[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Help consuming a REST webservice with HTTPAPI.



When you call 
http_xproc( HTTP_POINT_ADDL_HEADER : %paddr(SetReferer)); 

it calls the procedure SetReferer() which has a parameter (HeaderData in my example) that you set to the value you want added to the header when the request is made later.  HTTPAPI handles the rest for you, the headers are part of the request that are done behind the scenes that you normally don't see.  

To see the headers I used the developer tools (F12) in Chrome on the Network tab and put a url in the address bar such as 

https://api.spireon.com/api/asset/traffic?limit=50&startAt=1

and you will see the below which includes the request headers.  The process above adds entries to the Request Headers section.

Remote Address:23.23.114.223:443
Request URL:https://api.spireon.com/api/asset/traffic?limit=50&startAt=1
Request Method:GET
Status Code:401 Unauthorized
Request Headers
Accept:text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
Accept-Encoding:gzip,deflate,sdch
Accept-Language:en-US,en;q=0.8
Connection:keep-alive
Host:api.spireon.com
User-Agent:Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/35.0.1916.153 Safari/537.36
Query String Parameter
limit:50
startAt:1
Response HeadersConnection:keep-alive
Content-Length:45
Content-Type:application/json;charset=UTF-8
Date:Tue, 24 Jun 2014 18:01:10 GMT
Server:nginx/1.2.7


Also, see Mike K's point about only using one procedure for setting your additional headers.

Scott


-----Original Message-----
From: ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx [mailto:ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx] On Behalf Of PReid@xxxxxxxxxxxx
Sent: Tuesday, June 24, 2014 11:15 AM
To: HTTPAPI and FTPAPI Projects
Subject: RE: Help consuming a REST webservice with HTTPAPI.

Thanks Scott although I'm not sure I understand your code.
Are you adding the data in "HeaderData" to the "Url" field as some point before you do the http_url_get_raw? If so - how do you add it - at the beginning, or at the end, or somewhere in between? Your "HeaderData" looks like a url, I'm trying to enter a username : password and an account ID so that doesn't seem to be the same thing? Why do you have to have a separate Procedure for each Header? Sorry I'm pretty new to this.
___________________________________________________________
Paul Reid
Application Developer III
Erb Group of Companies | 290 Hamilton Road | New Hamburg, Ontario | N3A
1A2
Phone: 519.662.6133 ext. 2363
Web: http://www.erbgroup.com/



From:   Scott Mildenberger <SMildenberger@xxxxxxxxxxxxxxxxxx>
To:     HTTPAPI and FTPAPI Projects <ftpapi@xxxxxxxxxxxxxxxxxxxxxx>
Date:   24/06/2014 11:04 AM
Subject:        RE: Help consuming a REST webservice with HTTPAPI.
Sent by:        ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx



I think you just need to set additional headers, that is what the curl -H is doing.  Here is an example from one of my programs:

       // Set the referer so Mapquest will accept.
       http_xproc( HTTP_POINT_ADDL_HEADER : %paddr(SetReferer));
       rc = http_url_get_raw(Url : 1 : %paddr(CityState) : 60);

And then the procedure:

     p SetReferer      b
     D SetReferer      pi
     D   HeaderData                1024A   varying

     D CRLF            C                   CONST(x'0D25')

      /free
       HeaderData = 'Referer: http://davistransport.com/' + CRLF;
      /end-free

     p SetReferer      e 


You would just have two procedures for the two different additional headers you need.

Scott

-----Original Message-----
From: ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx [ mailto:ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx] On Behalf Of PReid@xxxxxxxxxxxx
Sent: Tuesday, June 24, 2014 8:44 AM
To: ftpapi@xxxxxxxxxxxxxxxxxxxxxx
Subject: Help consuming a REST webservice with HTTPAPI.

Hello everyone. 

I need to consume a REST Web service and I'm going to use HTTPAPI to do it. I just need a bit of help getting started. I've consumed SOAP services before with HTTPAPI but this is my first crack at consuming a REST. I've looked at the examples provided with HTTPAPI but I couldn't find one that is doing exactly what this vendor requires. From the vendor's web site here is the pertinent documentation for the service I need to consume:
----------
Overview
Spireon API makes it easy to retrieve, create, and update resources on your account through our REST endpoints. The HTTP methods we support are GET, POST, PUT, and DELETE. The base URL endpoint is https://api.us.spireon.com/api.

Authentication
To make requests to Spireon API, you need to supply the Authorization header for every request you make. We ensure that your credentials are secure because all requests must be made over HTTPS.
Below is a cURL example on how to make a GET request. Note that we require both the Authorization and Account headers to authenticate your request.


% curl  -H "Authorization: Basic [your auth string]"
        -H "Account: [your account ID]"
        https://api.us.spireon.com/api/asset
 

Your auth string is your username and password combined into a string and encoded in Base64, like so:


 Base64("username:password")
----------
"Getting Traffic" is the specific service I want to consume:
----------
Getting Traffic
Fetching account traffic is done through an HTTP GET operation, and 
synchronisation is based on time intervals:
1) The client specifies the startAt timestamp.
2) The server responds with the sequential events from startAt up to a 
limit, and returns the endAt time to the client.
3) The client uses the server endAt marker as its startAt marker for the 
next call.
Performance Considerations
The server limits the response at 2000 events (LIMIT).
The traffic HTTP GET operation can return within a minute with LIMIT 
points in a two hour span. The server prioritizes a fast return over a 
large response, and may set the endAt time before LIMIT.
The system performs best if the client adheres to the following 
guidelines:
1) The client shall not specify start times older than 7 days; the traffic 

server may discard traffic older than 7 days.
2) The client should query traffic in non-overlapping [startAt, endAt[ 
intervals. Server traffic pre-fetching will cause a substantial 
performance hit on out of order or overlapping time intervals. Those shall 

only be used for error recovery.
3) The client should issue back-to-back calls without pause to the server 
until the response is empty.
Example
Request:


GET api.spireon.com/api/asset/traffic?limit=50&startAt=1367853959918
----------
I've been given access to a test "sandbox" for this web site with:
Username = newcoke
Password = password
Account ID = 73718
I'm not sure if the "Authentication" part is supposed to be included in 
the GET statement or if the security is done with a separate procedure 
prior to the GET. It's mainly the "Authentication" pert that is holding me 

up.  I've tried playing around with a slightly modified version of 
EXAMPLE05 called MYXAMPLE05 to see if I can figure out what is going on. 
Here is the code I've been working with:
----------
 
*------------------------------------------------------------------------*
 * MYXAMPLE05 - Copied from LIBHTTP/QRPGLESRC/EXAMPLE05 *
 
*------------------------------------------------------------------------*
 *
H DFTACTGRP(*NO) ACTGRP(*NEW) BNDDIR('HTTPAPI')
 *
D/copy qrpglesrc,httpapi_h
 *
D cmd             pr                  extpgm('QCMDEXC')
D  command                     200A   const
D  length                       15P 5 const
 *
D rc              S             10I 0
D err             S             10I 0
D basic           S              1N
D digest          S              1N
D realm           S            124A
D userid          S             50A
D pass            S             50A
D URL             s            256A
D msg             S             50A
D http_getauthLog...
D                 S           1000A   varying
 *
C                   eval      *inlr = *on
 *
C                   eval      URL = 'https://api.spireon.com/api' +
C                                   '/asset/traffic?limit=50' +
C                                   '&startAt=1'
C
 *
C                   dou       rc = 1
C                   eval      rc = http_url_get( URL
C                                : '/fleetLocate/restTest/testAuth.html')
C                   if        rc <> 1
C                   callp     http_error(err)
C                   if        err <> HTTP_NDAUTH
C                   callp     http_crash
C                   return
C                   endif
C                   exsr      getpasswd
C                   endif
C                   enddo
 *
C                   callp     cmd('DSPF '+
C                                '/fleetLocate/restTest/testauth.html'''
C                                 : 200)
 *
 
*------------------------------------------------------------------------*
 * getpassword - *
 
*------------------------------------------------------------------------*
 *
Csr   getpasswd     begsr
 *
 /free
     http_getauthLog = '/fleetLocate/restTest/http_getauthLog.txt';
     http_debug(*on : http_getauthLog);
 /end-free
C                   eval      rc = http_getauth(basic: digest: realm)
C                   if        rc < 0
C                   eval      msg = HTTP_ERROR
C                   dsply                   msg
C                   return
C                   endif
 *
C                   eval      userid = 'enter userid for ' + realm
C                   dsply                   userid
 *
C                   eval      pass = 'enter passwd for ' + realm
C                   dsply                   pass
 *
C                   if        Digest
C                   callp     http_setauth(HTTP_AUTH_MD5_DIGEST:
C                                          userid: pass)
C                   else
C                   callp     http_setauth(HTTP_AUTH_BASIC:
C                                          userid: pass)
C                   endif
 *
Csr                 endsr
----------
The above code stops on the http_getauth procedure. As you can see I've 
added a debug and here is what it says:
----------
HTTPAPI Ver 1.24 released 2012-01-23
OS/400 Ver V7R1M0

http_getauth(): entered
SetError() #39: Server did not ask for authentication!
----------
The testAuth.html file is blank.

I'm not sure if this is even a good example to use for what I need. I've 
read through the ftpapi@xxxxxxxxxxxxxxxxxxxxxx archives and didn't find 
anything that I thought I could use (maybe I missed something). If anyone 
could give me some help/direction with this is would be greatly 
appreciated as I've been working on this for a few days and I am kind of 
stuck. 

Thanks again in advance, Paul.
___________________________________________________________
Paul Reid
Application Developer III
Erb Group of Companies | 290 Hamilton Road | New Hamburg, Ontario | N3A 
1A2
Phone: 519.662.6133 ext. 2363
Web: http://www.erbgroup.com/
-----------------------------------------------------------------------
This is the FTPAPI mailing list.  To unsubscribe, please go to:
http://www.scottklement.com/mailman/listinfo/ftpapi
-----------------------------------------------------------------------

-----------------------------------------------------------------------
This is the FTPAPI mailing list.  To unsubscribe, please go to:
http://www.scottklement.com/mailman/listinfo/ftpapi
-----------------------------------------------------------------------