Headers With GET Request

[emhill]

We are beginning setup with a tax rate company and I wanted to test the connection up front. This "PING" API is supposed to be for checking the connection only and never fail. This is what the site says concerning the request:

Code: Select all

curl
 	-H 'Accept: application/json'
 	-H 'Authorization: Basic aHR0cHdhdGNoOmY='
 	'https://sandbox-rest.avatax.com/api/v2/utilities/ping'
 

I have my additional headers procedure setup like this:

Code: Select all

P add_headers     B                                 
D                 PI                                
D  headers                   32767a   varying       
                                                    
D crlf            c                   x'0D25'       
                                                    
 /free                                              
                                                    
  headers = 'Accept: application/json' + crlf +     
            'Authorization: Basic aHR0cHdhdGNoOmY=';
                                                    
P                 E                                 
 /end-free                                          

I then have my code to connect to the site like this:

Code: Select all

begsr $ping_avalara;                 
                                     
   http_xproc(HTTP_POINT_ADDL_HEADER:
              %paddr(add_headers));  
                                     
   monitor;                          
     http_stmf( 'GET'                
              : pingurl              
              : resultpath);         
   on-error;                         
     errMsg = http_error();          
   endmon;                           
                                     
endsr;                               

This is what my debug shows when connecting. I'm getting a timeout it looks like. Not sure if there is some more setup on their end or if I have something incorrect. Would appreciate any help.

Code: Select all

HTTPAPI Ver 1.43 released 2021-04-19
NTLM Ver 1.4.0 released 2014-12-22
OS/400 Ver V7R4M0

New iconv() objects set, PostRem=819. PostLoc=0. ProtRem=819. ProtLoc=0
http_persist_open(): entered
http_long_ParseURL(): entered
DNS resolver retrans: 2
DNS resolver retry  : 2
DNS resolver options: x'00000136'
DNS default domain: INDCOMPUTER.COM
DNS server found: 192.168.10.6
DNS server found: 8.8.8.8
DNS server found: 1.1.1.1
https_init(): entered
QSSLPCL = *OPSYS
SSL version 2 support disabled
SSL version 3 support disabled
Old interface to TLS version 1.0 support enabled
TLS version 1.0 support enabled
TLS version 1.1 support enabled
TLS version 1.2 support enabled
TLS version 1.3 support enabled
initializing GSK environment
GSK Environment now available
-------------------------------------------------------------------------------------
Dump of local-side certificate information:
-------------------------------------------------------------------------------------
-----BEGIN CERTIFICATE-----
MIIDADCCAeigAwIBAgIHW7TaiAvRgDANBgkqhkiG9w0BAQUFADBDMQswCQYDVQQG
EwJVUzEMMAoGA1UECBMDQUxBMRIwEAYDVQQKEwl0ZXN0aW5nIDExEjAQBgNVBAMT
CXRlc3RpbmcgMTAeFw0xODEwMDIxNTA0NDBaFw0yMTA2MjkxNTA0NDBaMD4xCzAJ
BgNVBAYTAlVTMQwwCgYDVQQIEwNBTEExDDAKBgNVBAoTA0lDUzETMBEGA1UEAxMK
SUNTRElTVFNTTDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOKK2dAF
Mxn36tOkjmC9/AXYlw0ep4xF2RJ6pMdVxM5wHHPc/Mmw/HuHGdiTNbk5FIoJ306W
BC0hHXMVSDTKzY0nlgqyA/TGIFb8l/2uZg+8TAv8IZ7L2WI0g7eirzQpGHlQ75xl
efHjVJpkC+P2YMCOSC4Ut9zaqUdhA8I09/osmsyYhq7jW/evpjW5DLFxY/KJ+iOG
xB/msmJb03QREzqPU4VMoK0AFUdPh0u0HFES3GJb5PsLcVuzB/hP10FkPXhIPaeC
KpAxISG/pUSCXVK7ufFMXBs1Vy+WqdaOqwqczfnpjWeWI0mgviZr1xQJ4HUwM+1t
cFVEPmZx5pkjylMCAwEAATANBgkqhkiG9w0BAQUFAAOCAQEAHmqsdAdMFx4xlCP4
yXDkD9BkHWtoJ4PCoZ1wUen/tXt0z1FcO4PKdps9QrsOUmFjv7yllmQmOOgqgzj8
ueCx+u7d83RlGzz6f7500V9t2tu58X/Sc0urjrS6qjaTqAklhvcAdyFAmvq6gze9
hsXwuyidliOCbeSJ1VhiDYju/GCPG1C0tDQSlOuvfgALwsOazskz0q8tGID19NYL
LU3sREYdWMxkPQNpURnuDLjd5SedzoqrmzzfMRcT6hRojej3jaD1jaig/NBBEJzU
PA7Vjjt40INdT8HSsqmuxfzwA+RRGwsMLglP/ifXhwk1+NHO22Z/xHkVixSpjGyo
9TTiUQ==
-----END CERTIFICATE-----
Serial Number: 5B:B4:DA:88:0B:D1:80
Common Name: ICSDISTSSL
Country: US
State/Province: ALA
Org Unit: ICS
Issuer CN: testing 1
Issuer Country: US
Issuer State/Province: ALA
Issuer Org: testing 1
Version: 3
not before: 20181002100440
Unknown Field: 10:04:40 02-10-2018
not after: 20210629100440
Unknown Field: 10:04:40 29-06-2021
pub key alg: 1.2.840.113549.1.1.1
signature algorithm: 1.2.840.113549.1.1.5
Unknown Field: 0382010F003082010A0282010100E28AD9D0053319F7EAD3A48E60BDFC05D8970D1EA78C45D9127AA4C755C4CE701C73DCFCC9B0FC7B8719D89335B939148A09DF4E96042D211D73154834CACD8D27960AB203F4C62056FC97FDAE660FBC4C0BFC219ECBD9623483B7A2AF3429187950EF9C6579F1E3549A640BE3F660C08E482E14B7DCDAA9476103C234F7FA2C9ACC9886AEE35BF7AFA635B90CB17163F289FA2386C41FE6B2625BD37411133A8F53854CA0AD0015474F874BB41C5112DC625BE4FB0B715BB307F84FD741643D78483DA7822A90312121BFA544825D52BBB9F14C5C1B35572F96A9D68EAB0A9CCDF9E98D67962349A0BE266BD71409E0753033ED6D7055443E6671E69923CA530203010001
Unknown Field: 2048
Unknown Field: 3353652DB8C8E3F66B300675F86C6405
Unknown Field: 1.2.840.113549.2.5
Unknown Field: 9234C5074E2DDE997A6338873F763F094374613F
Unknown Field: B62ACE55C1F7582D7F5C8AB0D3EE7EB7AB4CA1C95175444AB1E34FA1FF9CA399

Nagle's algorithm (TCP_NODELAY) disabled.
SNI hostname set to: sandbox-rest.avatax.com
-------------------------------------------------------------------------------------
Dump of server-side certificate information:
-------------------------------------------------------------------------------------
Cert Validation Code = 6000
-----BEGIN CERTIFICATE-----
MIIGpDCCBYygAwIBAgIQC1S2/ryhL7YdEsay57PsETANBgkqhkiG9w0BAQsFADBg
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
d3cuZGlnaWNlcnQuY29tMR8wHQYDVQQDExZHZW9UcnVzdCBUTFMgUlNBIENBIEcx
MB4XDTIwMDYxNjAwMDAwMFoXDTIyMDgxNTEyMDAwMFowdTELMAkGA1UEBhMCVVMx
EzARBgNVBAgTCldhc2hpbmd0b24xEDAOBgNVBAcTB1NlYXR0bGUxEDAOBgNVBAoT
B0F2YWxhcmExEDAOBgNVBAsTB0F2YWxhcmExGzAZBgNVBAMTEmF2YXRheC5hdmFs
YXJhLm5ldDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALzLwucodQ1s
uzDHaeZ9B9L+Z/S7YQhSpDMkaHTKSe0uoke0SfARlXgEMakv2v7r1XlAtrLCq6fs
xmbT/NBx+AmxAd0XDACxsrnex2VkS6ibGF4p2gxyDJGSYCQ/+wHsI+V6pc6H2ufP
8dXcSx8FfBaXtILjo0nAIvm5h7b11H6BtZGkQX2UU3El+6KmaUUrKRCbthn3PJtv
Mt3OgLmR3ZrczRBJ+knkCopHAx5KwoILuFYpQ3q0ikoFY63IOu7TAgIBWBGd5UO2
tQ0B+VAMmveqlTZu3j2n4KkfHk/tO2jn8jyKwLvZPVCYCRzWW6wxeJcRs8nA9VFG
ufHaXgGs3pMCAwEAAaOCA0MwggM/MB8GA1UdIwQYMBaAFJRP1F2L5KTipoD+/dj5
AO+jvgJXMB0GA1UdDgQWBBRhMu7Ut0rJycvCR9oHRAbSWGfSSDA6BgNVHREEMzAx
ghJhdmF0YXguYXZhbGFyYS5uZXSCDSouYXZhbGFyYS5uZXSCDCouYXZhdGF4LmNv
bTAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMC
MD8GA1UdHwQ4MDYwNKAyoDCGLmh0dHA6Ly9jZHAuZ2VvdHJ1c3QuY29tL0dlb1Ry
dXN0VExTUlNBQ0FHMS5jcmwwTAYDVR0gBEUwQzA3BglghkgBhv1sAQEwKjAoBggr
BgEFBQcCARYcaHR0cHM6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzAIBgZngQwBAgIw
dgYIKwYBBQUHAQEEajBoMCYGCCsGAQUFBzABhhpodHRwOi8vc3RhdHVzLmdlb3Ry
dXN0LmNvbTA+BggrBgEFBQcwAoYyaHR0cDovL2NhY2VydHMuZ2VvdHJ1c3QuY29t
L0dlb1RydXN0VExTUlNBQ0FHMS5jcnQwCQYDVR0TBAIwADCCAX4GCisGAQQB1nkC
BAIEggFuBIIBagFoAHUAKXm+8J45OSHwVnOfY6V35b5XfZxgCvj5TV0mXCVdx4QA
AAFyvzoT1wAABAMARjBEAiAaMLZeZzUm95Ky9bIM9esI3eu1ia+Nya9G/IFVmGr4
IAIgKUjFAUihuxTKjhlDfnWZQbC3oYbCDwSPTYSmorDP94QAdwAiRUUHWVUkVpY/
oS/x922G4CMmY63AS39dxoNcbuIPAgAAAXK/OhPpAAAEAwBIMEYCIQC8oXVobYE7
SVC1XRV6Z8YuoLPlPTo57l3JlKKeEn2hkwIhANwfnexs5K29qiXdxIZBlLWZIKy1
g4HO5hQdpP0GabM3AHYAUaOw9f0BeZxWbbg3eI8MpHrMGyfL956IQpoN/tSLBeUA
AAFyvzoUOAAABAMARzBFAiBjEaO0HSc6OXi+Wb74RHN0AbGNsFIRL6nIPRIzksFQ
BQIhAPnBuFwEOxbhhs4/ed+segAqFg4R3nnY1tQlrdmqdTA8MA0GCSqGSIb3DQEB
CwUAA4IBAQCsaM3CrmzXu0N0OM3hsNwkuAkzWTW8Ln2smR5YRVfsR+KJX1fdVIo3
9kFW8+SaHCImmcy0Vwm2JO5Cva+tWu8XwNZBWiCIpeAwGiRBLs9F8ILCPF5NKM5F
j+TrQtc4zAD3zEknluJG/37RDgNJaFw/frV1BeR8EfQ0m9TeOg/fk86qZi3kTK91
mmcwxVXDApXTdcNUfm7fXgL4AXd2KEz2gszz7w4OOY6lj+IAYas7td918H4MOI5H
9sEbGaaaNbL/5eGbmkjf6NcBv2kNsPmH9sa6iRDeK2s1G7MughwUkbj3gEMps0sP
HtGT6sZ8O+Tyku7GAlyQq8YhiSfv/pLt
-----END CERTIFICATE-----
Serial Number: 0B:54:B6:FE:BC:A1:2F:B6:1D:12:C6:B2:E7:B3:EC:11
Common Name: avatax.avalara.net
Country: US
State/Province: Washington
Locality: Seattle
Org Unit: Avalara
Org: Avalara
Issuer CN: GeoTrust TLS RSA CA G1
Issuer Country: US
Issuer Org: DigiCert Inc
Issuer Org Unit: www.digicert.com
Version: 3
not before: 20200615190000
Unknown Field: 19:00:00 15-06-2020
not after: 20220815070000
Unknown Field: 07:00:00 15-08-2022
pub key alg: 1.2.840.113549.1.1.1
signature algorithm: 1.2.840.113549.1.1.11
Unknown Field: 0382010F003082010A0282010100BCCBC2E728750D6CBB30C769E67D07D2FE67F4BB610852A433246874CA49ED2EA247B449F01195780431A92FDAFEEBD57940B6B2C2ABA7ECC666D3FCD071F809B101DD170C00B1B2B9DEC765644BA89B185E29DA0C720C919260243FFB01EC23E57AA5CE87DAE7CFF1D5DC4B1F057C1697B482E3A349C022F9B987B6F5D47E81B591A4417D94537125FBA2A669452B29109BB619F73C9B6F32DDCE80B991DD9ADCCD1049FA49E40A8A47031E4AC2820BB85629437AB48A4A0563ADC83AEED302020158119DE543B6B50D01F9500C9AF7AA95366EDE3DA7E0A91F1E4FED3B68E7F23C8AC0BBD93D5098091CD65BAC31789711B3C9C0F55146B9F1DA5E01ACDE930203010001
Unknown Field: 2048
Unknown Field: CEAFAACFBE76A8CAC12D168CD618E83F
Unknown Field: 1.2.840.113549.2.5
Unknown Field: E26B86C299D51D9B5B88E97E339B902220F1B821
Unknown Field: CD71D4DD11AF5347C88F0AD8704693392A04467596847E2EC6CCC32B690B8874
Unknown Field: 5
Unknown Field: avatax.avalara.net
Unknown Field: 0
Unknown Field: 1.3.6.1.5.5.7.3.2
Unknown Field: 1.3.6.1.5.5.7.3.1
Unknown Field: 2.23.140.1.2.2
Unknown Field: 2.16.840.1.114412.1.1
Unknown Field: http://status.geotrust.com

Protocol Used: TLS Version 1.2
http_persist_req(GET) entered.
http_long_ParseURL(): entered
http_long_ParseURL(): entered
do_oper(GET): entered
There are 0 cookies in the cache
GET /api/v2/utilities/ping HTTP/1.1
Host: sandbox-rest.avatax.com
User-Agent: http-api/1.43
Accept: application/json
Authorization: Basic aHR0cHdhdGNoOmY=

recvresp(): entered
SetError() #43: CommSSL_read: timeout!
recvresp(): end with timeout
http_close(): entered

[Scott Klement]

You are missing a CRLF at the end of your "Authorization" header. The server is waiting for you to send it, and will sit and wait until it times out. Simply add the CRLF to the end of your 'headers' variable and that should fix the timeout.

That said... since both Accept: and Authorization: are fully supported by HTTPAPI, there's no need for HTTP_POINT_ADDL_HEADER for this task. The way you're doing it will work fine -- but, I think it's easier and less error prone to code it like this:

Code: Select all

begsr $ping_avalara;                 

   http_setOption('accept': 'application/json');
   http_setAuth(HTTP_AUTH_BASIC: 'httpwatch': 'f');
                                     
   monitor;                          
     http_stmf( 'GET'                
              : pingurl              
              : resultpath);         
   on-error;                         
     errMsg = http_error();          
   endmon;                          

Also... I'm assuming that the userid=httpwatch and password=f isn't your real account information. However, please be careful about posting "basic authorization" stuff in a public forum like this! The string aHR0cHdhdGNoOmY= is NOT encrypted, so anyone can go to a website like this one https://www.base64decode.org/ and paste in the string aHR0cHdhdGNoOmY= and see what your userid/password is.

If that really is your userid/password make sure you change it.

[emhill]

Thanks Scott. Adding the CRLF did the trick. This is a sandbox environment right now so I can't really mess anything up yet. Give me time, though!