scottklement.com

IBM i Discussion Forums
https://www.scottklement.com:443/forums/

How to set "Authorization" in http header

https://www.scottklement.com:443/forums/viewtopic.php?t=481

Page 1 of 1

How to set "Authorization" in http header

Posted: Sat May 25, 2024 12:12 pm
by einschan
My vender ask me to type below to get the file testing.jpg, but should with setting 'Authorization' in http header.
I cannot find any option in http_setOption( ), should I upgrade libhttp139 to a new version ?
I can only find below options:
'content-type', 'user-agent',....

curl -k -X 'GET' 'https://abc.com/api/documents/tesing.jpg' -H 'accept:text/plain;charset=utf-8'
-H 'Authorization: 00000000-0000-0000-0000-000000000000'

Regards

Re: How to set "Authorization" in http header

Posted: Sat May 25, 2024 5:40 pm
by jonboy49
What type of authentication is required? Basic, Bearer? Check out the prototype for http_setauth() for the details of the ones supported directly by HTTPAPI.

In some cases you may also need to call http_xproc( HTTP_POINT_ADDL_HEADER ... to add authentication tokens.

In other words, we can't really answer the question until you know what type of authentication is required.

There are many examples on this list of implementing the various options once you know which one is needed.

Re: How to set "Authorization" in http header

Posted: Sun May 26, 2024 12:53 am
by einschan
Hi

Thanks,
1. Can we tell from the command given by the the vender as below to choose Basic, Bearer ?

curl -k -X 'GET' 'https://abc.com/api/documents/tesing.jpg' -H 'accept:text/plain;charset=utf-8'
-H 'Authorization: 00000000-0000-0000-0000-000000000000'

They just say it is a token, instead of using user id / password

2. I am using LibHTTP139, I cannot find the 'Accept' in http_SetOption(), should I upgrade to LibHTTP145?

3. When I turn on the debug=*ON, I cannot find the "Authorization" under "Content-Type", Content-Lenth".
Is it httpapi4 version issue or if I set the header correctly, it will show the content of "Authorization"?


Our O/S version is V7R4

Regards

Re: How to set "Authorization" in http header

Posted: Sun May 26, 2024 4:22 pm
by jonboy49
I have never seen this type of authentication before but the code below produces basically the same log as the curl you supplied.

This may not be the way to do it - Scott would undoubtedly know.

I can't tell if it will actually work because you didn't supply a real test IP nor details of the required request data so I just get 404 errors all the time.

Code: Select all

**free

Ctl-Opt bnddir( 'LIBHTTP/HTTPAPI' );
Ctl-Opt option( *srcstmt : *nodebugIO );

/include libhttp/qrpglesrc,httpapi_h

Dcl-S  authToken  varchar(50) inz('00000000-0000-0000-0000-000000000000');
Dcl-S  url          Varchar(250);
Dcl-S  response     Varchar(4000);
Dcl-S  null         Char(1);  // Used as an ignored parm when setting authentication
Dcl-S  wait         Char(1);  // Used to cause Dsply to wait for response

Dcl-S  request      Varchar(1000)  inz;

// Set network communications to use UTF-8
http_setOption ( 'network-ccsid' : '1208' );

// Set authority level to NONE and then use ADDL_HEADER to set custom authentication
http_setauth(HTTP_AUTH_NONE : null : null );

// Custom Authentication or extra headers required?  Add it with this routine
http_xproc( HTTP_POINT_ADDL_HEADER
                   : %paddr(addSpecialHeaders)
                   : %addr(authToken) );

url = 'https://abc.com/api/documents/tesing.jpg';
         
Monitor;
   response = http_string( 'GET' :
                            url:
                            request:
                            'text/plain;charset=utf-8');
On-Error;
   // Do stuff                              
   Dsply 'Error detected' ' ' wait;
EndMon;

*InLr = *On;

Dcl-Proc addSpecialHeaders;
   Dcl-Pi *N;
      headersToAdd    Varchar(32767);
      var             like(authToken) const;
   End-Pi;

   Dcl-c  CRLF  x'0d25';

   headersToAdd = 'Authorization: ' + var + CRLF;

End-Proc;

Re: How to set "Authorization" in http header

Posted: Wed May 29, 2024 4:24 am
by Scott Klement
I could see using an additional header callback to set the 'accept' header. I don't see why you'd use it for the Authorization, though... why wouldn't you just use http_setAuth for that?

Re: How to set "Authorization" in http header

Posted: Wed May 29, 2024 1:50 pm
by jonboy49
That was the first place I looked Scott but I could not see an option that produced the desired result.

How would you code it to do that?

Re: How to set "Authorization" in http header

Posted: Thu May 30, 2024 8:48 pm
by Scott Klement
I think the example provided by the OP violates the HTTP specs -- but assuming that's truly what the server requires, you can do it with a user-defined auth.

Code: Select all

Dcl-S  authToken  varchar(50) inz('00000000-0000-0000-0000-000000000000');

http_setAuth( HTTP_AUTH_USRDFN: '': authToken);

Re: How to set "Authorization" in http header

Posted: Fri May 31, 2024 8:15 am
by jonboy49
Thanks - I looked at that first but there was no description so I looked briefly at the code and more seemed to be going on than just simply copying a value in. Guess I should have tried it but I was in a hurry.
All times are UTC
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited