Btw, the very same request works fine not only on CURL but also on Postman. For instance, that’s the response CURL and Postman return
{ "scope": "https://uri.paypal.com/services/invoicing https://uri.paypal.com/services/disputes/read-buyer https://uri.paypal.com/services/payments/realtimepayment https://uri.paypal.com/services/disputes/update-seller https://uri.paypal.com/services/payments/payment/authcapture openid https://uri.paypal.com/services/disputes/read-seller https://uri.paypal.com/services/payments/refund https://api.paypal.com/v1/vault/credit-card https://api.paypal.com/v1/payments/.* https://uri.paypal.com/payments/payouts https://api.paypal.com/v1/vault/credit-card/.* https://uri.paypal.com/services/subscriptions https://uri.paypal.com/services/applications/webhooks", "access_token": "A21AAGnfdsdsdsdFEFERFERgbh-nvewEw3uM4llmAoRwLc9Wkh4wpkVHTQ4-ehe_F-bdgW3Z5EinJgbrmK3Eu4ffds-YPWQ", "token_type": "Bearer", "app_id": "APP-W28fGERGERGERGERGREGE3T", "expires_in": 31623, "nonce": "2019-11-16T22:13:00Zb0kTBXRvIaKfKQ0AM3T6Q4e4RUih0srGp6GSlBENIeI" } > On Nov 16, 2019, at 20:00, Iuri Sampaio <i...@iurix.com> wrote: > > I’ve just ran the sample you suggested. Results returned successfully. (i) > Meaning body returned content within. Meaning Authorization headers were > properly converted to base64 and authentication worked just fine > > > Also, in the CURL command, running it in the command line prompt, body > returns a JSON within a bunch of tokens and auth responses. > > I was expecting to get the same thing with ns_http. However, when I ran > https://api.sandbox.paypal.com/v1/oauth2/token > <https://api.sandbox.paypal.com/v1/oauth2/token> status returns 0 and body > returns null. It’;s available at ttps://evex.co/paypal-checkout > <ttps://evex.co/paypal-checkout> > > Log are bellow > > > (i). https://jigsaw.w3.org/HTTP/Basic/ <https://jigsaw.w3.org/HTTP/Basic/> > > [16/Nov/2019:19:50:17][450.7f7a4ffff700][-conn:evex:127:47119-] Notice: HTTP > status 200 time 0:152605 headers d5 body {<!DOCTYPE HTML PUBLIC > "-//IETF//DTD HTML//EN"> > <html> > <head> > <title>Basic Authentication test page</title> > <!-- Changed by: Yves Lafon, 22-Feb-1999 --> > </head> > > <BODY BGCOLOR="white"> > <P> > <A HREF=".."><IMG SRC="/icons/jigsaw" ALT="Jigsaw" BORDER="0" > WIDTH="212" > HEIGHT="49"></A><IMG SRC="/icons/jigpower.gif" WIDTH="94" HEIGHT="52" > ALT="Jigsaw Powered !" > BORDER="0" ALIGN="Right"> > > <P> > <HR> > <P>Your browser made it! > </body> > </html> > } https {sslversion TLSv1.2 cipher ECDHE-RSA-AES256-GCM-SHA384} > [16/Nov/2019:19:50:19][450.7f7a7ffff700][::throttle] Notice: === user > 106.57.150.57 entered community 633 at 1573944619 reason new > > > (ii).https://api.sandbox.paypal.com/v1/oauth2/token > <https://api.sandbox.paypal.com/v1/oauth2/token> > [16/Nov/2019:19:59:29][450.7f7a4ffff700][-conn:evex:127:47139-] Notice: HTTP > status 0 time 0:155545 headers d5 body {} https {sslversion TLSv1.2 cipher > AES256-SHA256} > [16/Nov/2019:19:59:29][450.7f7a4ffff700][-conn:evex:127:47139-] Notice: > RETURN URL /paypal-checkout ******* > > > > (iii). CURL > > curl -v https://api.sandbox.paypal.com/v1/oauth2/token > <https://api.sandbox.paypal.com/v1/oauth2/token> -H "Accept: > application/json" -H "Accept-Language: en_US" -u > "AbB7eZG2UyBloReTo-QdoFxf36gfSJnd5DJDlIeCacdx3t2p0K5i6WQSpLtMT7XObmQPPDJ0-6PnRKQ2:EJfDo3xL6pPaYzJ8gQ0DcyEvcdRMM-_jF0IHeWIs_9IBdmqtRCwAdXEyhE0d3YMOBHokvI93YwtCkiJF" > -d "grant_type=client_credentials" > * Trying 173.0.82.78... > * TCP_NODELAY set > * Connected to api.sandbox.paypal.com <http://api.sandbox.paypal.com/> > (173.0.82.78) port 443 (#0) > * ALPN, offering h2 > * ALPN, offering http/1.1 > * Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH > * successfully set certificate verify locations: > * CAfile: /etc/ssl/certs/ca-certificates.crt > CApath: /etc/ssl/certs > * TLSv1.2 (OUT), TLS header, Certificate Status (22): > * TLSv1.2 (OUT), TLS handshake, Client hello (1): > * TLSv1.2 (IN), TLS handshake, Server hello (2): > * TLSv1.2 (IN), TLS handshake, Certificate (11): > * TLSv1.2 (IN), TLS handshake, Request CERT (13): > * TLSv1.2 (IN), TLS handshake, Server finished (14): > * TLSv1.2 (OUT), TLS handshake, Certificate (11): > * TLSv1.2 (OUT), TLS handshake, Client key exchange (16): > * TLSv1.2 (OUT), TLS change cipher, Client hello (1): > * TLSv1.2 (OUT), TLS handshake, Finished (20): > * TLSv1.2 (IN), TLS change cipher, Client hello (1): > * TLSv1.2 (IN), TLS handshake, Finished (20): > * SSL connection using TLSv1.2 / AES256-SHA256 > * ALPN, server did not agree to a protocol > * Server certificate: > * subject: C=US; ST=California; L=San Jose; O=PayPal, Inc.; OU=PayPal > Production; CN=api.sandbox.paypal.com <http://api.sandbox.paypal.com/> > * start date: Aug 21 00:00:00 2018 GMT > * expire date: Aug 20 12:00:00 2020 GMT > * subjectAltName: host "api.sandbox.paypal.com > <http://api.sandbox.paypal.com/>" matched cert's "api.sandbox.paypal.com > <http://api.sandbox.paypal.com/>" > * issuer: C=US; O=DigiCert Inc; CN=DigiCert Global CA G2 > * SSL certificate verify ok. > * Server auth using Basic with user > 'AbB7eZG2UyBloReTo-QdoFxf36gfSJnd5DJDlIeCacdx3t2p0K5i6WQSpLtMT7XObmQPPDJ0-6PnRKQ2' > > POST /v1/oauth2/token HTTP/1.1 > > Host: api.sandbox.paypal.com <http://api.sandbox.paypal.com/> > > Authorization: Basic > > QWJCN2VaRzJVeUJsb1JlVG8tUWRvRnhmMzZnZlNKbmQ1REpEbEllQ2FjZHgzdDJwMEs1aTZXUVNwTHRNVDdYT2JtUVBQREowLTZQblJLUTI6RUpmRG8zeEw2cFBhWXpKOGdRMERjeUV2Y2RSTU0tX2pGMElIZVdJc185SUJkbXF0UkN3QWRYRXloRTBkM1lNT0JIb2t2STkzWXd0Q2tpSkY= > > User-Agent: curl/7.52.1 > > Accept: application/json > > Accept-Language: en_US > > Content-Length: 29 > > Content-Type: application/x-www-form-urlencoded > > > * upload completely sent off: 29 out of 29 bytes > < HTTP/1.1 200 OK > < Cache-Control: max-age=0, no-cache, no-store, must-revalidate > < Content-Length: 918 > < Content-Type: application/json > < Date: Sat, 16 Nov 2019 22:58:32 GMT > < Paypal-Debug-Id: 9c14dc56c49a9 > < X-Paypal-Token-Service: IAAS > < > * Curl_http_done: called premature == 0 > * Connection #0 to host api.sandbox.paypal.com > <http://api.sandbox.paypal.com/> left intact > {"scope":"https://uri.paypal.com/services/invoicing > <https://uri.paypal.com/services/invoicing> > https://uri.paypal.com/services/disputes/read-buyer > <https://uri.paypal.com/services/disputes/read-buyer> > https://uri.paypal.com/services/payments/realtimepayment > <https://uri.paypal.com/services/payments/realtimepayment> > https://uri.paypal.com/services/disputes/update-seller > <https://uri.paypal.com/services/disputes/update-seller> > https://uri.paypal.com/services/payments/payment/authcapture > <https://uri.paypal.com/services/payments/payment/authcapture> openid > https://uri.paypal.com/services/disputes/read-seller > <https://uri.paypal.com/services/disputes/read-seller> > https://uri.paypal.com/services/payments/refund > <https://uri.paypal.com/services/payments/refund> > https://api.paypal.com/v1/vault/credit-card > <https://api.paypal.com/v1/vault/credit-card> > https://api.paypal.com/v1/payments <https://api.paypal.com/v1/payments>/.* > https://uri.paypal.com/payments/payouts > <https://uri.paypal.com/payments/payouts> > https://api.paypal.com/v1/vault/credit-card > <https://api.paypal.com/v1/vault/credit-card>/.* > https://uri.paypal.com/services/subscriptions > <https://uri.paypal.com/services/subscriptions> > https://uri.paypal.com/services/applications/webhooks > <https://uri.paypal.com/services/applications/webhooks>","access_token":"A21AAGnfER4lNk8rnGB4InaKkTbh-nvewEw3uM4llmAoRwLc9Wkh4wpkVHTQ4-ehe_F-bdgW3Z5EinJgbrmK3Eu4ffds-YPWQ","token_type":"Bearer","app_id":"APP-80W284485P519543T","expires_in":29668,"nonce":"2019-11-16T22:13:00Zb0kTBXRvIaKfKQ0AM3T6Q4e4RUih0srGp6GSlBENIeI"}evex@evex:/var/www/evex$ > > > > >> On Nov 16, 2019, at 15:56, Iuri Sampaio <i...@iurix.com >> <mailto:i...@iurix.com>> wrote: >> >> Dear Gustaf, >> It did help me to remind and review my own code to assure that it was >> properly written. I grabbed the code from >> https://naviserver.sourceforge.io/n/naviserver/files/ns_http.html#5 >> <https://naviserver.sourceforge.io/n/naviserver/files/ns_http.html#5> >> Plus, I switched to ns_base40encode. Before I was using Openacs >> [base64::encode “${client}:${secret}"] >> I've used the very first, basic and simple example (i.e. http queue and http >> wait), and still, I get the same logs. >> https://evex.co/paypal-checkout <https://evex.co/paypal-checkout> >> >> >> Notice: HTTP >> status 0 time 0:215139 headers d5 body {} https {sslversion TLSv1.2 cipher >> AES256-SHA256} >> >> >> >> I’m able to change credentials whenever I want to get 400 error to return. >> That means the credentials passed in the header were properly assigned. >> Even though I agree I need to talk to the guys on PayPal, in case I missed >> any parameter to allow connectivity on their side. >> >> >> Notice: HttpTaskRecv: connection probably closed by server (url >> https://api.sandbox.paypal.com/v1/oauth2/token >> <https://api.sandbox.paypal.com/v1/oauth2/token>) >> >> >> >> Best wishes, >> I >> [16/Nov/2019:15:36:11][450.7f7a87fff700][-conn:evex:124:46257-] Warning: >> /paypal-checkout has no doc(title) set, fallback to instance_name. >> [16/Nov/2019:15:36:23][450.7f7a87fff700][-conn:evex:124:46259-] Notice: >> HttpTaskRecv: connection probably closed by server (url >> https://api.sandbox.paypal.com/v1/oauth2/token >> <https://api.sandbox.paypal.com/v1/oauth2/token>) >> >> >> >> >> [16/Nov/2019:15:46:05][450.7f7a87fff700][-conn:evex:124:46273-] Notice: >> HttpTaskRecv: connection probably closed by server (url >> https://api.sandbox.paypal.com/v1/oauth2/token >> <https://api.sandbox.paypal.com/v1/oauth2/token>) >> [16/Nov/2019:15:46:05][450.7f7a87fff700][-conn:evex:124:46273-] Notice: >> RETURN URL /paypal-checkout ******* >> >>> On Nov 16, 2019, at 15:47, Iuri Sampaio <i...@iurix.com >>> <mailto:i...@iurix.com>> wrote: >>> >>> Dear Gustaf, >>> It did help me to remind and review my own code to assure that it was >>> properly written. I grabbed the code from >>> https://naviserver.sourceforge.io/n/naviserver/files/ns_http.html#5 >>> <https://naviserver.sourceforge.io/n/naviserver/files/ns_http.html#5> >>> Plus, I switched to ns_base40encode. Before I was using Openacs >>> [base64::encode “${client}:${secret}"] >>> I've used the very first, basic and simple example (i.e. http queue and >>> http wait), and still, I get the same logs. >>> https://evex.co/paypal-checkout <https://evex.co/paypal-checkout> >>> >>> >>> Notice: HTTP >>> status 0 time 0:215139 headers d5 body {} https {sslversion TLSv1.2 cipher >>> AES256-SHA256} >>> >>> >>> Notice: HttpTaskRecv: connection probably closed by server (url >>> https://api.sandbox.paypal.com/v1/oauth2/token >>> <https://api.sandbox.paypal.com/v1/oauth2/token>) >>> >>> >>> I’m able to change credentials whenever I want to get 400 error to return. >>> That means the credentials passed in the header were properly assigned. >>> Even though I agree I need to talk to the guys on PayPal, in case I missed >>> any parameter to allow connectivity on their side. >>> >>> >>> Best wishes, >>> I >>> [16/Nov/2019:15:36:11][450.7f7a87fff700][-conn:evex:124:46257-] Warning: >>> /paypal-checkout has no doc(title) set, fallback to instance_name. >>> [16/Nov/2019:15:36:23][450.7f7a87fff700][-conn:evex:124:46259-] Notice: >>> HttpTaskRecv: connection probably closed by server (url >>> https://api.sandbox.paypal.com/v1/oauth2/token >>> <https://api.sandbox.paypal.com/v1/oauth2/token>) >>> >>> >>> >>> >>> [16/Nov/2019:15:46:05][450.7f7a87fff700][-conn:evex:124:46273-] Notice: >>> HttpTaskRecv: connection probably closed by server (url >>> https://api.sandbox.paypal.com/v1/oauth2/token >>> <https://api.sandbox.paypal.com/v1/oauth2/token>) >>> [16/Nov/2019:15:46:05][450.7f7a87fff700][-conn:evex:124:46273-] Notice: >>> RETURN URL /paypal-checkout ******* >>> >>> >>> >>> >>>> On Nov 16, 2019, at 08:58, Gustaf Neumann <neum...@wu.ac.at >>>> <mailto:neum...@wu.ac.at>> wrote: >>>> >>>> Dear Iuri, >>>> >>>> Let's start with a simple example: make a GET request to a service, which >>>> requires basic authentication >>>> % ns_http run https://jigsaw.w3.org/HTTP/Basic/ >>>> <https://jigsaw.w3.org/HTTP/Basic/> >>>> status 401 time 0:513863 headers d11 body {<!DOCTYPE HTML PUBLIC >>>> "-//W3C//DTD HTML 4.01 Transitional//EN" >>>> "http://www.w3.org/TR/html4/loose.dtd" >>>> <http://www.w3.org/TR/html4/loose.dtd>> >>>> <html> >>>> <head> >>>> ... >>>> >>>> NaviServer returns (starting with 4.99.17) for "ns_http run" a Tcl dict >>>> with >>>> the relevant information. The request above returns the HTTP status >>>> code 401, which means "Unauthorized". >>>> >>>> Ok, now add some Authorization. As defined by RFC 7617, one has to add an >>>> Authorization request header field with user:id:password encoded in base64. >>>> % set h [ns_set create] >>>> % ns_set update $h Authorization "Basic [ns_base64encode guest:guest]" >>>> % ns_http run -headers $h https://jigsaw.w3.org/HTTP/Basic/ >>>> <https://jigsaw.w3.org/HTTP/Basic/> >>>> status 200 time 0:485802 headers d8 body {<!DOCTYPE HTML PUBLIC >>>> "-//IETF//DTD HTML//EN"> >>>> <html> >>>> <head> >>>> ... >>>> >>>> Now we see the status code 200, which means that the Authentication was ok. >>>> If you still get a status code of 401, probably userid and/or password are >>>> not ok. >>>> >>>> Hope this helps. >>>> -gn >>>> >>>> On 15.11.19 16:21, Iuri Sampaio wrote: >>>>> What would be the argument/switch to convert the option -u, from CURL >>>>> command, to ns_http command? >>>>> >>>>> curl -v https://myhost.com/oauth2/token <https://myhost.com/oauth2/token> >>>>> \ >>>>> -H "Accept: application/json" \ >>>>> -H "Accept-Language: en_US" \ >>>>> -u "client_id:secret" \ >>>>> -d "grant_type=client_credentials" >>>> >>>> _______________________________________________ >>>> naviserver-devel mailing list >>>> naviserver-devel@lists.sourceforge.net >>>> <mailto:naviserver-devel@lists.sourceforge.net> >>>> https://lists.sourceforge.net/lists/listinfo/naviserver-devel >>>> <https://lists.sourceforge.net/lists/listinfo/naviserver-devel> >>> >> >> _______________________________________________ >> naviserver-devel mailing list >> naviserver-devel@lists.sourceforge.net >> <mailto:naviserver-devel@lists.sourceforge.net> >> https://lists.sourceforge.net/lists/listinfo/naviserver-devel >
_______________________________________________ naviserver-devel mailing list naviserver-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/naviserver-devel