[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: Help consuming a REST webservice with HTTPAPI.
When you call
http_xproc( HTTP_POINT_ADDL_HEADER : %paddr(SetReferer));
it calls the procedure SetReferer() which has a parameter (HeaderData in my example) that you set to the value you want added to the header when the request is made later. HTTPAPI handles the rest for you, the headers are part of the request that are done behind the scenes that you normally don't see.
To see the headers I used the developer tools (F12) in Chrome on the Network tab and put a url in the address bar such as
https://api.spireon.com/api/asset/traffic?limit=50&startAt=1
and you will see the below which includes the request headers. The process above adds entries to the Request Headers section.
Remote Address:23.23.114.223:443
Request URL:https://api.spireon.com/api/asset/traffic?limit=50&startAt=1
Request Method:GET
Status Code:401 Unauthorized
Request Headers
Accept:text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
Accept-Encoding:gzip,deflate,sdch
Accept-Language:en-US,en;q=0.8
Connection:keep-alive
Host:api.spireon.com
User-Agent:Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/35.0.1916.153 Safari/537.36
Query String Parameter
limit:50
startAt:1
Response HeadersConnection:keep-alive
Content-Length:45
Content-Type:application/json;charset=UTF-8
Date:Tue, 24 Jun 2014 18:01:10 GMT
Server:nginx/1.2.7
Also, see Mike K's point about only using one procedure for setting your additional headers.
Scott
-----Original Message-----
From: ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx [mailto:ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx] On Behalf Of PReid@xxxxxxxxxxxx
Sent: Tuesday, June 24, 2014 11:15 AM
To: HTTPAPI and FTPAPI Projects
Subject: RE: Help consuming a REST webservice with HTTPAPI.
Thanks Scott although I'm not sure I understand your code.
Are you adding the data in "HeaderData" to the "Url" field as some point before you do the http_url_get_raw? If so - how do you add it - at the beginning, or at the end, or somewhere in between? Your "HeaderData" looks like a url, I'm trying to enter a username : password and an account ID so that doesn't seem to be the same thing? Why do you have to have a separate Procedure for each Header? Sorry I'm pretty new to this.
___________________________________________________________
Paul Reid
Application Developer III
Erb Group of Companies | 290 Hamilton Road | New Hamburg, Ontario | N3A
1A2
Phone: 519.662.6133 ext. 2363
Web: http://www.erbgroup.com/
From: Scott Mildenberger <SMildenberger@xxxxxxxxxxxxxxxxxx>
To: HTTPAPI and FTPAPI Projects <ftpapi@xxxxxxxxxxxxxxxxxxxxxx>
Date: 24/06/2014 11:04 AM
Subject: RE: Help consuming a REST webservice with HTTPAPI.
Sent by: ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx
I think you just need to set additional headers, that is what the curl -H is doing. Here is an example from one of my programs:
// Set the referer so Mapquest will accept.
http_xproc( HTTP_POINT_ADDL_HEADER : %paddr(SetReferer));
rc = http_url_get_raw(Url : 1 : %paddr(CityState) : 60);
And then the procedure:
p SetReferer b
D SetReferer pi
D HeaderData 1024A varying
D CRLF C CONST(x'0D25')
/free
HeaderData = 'Referer: http://davistransport.com/' + CRLF;
/end-free
p SetReferer e
You would just have two procedures for the two different additional headers you need.
Scott
-----Original Message-----
From: ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx [ mailto:ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx] On Behalf Of PReid@xxxxxxxxxxxx
Sent: Tuesday, June 24, 2014 8:44 AM
To: ftpapi@xxxxxxxxxxxxxxxxxxxxxx
Subject: Help consuming a REST webservice with HTTPAPI.
Hello everyone.
I need to consume a REST Web service and I'm going to use HTTPAPI to do it. I just need a bit of help getting started. I've consumed SOAP services before with HTTPAPI but this is my first crack at consuming a REST. I've looked at the examples provided with HTTPAPI but I couldn't find one that is doing exactly what this vendor requires. From the vendor's web site here is the pertinent documentation for the service I need to consume:
----------
Overview
Spireon API makes it easy to retrieve, create, and update resources on your account through our REST endpoints. The HTTP methods we support are GET, POST, PUT, and DELETE. The base URL endpoint is https://api.us.spireon.com/api.
Authentication
To make requests to Spireon API, you need to supply the Authorization header for every request you make. We ensure that your credentials are secure because all requests must be made over HTTPS.
Below is a cURL example on how to make a GET request. Note that we require both the Authorization and Account headers to authenticate your request.
% curl -H "Authorization: Basic [your auth string]"
-H "Account: [your account ID]"
https://api.us.spireon.com/api/asset
Your auth string is your username and password combined into a string and encoded in Base64, like so:
Base64("username:password")
----------
"Getting Traffic" is the specific service I want to consume:
----------
Getting Traffic
Fetching account traffic is done through an HTTP GET operation, and
synchronisation is based on time intervals:
1) The client specifies the startAt timestamp.
2) The server responds with the sequential events from startAt up to a
limit, and returns the endAt time to the client.
3) The client uses the server endAt marker as its startAt marker for the
next call.
Performance Considerations
The server limits the response at 2000 events (LIMIT).
The traffic HTTP GET operation can return within a minute with LIMIT
points in a two hour span. The server prioritizes a fast return over a
large response, and may set the endAt time before LIMIT.
The system performs best if the client adheres to the following
guidelines:
1) The client shall not specify start times older than 7 days; the traffic
server may discard traffic older than 7 days.
2) The client should query traffic in non-overlapping [startAt, endAt[
intervals. Server traffic pre-fetching will cause a substantial
performance hit on out of order or overlapping time intervals. Those shall
only be used for error recovery.
3) The client should issue back-to-back calls without pause to the server
until the response is empty.
Example
Request:
GET api.spireon.com/api/asset/traffic?limit=50&startAt=1367853959918
----------
I've been given access to a test "sandbox" for this web site with:
Username = newcoke
Password = password
Account ID = 73718
I'm not sure if the "Authentication" part is supposed to be included in
the GET statement or if the security is done with a separate procedure
prior to the GET. It's mainly the "Authentication" pert that is holding me
up. I've tried playing around with a slightly modified version of
EXAMPLE05 called MYXAMPLE05 to see if I can figure out what is going on.
Here is the code I've been working with:
----------
*------------------------------------------------------------------------*
* MYXAMPLE05 - Copied from LIBHTTP/QRPGLESRC/EXAMPLE05 *
*------------------------------------------------------------------------*
*
H DFTACTGRP(*NO) ACTGRP(*NEW) BNDDIR('HTTPAPI')
*
D/copy qrpglesrc,httpapi_h
*
D cmd pr extpgm('QCMDEXC')
D command 200A const
D length 15P 5 const
*
D rc S 10I 0
D err S 10I 0
D basic S 1N
D digest S 1N
D realm S 124A
D userid S 50A
D pass S 50A
D URL s 256A
D msg S 50A
D http_getauthLog...
D S 1000A varying
*
C eval *inlr = *on
*
C eval URL = 'https://api.spireon.com/api' +
C '/asset/traffic?limit=50' +
C '&startAt=1'
C
*
C dou rc = 1
C eval rc = http_url_get( URL
C : '/fleetLocate/restTest/testAuth.html')
C if rc <> 1
C callp http_error(err)
C if err <> HTTP_NDAUTH
C callp http_crash
C return
C endif
C exsr getpasswd
C endif
C enddo
*
C callp cmd('DSPF '+
C '/fleetLocate/restTest/testauth.html'''
C : 200)
*
*------------------------------------------------------------------------*
* getpassword - *
*------------------------------------------------------------------------*
*
Csr getpasswd begsr
*
/free
http_getauthLog = '/fleetLocate/restTest/http_getauthLog.txt';
http_debug(*on : http_getauthLog);
/end-free
C eval rc = http_getauth(basic: digest: realm)
C if rc < 0
C eval msg = HTTP_ERROR
C dsply msg
C return
C endif
*
C eval userid = 'enter userid for ' + realm
C dsply userid
*
C eval pass = 'enter passwd for ' + realm
C dsply pass
*
C if Digest
C callp http_setauth(HTTP_AUTH_MD5_DIGEST:
C userid: pass)
C else
C callp http_setauth(HTTP_AUTH_BASIC:
C userid: pass)
C endif
*
Csr endsr
----------
The above code stops on the http_getauth procedure. As you can see I've
added a debug and here is what it says:
----------
HTTPAPI Ver 1.24 released 2012-01-23
OS/400 Ver V7R1M0
http_getauth(): entered
SetError() #39: Server did not ask for authentication!
----------
The testAuth.html file is blank.
I'm not sure if this is even a good example to use for what I need. I've
read through the ftpapi@xxxxxxxxxxxxxxxxxxxxxx archives and didn't find
anything that I thought I could use (maybe I missed something). If anyone
could give me some help/direction with this is would be greatly
appreciated as I've been working on this for a few days and I am kind of
stuck.
Thanks again in advance, Paul.
___________________________________________________________
Paul Reid
Application Developer III
Erb Group of Companies | 290 Hamilton Road | New Hamburg, Ontario | N3A
1A2
Phone: 519.662.6133 ext. 2363
Web: http://www.erbgroup.com/
-----------------------------------------------------------------------
This is the FTPAPI mailing list. To unsubscribe, please go to:
http://www.scottklement.com/mailman/listinfo/ftpapi
-----------------------------------------------------------------------
-----------------------------------------------------------------------
This is the FTPAPI mailing list. To unsubscribe, please go to:
http://www.scottklement.com/mailman/listinfo/ftpapi
-----------------------------------------------------------------------