sending token

Discussions related to HTTPAPI (An HTTP Client Package for RPG programming.) http://www.scottklement.com/httpapi/
Post Reply
kundenancy@gmail.com
Posts: 7
Joined: Tue Aug 03, 2021 3:10 pm

sending token

Post by kundenancy@gmail.com »

I'm trying to send a token using HTTP_POINT_ADDL_HEADER but I'm receiving an error. I've updated LIBHTTP to the latest version & recompiled the programs to be on the safe side. I've looked in examples here but still can't it it to work. What am I missing?

Any help is much appreciated.

Here are snippets of my code

http_setOption( 'content-type'
: 'application/json' );

http_xproc( HTTP_POINT_ADDL_HEADER
: %paddr(SetToken));

rc = http_req( 'POST'
: 'https://stgapi.freightclub.com/Rate/GetRates'
: results
: *omit
: jsonfil
: *omit);

p SetToken b
D SetToken pi
D HeaderData 32767a varying

D CRLF C CONST(x'0d25')

D tokentype c CONST('Bearer')

D tokenvalue c CONST('SoVz-20qajzR3l2Dt-PxeOS04hJ3q') This is only part of the token. The token is around 720 characters.

HeaderData = 'Authorization: ' +
tokentype + ' ' + tokenvalue + CRLF;
/end-free

p SetToken e
kundenancy@gmail.com
Posts: 7
Joined: Tue Aug 03, 2021 3:10 pm

Re: sending token

Post by kundenancy@gmail.com »

I forgot to post the error

HTTPAPI Ver 1.45 released 2021-09-20
NTLM Ver 1.4.0 released 2014-12-22
OS/400 Ver V7R1M0

New iconv() objects set, PostRem=819. PostLoc=0. ProtRem=819. ProtLoc=0
http_persist_open(): entered
http_long_ParseURL(): entered
DNS resolver retrans: 2
DNS resolver retry : 2
DNS resolver options: x'00000136'
DNS default domain: work.com
DNS server found: 172.30.0.2
DNS server found: 172.16.1.2
https_init(): entered
QSSLPCL = *OPSYS
SSL version 2 support disabled
SSL version 3 support disabled
Old interface to TLS version 1.0 support enabled
TLS version 1.0 support enabled
TLS version 1.1 support enabled
TLS version 1.2 support enabled
Support for TLS 1.3 unavailable.
initializing GSK environment
GSK Environment now available
-------------------------------------------------------------------------------------
Dump of local-side certificate information:
-------------------------------------------------------------------------------------
Nagle's algorithm (TCP_NODELAY) disabled.
SNI hostname set to: stgapi.freightclub.com
(GSKit) Peer not recognized or badly formatted message received.
ssl_error(415): (GSKit) Peer not recognized or badly formatted message received.
SetError() #30: SSL Handshake: (GSKit) Peer not recognized or badly formatted message received.
http_close(): entered
Scott Klement
Site Admin
Posts: 636
Joined: Sun Jul 04, 2021 5:12 am

Re: sending token

Post by Scott Klement »

HTTPAPI uses the operating system's built-in support for TLS (formerly known as "SSL") by calling a set of routines called the IBM Global Secure Toolkit (GSKit).

I see that you are running OS version V7R1. This is an older operating system that IBM no longer supports. Unfortunately, it was never updated with newer TLS versions or cryptographic ciphers.

You should use a tool like a web browser or OpenSSL to connect to the server and see which TLS versions and ciphers it supports, then compare to see what's available on your copy of the operating system. In my experience, this type of problem is very common with V7R1. Cryptography and security change frequently, so continuing to use old, unsupported operating system versions doesn't work well.

V7R1 did not support the current (1.3) version of TLS. It technically did support TLS 1.2, but there was such a limited range of ciphers, that it usually wouldn't work with modern servers. So you would need to ensure that the server you connect to supports TLS 1.1 or older, which is unusual today as it is no longer considered secure.
Scott Klement
Site Admin
Posts: 636
Joined: Sun Jul 04, 2021 5:12 am

Re: sending token

Post by Scott Klement »

The error you posted isn't related to the authorization token.
Post Reply