[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Ftpapi] Authorization Token Request Assistance



Hi Corby,


Your 'Request' variable isn't right.  You seem to be putting a bunch of unrelated stuff into it, including some HTTP protocol data, some HTTP headers and some query string variables.


Then, you are passing it to a parameter that is not used by GET requests, so even though its completely wrong, it won't be used anyway ;-)


My best guess is that you want this:


URL = ''
     + '?grant_type=client_credentials'
     + '&client_id=' + http_urlEncode(%trim(ClientId))
     + '&client_secret=' + http_urlEncode(%trim(ClientSecret));

response = http_string( 'GET': URL);


My thoughts:


1) The HTTP version and host are automatically set by HTTPAPI, you cannot override them.  There is no reason to specify them, here.


2) The content-type doesn't make sense with a GET request as you are not uploading anything that you need to specify the type of!  If you need it for a PUT or POST request, it would be specified in the 4th parameter to http_string (NOT just appended into the data you're sending!)


3) I did not bother specifying a cache-control header.  I really doubt that this would be needed, here... it is probably provided in case this is run in a web browser.  If you really do need it, you'd need to add it with an "additional header exit procedure".  


Give the above a try and see if it does what you need.


Never heard of 'SETAUTH', not sure what you're referring to with that.

-- 
Scott Klement
sk@xxxxxxxxxxxxxxxx


On 2/9/2021 2:38 PM, Weaver, Corby wrote:
I have a process that needs to obtain an authorization token each time it is run. I've seen a few posts to this forum that are along the same line, but none seem to have a resolution. One says you do not need to do a GET, but only do a SETAUTH. Not seeing a whole lot with that. 

The documentation from the vendor has this example for the token request:
GET /535b2d87-664f-415a-b7fa-fd3f1086d450/oauth2/token HTTP/1.1 
Host: login.microsoftonline.com Content-Type: application/x-www-form-urlencoded 
Cache-Control: no-cache
 
grant_type=client_credentials&client_id=XXXXXXXXXX&client_secret=XXXXXXXXXXX


Here is my chunk of code...

URL = '';    
                                                               
Request =                                                      
'HTTP/1.1 Host: login.microsoftonline.com +                    
    Content-Type: application/x-www-form-urlencoded +          
    Cache-Control: no-cache +                                  
    grant_type=client_credentials+                            
    &client_id:' + %TRIM(ClientID) +                          
    '&client_secret:' +                                        
    %Trim(ClientSecret);                                      
                                                               
response = http_string( 'GET': URL: Request);                  
                                                               
In my httplog, I get an error that says the request body must contain "grant_type".

I'm able to successfully obtain my token using Postman. I'm guessing there's a syntax thing going on or I'm just missing something.

Any help would be appreciated

Corby Weaver

Core-Mark Midcontinent, Inc.  DBA Farner-Bocken Company

Email: corby.weaver@xxxxxxxxxxxxx

 

3D1E3150



-- 
_______________________________________________
Ftpapi mailing list
Ftpapi@xxxxxxxxxxxxxxxxxxxxxx
http://scottklement.com/mailman/listinfo/ftpapi