Alteryx Server Discussions

It's funny because that HMAC Encrypt Macro inspired me to try to work on the api workflow again. I've installed the macro, but i guess i just dont know what i'm supposed to put in "key" and "string". I've looked at the .js file from the API-Docs page and it shows the following:

    var buildOauthParams = function(apiKey){
        return {
            oauth_consumer_key: apiKey,
            oauth_signature_method: "HMAC-SHA1",
            oauth_nonce: Math.floor(Math.random() * 1e9).toString(),
            oauth_timestamp: Math.floor(new Date().getTime()/1000).toString(),
            oauth_version: "1.0"
        };
    };

    var generateSignature = function(httpMethod, url, parameters, secret) {
        return oauthSignature.generate(httpMethod, url, parameters, secret, null, { encodeSignature: false});
    };

so I took a URL string that I new worked and tried to recreate the oauth_signature by concatenating the various parameters, url and shared secret, but haven't found the secret sauce. Is that something that can be shared?

I feel that once I can generate the correct signature, then the last piece is to concatenate everything and passing it through the download tool. Is that about right? 

Honestly, I dont have a use case currently, but I could see creating smaller services that are on remote server(s), calling those API's to gather pieces of information then bringing it back to the desktop. Basically treating an alteryx server like a remote database, but with custom logic attached to it. That, and I just figured I'd try it out since it was a different type of API call (using oauth 1.0). It's fun to tinker...

Hello

Thanks for this macro and the guide - it's helped a lot!


I am further developing a version of this take takes in query key=value parameters, adds them to the OAuth parameters, sorts them alphabetically (important according to OAuth documentation - I say this, but then I am new to OAuth...)

The macro outputs a Full_request_url and oauth_signature: should these be concatenated and used as the URL in the download tool of an Alteryx workflow that uses the macro to make the request?
Also, does this concatenated Full_request_url&oauth_signature need to be encrypted in the download tool?

Another point- there's a lot of stuff on the Web about OAuth 1.0.  I have also read that one needs to
"Build the X-Authorization header by extracting the following parameter/value pairs from your collection to add to the header string.
After the realm= parameter, separate the parameter/value pairs with commas. Do not encode the values. Do not include any query strings.

    X-Authorization OAuth
    realm="{domainRoute}"
    application_Id="{applicationId}"
    oauth_consumer_key="{consumerKey}"
    oauth_nonce="{nonceValue}"
    oauth_signature_method="CMAC-AES"
    oauth_timestamp="{timestamp}"
    " (http://developer.pearson.com/step-step-guide-submitting-requests-oauth-10).

Is this correct? I have not done this yet in my testing (I have just sent the Full_request_url&oauth_signature). If this needs to be done, then I am thinking that these vars would need to go in the header of the download tool used when sending the request.
Again, probably my lack of knowledge with OAuth, but I thought all these variables were sent in the Full_request_url anyway, so why need them here again?

I have tried sending requests to run a job on a simple test app up on our Gallery using my adapted macro used in a workflow with a download tool to the run a job question of the Gallery API.
Here, I provided the following to the macro:
URL: https://mygallery.com/gallery/api/v1/workflows/<my test app's Id>/jobs
CONSUMERKEY: ----
SECRET: ----
QUERYLEYVALUES: uiname=michael&uinumber=7

But I get a response: 401 code:

{"data":null,"exceptionName":"UnauthorizedException","innerExceptionMessage":"","message":"Timestamp is not close enough to the current server time."}.

Weird, as I have been assured that my pc's date time is the same as our Alteryx server's - I will check this again, though.
Again, not sure yet why this is, but I am betting it's my OAuth request, or that I am using the wrong URL, or not supplying the OAuth values in the header?



I have previously used the Alteryx Engine API, built my own .Net Web services which call Alteryx routines - and this works great - but there's the building the services, setting up the security, hosting the services etc that needs to be done. Here, all that is done in the Gallery API, which is great! - now I just need to get the requesting to work!

It would be really helpful to hear back if you/anyone has had success in using the Gallery API to work for running apps, and if you have done this using Alteryx, or if you have had to build/use a Web-based app.

Thanks
Michael

Lots of great questions, and I am happy to answer them. However, before we dive too deep into Oauth can I confirm that your primary goal is to post a request to the Alteryx API that runs a workflow? If so I can post a working example of how to do this.

Hello Kanderson

Thanks for your quick reply.

To cut a long story short - Exactly :)

That's be great - really helpful.

I can see that the question used to run a job needs POST request - so I was thinking I would need to change the macro a fair bit get the required parameter values out.

Looking forward to seeing the example

Thanks

Michael

The attached macro will post to your gallery API to run a workflow based on ID. This example is simply the prior workflow modified to run a POST request instead of a GET request. This is my personal macro so it does not include the user friendly text boxes for the consumer key and secret. Instead you will find those in the macro itself you will need to adjust three of the text input tools with your gallery URL, the consumer key, and consumer secret.

Unlike the last macro this one was designed to be used in a batch fashion running a list of job ids you provide it. 

At the moment I do not have a use case for passing parameters for questions as you describe, but that should be fairly straightforward to add. In the download tool there is a section for payload:

Body parameters are not added to the url, and therefore should not impact your signature. You will want to pass these parameters in JSON format. A good example can be found on the gallery API explorer:

{
"questions": [
{
"name": "name",
"value": "Kevin"
}
]
}

See if you can get this macro calling workflows from your gallery. If you need help rebuilding this to accept the JSON body let me know, or if you can share a shell of the workflow you are trying to run I would be happy to take a look.

Kevin

@MikeN72 I had the same issue with the time. If you use the api-docs (https://gallery.alteryx.com/api-docs/ for the public gallery), and then use chrome's inspect element (F12) and then submit any of the get/post requests, you can see in the network tab of the inspector the timestamp that your browser is using. When I added the number below (1486668600) to 1/1/1970, It came in at today's date but 7:30pm (I submitted it a 2:30 pm local time). I'm sure there was a good reason, but I realized that my alteryx flow needed to have 5 hours added to it for it to replicate the timestamp in my browser. 

@Kanderson Thanks for sharing your macros, they were great!

@patrick_digan -5 hours sounds like it is reading UTC instead of Eastern.