Hi Scott,
I am calling multiple httpapi post request with additional headers, the first request works fine but the subsequent request results in 400 bad request and could see the header holds the previous header values on the log.
I am using http_xproc(http_point_addl_header: *NULL) to clear the header before the second call but it does not clear it.
How to clear addn header values
-
Scott Klement
- Site Admin
- Posts: 872
- Joined: Sun Jul 04, 2021 5:12 am
Re: How to clear addn header values
That looks correct.
-
brianjgarland
- Posts: 17
- Joined: Wed Jul 28, 2021 11:04 am
- Location: Vermont, USA
- Contact:
Re: How to clear addn header values
That's the process I have used and it worked.
Re: How to clear addn header values
Thank you for the response, i am still getting error in below case.
Call the first service endpoint using bearer token auth type, when it fails due to token expiry call second service to generate token using basic auth. Third time retry calling the first service using new bearer token retrieved, it fails and log shows two auth type in header even though header was cleared using http_xproc(http_point_addl_header: *NULL).
Sample log:
GET /XXXXX-service uri
Host: XXXX - host address
User-Agent: http-api/1.39
Authorization: Basic XXXXXXXXXXXX
Authorization: Bearer XXXXXXXXXXXXXXXXXXXX
SetError() #13: HTTP/1.1 401 Unauthorized
recvresp(): end with 401
recvdoc parms: identity 82
SetError() #36: This page requires a user-id & password
AuthPlugin_mustReceiceAuthErrorPage(): entered
http_close(): entered
Please advise.
Call the first service endpoint using bearer token auth type, when it fails due to token expiry call second service to generate token using basic auth. Third time retry calling the first service using new bearer token retrieved, it fails and log shows two auth type in header even though header was cleared using http_xproc(http_point_addl_header: *NULL).
Sample log:
GET /XXXXX-service uri
Host: XXXX - host address
User-Agent: http-api/1.39
Authorization: Basic XXXXXXXXXXXX
Authorization: Bearer XXXXXXXXXXXXXXXXXXXX
SetError() #13: HTTP/1.1 401 Unauthorized
recvresp(): end with 401
recvdoc parms: identity 82
SetError() #36: This page requires a user-id & password
AuthPlugin_mustReceiceAuthErrorPage(): entered
http_close(): entered
Please advise.
-
Scott Klement
- Site Admin
- Posts: 872
- Joined: Sun Jul 04, 2021 5:12 am
Re: How to clear addn header values
Please show us code that we can run to reproduce this problem.
Re: How to clear addn header values
Please refer to the code snippet:
Code: Select all
http_xproc( HTTP_POINT_ADDL_HEADER: *NULL);
http_xproc( HTTP_POINT_ADDL_HEADER : %paddr('ADDHDR'));
http_setCCSIDs( 1208: 0 );
rtn = http_url_get_raw(Url : fd : %paddr(‘PROCESSDATA’));
if rtn <> 1;
msg = http_error;
if rc = -1 Or
msg = 'This page requires a user-id & password';
token = getNewTkn();
if token <> *Blanks;
http_xproc(HTTP_POINT_ADDL_HEADER: *NULL);
http_xproc( HTTP_POINT_ADDL_HEADER : %paddr('ADDHDR'));
rc = http_url_get_raw(Url : fd : %paddr('PROCESSDATA'));
endif;
endif;
endif;
ADDHDR:
header = 'Authorization: Bearer ' + %trim(token) + cvCRLF;
getNewTkn:
http_xproc(http_point_addl_header: *null);
http_setauth(http_auth_basic : authUsr : authPwd );
http_setCCSIDs( 1208: 0 );
rtn = http_url_post_raw( pAuthUrl
:%addr(pauthBody:*data)
:%len(%trimr(pauthBody))
:1
:%paddr('PARSEHEADER')
:http_timeout
:http_useragent
:'application/x-www-form-urlencoded');
return authToken-
Scott Klement
- Site Admin
- Posts: 872
- Joined: Sun Jul 04, 2021 5:12 am
Re: How to clear addn header values
This code isn't valid RPG code. I assume that you did something weird when sending it to us, and that the actual program is valid.
I see one big problem in your code... you are combining http_setAuth and HTTP_POINT_ADDL_HEADER within the same request. You are going to have problems if you BOTH say "I'm going to code this myself" and at the same time say "HTTPAPI should handle this". Either you should do it, or HTTPAPI should do it, not both.
Your HTTP_POINT_ADDL_HEADER *is* being cleared. But your http_setAuth() is not... therefore you will end up with both.
I don't understand what the reason is for using the old "get_raw" and "post_raw" routines... One of the callbacks is named 'PARSEHEADER' which makes no sense as header information will never be passed to that routine, it is the routine for processing the response body. But you really don't need it...
Likewise you don't need to use HTTP_POINT_ADDL_HEADER. Just use http_setAuth. Why overcomplicate it?
You haven't provided me with an actual program I can run to reproduce the problem, and I'm not going to take hours to make your code work, write APIs that work this way to call, etc.
I see one big problem in your code... you are combining http_setAuth and HTTP_POINT_ADDL_HEADER within the same request. You are going to have problems if you BOTH say "I'm going to code this myself" and at the same time say "HTTPAPI should handle this". Either you should do it, or HTTPAPI should do it, not both.
Your HTTP_POINT_ADDL_HEADER *is* being cleared. But your http_setAuth() is not... therefore you will end up with both.
I don't understand what the reason is for using the old "get_raw" and "post_raw" routines... One of the callbacks is named 'PARSEHEADER' which makes no sense as header information will never be passed to that routine, it is the routine for processing the response body. But you really don't need it...
Likewise you don't need to use HTTP_POINT_ADDL_HEADER. Just use http_setAuth. Why overcomplicate it?
You haven't provided me with an actual program I can run to reproduce the problem, and I'm not going to take hours to make your code work, write APIs that work this way to call, etc.