REST API authentication issue
Posted: Thu Nov 30, 2023 2:49 am
Hi,
This is my first experience with HTTPAPI.
We do have a REST API exposed in our ESB to validated Blacklisted customers. ESB services requires API key to access. We have written a Java program to access this REST API and it is mentioned below.
To achieve the same we have written a sample RPGLE program in order to get connected and validate. The sample RPG code given below.
Unfortunately, we get authentication failure. We have changed http_setauth to HTTP_AUTH_BASIC and HTTP_AUTH_MD5_DIGEST but none of them are not working. Since we are new to this and we are clueless now. The generated log is given below.
Kindly help us on how to achieve this based on the java code mentioned above.
Thank you in advance.
This is my first experience with HTTPAPI.
We do have a REST API exposed in our ESB to validated Blacklisted customers. ESB services requires API key to access. We have written a Java program to access this REST API and it is mentioned below.
Code: Select all
import java.io.BufferedInputStream;
import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.io.OutputStream;
import java.io.UnsupportedEncodingException;
import java.net.HttpURLConnection;
import java.net.MalformedURLException;
import java.net.URL;
import java.net.URLEncoder;
import java.nio.charset.StandardCharsets;
import java.security.GeneralSecurityException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.text.DateFormat;
import java.text.SimpleDateFormat;
import java.util.Calendar;
import java.util.Date;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
import org.json.simple.JSONObject;
import org.json.simple.JSONValue;
public class AMLNameScreen {
public static void main(String[] args) {
// Create a trust manager that does not validate certificate chains
//Trust SSL
TrustManager[] selfTrustManager = new TrustManager[] {
new X509TrustManager() {
@Override
public X509Certificate[] getAcceptedIssuers() {
return null;
}
@Override
public void checkServerTrusted(X509Certificate[] arg0, String arg1) throws CertificateException {
}
@Override
public void checkClientTrusted(X509Certificate[] arg0, String arg1) throws CertificateException {
}
}
};
// Install the all-trusting trust manager
try {
SSLContext sc = SSLContext.getInstance("SSL");
sc.init(null, selfTrustManager, new java.security.SecureRandom());
HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
//String query="AccountCategory="+URLEncoder.encode("EXT",StandardCharsets.UTF_8.toString())+"&AccountNumber="+URLEncoder.encode("008000102000001",StandardCharsets.UTF_8.toString());
URL url=new URL("https://dev.apigateway1.seylan.ad:2260/inquiry/customer/customerscanning/1.0/AMLNameScreening");
HttpURLConnection conn=(HttpURLConnection)url.openConnection();
conn.setRequestMethod("POST");
conn.setRequestProperty("api_key", "CQgeMbtWGFLbwPJSf-FOfxDo");
conn.setRequestProperty("Content-Type", "application/json");
conn.setRequestProperty("Accept", "application/json");
conn.setDoOutput(true);
Date date = Calendar.getInstance().getTime();
//DateFormat dateFormat = new SimpleDateFormat("yyyymmddhhmmss");
DateFormat dateFormat = new SimpleDateFormat("yyyymmddmmss");
String strDate = dateFormat.format(date);
String reqId = "EQU"+strDate;
String inputStr = "{ \r\n"
+ " \"AMLNameScrnWS_request\": { \r\n"
+ " \"Unique_request_id\": \""+reqId +"\", \r\n"
+ " \"Black_List_check\": \"Y\", \r\n"
+ " \"Customer_database_check\": \"Y\", \r\n"
+ " \"Rejected_list_check\": \"Y\", \r\n"
+ " \"Employee_database_check\": \"N\", \r\n"
+ " \"Name1\": \"smith\", \r\n"
+ " \"Name2\": \"john\", \r\n"
+ " \"Name3\": \"\", \r\n"
+ " \"Name4\": \"\", \r\n"
+ " \"Name5\": \"\", \r\n"
+ " \"Dob\": \"01-01-1950\", \r\n"
+ " \"Doi\": \"01-01-1950\", \r\n"
+ " \"Address\": \"\", \r\n"
+ " \"Passport_no\": \"\", \r\n"
+ " \"Nic_no\": \"\", \r\n"
+ " \"Id_number1\": \"\", \r\n"
+ " \"Id_number2\": \"\", \r\n"
+ " \"Id_number3\": \"\", \r\n"
+ " \"Id_number4\": \"\", \r\n"
+ " \"Id_number5\": \"\", \r\n"
+ " \"Country1\": \"\", \r\n"
+ " \"Country2\": \"\", \r\n"
+ " \"Country3\": \"\", \r\n"
+ " \"Country4\": \"\", \r\n"
+ " \"Country5\": \"\", \r\n"
+ " \"Remarks\": \"test transaction 123456\" \r\n"
+ " } \r\n"
+ "}";
OutputStream out=conn.getOutputStream();
out.write(inputStr.getBytes("utf-8"));
int response_code=conn.getResponseCode();
if(response_code!=200) {
System.out.println("Failed: HTTP Response Code : "+response_code);
InputStream instr=new BufferedInputStream(conn.getErrorStream());
BufferedReader reader =new BufferedReader(new InputStreamReader(instr));
String output="";
System.out.println("Server output:");
while ((output=reader.readLine())!=null) {
System.out.println(output);
}
}
else {
System.out.println("Success: HTTP Response Code : "+response_code);
InputStream instr=new BufferedInputStream(conn.getInputStream());
BufferedReader reader =new BufferedReader(new InputStreamReader(instr));
String output="";
String wsOutput = "";
System.out.println("Server output:");
while ((output=reader.readLine())!=null) {
System.out.println(output);
wsOutput = wsOutput.concat(output).trim();
}
Object obj = JSONValue.parse(wsOutput);
JSONObject jsonObject = (JSONObject) obj;
Object obj_root = jsonObject.get("AMLNameScrnWS_response");
JSONObject jsonObject_root = (JSONObject) obj_root;
// Status of the call
Object obj_status = jsonObject_root.get("Status");
JSONObject jsonObject_status = (JSONObject) obj_status;
String status_code = (String)jsonObject_status.get("Code");
String status_desc = (String)jsonObject_status.get("Description");
// AML server response
Object obj_response = jsonObject_root.get("Srv_response");
JSONObject jsonObject_response = (JSONObject) obj_response;
String respose_code = (String)jsonObject_response.get("Response");
// AML server message
Object obj_message = jsonObject_root.get("Srv_response");
JSONObject jsonObject_message = (JSONObject) obj_message;
String respose_msg = (String)jsonObject_message.get("Message");
System.out.println(status_code);
System.out.println(status_desc);
System.out.println(respose_code);
System.out.println(respose_msg);
}
} catch (GeneralSecurityException e) {
e.printStackTrace();
} catch (MalformedURLException e) {
e.printStackTrace();
} catch (UnsupportedEncodingException e) {
e.printStackTrace();
} catch (IOException e) {
e.printStackTrace();
}
}
}
Code: Select all
h dftactgrp(*no) actgrp(*CALLER) bnddir('HTTPAPI')
*
d/copy qrpglesrc,httpapi_h
*
d cmd pr extpgm('QCMDEXC')
d command 200a const
d length 15p 5 const
*
d rc s 10i 0
d msg s 52a
d fromAddr s 100a varying
d Subject s 100a varying
d message s 1000a varying
d myPointer s *
d dataSize s 10i 0
d formData s 32767a varying
d op s 50a
d userid s 32a
d pass s 32a
d Url s 100a
d reqId s 10a
d cust_name s 30a
d dob_4_api s 10a
*
d CRLF c const(x'0D25')
*
/free
http_debug(*on: '/Download/my_httpapi_log.txt');
userid = 'api_key';
pass = 'CQgeMbtWGFLbwPJSf-FOfxDo';
formData = ' ';
reqId = '1245';
cust_name = 'smith';
dob_4_api = '19500101';
http_setauth(HTTP_AUTH_MD5_DIGEST: userid : pass);
http_setOption( 'content-type'
: 'application/json');
formData = '{"AMLNameScrnWS_request": +
{"Unique_request_id": reqId, +
"Black_List_check": "Y", +
"Customer_database_check": "Y", +
"Rejected_list_check": "Y", +
"Employee_database_check": "N", +
"Name1": cust_name, +
"Name2": " ", +
"Name3": " ", +
"Name4": " ", +
"Name5": " ", +
"Dob": dob_4_api, +
"Doi": " ", +
"Address": " ", +
"Passport_no": " ", +
"Nic_no": " ", +
"Id_number1": " ", +
"Id_number2": " ", +
"Id_number3": " ", +
"Id_number4": " ", +
"Id_number5": " ", +
"Country1": " ", +
"Country2": " ", +
"Country3": " ", +
"Country4": " ", +
"Country5": " ", +
"Remarks": "test transaction 123456" +
} +
}';
Url = 'https://dev.apigateway1.seylan.ad:2260/inquiry/customer/custome+
rscanning/1.0/AMLNameScreening';
rc = http_req( 'POST'
: %trim(Url)
: '/Download/testpost.html' // file to receive
: *omit // string to receive
: *omit // file to send
: formData ); // string to send
if rc <> 1;
msg = http_error();
dsply msg;
else;
cmd('DSPF ''/Download/testpost.html''': 200);
endif;
*inlr = *on;
Code: Select all
HTTPAPI Ver 1.48 released 2023-09-13
NTLM Ver 1.4.0 released 2014-12-22
OS/400 Ver V7R3M0
http_setauth(): entered
http_persist_open(): entered
http_long_ParseURL(): entered
DNS resolver retrans: 2
DNS resolver retry : 2
DNS resolver options: x'00000136'
DNS default domain: seylan.ad
DNS server found: 10.66.10.11
DNS server found: 10.66.10.12
DNS server found: 10.82.10.11
Nagle's algorithm (TCP_NODELAY) disabled.
SNI hostname set to: dev.apigateway1.seylan.ad
-------------------------------------------------------------------------------------
Dump of server-side certificate information:
-------------------------------------------------------------------------------------
Cert Validation Code = 6000
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgIJAKdL6Mq2+lINMA0GCSqGSIb3DQEBCwUAMIGUMQswCQYD
VQQGEwJMSzEQMA4GA1UECAwHV2VzdGVybjEQMA4GA1UEBwwHQ29sb21ibzEYMBYG
A1UECgwPU2V5bGFuIEJhbmsgUExDMQ4wDAYDVQQLDAVJVC1TRTEXMBUGA1UEAwwO
aXRzZS5zZXlsYW4uYWQxHjAcBgkqhkiG9w0BCQEWD2l0LXNlQHNleWxhbi5sazAe
Fw0yMDEwMTAwMDAxMjNaFw0zMDEwMDgwMDAxMjNaMH8xCzAJBgNVBAYTAkxLMRAw
DgYDVQQIDAdXZXN0ZXJuMRAwDgYDVQQHDAdDb2xvbWJvMRgwFgYDVQQKDA9TZXls
YW4gQmFuayBQTEMxDjAMBgNVBAsMBUlULVNFMSIwIAYDVQQDDBlkZXYuYXBpZ2F0
ZXdheTEuc2V5bGFuLmFkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA
uZMpQGVes3W1LK5MR4YaKvXWONqU2P7F39pZL+5dQDMLj6YYN2Bk7tkf0arkLG4y
LjXPpPnYOBshubygsHidtuPJdi+IPKXUxGs5+0YzOYRa4Bn+tqQQgCbdfKoHySvQ
cVQoquvB+AstpDq0YUPfoN7/cjpfmc7qaDpTEXSdBrlaFI71tECGC1k43NNZWSLf
5xKGAPHMqx5IHLVS5W+zelfYnDiQp9MLF0M5X5q23Pg3hS5Ko5iRpsn9Ca1qOhrt
HRIroKYo85XFtVVeAhuS6MSAnSEx8zMcPEaXk/DCP/i9puR26ccx5x04/amS6YBV
VE8cb8j9v5/UyI1wPPsO5QIDAQABo4IBCTCCAQUwgbMGA1UdIwSBqzCBqKGBmqSB
lzCBlDELMAkGA1UEBhMCTEsxEDAOBgNVBAgMB1dlc3Rlcm4xEDAOBgNVBAcMB0Nv
bG9tYm8xGDAWBgNVBAoMD1NleWxhbiBCYW5rIFBMQzEOMAwGA1UECwwFSVQtU0Ux
FzAVBgNVBAMMDml0c2Uuc2V5bGFuLmFkMR4wHAYJKoZIhvcNAQkBFg9pdC1zZUBz
ZXlsYW4ubGuCCQDg6lNdgPQanzAJBgNVHRMEAjAAMAsGA1UdDwQEAwIE8DA1BgNV
HREELjAsghlkZXYuYXBpZ2F0ZXdheTEuc2V5bGFuLmFkgg9kZXYuYXBpZ2F0ZXdh
eTEwDQYJKoZIhvcNAQELBQADggEBAKDzOhGv5BocBPGVdqVAbY8q9DeQvXzRUitU
pu7XP6SB7S2t9ALJSVTLxlmsBVqb/U3TCQ6JdNp1hNfWwJUwk0u6352CHVgb/p/Z
cpuT732gVyDYNphETkaX9931nsPoXqfdRZ5ZoR52Zv+znoKIaA8hFaj8Dc1L5YaL
F6veaC/4YFD8ZtJpBn0fU6Bb9Fd7RNasCdksdNOaYNiGg+Qh/q23m+uu53qFbSYs
2b7dbczMTDPXTgAvx+wyZsriitC3B80ikBjKoGyVwKfau7Y7hgkjOMhUWO/L0R9I
hmlHtq3xbpqRSNlBUZ9USvZ59vi80kLW9U6WBFlk8yNjJUQc2II=
-----END CERTIFICATE-----
Serial Number: 00:A7:4B:E8:CA:B6:FA:52:0D
Common Name: dev.apigateway1.seylan.ad
Country: LK
State/Province: Western
Locality: Colombo
Org Unit: Seylan Bank PLC
Org: IT-SE
Issuer CN: itse.seylan.ad
Issuer Country: LK
Issuer State/Province: Western
Issuer Locality: Colombo
Issuer Org: Seylan Bank PLC
Issuer Org Unit: IT-SE
Issuer E-Mail: it-se@seylan.lk
Version: 3
not before: 20201010053123
Unknown Field: 05:31:23 10-10-2020
not after: 20301008053123
Unknown Field: 05:31:23 08-10-2030
pub key alg: 1.2.840.113549.1.1.1
signature algorithm: 1.2.840.113549.1.1.11
Unknown Field: 0382010F003082010A0282010100B9932940655EB375B52CAE4C47861A2AF5D638DA94D8FEC5DFDA592FEE5D40330B8FA618376064EED91FD1AAE42C6E322E35CFA4F9D8381B21B9BCA0B0789DB6E3C9762F883CA5D4C46B39FB463339845AE019FEB6A4108026DD7CAA07C92BD0715428AAEBC1F80B2DA43AB46143DFA0DEFF723A5F99CEEA683A5311749D06B95A148EF5B440860B5938DCD3595922DFE7128600F1CCAB1E481CB552E56FB37A57D89C3890A7D30B1743395F9AB6DCF837852E4AA39891A6C9FD09AD6A3A1AED1D122BA0A628F395C5B5555E021B92E8C4809D2131F3331C3C469793F0C23FF8BDA6E476E9C731E71D38FDA992E98055544F1C6FC8FDBF9FD4C88D703CFB0EE50203010001
Unknown Field: 2048
Unknown Field: 70D30AD2BBEB74B29B3359D8DD926262
Unknown Field: 1.2.840.113549.2.5
Unknown Field: 3AC443E1F750B0FC7F1F383F5C68E6491C3DA2DC
Unknown Field: 419A5E563C6AF93F3456AA16B5AB2136F3662CD0AFB33B87A034A274E3A47A04
Unknown Field: 15
Unknown Field: dev.apigateway1.seylan.ad
Unknown Field: 0
Protocol Used: TLS Version 1.2
http_persist_req(POST) entered.
http_long_ParseURL(): entered
http_long_ParseURL(): entered
do_oper(POST): entered
mkdigest(): entered
There are 0 cookies in the cache
POST /inquiry/customer/customerscanning/1.0/AMLNameScreening HTTP/1.1
Host: dev.apigateway1.seylan.ad:2260
User-Agent: http-api/1.48
Content-Type: application/json
Content-Length: 549
Authorization: Digest username="api_key", realm="", nonce="", uri="/inquiry/customer/customerscanning/1.0/AMLNameScreening", response="cbce977886835eccae9ee574553b7d01"
senddoc(): entered
{"AMLNameScrnWS_request": {"Unique_request_id": reqId, "Black_List_check": "Y", "Customer_database_check": "Y", "Rejected_list_check": "Y", "Employee_database_check": "N", "Name1": cust_name, "Name2": " ", "Name3": " ", "Name4": " ", "Name5": " ", "Dob": dob_4_api, "Doi": " ", "Address": " ", "Passport_no": " ", "Nic_no": " ", "Id_number1": " ", "Id_number2": " ", "Id_number3": " ", "Id_number4": " ", "Id_number5": " ", "Country1": " ", "Country2": " ", "Country3": " ", "Country4": " ", "Country5": " ", "Remarks": "test transaction 123456" } }
recvresp(): entered
HTTP/1.1 401 Unauthorized
Date: Thu, 30 Nov 2023 02:08:06 GMT
Access-Control-Allow-Methods: GET,PUT,POST,DELETE
Access-Control-Allow-Headers: Content-Type, api_key, Authorization, Accept, DNT, Referer
Access-Control-Allow-Credentials: FALSE
Content-Type: application/json
Connection: close
Server: Jetty(9.2.14.v20151106)
SetError() #13: HTTP/1.1 401 Unauthorized
recvresp(): end with 401
recvdoc parms: identity 0
SetError() #36: This page requires a user-id & password
header_load_cookies() entered
recvdoc(): entered
SetError() #0:
recvdoc(): No content-length: receiving until disconnect
{
"ErrorMessage" : "The subscription corresponding to the key apikey is invalid",
"ErrorCode" : "Invalid Subscription",
"MoreInfo" : "Policy Name - Verify API Key, Type - VERIFY_API_KEY"
}
SetError() #44: CommTCP_read: Socket has been shut down.
SetError() #36: This page requires a user-id & password
http_close(): entered
Thank you in advance.