbrado
IdmType thinkingcities
IdmHost http://idmhost:5001/v3/auth/tokens
Username admin_user
Password user_password
(cleartextPassword
is just a suggestion... of course it could a better one, based on the conventions used for parameter names in NGSI Go)
Note this is not to achieve perfect security (user can use --cleartextPassword
without any restriction and, in any case, check the information in the filesystem storage used by NGSI Go) but a equivalent feature to the one in browsers and similar systems (see picture below)
In the latest version of Orion ("2.5.0-next"), ngsi list entities
without options can not print a list of entities.
$ ngsi version --host orion
{
"orion" : {
"version" : "2.5.0-next",
"uptime" : "0 d, 0 h, 0 m, 27 s",
"git_hash" : "1744eeb6a3489c2c0bfbeceadaf471d0a3784a95",
"compile_time" : "Fri Feb 12 14:55:26 UTC 2021",
"compiled_by" : "root",
"compiled_in" : "eea31cce414e",
"release_date" : "Fri Feb 12 14:55:26 UTC 2021",
"doc" : "https://fiware-orion.rtfd.io/",
"libversions": {
"boost": "1_53",
"libcurl": "libcurl/7.29.0 NSS/3.53.1 zlib/1.2.7 libidn/1.28 libssh2/1.8.0",
"libmicrohttpd": "0.9.70",
"openssl": "1.0.2k",
"rapidjson": "1.1.0",
"mongodriver": "legacy-1.1.2"
}
}
}
$ ngsi create entity --data '{"id":"id001","A":{"type":"Text","value":"FIWARE"}}'
$ ngsi list entities
$ ngsi list entities --count
1
$ ngsi list entities --verbose
[{"id":"id001","type":"Thing","A":{"type":"Text","value":"FIWARE","metadata":{}}}]
$ docker images fiware/orion:latest
REPOSITORY TAG IMAGE ID CREATED SIZE
fiware/orion latest a6806f7270f8 7 days ago 279MB
I have been testing ngsi-go version 0.8.0 (very nice work by the way! :) and I have one doubt, please. Not sure if GitHub issues are the best place for doubt: if there is a better channel for this just let me know and I will use it.
Looking to "Supported FIWARE Open APIs" in the master README.md I see ngsi-go supports Keyrock API. I understand this means this security stack:
However, Orion can be used with other security stacks, which are similar but not exactly the same. In particular, we use:
What I wonder if it ngsi-go would also work in this case. As far as I know, Keystone and Keyrock are pretty similar (Keystone is the standard IDM in OpenStack, while Keyrock is a kind of derivate but supporting similar APIs... although I could be wrong).
Keystone token management operations (i.e. to get a token to be used later in a request to Orion through PEP) are based in the POST /v3/auth/tokens
operation (more detail here). I can provide more detail (a sequence of specific requests used to get a token to be used with Orion) if you need it.
Thanks!
First of all, this tool is super mega awesome! ❤️
This is an ideal tool for setting up a FIWARE installation from the command line.
However, it is not clear from the docs that you first need to add keyrock as server if you want to execute commands.
The following worked for me:
ngsi server add --host idm --serverType keyrock --serverHost https://idm.example.com --username [email protected] --password 1234567
ngsi applications --host idm create --name "CB" -- ...
Print no version and revision when error level is higher than info
$ ngsi --stderr info create --host orion subscription --type abc --typePattern abc
(git_hash:)
subscriptionsCreateV2002 type or typePattern
setSubscriptionValuesV2004 type or typePattern
abnormal termination
(I have hit this while doing the tests described in #123 (comment) but I think is bette to use it a separate issue for the report).
With the following broker configuration:
$ ngsi broker list
myinstance
$ ngsi broker get --host myinstance
brokerHost http://localhost:1026
ngsiType v2
FIWARE-Service alcobendas
IdmType thinkingcities
IdmHost http://iomhost:5001/v3/auth/tokens
Username admin_alcobendas
Password <offuscated>
If I do:
$ ngsi create entity --data '{"id":"E", "type": "T", "A": {"value": 1, "type": "Number"}}'
I get:
entityCreate001 required host not found
However, --host
doesn't seem to be a valid option here. It doesn't appear at ngsi create entity --help
and if I try to use it any way with:
ngsi create entity --data '{"id":"E", "type": "T", "A": {"value": 1, "type": "Number"}}' --host myinstance
I get:
Incorrect Usage: flag provided but not defined: -host
Probably I'm doing something wrong, but I don't know what...
Testing with ngsi-go version 0.8.0 if I run:
ngsi broker add --help
I see:
--brokerType value orion-ld, scorpio, stellio
Should "orion" been added to this list? Note that orion and orion-ld are not the same piece of software...
In the current implementation, when renewing a token, NGSI Go gets a token using user,.password and client_id and client_secret without using a refresh token or a token that was gotten first time.
Hey guys,
I was just checking if i could use your tool to access an orion instance, but unfortunately i'm failing already in the beginning.
It seems that you do not support fiware-services with uppercase letters (seems to be intented as you test that uppercase fiware services are producing an error):
The problem is, the orion instance i want to connect to uses fiware services like Foo
instead of foo
and if i try to connect with a lowercase fiware service, it does not work.
Does work:
➜ ngsi broker add \
--host myinstance \
--brokerHost http://localhost:1026 \
--ngsiType v2 \
--service foo \
--path /iot
Does not work
➜ ngsi broker add \
--host myinstance \
--brokerHost http://localhost:1026 \
--ngsiType v2 \
--service Foo \
--path /iot
With this error: brokersAdd007 error FIWARE Service: Foo
Using current master version.
I wanted to add the following: subscription using the ngis-go tool:
ngsi create --host orion-with-apikey subscription --data @SingleSubcriptionTest
orion is running as docker container: fiware/orion:3.2.0
Executing gives a 400 bad request. Inserting the subscription using Postman works fine.
0.9.0 (git_hash:bfd1ec240a8a8421929e2923f8fb5d3f6cab18ab) (git_hash:bfd1ec240a8a8421929e2923f8fb5d3f6cab18ab)
subscriptionsCreate
InitTokenMgr
subscriptionsCreateV2004 400 Bad Request {"error":"BadRequest","description":"condition is empty"}
abnormal termination
I switched orion to debug and this is the payload I see in the logs.
The conditions object is empty
| comp=Orion | op=logTracing.cpp[141]:logInfoRequestWithPayload | msg=Request received: POST /v2/subscriptions, request payload (238 bytes): {"description":"Test Notification","subject":{"entities":[{"idPattern":"Alert.*","type":"Alert"}],"condition":{}},"notification":{"httpCustom":{"url":"http://dev/null","headers":{"fiware-shared-key":"test"}},"attrsFormat":"keyValues"}}, response code: 400
Save the json as SingleSubcriptionTest.json
{
"description": "Test Notification",
"subject": {
"entities": [
{
"idPattern": "Alert.*",
"type": "Alert"
}
],
"condition": {
"attrs": []
}
},
"notification": {
"httpCustom": {
"url": "http://dev/null",
"headers": {
"fiware-shared-key": "test"
}
},
"attrsFormat": "keyValues"
}
}
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.