Re: [Ftpapi] Authorization Token Request Assistance

[Scott Klement <sk@xxxxxxxxxxxxxxxx>]

Hi Corby,

Your 'Request' variable isn't right.  You seem to be putting a bunch of unrelated stuff into it, including some HTTP protocol data, some HTTP headers and some query string variables.

Then, you are passing it to a parameter that is not used by GET requests, so even though its completely wrong, it won't be used anyway ;-)

My best guess is that you want this:

URL = ''
     + '?grant_type=client_credentials'
     + '&client_id=' + http_urlEncode(%trim(ClientId))
     + '&client_secret=' + http_urlEncode(%trim(ClientSecret));

response = http_string( 'GET': URL);

My thoughts:

1) The HTTP version and host are automatically set by HTTPAPI, you cannot override them.  There is no reason to specify them, here.

2) The content-type doesn't make sense with a GET request as you are not uploading anything that you need to specify the type of!  If you need it for a PUT or POST request, it would be specified in the 4th parameter to http_string (NOT just appended into the data you're sending!)

3) I did not bother specifying a cache-control header.  I really doubt that this would be needed, here... it is probably provided in case this is run in a web browser.  If you really do need it, you'd need to add it with an "additional header exit procedure".  

Give the above a try and see if it does what you need.

Never heard of 'SETAUTH', not sure what you're referring to with that.

-- 
Scott Klement
sk@xxxxxxxxxxxxxxxx

On 2/9/2021 2:38 PM, Weaver, Corby wrote:

I have a process that needs to obtain an authorization token each time it is run. I've seen a few posts to this forum that are along the same line, but none seem to have a resolution. One says you do not need to do a GET, but only do a SETAUTH. Not seeing a whole lot with that. 

The documentation from the vendor has this example for the token request:

GET /535b2d87-664f-415a-b7fa-fd3f1086d450/oauth2/token HTTP/1.1 

Host: login.microsoftonline.com Content-Type: application/x-www-form-urlencoded 

Cache-Control: no-cache

 

grant_type=client_credentials&client_id=XXXXXXXXXX&client_secret=XXXXXXXXXXX

Here is my chunk of code...

URL = '';    

                                                               

Request =                                                      

'HTTP/1.1 Host: login.microsoftonline.com +                    

    Content-Type: application/x-www-form-urlencoded +          

    Cache-Control: no-cache +                                  

    grant_type=client_credentials+                            

    &client_id:' + %TRIM(ClientID) +                          

    '&client_secret:' +                                        

    %Trim(ClientSecret);                                      

                                                               

response = http_string( 'GET': URL: Request);                  

                                                               

In my httplog, I get an error that says the request body must contain "grant_type".

I'm able to successfully obtain my token using Postman. I'm guessing there's a syntax thing going on or I'm just missing something.

Any help would be appreciated

Corby Weaver

Core-Mark Midcontinent, Inc.  DBA Farner-Bocken Company

Email: corby.weaver@xxxxxxxxxxxxx

 

-- 
_______________________________________________
Ftpapi mailing list
Ftpapi@xxxxxxxxxxxxxxxxxxxxxx
http://scottklement.com/mailman/listinfo/ftpapi