Jump to content
Sign in to follow this  
adamchapman

http post with header for oauth

Recommended Posts

adamchapman

I've been trying all day to get a "request token" from the dropbox rest-api.

Basically I'm trying to perform step 1 at https://www.dropbox.com/developers/blog/20/using-oauth-in-plaintext-mode:

 

" 1. Make an API call for a request token:

POST https://api.dropbox.com/1/oauth/request_token

 

Your HTTP request should have the following header:

Authorization: OAuth oauth_version="1.0", oauth_signature_method="PLAINTEXT", oauth_consumer_key="<app-key>", oauth_signature="<app-secret>&"

 

The response body will be a url-encoded string:

oauth_token=<request-token>&oauth_token_secret=<request-token-secret>

 

Parse out the request token and secret and save them somewhere."

 

 

 

 

 

I'm really struggling with how to send the header properly. 

 

Copying the example at http://brugbart.com/http-post-request-autoit, I have: 

; The data to be sent
$sPD = 'Authorization: OAuth oauth_version="1.0", oauth_signature_method="PLAINTEXT", oauth_consumer_key="h9y2pwy1nbvzy5e", oauth_signature="imrgkd8i80c2b8g&"'


; Creating the object
$oHTTP = ObjCreate("winhttp.winhttprequest.5.1")
$oHTTP.Open("POST", "https://api.dropbox.com/1/oauth/request_token", False)
$oHTTP.SetRequestHeader("Content-Type", "application/x-www-form-urlencoded")
; Performing the Request
$oHTTP.Send($sPD)

; Download the body response if any, and get the server status response code.
$oReceived = $oHTTP.ResponseText
$oStatusCode = $oHTTP.Status

If $oStatusCode <> 200 then
 MsgBox(4096, "Response code", $oStatusCode)
EndIf

; Saves the body response regardless of the Response code 
 $file = FileOpen("Received.html", 2) ; The value of 2 overwrites the file if it already exists
 FileWrite($file, $oReceived)
 FileClose($file)

I think my Authorisation string should be used in the "SetRequestHeader" function, but am worried about replacing the "content-type" already there as it looks important.

 

 

If anybody can help it would be an enormous help

  • Like 1

Share this post


Link to post
Share on other sites
Chimp

Share this post


Link to post
Share on other sites
adamchapman

I'm sorry I just don't get it. 

I the header I need to put all of the authorisation stuff into the "requestheader" ?

and if so, do i just cut out the existing one with "Content-Type" in it?

Share this post


Link to post
Share on other sites
adamchapman

#include<WinHttp.au3>

Local $hOpen = _WinHttpOpen()
Local $hConnect = _WinHttpConnect($hOpen, "https://api.dropbox.com/1/oauth/request_token")
; Specify the reguest:
;Local $hRequest = _WinHttpOpenRequest($hConnect, Default, "en-us/library/aa384101(VS.85).aspx")
Local $hRequest = _WinHttpOpenRequest($hConnect, "POST", 'Authorization: OAuth oauth_version="1.0", oauth_signature_method="PLAINTEXT", oauth_consumer_key="h9w2iwy1navzi5e", oauth_signature="imrgkd9i80b6o4o"')


; Send request
_WinHttpSendRequest($hRequest)

; Wait for the response
_WinHttpReceiveResponse($hRequest)

Local $sHeader = _WinHttpQueryHeaders($hRequest) ; ...get full header

; Clean
_WinHttpCloseHandle($hRequest)
_WinHttpCloseHandle($hConnect)
_WinHttpCloseHandle($hOpen)

; Display retrieved header
MsgBox(0, "Header", $sHeader)

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

  • Similar Content

    • Melque_Lima
      By Melque_Lima
      A little help here please !?
      I'm trying to parse a file but the function is not working well! i think there is some thind doing wrong at FileRead()
      Obs: username,password and API link below is fictitious
      ConsoleWrite(">POST METHOD UPLOADING LOCAL IMAGE<" & @CRLF) _PostMethodTest() Func _PostMethodTest() Local Const $sAPIKey = '8f1e0a750088957' Local $sBoundary = "--------Boundary" Local $sHeaders = "Content-Type: multipart/form-data; boundary=" & $sBoundary & @CRLF Local $sData = '' Local $sFileName="image.jpg" Local $sFilePath="C:\Users\DELL\Desktop\" & $sFileName Local $hFile=FileOpen($sFilePath,16);16=$FO_BINARY Local $sFileData=FileRead($hFile) FileClose($hFile) $sData &= "--" & $sBoundary & @CRLF $sData &= 'Content-Disposition: form-data; name="myImage"; filename="' & $sFileName & '"' & @CRLF $sData &= 'Content-Type: application/upload' & @CRLF & @CRLF $sData &= BinaryToString($sFileData,0) & @CRLF $sData &= "--" & $sBoundary & @CRLF $sData &= 'Content-Disposition: form-data; name="username"' & @CRLF & @CRLF $sData &="myuserName" & @CRLF $sData &= "--" & $sBoundary & @CRLF $sData &= 'Content-Disposition: form-data; name="password"' & @CRLF & @CRLF $sData &="MyPassword" & @CRLF $sData &=$sBoundary & "--" ConsoleWrite($sData) Local $oHTTP = ObjCreate("winhttp.winhttprequest.5.1") $oHTTP.Open("POST", "http://myapi", False) $oHTTP.SetRequestHeader("Content-Type", "multipart/form-data; " & "boundary=" & $sBoundary) $oHTTP.SetRequestHeader("apikey", $sAPIKey) $oHTTP.Send(StringToBinary($sData,1)) Local $sReceived = $oHTTP.ResponseText ConsoleWrite($sReceived & @CRLF) EndFunc ;==>_PostMethodTest  

    • Seminko
      By Seminko
      I'm trying to get data from http://poe.trade/ - disclaimer, although this site is about a game, my script will not in any way interact directly with the game in any way. The script is just to get data from the site.
      To explain how it works - you submit a POST request and a custom URL is returned, then you do a GET request on that URL and you get the final URL you want.
       
      First issue:
      Now, I've tried doing so by using https://apitester.com/ and the first phase works. Here's how it looks like at APITester:
      Request Headers POST /search HTTP/1.1 Host: poe.trade Accept: */* User-Agent: Rigor API Tester Content-Length: 43 Content-Type: application/x-www-form-urlencoded Request Body online=x&name=kaom%27s%20heart&league=incursion When I submit this, the response I get is this:
      <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN"> <title>Redirecting...</title> <h1>Redirecting...</h1> <p>You should be redirected automatically to target URL: <a href="http://poe.trade/search/ioritewoteteme">http://poe.trade/search/ioritewoteteme</a>. If not click the link. So I then do a GET request for 'http://poe.trade/search/ioritewoteteme', which results in this response:
      <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN"> <title>Redirecting...</title> <h1>Redirecting...</h1> <p>You should be redirected automatically to target URL: <a href="http://poe.trade/search/inamotezuakito">http://poe.trade/search/inamotezuakito</a>. If not click the link. Great, this link (http://poe.trade/search/inamotezuakito) is exactly what we want.
      However, when I try to do the same in autoit, the result is quite different:
      Global Const $HTTP_STATUS_OK = 200 $test = HttpPost("http://poe.trade/search", "/online=x&name=kaom%27s%20heart&league=incursion") ClipPut($test) MsgBox(1, "", $test) Func HttpPost($sURL, $sData = "") Local $oHTTP = ObjCreate("WinHttp.WinHttpRequest.5.1") $oHTTP.Open("POST", $sURL, False) If (@error) Then Return SetError(1, 0, 0) $oHTTP.SetRequestHeader("Host", "poe.trade") $oHTTP.SetRequestHeader("User-Agent", "Rigor API Tester") $oHTTP.SetRequestHeader("Accept", "*/*") $oHTTP.SetRequestHeader("Content-Type", "application/x-www-form-urlencoded") $oHTTP.Send($sData) If (@error) Then Return SetError(2, 0, 0) If ($oHTTP.Status <> $HTTP_STATUS_OK) Then Return SetError(3, 0, 0) Return SetError(0, 0, $oHTTP.ResponseText) EndFunc The code above returns: ' 謟 '
      Any ideas as to what I am doing incorrectly?
       
      Second issue:
      Once I get the final link using APITester and do a GET on that i get a bunch of hieroglyphs. A friend of mine advised that the data is GZiped, which is a pain in the butt to be honest. However, apparently curl can uncompres that.
      How would I go about it?
       
      Thanks
    • Ascer
      By Ascer
      1. Description.
      oAuth 2.0 is security system implemented by Google a few years ago. You are able to connect into your Google accounts and manage documents. In this UDF i show you how to pass first authorization process., this allow you to automate most of functions using API interface. 2. Requirements.
      Google account. oAuth.au3 Download 3. Possibilities
      ;============================================================================================================ ; Date: 2018-02-10, 14:21 ; ; Description: UDF for authorize your app with oAuth 2.0 Google. ; ; Function(s): ; oAuth2GetAuthorizationCode() -> Get Code for "grant". ; oAuth2GetAccessToken() -> Get "access_token" and "refresh_token" first time. ; oAuth2RefreshAccessToken() -> Get current "access_token" using "refresh_token". ; ; Author(s): Ascer ;============================================================================================================ 4. Enable your Google API.
          4.1. Video Tutorial not mine!
       YouTube     4.2 Screenshots from authorization process (Polish language) 
      Go to https://console.developers.google.com/apis/dashboard and accept current rules.  

       
      Next create an new project  

       
      Enter name of you new project and click Create  

       
      Google will working now, please wait until finish. Next go to enable your API interface, we make if for Google  

       
      Take "Gmail" in search input and after click in found result.  

       
      Click Enable interface, Google will working now.  

       
      Create your login credentials  

       
      Select Windows Interface (combobox), User credentials (radio) and click button what is need bla bla  

       
      Type name of a new client id for oAuth 2.0 and click Create a new Client ID.  

       
      Next configure screen aplication, type some name and click Next. Google will working now.  

       
      Last step on this website is download source with your credentials in *Json format.  

       
      Now you received a file named client_id.json, it's how it look in Sublime Text:  

       
      5. Coding.
      Now we need to call a some function to get access code.  
      #include <oAuth.au3> Local $sClientId = "167204758184-vpeues0uk6b0g4jrnv0ipq5fapoig2v8.apps.googleusercontent.com" Local $sRedirectUri = "http://localhost" oAuth2GetAuthorizationCode($sClientId, $sRedirectUri)  
      Function will execute default browser for ask you to permission.  

       
      Next Google ask you to permission for access to your personal details by application Autoit   

       
      Now you can thing is something wrong but all is ok, you need to copy all after  code= . It your access code.  

       
      Let's now ask Google about our Access Token and Refresh Token  
      #include <oAuth.au3> Local $sClientId = "167204758184-vpeues0uk6b0g4jrnv0ipq5fapoig2v8.apps.googleusercontent.com" Local $sClientSecret = "cWalvFr3WxiE6cjUkdmKEPo8" Local $sAuthorizationCode = "4/AAAPXJOZ-Tz0s6mrx7JbV6nthXSfcxaszFh_aH0azVqHkSHkfiwE8uamcabn4eMbEWg1eAuUw7AU0PQ0XeWUFRo#" Local $sRedirectUri = "http://localhost" Local $aRet = oAuth2GetAccessToken($sClientId, $sClientSecret, $sAuthorizationCode, $sRedirectUri) If Ubound($aRet) <> 4 then ConsoleWrite("+++ Something wrong with reading ResponseText." & @CRLF) Exit EndIf ConsoleWrite("Successfully received data from Google." & @CRLF) ConsoleWrite("access_token: " & $aRet[0] & @CRLF) ConsoleWrite("expires_in: " & $aRet[1] & @CRLF) ConsoleWrite("refresh_token: " & $aRet[2] & @CRLF) ConsoleWrite("token_type: " & $aRet[3] & @CRLF)  
      Important! When you received error 400 and output says: Invalid grant it means that your previous generated access_code lost validity and you need to generate new calling previus code. When everything is fine you should received a 4 informations about your: access_token, expires_in, refresh_token and token_type. Access_Token time is a little short so you need to know fuction possible to refresh it (tell Google that he should generate a new Token for you)  
      #include <oAuth.au3> Local $sRefreshToken = "1/ba8JpW7TjQH3-UI1BvPaXhSf-oTQ4BmZAbBfhcKgKfY" Local $sClientId = "167204758184-vpeues0uk6b0g4jrnv0ipq5fapoig2v8.apps.googleusercontent.com" Local $sClientSecret = "cWalvFr3WxiE6cjUkdmKEPo8" Local $sRedirectUri = "http://localhost" Local $aRet = oAuth2RefreshAccessToken($sRefreshToken, $sClientId, $sClientSecret) If Ubound($aRet) <> 3 then ConsoleWrite("+++ Something wrong with reading ResponseText." & @CRLF) Exit EndIf ConsoleWrite("Successfully received data from Google." & @CRLF) ConsoleWrite("access_token: " & $aRet[0] & @CRLF) ConsoleWrite("expires_in: " & $aRet[1] & @CRLF) ConsoleWrite("token_type: " & $aRet[2] & @CRLF)  
      6. Finish words
      If you followed all this above steps im sure that you received all informations required for coding your Google API (Gmail, Dropbox, YouTube, Calender etc. See next thread: [UDF] Gmail API - Email automation with AutoIt!
    • Ascer
      By Ascer
      1. Description.
      Automate communication with Gmail API using oAuth 2.0 security. 2. Requirements.
      Google Gmail account. Finished Authorization process. Look here 3. Possibilities.
      ;======================================================================================================================== ; Date: 2018-02-12, 11:46 ; ; Bug Fixs: 2018-02-17, 7:31 -> Fixed problems with adding items to array and minor bugs. ; ; Description: UDF for using Gmail API interface. This UDF requires oAuth.au3 and Gmail account. ; ; Function(s): ; gmailUsersGetProfile() -> Information about your account. ; gmailUsersLabelsList() -> Get all available labels ids. ex. "INBOX", "UNREAD" ; gmailUsersLabelsGet() -> Get information about specific label id. ; gmailUsersMessagesBatchDelete() -> Delete many messages emails by id. ; gmailUsersMessagesBatchModify() -> Set status for many messages ex. "INBOX", "UNREAD" ; gmailUsersMessagesDelete() -> Totaly delete email from ur account. ; gmailUsersMessagesGet() -> Get all information about specific email. ; gmailUsersMessagesList() -> Get list of last ~100 emails. ; gmailUsersMessagesModify() -> Modify single message. ; gmailUsersMessagesTrash() -> Put email in trash. ; gmailUsersMessagesUntrash() -> Restore email from trash. ; gmailUsersMessagesSend() -> Send email to single or group recipients. ; gmailUsersMessagesAttachmentsGet() -> Download attachment by id. ; ; Author(s): Ascer ;======================================================================================================================== 4. Downloads.
      oAuth.au3 Gmail API.au3 5. Examples.
      Sending emails
    • wakillon
      By wakillon
      HttpHeaderWatcher v1.0.1.3
       

      Some time ago, some members asked how to see the Http Requests.
      There are quite a few external applications but not in AutoIt!
      HttpHeaderWatcher in association with WinPcap, very modestly solves this lack.
       
      Once done this http watcher, i asked me : why not Re-build a WinHttp Request in AutoIt from a selected Request in one Click ?
      So i have added a "Create au3" button who open the WinHttp Request of your choice in AutoIt format in SciTE Editor.
      Voila voila, hope it can help ! 
      Buttons were made online with chimply.com the easy and free buttons generator !
      See Help for more infos.
      previous downloads : 253
      source and executable are available in the Download Section
      Hope you like it !
×