[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Ftpapi] Adding security token to HTTPAPI

Hi Matt,


301 is a redirect hedaer that must be managed by your application. As far as I know httpapi does not follow redirects automatically. I use the following statements for following redirects in WSDL2RPG:


// Get document from server and handle http redirects

//   301 Moved Permanently

//   302 Found

//   303 See Other

//   307 Temporary Redirect

dou (not isRedirect);

   rc = http_url_get(o_actualRemoteFile: tmpFile);

   if (rc = 301 or rc = 302 or rc = 303 or rc = 307);

      o_actualRemoteFile = http_redir_loc();

      isRedirect = cTrue;


      isRedirect = cFalse;




The key is to call http_redir_loc() when you receice a redirect header to get the new location of the ressource. The call httpapi again with the new URL returned by http_redir_loc().





Von: ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx [mailto:ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx] Im Auftrag von Matt Graver
Gesendet: Donnerstag, 19. Dezember 2019 06:53
An: ftpapi@xxxxxxxxxxxxxxxxxxxxxx
Betreff: [Ftpapi] Adding security token to HTTPAPI


The vendor has confirmed their security setup is non-standard.


To add a custom header, I've added a call to http_xproc (code below).  Now, I'm getting the "301 Moved permanently" response.


My code is straightforward.  HTTPAPI works fine in my other applications.  The web service works (sorta) with cURL and Windows and an HTTPS URL.  However, my HTTPAPI version rejects HTTPS and I've reconfigured my target URL accordingly.


I will be grateful for a suggestion!







       REST_WS_URL = %trimr(svv003_b('JSV100':'*AD4':'*URL'))              //Get URL               ​

       http_setCCSIDs(1208:0);                                             //Change char set       ​

       http_xproc(HTTP_Point_Addl_Header:%paddr(proc_AddHeader));          //Add special           ​`

       monitor;                                                                                    ​

          JSON_response = http_string('POST'                               //Send message            ​

                                     :REST_WS_URL                                                  ​

                                     :JSON_object                                                  ​

                                     :'application/JSON');                                         ​

       on-error;                                                                                   ​

          msg = http_error(http_status);                                                           ​



       Process_JSON(JSON_response);                                        ​//Process response

       return '';                                                          ​


       end-proc;                                                           ​



       dcl-proc proc_AddHeader;                                            ​//Add custom header


       dcl-pi *N;                                                          ​

          header varchar(32767);                                           ​

       end-pi;                                                             ​


       API_token = %trimr(svv003_b('JSV100':'*AD4':'*APITOKEN'));          ​//Get API key


       Header = 'X-API-Token:'                                             ​//Build header

                + API_token                                                ​

                + x'0D25';                                                 ​



This email is confidential, may be legally privileged, and is for the intended recipient only. Access, disclosure, copying, distribution, or reliance on any of it by anyone else is prohibited and may be a criminal offence. Please delete if obtained in error and email confirmation to the sender.
Ftpapi mailing list