[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Ftpapi] Help Requesting Token.

Hello,t


The string "HTTP/1.1 401 Unauthorized" that you are reacting to was sent by the HTTP server.  The message "This page requires a userid & password" is being sent because of the 401 message, and you will stop receiving it if you can determine how to get past the 401.


Since the 401 message is not coming from HTTPAPI, I cannot tell you why you are receiving it.  You'll need to find out what is needed to get past it from the people who run the server. Perhaps they can provide an example of the right options to use when using a different tool like cURL or Postman?  If they can tell you that, I can tell you how to adapt it to work with HTTPAPI.


Also, please consider using either the http_string() routine or the http_req() routine instead of the old-school routines like http_url_post_raw.   The old-style routines may still work, but they have been passé for years now.


-SK


On 9/11/2020 3:46 PM, Jose Fondeur wrote:
Hi,

I am calling http_url_post_raw() to request a token from an identity API. I am using HTTPAPI version 1.41. The issue is the response is always "401 Unauthorized" and indicates "This page requires a user-id & password" which the host server API does not, instead, it is expecting cliend_id and client_secret values. 

Please see the small POC and log and hopefully can point what am I doing incorrect.

 token_scope = ‘Public NonPII’; 

 

rc = getApiToken(token_scope)’ 

 

// -------------------------------------------------------------------- 

// getAPIToken - Request new token                                      

// -------------------------------------------------------------------- 

   Dcl-Proc getAPIToken;                                                

                                                                        

    Dcl-Pi *n         int(10);                                          

      token_Scope     Char(50);                                         

    End-pi;                                                             

                                                                        

   // ----------------------------------------------------------------- 

   // Declare Local Variables                                           

   // ----------------------------------------------------------------- 

                                                                        

      // Identity Service Token Cache                                   

      Dcl-s Sucess                              Ind;                            

      Dcl-s token_Cached                Ind          static;            

      Dcl-s last_Token_Scope         Char(50)     static;            

      Dcl-s last_Http_Error             Char(80);                       

      Dcl-s last_ID_Token               Int(10)      static;            

      Dcl-s token_Start_TS              TimeStamp(9) static;            

      Dcl-c token_expiration_seconds    Const(3600);                    

                                                                         

   // -----------------------------------------------------------------  

   // MainLine                                                           

   // ----------------------------------------------------------------- 

 

data = ''                                                                     + Crlf +   

            '&client_secret=z===============================================z’    + Crlf +   

           '&scope=Public NonPII'                                                                                                    + Crlf +   

           '&grant_type=client_credentials'                                                                                   + Crlf +    

           'Authorization: Basic base64Encoding('                                                                        +                   <---- I also tried without the Authorization parameter. Same result.

            'x----------------------------------x:'                                                                                        +      

            'z================================================z)';           

                                                                        

Url = ''INCOMING')                  

                                   :timeOut                             

                                   :userAgent                           

                                   :'application/x-www-form-urlencoded' 

                                                                        

// peURL                     32767A   varying const                     

// options(*varsize)                                                    

// pePostData                     *   value                             

// pePostDataLen                10I 0 value                             

// peFD                         10I 0 value                             

// peProc                         *   value procptr                     

// peTimeout                    10I 0 value options(*nopass)            

// peUserAgent                  64A   const options(*nopass:*omit)                            

// peContentType                64A   const                             

// peSOAPAction                 64A   const options(*nopass:*omit)                                                                          

  

                                                                        

Last_Http_Error = http_error();                                         

                                                                        

return last_ID_Token;                                                      

 

 

LOG File 

  

HTTPAPI Ver 1.41 released 2020-06-05 

NTLM Ver 1.4.0 released 2014-12-22 

OS/400 Ver V7R2M0 

 

New iconv() objects set, PostRem=819. PostLoc=0. ProtRem=819. ProtLoc=0 

http_persist_open(): entered 

http_long_ParseURL(): entered 

DNS resolver retrans: 2 

DNS resolver retry  : 2 

DNS resolver options: x'00000136' 

DNS default domain: xxx.COM 

DNS server found: ***.**.***.*** 

DNS server found: ***.**.***.*** 

https_init(): entered 

QSSLPCL = *OPSYS 

SSL version 2 support disabled 

SSL version 3 support disabled 

Old interface to TLS version 1.0 support enabled 

TLS version 1.0 support enabled 

TLS version 1.1 support enabled 

TLS version 1.2 support enabled 

initializing GSK environment 

GSK Environment now available 

------------------------------------------------------------------------------------- 

Dump of local-side certificate information: 

------------------------------------------------------------------------------------- 

Nagle's algorithm (TCP_NODELAY) disabled. 

SNI hostname set to: ***.int.*****.com 

------------------------------------------------------------------------------------- 

Dump of server-side certificate information: 

------------------------------------------------------------------------------------- 

Cert Validation Code = 0 

-----BEGIN CERTIFICATE----- 

-----END CERTIFICATE----- 

Serial Number: **:**:**:**:**:**:**:**:**:**:**:**:**:**:**:** 

Common Name: ***.int.*****.com 

Country: US 

State/Province: somestate 

Locality: somecity 

Org Unit: somecompany IncInc. 

Issuer CN: somecompany Inc. Secure CA2 

Issuer Country: US 

Issuer Org: somecompany Inc 

Version: 3 

not before: 20190724200000 

Unknown Field: 20:00:00 24-07-2019 

not after: 20201209070000 

Unknown Field: 07:00:00 09-12-2020 

pub key alg: 1.2.840.113549.1.1.1 

signature algorithm: 1.2.840.113549.1.1.11 

Unknown Field: 0382010F003082010A0282010100C6C49576670A9936D69A38D8C455143867F0042A5BB2A4B346E79817B520317849061313CCE2A7E946EE7BB3587B96D01223894C4109206DAA29E5B42ECC4E6A8E95F9906B7439FB1A3098BD6C56558BD8EEDF14F26C40D698CCA2900962F67657B7BE76A99C53C6BF9C0E14325E3CA03A6C7BA3A7E720D5CDB631D0621D626186BD7B60E27580A712465F4770FDC3DEEE9C451B36D0691510428D2317641286651B74E0964DAD45B40CC93C0561AB8454F58FB6FD22AE829B85440994DE9FDF8DE54A690CFF905BB2BB374FEE536F8B88FB10DC8DA579490EBBC631B3E6499036FF1153D0FAA70A386A0E68D90B2143E3C95FB88F66FFC683766C9FA170E7370203010001 

Unknown Field: 2048 

Unknown Field: 523B64F58B94FCA58463E309DBCDE7FB 

Unknown Field: 1.2.840.113549.2.5 

Unknown Field: 9573317769D47ADD4E7D33044EE44170A8C91A78 

Unknown Field: 00F5518F1087928C5C785DE8D699BCA3A7880B46BC1FD0F6940D55542A8EDE45 

Unknown Field: 5 

Unknown Field: somehost.int.*****.com 

Unknown Field: 0 

Unknown Field: 1.3.6.1.5.5.7.3.2 

Unknown Field: 1.3.6.1.5.5.7.3.1 

Unknown Field: 2.23.140.1.2.2 

Unknown Field: 2.16.840.1.114412.1.1 

 

Protocol Used: TLS Version 1.2 

http_persist_post(): entered 

http_persist_req(POST) entered. 

http_long_ParseURL(): entered 

http_long_ParseURL(): entered 

do_oper(POST): entered 

There are 0 cookies in the cache 

POST /blahblah/somehost/v7/auth/oauth2/token HTTP/1.1 

Host: somehost.int.*****.com 

User-Agent: http-api/1.41 

Content-Type: application/x-www-form-urlencoded 

Content-Length: 294 

 

 

senddoc(): entered 

?client_id=x-----------------------------------x                z 

&client_secret=z================================================z 

&scope=Public NonPII 

&grant_type=client_credentials                                                                                             

Authorization: Basic base64Encoding(x----------------------------------x:z================================================z) <---- I also tried without the Authorization parameter. Same result.

recvresp(): entered 

HTTP/1.1 401 Unauthorized 

X-Backside-Transport: OK OK,FAIL FAIL 

Connection: Keep-Alive 

Transfer-Encoding: chunked 

Content-Type: application/json 

Date: Fri, 11 Sep 2020 19:32:49 GMT 

X-Global-Transaction-ID: ************************* 

Access-Control-Allow-Origin: * 

Access-Control-Expose-Headers: APIm-Debug-Trans-Id, X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Reset, X-Global-Transaction-ID,APIm-Debug-Trans-Id, X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Reset, X-Global-Transaction-ID 

WWW-Authenticate: default 

 

 

SetError() #13: HTTP/1.1 401 Unauthorized 

recvresp(): end with 401 

recvdoc parms: chunked 0 

interpret_auth(): entered 

SetError() #36: This page requires a user-id & password 

http_close(): entered 

 

Best Regards





-- 
_______________________________________________
Ftpapi mailing list
Ftpapi@xxxxxxxxxxxxxxxxxxxxxx
http://scottklement.com/mailman/listinfo/ftpapi