I’ve just ran the sample you suggested. Results returned successfully. (i) Meaning body returned content within. Meaning Authorization headers were properly converted to base64 and authentication worked just fine
Also, in the CURL command, running it in the command line prompt, body returns a JSON within a bunch of tokens and auth responses. I was expecting to get the same thing with ns_http. However, when I ran https://api.sandbox.paypal.com/v1/oauth2/token <https://api.sandbox.paypal.com/v1/oauth2/token> status returns 0 and body returns null. It’;s available at ttps://evex.co/paypal-checkout <ttps://evex.co/paypal-checkout> Log are bellow (i). https://jigsaw.w3.org/HTTP/Basic/ [16/Nov/2019:19:50:17][450.7f7a4ffff700][-conn:evex:127:47119-] Notice: HTTP status 200 time 0:152605 headers d5 body {<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML//EN"> <html> <head> <title>Basic Authentication test page</title> <!-- Changed by: Yves Lafon, 22-Feb-1999 --> </head> <BODY BGCOLOR="white"> <P> <A HREF=".."><IMG SRC="/icons/jigsaw" ALT="Jigsaw" BORDER="0" WIDTH="212" HEIGHT="49"></A><IMG SRC="/icons/jigpower.gif" WIDTH="94" HEIGHT="52" ALT="Jigsaw Powered !" BORDER="0" ALIGN="Right"> <P> <HR> <P>Your browser made it! </body> </html> } https {sslversion TLSv1.2 cipher ECDHE-RSA-AES256-GCM-SHA384} [16/Nov/2019:19:50:19][450.7f7a7ffff700][::throttle] Notice: === user 106.57.150.57 entered community 633 at 1573944619 reason new (ii).https://api.sandbox.paypal.com/v1/oauth2/token <https://api.sandbox.paypal.com/v1/oauth2/token> [16/Nov/2019:19:59:29][450.7f7a4ffff700][-conn:evex:127:47139-] Notice: HTTP status 0 time 0:155545 headers d5 body {} https {sslversion TLSv1.2 cipher AES256-SHA256} [16/Nov/2019:19:59:29][450.7f7a4ffff700][-conn:evex:127:47139-] Notice: RETURN URL /paypal-checkout ******* (iii). CURL curl -v https://api.sandbox.paypal.com/v1/oauth2/token -H "Accept: application/json" -H "Accept-Language: en_US" -u "AbB7eZG2UyBloReTo-QdoFxf36gfSJnd5DJDlIeCacdx3t2p0K5i6WQSpLtMT7XObmQPPDJ0-6PnRKQ2:EJfDo3xL6pPaYzJ8gQ0DcyEvcdRMM-_jF0IHeWIs_9IBdmqtRCwAdXEyhE0d3YMOBHokvI93YwtCkiJF" -d "grant_type=client_credentials" * Trying 173.0.82.78... * TCP_NODELAY set * Connected to api.sandbox.paypal.com (173.0.82.78) port 443 (#0) * ALPN, offering h2 * ALPN, offering http/1.1 * Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH * successfully set certificate verify locations: * CAfile: /etc/ssl/certs/ca-certificates.crt CApath: /etc/ssl/certs * TLSv1.2 (OUT), TLS header, Certificate Status (22): * TLSv1.2 (OUT), TLS handshake, Client hello (1): * TLSv1.2 (IN), TLS handshake, Server hello (2): * TLSv1.2 (IN), TLS handshake, Certificate (11): * TLSv1.2 (IN), TLS handshake, Request CERT (13): * TLSv1.2 (IN), TLS handshake, Server finished (14): * TLSv1.2 (OUT), TLS handshake, Certificate (11): * TLSv1.2 (OUT), TLS handshake, Client key exchange (16): * TLSv1.2 (OUT), TLS change cipher, Client hello (1): * TLSv1.2 (OUT), TLS handshake, Finished (20): * TLSv1.2 (IN), TLS change cipher, Client hello (1): * TLSv1.2 (IN), TLS handshake, Finished (20): * SSL connection using TLSv1.2 / AES256-SHA256 * ALPN, server did not agree to a protocol * Server certificate: * subject: C=US; ST=California; L=San Jose; O=PayPal, Inc.; OU=PayPal Production; CN=api.sandbox.paypal.com * start date: Aug 21 00:00:00 2018 GMT * expire date: Aug 20 12:00:00 2020 GMT * subjectAltName: host "api.sandbox.paypal.com" matched cert's "api.sandbox.paypal.com" * issuer: C=US; O=DigiCert Inc; CN=DigiCert Global CA G2 * SSL certificate verify ok. * Server auth using Basic with user 'AbB7eZG2UyBloReTo-QdoFxf36gfSJnd5DJDlIeCacdx3t2p0K5i6WQSpLtMT7XObmQPPDJ0-6PnRKQ2' > POST /v1/oauth2/token HTTP/1.1 > Host: api.sandbox.paypal.com > Authorization: Basic > QWJCN2VaRzJVeUJsb1JlVG8tUWRvRnhmMzZnZlNKbmQ1REpEbEllQ2FjZHgzdDJwMEs1aTZXUVNwTHRNVDdYT2JtUVBQREowLTZQblJLUTI6RUpmRG8zeEw2cFBhWXpKOGdRMERjeUV2Y2RSTU0tX2pGMElIZVdJc185SUJkbXF0UkN3QWRYRXloRTBkM1lNT0JIb2t2STkzWXd0Q2tpSkY= > User-Agent: curl/7.52.1 > Accept: application/json > Accept-Language: en_US > Content-Length: 29 > Content-Type: application/x-www-form-urlencoded > * upload completely sent off: 29 out of 29 bytes < HTTP/1.1 200 OK < Cache-Control: max-age=0, no-cache, no-store, must-revalidate < Content-Length: 918 < Content-Type: application/json < Date: Sat, 16 Nov 2019 22:58:32 GMT < Paypal-Debug-Id: 9c14dc56c49a9 < X-Paypal-Token-Service: IAAS < * Curl_http_done: called premature == 0 * Connection #0 to host api.sandbox.paypal.com left intact {"scope":"https://uri.paypal.com/services/invoicing https://uri.paypal.com/services/disputes/read-buyer https://uri.paypal.com/services/payments/realtimepayment https://uri.paypal.com/services/disputes/update-seller https://uri.paypal.com/services/payments/payment/authcapture openid https://uri.paypal.com/services/disputes/read-seller https://uri.paypal.com/services/payments/refund https://api.paypal.com/v1/vault/credit-card https://api.paypal.com/v1/payments/.* https://uri.paypal.com/payments/payouts https://api.paypal.com/v1/vault/credit-card/.* https://uri.paypal.com/services/subscriptions https://uri.paypal.com/services/applications/webhooks","access_token":"A21AAGnfER4lNk8rnGB4InaKkTbh-nvewEw3uM4llmAoRwLc9Wkh4wpkVHTQ4-ehe_F-bdgW3Z5EinJgbrmK3Eu4ffds-YPWQ","token_type":"Bearer","app_id":"APP-80W284485P519543T","expires_in":29668,"nonce":"2019-11-16T22:13:00Zb0kTBXRvIaKfKQ0AM3T6Q4e4RUih0srGp6GSlBENIeI"}evex@evex:/var/www/evex$ > On Nov 16, 2019, at 15:56, Iuri Sampaio <i...@iurix.com> wrote: > > Dear Gustaf, > It did help me to remind and review my own code to assure that it was > properly written. I grabbed the code from > https://naviserver.sourceforge.io/n/naviserver/files/ns_http.html#5 > <https://naviserver.sourceforge.io/n/naviserver/files/ns_http.html#5> > Plus, I switched to ns_base40encode. Before I was using Openacs > [base64::encode “${client}:${secret}"] > I've used the very first, basic and simple example (i.e. http queue and http > wait), and still, I get the same logs. > https://evex.co/paypal-checkout <https://evex.co/paypal-checkout> > > > Notice: HTTP > status 0 time 0:215139 headers d5 body {} https {sslversion TLSv1.2 cipher > AES256-SHA256} > > > > I’m able to change credentials whenever I want to get 400 error to return. > That means the credentials passed in the header were properly assigned. > Even though I agree I need to talk to the guys on PayPal, in case I missed > any parameter to allow connectivity on their side. > > > Notice: HttpTaskRecv: connection probably closed by server (url > https://api.sandbox.paypal.com/v1/oauth2/token > <https://api.sandbox.paypal.com/v1/oauth2/token>) > > > > Best wishes, > I > [16/Nov/2019:15:36:11][450.7f7a87fff700][-conn:evex:124:46257-] Warning: > /paypal-checkout has no doc(title) set, fallback to instance_name. > [16/Nov/2019:15:36:23][450.7f7a87fff700][-conn:evex:124:46259-] Notice: > HttpTaskRecv: connection probably closed by server (url > https://api.sandbox.paypal.com/v1/oauth2/token > <https://api.sandbox.paypal.com/v1/oauth2/token>) > > > > > [16/Nov/2019:15:46:05][450.7f7a87fff700][-conn:evex:124:46273-] Notice: > HttpTaskRecv: connection probably closed by server (url > https://api.sandbox.paypal.com/v1/oauth2/token > <https://api.sandbox.paypal.com/v1/oauth2/token>) > [16/Nov/2019:15:46:05][450.7f7a87fff700][-conn:evex:124:46273-] Notice: > RETURN URL /paypal-checkout ******* > >> On Nov 16, 2019, at 15:47, Iuri Sampaio <i...@iurix.com >> <mailto:i...@iurix.com>> wrote: >> >> Dear Gustaf, >> It did help me to remind and review my own code to assure that it was >> properly written. I grabbed the code from >> https://naviserver.sourceforge.io/n/naviserver/files/ns_http.html#5 >> <https://naviserver.sourceforge.io/n/naviserver/files/ns_http.html#5> >> Plus, I switched to ns_base40encode. Before I was using Openacs >> [base64::encode “${client}:${secret}"] >> I've used the very first, basic and simple example (i.e. http queue and http >> wait), and still, I get the same logs. >> https://evex.co/paypal-checkout <https://evex.co/paypal-checkout> >> >> >> Notice: HTTP >> status 0 time 0:215139 headers d5 body {} https {sslversion TLSv1.2 cipher >> AES256-SHA256} >> >> >> Notice: HttpTaskRecv: connection probably closed by server (url >> https://api.sandbox.paypal.com/v1/oauth2/token >> <https://api.sandbox.paypal.com/v1/oauth2/token>) >> >> >> I’m able to change credentials whenever I want to get 400 error to return. >> That means the credentials passed in the header were properly assigned. >> Even though I agree I need to talk to the guys on PayPal, in case I missed >> any parameter to allow connectivity on their side. >> >> >> Best wishes, >> I >> [16/Nov/2019:15:36:11][450.7f7a87fff700][-conn:evex:124:46257-] Warning: >> /paypal-checkout has no doc(title) set, fallback to instance_name. >> [16/Nov/2019:15:36:23][450.7f7a87fff700][-conn:evex:124:46259-] Notice: >> HttpTaskRecv: connection probably closed by server (url >> https://api.sandbox.paypal.com/v1/oauth2/token >> <https://api.sandbox.paypal.com/v1/oauth2/token>) >> >> >> >> >> [16/Nov/2019:15:46:05][450.7f7a87fff700][-conn:evex:124:46273-] Notice: >> HttpTaskRecv: connection probably closed by server (url >> https://api.sandbox.paypal.com/v1/oauth2/token >> <https://api.sandbox.paypal.com/v1/oauth2/token>) >> [16/Nov/2019:15:46:05][450.7f7a87fff700][-conn:evex:124:46273-] Notice: >> RETURN URL /paypal-checkout ******* >> >> >> >> >>> On Nov 16, 2019, at 08:58, Gustaf Neumann <neum...@wu.ac.at >>> <mailto:neum...@wu.ac.at>> wrote: >>> >>> Dear Iuri, >>> >>> Let's start with a simple example: make a GET request to a service, which >>> requires basic authentication >>> % ns_http run https://jigsaw.w3.org/HTTP/Basic/ >>> <https://jigsaw.w3.org/HTTP/Basic/> >>> status 401 time 0:513863 headers d11 body {<!DOCTYPE HTML PUBLIC >>> "-//W3C//DTD HTML 4.01 Transitional//EN" >>> "http://www.w3.org/TR/html4/loose.dtd"; >>> <http://www.w3.org/TR/html4/loose.dtd>> >>> <html> >>> <head> >>> ... >>> >>> NaviServer returns (starting with 4.99.17) for "ns_http run" a Tcl dict >>> with >>> the relevant information. The request above returns the HTTP status >>> code 401, which means "Unauthorized". >>> >>> Ok, now add some Authorization. As defined by RFC 7617, one has to add an >>> Authorization request header field with user:id:password encoded in base64. >>> % set h [ns_set create] >>> % ns_set update $h Authorization "Basic [ns_base64encode guest:guest]" >>> % ns_http run -headers $h https://jigsaw.w3.org/HTTP/Basic/ >>> <https://jigsaw.w3.org/HTTP/Basic/> >>> status 200 time 0:485802 headers d8 body {<!DOCTYPE HTML PUBLIC >>> "-//IETF//DTD HTML//EN"> >>> <html> >>> <head> >>> ... >>> >>> Now we see the status code 200, which means that the Authentication was ok. >>> If you still get a status code of 401, probably userid and/or password are >>> not ok. >>> >>> Hope this helps. >>> -gn >>> >>> On 15.11.19 16:21, Iuri Sampaio wrote: >>>> What would be the argument/switch to convert the option -u, from CURL >>>> command, to ns_http command? >>>> >>>> curl -v https://myhost.com/oauth2/token <https://myhost.com/oauth2/token> \ >>>> -H "Accept: application/json" \ >>>> -H "Accept-Language: en_US" \ >>>> -u "client_id:secret" \ >>>> -d "grant_type=client_credentials" >>> >>> _______________________________________________ >>> naviserver-devel mailing list >>> naviserver-devel@lists.sourceforge.net >>> <mailto:naviserver-devel@lists.sourceforge.net> >>> https://lists.sourceforge.net/lists/listinfo/naviserver-devel >>> <https://lists.sourceforge.net/lists/listinfo/naviserver-devel> >> > > _______________________________________________ > naviserver-devel mailing list > naviserver-devel@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/naviserver-devel
_______________________________________________ naviserver-devel mailing list naviserver-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/naviserver-devel
