How to "Authorization" in HTTP Header?

Started by Pierre茴 Clouthier on Saturday, February 26, 2011

Participants:

Related Projects:

Showing all 20 posts
2/26/2011 at 3:46 PM

I am using C++ and the CURL library. I am able to negotiate OAuth and get an access token. I add the access token to the Headers. Ex:

Authorization: OAuth 8gBTGDcFPlJQ3ra2gi6Kw96xspK1wmAPfRMKe2iR

I am getting a 500 error code ("ApiException") when I send a profile inquiry. The same inquiry works fine when I paste it in the browser address window.

Do I have the right syntax? Is there documentation available? (The Ruby example should be updated).

2/27/2011 at 7:23 AM

Greetings Pierre,

Was this 10 days ago, or more recent? The only logged errors I see for you are on February 17th, where it appears that you were missing the "g" in front of a profile ID in an immediate-family call. I suspect you got that worked out, though, and that whatever problem you're having is more recent but not being logged for some reason...?

2/27/2011 at 7:45 AM

This is happening yesterday and today (minutes ago). I am trying every permutation under the sun:

Authorization: OAuth %s
500 Internal Server Error

Authorization: %s
302 https://www.geni.com/api/profile/immediate-family.xml

Authorization: OAuth "%s"
500 Internal Server Error

Authorization: OAuth token %s
500 Internal Server Error

I really appreciate some help, I am gung-ho to get this up & running today :o)

2/27/2011 at 8:12 AM

Here's the header I get back:

HTTP/1.1 500 Internal Server Error
Server: nginx/0.7.65
Date: Sun, 27 Feb 2011 15:53:12 GMT
Content-Type: application/xml; charset=utf-8
Connection: keep-alive
Status: 500 Internal Server Error
X-API-Rate-Limit: 40
X-API-Rate-Window: 10
Content-Length: 84
Set-Cookie: gsession=BAh7CDoPc2Vzc2lvbl9pZCIlYjE5MjEyNDI3NWZhYTgxOTNhZTcxMzQ3OWY2MGIzMjc6FGdlbmlfc2Vzc2lvbl9pZCIlMzRjMzgxMjM1NjU2MzJmZDNkNTk2YzllYWYxM2I3ZTYiDXJlZl90eXBlIgxvcmdhbmlj--d49ba4cf0895c2bccb1253674cbdaef9e577b215; path=/; HttpOnly
X-API-Rate-Remaining: 40
Cache-Control: no-cache

2/27/2011 at 9:26 AM

Well I can see how that doesn't help you very much. :-/

Can you try passing --trace <file> to curl and send me the contents of the trace file? (Either post here or send me a Geni message if you prefer)

2/27/2011 at 9:42 AM

Whoops, sorry, I see you said "curl library" -- do you happen to know if there's a way to enable tracing through the library interface?

2/27/2011 at 10:15 AM

Here is the trace log captured by a debugging function:

GET /?code=vLs8E1Im7zQLdjcZnJXx HTTP/1.1
Host: 127.0.0.1:55555
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 ( .NET CLR 3.5.30729; .NET4.0E)
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

https://www.geni.com/oauth/token?client_id=IKPCwc6QmjBg4LbKRLoVzBWf...
curl_debug_func: About to connect() to www.geni.com port 443

curl_debug_func: Trying 208.78.87.80...
curl_debug_func: connected

curl_debug_func: Connected to www.geni.com (208.78.87.80) port 443

curl_debug_func: CAfile: curl-ca-bundle.crt
CApath: none

curl_debug_func: SSLv2, Client hello (1):

curl_debug_func: 
curl_debug_func: SSLv3, TLS handshake, Server hello (2):

curl_debug_func: 
curl_debug_func: SSLv3, TLS handshake, CERT (11):

curl_debug_func:
curl_debug_func: SSLv3, TLS handshake, Server finished (14):

curl_debug_func: 
curl_debug_func: SSLv3, TLS handshake, Client key exchange (16):

curl_debug_func: 
curl_debug_func: SSLv3, TLS change cipher, Client hello (1):

curl_debug_func: 
curl_debug_func: SSLv3, TLS handshake, Finished (20):

curl_debug_func: 
curl_debug_func: SSLv3, TLS change cipher, Client hello (1):

curl_debug_func: 
curl_debug_func: SSLv3, TLS handshake, Finished (20):

curl_debug_func: 
curl_debug_func: SSL connection using RC4-MD5

curl_debug_func: Server certificate:

curl_debug_func: subject: /serialNumber=/lPhimBQlVfNkaJkSEPRisRh-EM7Acws/C=US/O=*.geni.com/OU=GT97122710/OU=See www.rapidssl.com/resources/cps (c)10/OU=Domain Control Validated - RapidSSL(R)/CN=*.geni.com

curl_debug_func: start date: 2010-08-25 03:58:32 GMT

curl_debug_func: expire date: 2011-08-28 19:35:09 GMT

curl_debug_func: subjectAltName: www.geni.com matched

curl_debug_func: issuer: /C=US/O=Equifax/OU=Equifax Secure Certificate Authority

curl_debug_func: SSL certificate verify ok.

curl_debug_func: GET /oauth/token?client_id=IKPCwc6QmjBg4LbKRLoVzBWfBWlNH4T9jTDSZ9N8&client_secret=***&code=vLs8E1Im7zQLdjcZnJXx&redirect_uri=http://127.0.0.1:55555 HTTP/1.1
User-Agent: Charting Companion/1.0 (Progeny Genealogy Inc.)
Host: www.geni.com
Accept: */*
Referer: www.progenygenealogy.com

curl_debug_func: HTTP/1.1 200 OK

HTTP/1.1 200 OK
curl_debug_func: Server: nginx/0.7.65

Server: nginx/0.7.65
curl_debug_func: Date: Sun, 27 Feb 2011 18:08:30 GMT

Date: Sun, 27 Feb 2011 18:08:30 GMT
curl_debug_func: Content-Type: application/json; charset=utf-8

Content-Type: application/json; charset=utf-8
curl_debug_func: Connection: keep-alive

Connection: keep-alive
curl_debug_func: Status: 200 OK

Status: 200 OK
curl_debug_func: ETag: "c9ee41a7528e72ceb78f5f3891d8fe44"

ETag: "c9ee41a7528e72ceb78f5f3891d8fe44"
curl_debug_func: X-Runtime: 58

X-Runtime: 58
curl_debug_func: Content-Length: 53

Content-Length: 53
curl_debug_func: Set-Cookie: ref=www.progenygenealogy.com; path=/; expires=Mon, 28-Feb-2011 18:08:30 GMT

Set-Cookie: ref=www.progenygenealogy.com; path=/; expires=Mon, 28-Feb-2011 18:08:30 GMT
curl_debug_func: Set-Cookie: gsession=BAh7CjoLbG9jYWxlIgplbi1VUzoQc2F2ZV9sb2NhbGVGOg9zZXNzaW9uX2lkIiUxZWY1MDYyNWRkOWQ4OWUxMzM5ZWQ1ZGU3N2RmOGZmNiINcmVmX3R5cGUiDG9yZ2FuaWM6FGdlbmlfc2Vzc2lvbl9pZCIlOGVmYzdiMjQyMWMxNzI2ZjA2YmUwM2NmNjYyMDg1MGI%3D--20923a7d044a973aa53de2e2baaf3aadf568a9cd; path=/; HttpOnly

Set-Cookie: gsession=BAh7CjoLbG9jYWxlIgplbi1VUzoQc2F2ZV9sb2NhbGVGOg9zZXNzaW9uX2lkIiUxZWY1MDYyNWRkOWQ4OWUxMzM5ZWQ1ZGU3N2RmOGZmNiINcmVmX3R5cGUiDG9yZ2FuaWM6FGdlbmlfc2Vzc2lvbl9pZCIlOGVmYzdiMjQyMWMxNzI2ZjA2YmUwM2NmNjYyMDg1MGI%3D--20923a7d044a973aa53de2e2baaf3aadf568a9cd; path=/; HttpOnly
curl_debug_func: Cache-Control: private, max-age=0, must-revalidate

Cache-Control: private, max-age=0, must-revalidate

curl_debug_func: access_token=I2CJLCgd44FFRZdaCm8Fbev0GOVdi0Xn0Dw6tAcE
curl_debug_func: Connection #0 to host www.geni.com left intact

getAccessToken ret = 200
cCURL::appendHeader "Authorization: OAuth I2CJLCgd44FFRZdaCm8Fbev0GOVdi0Xn0Dw6tAcE"
The thread 'Win32 Thread' (0x10e0) has exited with code 0 (0x0).
curl_debug_func: About to connect() to www.geni.com port 80

curl_debug_func: Trying 208.78.87.80...
curl_debug_func: connected

curl_debug_func: Connected to www.geni.com (208.78.87.80) port 80

curl_debug_func: GET /api/profile/immediate-family.xml HTTP/1.1
User-Agent: Charting Companion/1.0 (Progeny Genealogy Inc.)
Host: www.geni.com
Accept: */*
Referer: www.progenygenealogy.com
Authorization: OAuth I2CJLCgd44FFRZdaCm8Fbev0GOVdi0Xn0Dw6tAcE

curl_debug_func: HTTP/1.1 500 Internal Server Error

HTTP/1.1 500 Internal Server Error
curl_debug_func: Server: nginx/0.7.65

Server: nginx/0.7.65
curl_debug_func: Date: Sun, 27 Feb 2011 18:08:31 GMT

Date: Sun, 27 Feb 2011 18:08:31 GMT
curl_debug_func: Content-Type: application/xml; charset=utf-8

Content-Type: application/xml; charset=utf-8
curl_debug_func: Connection: keep-alive

Connection: keep-alive
curl_debug_func: Status: 500 Internal Server Error

Status: 500 Internal Server Error
curl_debug_func: X-API-Rate-Limit: 40

X-API-Rate-Limit: 40
curl_debug_func: X-API-Rate-Window: 10

X-API-Rate-Window: 10
curl_debug_func: Content-Length: 84

Content-Length: 84
curl_debug_func: Set-Cookie: gsession=BAh7CDoPc2Vzc2lvbl9pZCIlZDQ3MWY5OGVhNzc5ZmM1YmY0NGNlM2Q2ZGM5MmQ2ZDAiDXJlZl90eXBlIgxvcmdhbmljOhRnZW5pX3Nlc3Npb25faWQiJTE1ZDFmNGJiM2QzY2RjZDcyYTVhZDBkNTVhYmEzMzgz--1603503331e51edd11ea58b2f3afacb83509dce4; path=/; HttpOnly

Set-Cookie: gsession=BAh7CDoPc2Vzc2lvbl9pZCIlZDQ3MWY5OGVhNzc5ZmM1YmY0NGNlM2Q2ZGM5MmQ2ZDAiDXJlZl90eXBlIgxvcmdhbmljOhRnZW5pX3Nlc3Npb25faWQiJTE1ZDFmNGJiM2QzY2RjZDcyYTVhZDBkNTVhYmEzMzgz--1603503331e51edd11ea58b2f3afacb83509dce4; path=/; HttpOnly
curl_debug_func: X-API-Rate-Remaining: 40

X-API-Rate-Remaining: 40
curl_debug_func: Cache-Control: no-cache

Cache-Control: no-cache

curl_debug_func: <?xml version="1.0" encoding="UTF-8"?>
<error>
<type>ApiException</type>
</error>

curl_debug_func: Connection #1 to host www.geni.com left intact

2/27/2011 at 8:32 PM

Well, I'm sorry I wasn't able to get you an answer today.. they day you have to work on your app, happens to coincide with the day we usually don't work on ours. :-/

2/28/2011 at 7:18 AM

No problem - this is a full-time job for me, I'm available seven days a week to work on the GENI version of my app.

So, how do I formulate the "Authorization" part of the header? Are there any written specifications available? Am I doing something incorrect, or is the "ApiException" coming from the GENI code?

Sure appreciate the help.

Here is a sample of the charts I will be creating directly from GENI data:

http://progenygenealogy.com/Products/FamilyTreeCharts/SampleCharts....

2/28/2011 at 9:39 AM

I think you're using an OAuth1-style header to make the call.

Try this url: https://www.geni.com/api/profile/immediate-family.xml?access_token=... code returned from token call)

2/28/2011 at 11:28 AM

That did the trick. The access token is not delimited by quotes:

https://www.geni.com/api/profile/immediate-family.xml?access_token=...

I don't know Ruby, but I examined the example here (https://github.com/intridea/oauth2/commit/607af1ca78fa20b796de6260a...) and assumed that this meant we had to add the Authorization code to the header:

headers = headers.merge 'Authorization' => "OAuth #{@token}"

Thanks very much. BTW accurate, up-to-date documentation is really appreciated. We will read it and ask fewer dumb questions.

3/1/2011 at 11:37 AM

I think the code should look like this:

headers.merge 'Authorization' => "OAuth oauth_signature_method=PLAINTEXT&oauth_token=#{@token}"

Private User
6/28/2011 at 3:14 PM

BUMP!

Scott Steadman - Itried the Authorization OAuth oauth_signature_method=PLAINTEXT&oauth_token=xxx
request header method and got a 400, Bad Request error.

{"error":{"type":"ApiException","message":"Bad Request"}}

Could you check up what kind of header Geni accept for OAuth Authorization?

I try to avoid having to unpack and repack the url just add the oauth_token parameter.

Could you also check what kind of parameters or headers Geni require to get to this page by replying with a 302 Location response to the access_token message:

http://i632.photobucket.com/albums/uu41/bpbrox/AllowedRequest.png

6/29/2011 at 5:54 AM

We're in the process of updating our OAuth code. Have you tried this on the sandbox?

Private User
6/29/2011 at 10:51 AM

I don't think I have access to the sandbox.
PM me information ad I can make some tests.

6/29/2011 at 1:42 PM

No need for PM. It's http://sandbox.geni.com/

You'll have to create an account there it's not linked with production.

Private User
4/18/2012 at 1:04 PM

BUMP.

I did some testing and found out that Geni supports using an authorization header using the same syntax as Google:

Authorization: Bearer your-oauth2-token

Example from above:
Authorization: Bearer 8gBTGDcFPlJQ3ra2gi6Kw96xspK1wmAPfRMKe2iR

This means that you can drop using the oauth_token parameter.

However: You get a 400, Bad Request error id using the Authorization header on loading mugshot images.

4/19/2012 at 3:08 AM

OK, I'll look into this.

Private User
4/19/2012 at 8:02 AM

BTW: My GeniSDK is fully converted to use the new host: api.geni.com instead of www.geni.com/api in case it does not work for you.

5/5/2012 at 3:54 PM

Can you elaborate on "You get a 400, Bad Request error id using the Authorization header on loading mugshot images"? Do you mean that Charting Companion won't display images? I did a test and it seems to display the photos OK.

Do you have an example?

Showing all 20 posts

Create a free account or login to participate in this discussion