Sign in to follow this  
Followers 0
AutID

_WinHttpSimpleSSLRequest return non expected result

1 post in this topic

I am trying to get Spotify User's playlists via http requests using WinHTTP.au3.

Now according to their site, application's requests authorization should look something like this.

#include "WinHttp.au3"

Local $hOpen = _WinHttpOpen('Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0)')
Local $sURL = "https://accounts.spotify.com/authorize/?"
Local $ClientId = "26d287105e31491889f3cd293d85bfea"
Local $ResponseType = "code"
Local $sRedirectURI = "http://localhost:8000"
Local $aState = "XSS"
Local $aURL = $sURL & "client_id=" & $ClientId & "&response_type=" & $ResponseType & "&redirect_uri=" & $sRedirectURI & "&state=" & $aState & "&scope=playlist-read-private user-read-private user-read-email user-library-read user-follow-read user-read-birthdate"

Local $hConnect = _WinHttpConnect($hOpen, $aURL)

Local $sData = _WinHttpSimpleSSLRequest($hConnect)

_WinHttpCloseHandle($hConnect)
_WinHttpCloseHandle($hOpen)

ConsoleWrite($sData & @CRLF)

This would work on a browser however I am not sure http requests support these kind of request.

Normally on a browser at this point the user is asked to authorize the access by submitting his credentials in case they are not saved. He is then redirected to the Redirect uri and granted access.
 

So my questions are simple. Before loosing too much time on this for nothing, is it possible to achieve what I'm trying to? If yes, what should my next step be?

Share this post


Link to post
Share on other sites



Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0

  • Similar Content

    • nhardel
      By nhardel
      I have been working on trying to develop some scripts to interface with the REST/JSON API from the Orion SDK.  This is where I will ask my questions and hopefully get some community responses that could help benefit others. 
      https://github.com/solarwinds/OrionSDK
      I am trying to create examples of how to interface with the API from autoit.  This should be a knowledge dump for this task. 
    • n3wbie
      By n3wbie
      How to send Requests on https Website
      I tried using
      ObjCreate("winhttp.winhttprequest.5.1")
      But m not Receiving Any response
      m able to retrive https://google.com but same is not available on other site( https://gst.gov.in )
      kindly help me
    • nhardel
      By nhardel
      So I have been bashing my head in for a couple days and have searched both AutoIT forums and Thwack Forums for an answer.  I understand this could be hard to help sense I can't provide a server for someone to help me test against.  I am trying to use the WinHTTP.au3 to connect with Solarwinds Orion SDK thru REST/JSON api calls.  Here is the documentation that they provide.
      https://github.com/solarwinds/OrionSDK/wiki/REST
      I have been trying just to make a basic connection but for some reason cannot get past the authorization process with WinHTTP.  Here is my test code.
      #Region Includes #include <log4a.au3> #include "WinHttp.au3" #EndRegion Global $sAddress = "https://usandl0213:17778/SolarWinds/InformationService/v3/Json/Query?query=SELECT+NodeID+FROM+Orion.NODES" Global $array_URL = _WinHttpCrackUrl($sAddress) ;~ Row|Col 0 ;~ [0]|https ;~ [1]|2 ;~ [2]|usandl0213 ;~ [3]|17778 ;~ [4]| ;~ [5]| ;~ [6]|/SolarWinds/InformationService/v3/Json/Query ;~ [7]|?query=SELECT+NodeID+FROM+Orion.NODES Global $hOpen = _winhttpOpen() If @error Then _log4a_Fatal("Error intializing the usage of WinHTTP functions") Exit 1 EndIf Global $hConnect = _winhttpConnect($hOpen, $array_URL[2]) If @error Then _log4a_Fatal("Error specifying the initial target server of an HTTP request.") _WinHttpCloseHandle($hOpen) Exit 2 EndIf Global $hRequest = _WinHttpOpenRequest($hConnect, _ "GET", _ "/SolarWinds/InformationService/v3/Json/Query?query=SELECT+NodeID+FROM+Orion.NODES", _ "HTTP/1.1") If @error Then _log4a_Fatal(MsgBox(48, "Error", "Error creating an HTTP request handle.") _WinHttpCloseHandle($hConnect) _WinHttpCloseHandle($hOpen) Exit 3 EndIf _WinHttpAddRequestHeaders($hRequest, "Authorization: Basic YXV0b2l0X2xvZ2luOnRlc3Q=") _WinHttpAddRequestHeaders($hRequest, "User-Agent: curl/7.20.0 (i386-pc-win32) libcurl/7.20.0 OpenSSL/0.9.8l zlib/1.2.3") _WinHttpAddRequestHeaders($hRequest, "Host: usandl0213:17778") _WinHttpAddRequestHeaders($hRequest, "Accept: */*") _WinHttpSendRequest($hRequest) If @error Then MsgBox(48, "Error", "Error sending specified request.") Close_request() Exit 4 EndIf ; Wait for the response _WinHttpReceiveResponse($hRequest) If @error Then MsgBox(48, "Error", "Error waiting for the response from the server.") Close_request() Exit 5 EndIf Global $sChunk, $sData ; See what's returned If _WinHttpQueryDataAvailable($hRequest) Then Global $sHeader = _WinHttpQueryHeaders($hRequest) ;~ ConsoleWrite(@crlf) ConsoleWrite($sHeader & @CRLF) ; Read While 1 $sChunk = _WinHttpReadData($hRequest) If @error Then ExitLoop $sData &= $sChunk WEnd ConsoleWrite($sData & @CRLF) ; print to console Else MsgBox(48, "Error", "Site is experiencing problems.") EndIf Close_request() Func Close_request() ; Close open handles and exit _WinHttpCloseHandle($hRequest) _WinHttpCloseHandle($hConnect) _WinHttpCloseHandle($hOpen) EndFunc I am definitely connecting to the server but get a 401 Unauthorized response.  Output of above script:
      Header:
      HTTP/1.1 401 Unauthorized Cache-Control: private Date: Thu, 27 Jul 2017 15:31:21 GMT Content-Length: 1668 Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/7.5 Set-Cookie: ASP.NET_SessionId=lgwin2qsbbrip2mxg01fot05; path=/; HttpOnly Set-Cookie: TestCookieSupport=Supported; path=/ Set-Cookie: Orion_IsSessionExp=TRUE; expires=Thu, 27-Jul-2017 17:31:21 GMT; path=/ WWW-Authenticate: Negotiate WWW-Authenticate: NTLM X-UA-Compatible: IE=9 X-AspNet-Version: 4.0.30319 X-Powered-By: ASP.NET X-Same-Domain: 1 X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block Body:
      <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head><link rel="stylesheet" type="text/css" href="/orion/js/jquery-1.7.1/jquery-ui.css.i18n.ashx?l=en-US&v=42660.90.L&csd=%23b0b9c5;%23d2ddec;%2392add1;" /> <link rel="stylesheet" type="text/css" href="/orion/styles/orionminreqs.css.i18n.ashx?l=en-US&v=42660.90.L&csd=%23b0b9c5;%23d2ddec;%2392add1;" /> <link rel="stylesheet" type="text/css" href="/webengine/resources/steelblue.css.i18n.ashx?l=en-US&v=42660.90.L&csd=%23b0b9c5;%23d2ddec;%2392add1;" /> <link rel="stylesheet" type="text/css" href="/orion/ipam/res/css/sw-events.css.i18n.ashx?l=en-US&v=42660.90.L&csd=%23b0b9c5;%23d2ddec;%2392add1;" /> <script type="text/javascript" src="/orion/js/orionminreqs.js.i18n.ashx?l=en-US&v=42660.90.L"></script> <script type="text/javascript" src="/orion/js/modernizr/modernizr-2.5.3.js.i18n.ashx?l=en-US&v=42660.90.L"></script> <script type="text/javascript" src="/orion/js/jquery-1.7.1/jquery-1.7.1.framework.min.js.i18n.ashx?l=en-US&v=42660.90.L"></script> <script type="text/javascript">(function(){var de=$(document.documentElement); de.addClass('sw-is-locale-en'); $.each(jQuery.browser,function(k,v){if(v===true){ de.addClass('sw-is-'+k); de.addClass('sw-is-'+k+'-'+parseInt(jQuery.browser.version)); }}); })();</script> <script type="text/javascript">SW.Core.Loader._cbLoaded('jquery');</script> <script type="text/javascript">SW.Core.Date._init(0,-14400000);</script> <title> </title></head> <body> <script> window.location = 'Login.aspx'; </script> </body> </html> To me this looks like it if it is still looking for my credentials.   I did verify that things work as expected using Chrome and REST test client.  I do get certificate errors in IE if I try to go directly.  Bypass certificate issues and page will try to save out to .json file
       
      Looking for any help.
    • NiftRex
      By NiftRex
      I'm trying to get an array from a website so that I can just get the url, but I am not sure how. I read a bit of arrays but I have a feeling I'd have to be writing a lot more than what I should be. I will include the script I have so far and the API url for what I want.
       
      API: https://api.fast.com/netflix/speedtest?https=true&token=YXNkZmFzZGxmbnNkYWZoYXNkZmhrYWxm&urlCount=1 (I want the 'url' array that contains the url)
       
      Code:
      #include <MsgBoxConstants.au3> #include <Inet.au3> #include <Array.au3> $site = _INetGetSource('http://api.fast.com/netflix/speedtest?https=true&token=YXNkZmFzZGxmbnNkYWZoYXNkZmhrYWxm&urlCount=1') MsgBox($MB_SYSTEMMODAL, "Title", $site[1])  
    • Jefrey
      By Jefrey
      I've ported these two functions from PHP to AU3 to work with URLs.
      Made them for those who work with libraries like HTTP.au3 (not the one I coded), that needs passing the server domain, path, etc., instead of the full URL.
      Grab the lib here.
      ParseURL( $sURL )
      Parses the URL and splits it into defined parts. Returns an array:
      [0] = Full URL (same as $sURL) [1] = Protocol (i.e.: http, https, ftp, ws...) [2] = Domain [3] = Port (or null if not specified) [4] = Path (or null if not specified) [5] = Query string (everything after the ? - or null if not specified) Example:
      $aExample = ParseURL("https://google.com:8080/?name=doe") MsgBox(0, "Test", "URL: " & $aExample[0] & @CRLF & _ "Protocol: " & $aExample[1] & @CRLF & _ "Domain: " & $aExample[2] & @CRLF & _ "Port: " & $aExample[3] & @CRLF & _ "Path: " & $aExample[4] & @CRLF & _ "Query string: " & $aExample[5])  
      ParseStr( $sStr )
      Parses a query string (similar to the [5] of the previous function) and returns a multidimensional array, where:
      [0][0] = number of variables found [0][1] = ununsed [1][0] = key name of the first variable [1][1] = first variable value (already URL decoded) [n][0] = key name of the nth variable [n][1] = nth variable value (already URL decoded) Example:
      include <Array.au3> ; need only to do _ArrayDisplay, not needed by the lib _ArrayDisplay(ParseStr("foo=bar&test=lol%20123")) #cs Result is: [0][0] = 2 [0][1] = ununsed [1][0] = foo [1][1] = bar [2][0] = test [2][1] = lol 123 #ce Feel free to fork!