OUATH2

[Bruceg]

Can anyone see what I am doing wrong? I am trying to get an ouath token from UPS . For user id I am sending the client id and for password i am sending the ups secret password.
http_setAuth(HTTP_AUTH_BASIC: 'userid': 'pass');

http_setOption('timeout': '30');

http_setOption('network-ccsid': '1208');

http_debug(*ON: '/home/mydebuglog.txt');

rc = http_req( 'PUT'
:'https://wwwcie.ups.com/security/v1/oauth/token'
: *omit
: ResultStr // String to receive the results
: *omit
//: %trimr(data)
: 'application/json');

part of debug log :



senddoc(): entered
application/json
recvresp(): entered
HTTP/1.1 401 Unauthorized
Content-Type: application/json
errorcode: 10401
errordescription: ClientId is Invalid
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
Access-Control-Max-Age: 600

[jonboy49]

Couple of thoughts. From the UPS docs (https://developer.ups.com/api/reference ... ials_other) it would appear that they are expecting "application/x-www-form-urlencoded" but you are specifying "application/json".

It also states that the request body should include a grant_type request and you don't have one specified.

[Bruceg]

I made some changes but for some reason it still thinks I am using JSON. I am baffled.

http_debug(*ON: '/home/mydebuglog.txt');

http_setAuth(HTTP_AUTH_BASIC: %trim(userid):%trim(pass));

http_setOption('timeout': '30');

http_setOption('network-ccsid': '1208');



rc = http_req( 'POST'
:'https://wwwcie.ups.com/security/v1/oauth/token'
: *omit
: resultStr // String to receive the results
: *omit
: 'grant_type : client_credentials'
: 'application/x-www-form-urlencoded');

HTTPAPI Ver 1.45 released 2021-09-20
NTLM Ver 1.4.0 released 2014-12-22
OS/400 Ver V7R4M0

http_setauth(): entered
New iconv() objects set, PostRem=1208. PostLoc=0. ProtRem=819. ProtLoc=0
http_persist_open(): entered
http_long_ParseURL(): entered
DNS resolver retrans: 2
DNS resolver retry : 2
DNS resolver options: x'00000136'
DNS default domain: mckesson.com
DNS server found: 10.7.224.100
DNS server found: 10.55.224.100
Nagle's algorithm (TCP_NODELAY) disabled.
SNI hostname set to: wwwcie.ups.com
Protocol Used: TLS Version 1.3
http_persist_req(POST) entered.
http_long_ParseURL(): entered
http_long_ParseURL(): entered
do_oper(POST): entered
do_oper(POST): entered
There are 0 cookies in the cache
POST /security/v1/oauth/token HTTP/1.1
Host: wwwcie.ups.com
User-Agent: http-api/1.45
Content-Type: application/x-www-form-urlencoded
Content-Length: 31
Authorization: Basic VHlDOVFUSFNOZDhKRzltNE53ZzZIZkFGS2dBZzE1MHpWUFZmcXZFTGJhUUFOeWcwOlNuMnVhMkZpcllUSEpNRXF2UmRraFpDOTF3e


senddoc(): entered
grant_type : client_credentials
recvresp(): entered
HTTP/1.1 400 Bad Request
Content-Type: application/json
errorcode: 10400
errordescription: Unsupported grant type :
x-frame-options: DENY
x-content-type-options: nosniff
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
Access-Control-Max-Age: 600
x-request-id: 563f95f4-61c4-4861-942a-2eb61d697640
Content-Length: 80
Expires: Tue, 09 Apr 2024 15:39:29 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 09 Apr 2024 15:39:29 GMT
Connection: close
Server-Timing: cdn-cache; desc=MISS
Server-Timing: edge; dur=5
Server-Timing: origin; dur=100
ak-grn-1: 0.0de9da17.1712677169.e5552c54
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Server-Timing: ak_p; desc="1712677169220_400222477_3847564372_10504_13629_62_87_-";dur=1


SetError() #13: HTTP/1.1 400 Bad Request
SetError() #13: HTTP/1.1 400 Bad Request
recvresp(): end with 400
recvdoc parms: identity 80
header_load_cookies() entered
recvdoc(): entered
SetError() #0:
recvdoc(): Receiving 80 bytes.
{"response":{"errors":[{"code":"10400","message":"Unsupported grant type : "}]}}
SetError() #13: HTTP/1.1 400 Bad Request
http_close(): entered

[Scott Klement]

I made some changes but for some reason it still thinks I am using JSON. I am baffled.

The log says you are sending application/x-www-form-urlencoded and the error message says nothing about the content-type. why do you say it is still JSON? I completely disagree with that assessment.

I think the problem is the grant type. Which is also what the error message says ("Unsupported grant type")

I think the problem is you are sending a request body containing the string "grant_type : client_credentials". First of all, I'm not familiar with this API, but it seems unlikely that this belongs in the request body, as it sure looks like an HTTP header. Secondly, you are adding an extra blank before the colon, which will almost certainly cause a big problem.

Please try it as a header without the extra blank and see if that helps.

[Bruceg]

I am still having problems with this . The curl is below and all I am trying to do is run this using HTTPAPI. The userid and password are not correct below. Rather I use the client id and secret id given to me by UPS.



curl -i -X POST \
-u bruce.goltzman@mckesson.com:Bmg6512933467# \
https://wwwcie.ups.com/security/v1/oauth/token \
-H 'Content-Type: application/x-www-form-urlencoded' \
-H 'x-merchant-id: string' \
-d grant_type=client_credentials


This works fine on the UPS web site

Thanks for your guidance

[jonboy49]

How did you set the required form data? You haven't shown that code.

[Scott Klement]

Bruce,

Okay, that helps me understand. Your code (posted yesterday) has this: "grant_type : client_credentials" For some reason you have a colon between the "grant_type" and it's value "client_credentials". That's why I thought it was a header, because headers use a colon like that. You also have some extra spaces that will cause problems. By contrast, the curl example has "grant_type=client_credentials" That makes a lot more sense... it now looks like URL-encoded form data rather than a header, and doesn't contain the extra spaces.

Also, the curl example has a custom header added to the request, which wasn't done in your example.

So your code should look something like this if you want to match the curl example:

Code: Select all

 http_xproc( HTTP_POINT_ADDL_HEADER: %paddr(CustomHeaders)); 

 rc = http_req( 'POST'
              :'https://wwwcie.ups.com/security/v1/oauth/token'
              : *omit
              : resultStr // String to receive the results
              : *omit
              : 'grant_type=client_credentials'
              : 'application/x-www-form-urlencoded'); 

. . . 
              
dcl-proc CustomHeaders;                      

  dcl-pi *n;                              
    toBeAdded varchar(32767);             
  end-pi;                                 

  // don't forget to add x'0d25' to the end!                                          
  toBeAdded = 'x-merchant-id: string' + x'0d25'; 

end-proc;  

Custom headers work differently in HTTPAPI. To add custom headers, you tell it to call a subprocedure -- the call will be made by HTTPAPI while it is communicating with the server, so it is done later automatically (you don't call it yourself.) The subprocedure should set the data to all of the customer headers needed, and each individual one has to end with a CRLF (x'0d25') value.

Since you have only one custom header (content-type is NOT custom, it is required) the above code should add the header properly.

Though, I suspect 'string' should be replaced with your actual merchant id.

[Bruceg]

Thank you both so much for your help. I am now able to get the token. My next step is to get the tracking information from UPS. I have been using your example for years but will need to modify it use the token rather than the access key.

[jonboy49]

Glad Scott was able to sort it for you - he is much (much, much) more knowledgeable about this stuff than I am.

Hopefully, your OAUTH transition will be as smooth as mine has been with Zoom. Once I had the token logic sorted, changing the individual APIs calls was pretty easy - so far anyway!

Good luck.

[Bruceg]

I think getting the token was my biggest battle.