Re: [naviserver-devel] Converting a CURL call to a ns_http call

Iuri Sampaio Sat, 16 Nov 2019 15:04:14 -0800

Btw, the very same request works fine not only on CURL but also on Postman.
For instance, that’s the response CURL and Postman return


{
    "scope": "https://uri.paypal.com/services/invoicing 
https://uri.paypal.com/services/disputes/read-buyer 
https://uri.paypal.com/services/payments/realtimepayment 
https://uri.paypal.com/services/disputes/update-seller 
https://uri.paypal.com/services/payments/payment/authcapture openid 
https://uri.paypal.com/services/disputes/read-seller 
https://uri.paypal.com/services/payments/refund 
https://api.paypal.com/v1/vault/credit-card 
https://api.paypal.com/v1/payments/.* https://uri.paypal.com/payments/payouts 
https://api.paypal.com/v1/vault/credit-card/.* 
https://uri.paypal.com/services/subscriptions 
https://uri.paypal.com/services/applications/webhooks";,
    "access_token": 
"A21AAGnfdsdsdsdFEFERFERgbh-nvewEw3uM4llmAoRwLc9Wkh4wpkVHTQ4-ehe_F-bdgW3Z5EinJgbrmK3Eu4ffds-YPWQ",
    "token_type": "Bearer",
    "app_id": "APP-W28fGERGERGERGERGREGE3T",
    "expires_in": 31623,
    "nonce": "2019-11-16T22:13:00Zb0kTBXRvIaKfKQ0AM3T6Q4e4RUih0srGp6GSlBENIeI"
}

> On Nov 16, 2019, at 20:00, Iuri Sampaio <i...@iurix.com> wrote:
> 
> I’ve just ran the sample you suggested. Results returned successfully. (i) 
> Meaning body returned content within.  Meaning Authorization headers were 
> properly converted to base64 and authentication worked just fine
> 
> 
> Also, in the CURL command, running it in the command line prompt, body 
> returns a JSON within a bunch of tokens and auth responses. 
> 
> I was expecting to get the same thing with ns_http. However, when I ran 
> https://api.sandbox.paypal.com/v1/oauth2/token 
> <https://api.sandbox.paypal.com/v1/oauth2/token> status returns 0 and body 
> returns  null.  It’;s available at ttps://evex.co/paypal-checkout 
> <ttps://evex.co/paypal-checkout>
> 
> Log are bellow
> 
> 
> (i). https://jigsaw.w3.org/HTTP/Basic/ <https://jigsaw.w3.org/HTTP/Basic/>
> 
> [16/Nov/2019:19:50:17][450.7f7a4ffff700][-conn:evex:127:47119-] Notice: HTTP 
>  status 200 time 0:152605 headers d5 body {<!DOCTYPE HTML PUBLIC 
> "-//IETF//DTD HTML//EN">
> <html>
>   <head>
>     <title>Basic Authentication test page</title>
> <!-- Changed by: Yves Lafon, 22-Feb-1999 -->
>   </head>
> 
> <BODY BGCOLOR="white">
> <P>
>       <A HREF=".."><IMG SRC="/icons/jigsaw" ALT="Jigsaw" BORDER="0" 
> WIDTH="212"
>         HEIGHT="49"></A><IMG SRC="/icons/jigpower.gif" WIDTH="94" HEIGHT="52" 
> ALT="Jigsaw Powered !"
>       BORDER="0" ALIGN="Right">
>       
> <P>
> <HR>
> <P>Your browser made it!
>   </body>
> </html>
> } https {sslversion TLSv1.2 cipher ECDHE-RSA-AES256-GCM-SHA384}
> [16/Nov/2019:19:50:19][450.7f7a7ffff700][::throttle] Notice: === user 
> 106.57.150.57 entered community 633 at 1573944619 reason new
> 
> 
> (ii).https://api.sandbox.paypal.com/v1/oauth2/token 
> <https://api.sandbox.paypal.com/v1/oauth2/token> 
> [16/Nov/2019:19:59:29][450.7f7a4ffff700][-conn:evex:127:47139-] Notice: HTTP 
>  status 0 time 0:155545 headers d5 body {} https {sslversion TLSv1.2 cipher 
> AES256-SHA256}
> [16/Nov/2019:19:59:29][450.7f7a4ffff700][-conn:evex:127:47139-] Notice: 
> RETURN URL /paypal-checkout *******
> 
> 
> 
> (iii). CURL
> 
> curl -v https://api.sandbox.paypal.com/v1/oauth2/token 
> <https://api.sandbox.paypal.com/v1/oauth2/token>    -H "Accept: 
> application/json"    -H "Accept-Language: en_US"    -u 
> "AbB7eZG2UyBloReTo-QdoFxf36gfSJnd5DJDlIeCacdx3t2p0K5i6WQSpLtMT7XObmQPPDJ0-6PnRKQ2:EJfDo3xL6pPaYzJ8gQ0DcyEvcdRMM-_jF0IHeWIs_9IBdmqtRCwAdXEyhE0d3YMOBHokvI93YwtCkiJF"
>  -d "grant_type=client_credentials"
> *   Trying 173.0.82.78...
> * TCP_NODELAY set
> * Connected to api.sandbox.paypal.com <http://api.sandbox.paypal.com/> 
> (173.0.82.78) port 443 (#0)
> * ALPN, offering h2
> * ALPN, offering http/1.1
> * Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH
> * successfully set certificate verify locations:
> *   CAfile: /etc/ssl/certs/ca-certificates.crt
>   CApath: /etc/ssl/certs
> * TLSv1.2 (OUT), TLS header, Certificate Status (22):
> * TLSv1.2 (OUT), TLS handshake, Client hello (1):
> * TLSv1.2 (IN), TLS handshake, Server hello (2):
> * TLSv1.2 (IN), TLS handshake, Certificate (11):
> * TLSv1.2 (IN), TLS handshake, Request CERT (13):
> * TLSv1.2 (IN), TLS handshake, Server finished (14):
> * TLSv1.2 (OUT), TLS handshake, Certificate (11):
> * TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
> * TLSv1.2 (OUT), TLS change cipher, Client hello (1):
> * TLSv1.2 (OUT), TLS handshake, Finished (20):
> * TLSv1.2 (IN), TLS change cipher, Client hello (1):
> * TLSv1.2 (IN), TLS handshake, Finished (20):
> * SSL connection using TLSv1.2 / AES256-SHA256
> * ALPN, server did not agree to a protocol
> * Server certificate:
> *  subject: C=US; ST=California; L=San Jose; O=PayPal, Inc.; OU=PayPal 
> Production; CN=api.sandbox.paypal.com <http://api.sandbox.paypal.com/>
> *  start date: Aug 21 00:00:00 2018 GMT
> *  expire date: Aug 20 12:00:00 2020 GMT
> *  subjectAltName: host "api.sandbox.paypal.com 
> <http://api.sandbox.paypal.com/>" matched cert's "api.sandbox.paypal.com 
> <http://api.sandbox.paypal.com/>"
> *  issuer: C=US; O=DigiCert Inc; CN=DigiCert Global CA G2
> *  SSL certificate verify ok.
> * Server auth using Basic with user 
> 'AbB7eZG2UyBloReTo-QdoFxf36gfSJnd5DJDlIeCacdx3t2p0K5i6WQSpLtMT7XObmQPPDJ0-6PnRKQ2'
> > POST /v1/oauth2/token HTTP/1.1
> > Host: api.sandbox.paypal.com <http://api.sandbox.paypal.com/>
> > Authorization: Basic 
> > QWJCN2VaRzJVeUJsb1JlVG8tUWRvRnhmMzZnZlNKbmQ1REpEbEllQ2FjZHgzdDJwMEs1aTZXUVNwTHRNVDdYT2JtUVBQREowLTZQblJLUTI6RUpmRG8zeEw2cFBhWXpKOGdRMERjeUV2Y2RSTU0tX2pGMElIZVdJc185SUJkbXF0UkN3QWRYRXloRTBkM1lNT0JIb2t2STkzWXd0Q2tpSkY=
> > User-Agent: curl/7.52.1
> > Accept: application/json
> > Accept-Language: en_US
> > Content-Length: 29
> > Content-Type: application/x-www-form-urlencoded
> > 
> * upload completely sent off: 29 out of 29 bytes
> < HTTP/1.1 200 OK
> < Cache-Control: max-age=0, no-cache, no-store, must-revalidate
> < Content-Length: 918
> < Content-Type: application/json
> < Date: Sat, 16 Nov 2019 22:58:32 GMT
> < Paypal-Debug-Id: 9c14dc56c49a9
> < X-Paypal-Token-Service: IAAS
> < 
> * Curl_http_done: called premature == 0
> * Connection #0 to host api.sandbox.paypal.com 
> <http://api.sandbox.paypal.com/> left intact
> {"scope":"https://uri.paypal.com/services/invoicing 
> <https://uri.paypal.com/services/invoicing> 
> https://uri.paypal.com/services/disputes/read-buyer 
> <https://uri.paypal.com/services/disputes/read-buyer> 
> https://uri.paypal.com/services/payments/realtimepayment 
> <https://uri.paypal.com/services/payments/realtimepayment> 
> https://uri.paypal.com/services/disputes/update-seller 
> <https://uri.paypal.com/services/disputes/update-seller> 
> https://uri.paypal.com/services/payments/payment/authcapture 
> <https://uri.paypal.com/services/payments/payment/authcapture> openid 
> https://uri.paypal.com/services/disputes/read-seller 
> <https://uri.paypal.com/services/disputes/read-seller> 
> https://uri.paypal.com/services/payments/refund 
> <https://uri.paypal.com/services/payments/refund> 
> https://api.paypal.com/v1/vault/credit-card 
> <https://api.paypal.com/v1/vault/credit-card> 
> https://api.paypal.com/v1/payments <https://api.paypal.com/v1/payments>/.* 
> https://uri.paypal.com/payments/payouts 
> <https://uri.paypal.com/payments/payouts> 
> https://api.paypal.com/v1/vault/credit-card 
> <https://api.paypal.com/v1/vault/credit-card>/.* 
> https://uri.paypal.com/services/subscriptions 
> <https://uri.paypal.com/services/subscriptions> 
> https://uri.paypal.com/services/applications/webhooks 
> <https://uri.paypal.com/services/applications/webhooks>","access_token":"A21AAGnfER4lNk8rnGB4InaKkTbh-nvewEw3uM4llmAoRwLc9Wkh4wpkVHTQ4-ehe_F-bdgW3Z5EinJgbrmK3Eu4ffds-YPWQ","token_type":"Bearer","app_id":"APP-80W284485P519543T","expires_in":29668,"nonce":"2019-11-16T22:13:00Zb0kTBXRvIaKfKQ0AM3T6Q4e4RUih0srGp6GSlBENIeI"}evex@evex:/var/www/evex$
>  
> 
> 
> 
>> On Nov 16, 2019, at 15:56, Iuri Sampaio <i...@iurix.com 
>> <mailto:i...@iurix.com>> wrote:
>> 
>> Dear Gustaf,
>> It did help me to remind and  review my own code to assure that it was 
>> properly written. I grabbed the code from 
>> https://naviserver.sourceforge.io/n/naviserver/files/ns_http.html#5 
>> <https://naviserver.sourceforge.io/n/naviserver/files/ns_http.html#5>
>> Plus, I switched to ns_base40encode. Before I was using Openacs 
>> [base64::encode “${client}:${secret}"]
>> I've used the very first, basic and simple example (i.e. http queue and http 
>> wait), and still, I get the same logs.
>> https://evex.co/paypal-checkout <https://evex.co/paypal-checkout>
>> 
>> 
>> Notice: HTTP 
>>  status 0 time 0:215139 headers d5 body {} https {sslversion TLSv1.2 cipher 
>> AES256-SHA256}
>> 
>> 
>> 
>> I’m able to change credentials whenever I want to get 400 error to return. 
>> That means the credentials passed in the header were properly assigned.
>> Even though I agree I need to talk to the guys on PayPal, in case I missed 
>> any parameter to allow connectivity on their side.
>> 
>> 
>> Notice: HttpTaskRecv: connection probably closed by server (url 
>> https://api.sandbox.paypal.com/v1/oauth2/token 
>> <https://api.sandbox.paypal.com/v1/oauth2/token>)
>> 
>> 
>> 
>> Best wishes,
>> I
>> [16/Nov/2019:15:36:11][450.7f7a87fff700][-conn:evex:124:46257-] Warning: 
>> /paypal-checkout has no doc(title) set, fallback to instance_name.
>> [16/Nov/2019:15:36:23][450.7f7a87fff700][-conn:evex:124:46259-] Notice: 
>> HttpTaskRecv: connection probably closed by server (url 
>> https://api.sandbox.paypal.com/v1/oauth2/token 
>> <https://api.sandbox.paypal.com/v1/oauth2/token>)
>> 
>> 
>> 
>> 
>> [16/Nov/2019:15:46:05][450.7f7a87fff700][-conn:evex:124:46273-] Notice: 
>> HttpTaskRecv: connection probably closed by server (url 
>> https://api.sandbox.paypal.com/v1/oauth2/token 
>> <https://api.sandbox.paypal.com/v1/oauth2/token>)
>> [16/Nov/2019:15:46:05][450.7f7a87fff700][-conn:evex:124:46273-] Notice: 
>> RETURN URL /paypal-checkout *******
>> 
>>> On Nov 16, 2019, at 15:47, Iuri Sampaio <i...@iurix.com 
>>> <mailto:i...@iurix.com>> wrote:
>>> 
>>> Dear Gustaf,
>>> It did help me to remind and  review my own code to assure that it was 
>>> properly written. I grabbed the code from 
>>> https://naviserver.sourceforge.io/n/naviserver/files/ns_http.html#5 
>>> <https://naviserver.sourceforge.io/n/naviserver/files/ns_http.html#5>
>>> Plus, I switched to ns_base40encode. Before I was using Openacs 
>>> [base64::encode “${client}:${secret}"]
>>> I've used the very first, basic and simple example (i.e. http queue and 
>>> http wait), and still, I get the same logs.
>>> https://evex.co/paypal-checkout <https://evex.co/paypal-checkout>
>>> 
>>> 
>>> Notice: HTTP 
>>>  status 0 time 0:215139 headers d5 body {} https {sslversion TLSv1.2 cipher 
>>> AES256-SHA256}
>>> 
>>> 
>>> Notice: HttpTaskRecv: connection probably closed by server (url 
>>> https://api.sandbox.paypal.com/v1/oauth2/token 
>>> <https://api.sandbox.paypal.com/v1/oauth2/token>)
>>> 
>>> 
>>> I’m able to change credentials whenever I want to get 400 error to return. 
>>> That means the credentials passed in the header were properly assigned.
>>> Even though I agree I need to talk to the guys on PayPal, in case I missed 
>>> any parameter to allow connectivity on their side.
>>> 
>>> 
>>> Best wishes,
>>> I
>>> [16/Nov/2019:15:36:11][450.7f7a87fff700][-conn:evex:124:46257-] Warning: 
>>> /paypal-checkout has no doc(title) set, fallback to instance_name.
>>> [16/Nov/2019:15:36:23][450.7f7a87fff700][-conn:evex:124:46259-] Notice: 
>>> HttpTaskRecv: connection probably closed by server (url 
>>> https://api.sandbox.paypal.com/v1/oauth2/token 
>>> <https://api.sandbox.paypal.com/v1/oauth2/token>)
>>> 
>>> 
>>> 
>>> 
>>> [16/Nov/2019:15:46:05][450.7f7a87fff700][-conn:evex:124:46273-] Notice: 
>>> HttpTaskRecv: connection probably closed by server (url 
>>> https://api.sandbox.paypal.com/v1/oauth2/token 
>>> <https://api.sandbox.paypal.com/v1/oauth2/token>)
>>> [16/Nov/2019:15:46:05][450.7f7a87fff700][-conn:evex:124:46273-] Notice: 
>>> RETURN URL /paypal-checkout *******
>>> 
>>> 
>>> 
>>> 
>>>> On Nov 16, 2019, at 08:58, Gustaf Neumann <neum...@wu.ac.at 
>>>> <mailto:neum...@wu.ac.at>> wrote:
>>>> 
>>>> Dear Iuri,
>>>> 
>>>> Let's start with a simple example: make a GET request to a service, which
>>>> requires basic authentication
>>>>   % ns_http run https://jigsaw.w3.org/HTTP/Basic/ 
>>>> <https://jigsaw.w3.org/HTTP/Basic/>
>>>> status 401 time 0:513863 headers d11 body {<!DOCTYPE HTML PUBLIC 
>>>> "-//W3C//DTD HTML 4.01 Transitional//EN"
>>>>                "http://www.w3.org/TR/html4/loose.dtd"; 
>>>> <http://www.w3.org/TR/html4/loose.dtd>>
>>>> <html>
>>>> <head>
>>>> ... 
>>>> 
>>>> NaviServer returns (starting with 4.99.17) for "ns_http run" a Tcl dict 
>>>> with 
>>>> the relevant information. The request above returns the HTTP status 
>>>> code 401, which means "Unauthorized".
>>>> 
>>>> Ok, now add some Authorization. As defined by RFC 7617, one has to add an
>>>> Authorization request header field with user:id:password encoded in base64.
>>>>   % set h [ns_set create]
>>>>   % ns_set update $h Authorization "Basic [ns_base64encode guest:guest]"
>>>>   % ns_http run -headers $h https://jigsaw.w3.org/HTTP/Basic/ 
>>>> <https://jigsaw.w3.org/HTTP/Basic/>
>>>> status 200 time 0:485802 headers d8 body {<!DOCTYPE HTML PUBLIC 
>>>> "-//IETF//DTD HTML//EN">
>>>> <html>
>>>>   <head>
>>>> ...
>>>> 
>>>> Now we see the status code 200, which means that the Authentication was ok.
>>>> If you still get a status code of 401, probably userid and/or password are 
>>>> not ok.
>>>> 
>>>> Hope this helps.
>>>> -gn
>>>> 
>>>> On 15.11.19 16:21, Iuri Sampaio wrote:
>>>>> What would be the argument/switch to convert the option -u, from CURL 
>>>>> command, to ns_http command?
>>>>> 
>>>>> curl -v https://myhost.com/oauth2/token <https://myhost.com/oauth2/token> 
>>>>> \
>>>>>    -H "Accept: application/json" \
>>>>>    -H "Accept-Language: en_US" \
>>>>>    -u "client_id:secret" \
>>>>>    -d "grant_type=client_credentials"
>>>> 
>>>> _______________________________________________
>>>> naviserver-devel mailing list
>>>> naviserver-devel@lists.sourceforge.net 
>>>> <mailto:naviserver-devel@lists.sourceforge.net>
>>>> https://lists.sourceforge.net/lists/listinfo/naviserver-devel 
>>>> <https://lists.sourceforge.net/lists/listinfo/naviserver-devel>
>>> 
>> 
>> _______________________________________________
>> naviserver-devel mailing list
>> naviserver-devel@lists.sourceforge.net 
>> <mailto:naviserver-devel@lists.sourceforge.net>
>> https://lists.sourceforge.net/lists/listinfo/naviserver-devel
>

_______________________________________________
naviserver-devel mailing list
naviserver-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/naviserver-devel

Re: [naviserver-devel] Converting a CURL call to a ns_http call

Reply via email to