We are trying to integrate to a HTTP JSON API using Delphi 7.

Before we started, we tested the remote API using an online service
http://www.hurl.it/ to better understand the requirements.

Now we've come to implement the interface in Delphi, we've hit a hurdle.

The process should be as follows:

1)      Use HTTP POST to pass username and password parameters to login URL

2)      A token string is returned if login was successful

3)      The token is then used as Basic Authentication using HTTP GET to
retrieve JSON from different API URL

We can complete this whole process using hurl.it but only steps 1 & 2 in
Delphi using the OverByte ICS TSslHttpCli component (I believe v9).

Step 3 in Delphi fails with a 401 Unauthorized error basically not getting
our token as auth.

We can even copy the token retrieved using Delphi in step 1 & 2 and paste
it as basic auth on hurl.it where setp 3 runs without error.

An code example is as follows:

procedure TForm1.getOrders(tokenString: string);


    params : TStringStream;

    response: TStringStream;


    memo1.Lines.Append( tokenString );

    //  create our paramater list

    params := TStringStream.Create('');

    //params.WriteString ( '&username=' + tokenString);

    params.Position := 0; //  this also works params.Seek(0,
soFromBeginning );

    //  create our response stream

    response  := TStringStream.Create('');

    //  set our properties

    SslHttpCli1.ServerAuth := httpAuthBasic;

    SslHttpCli1.Username := tokenString;

    SslHttpCli1.SendStream := params;

    SslHttpCli1.RcvdStream := response;

    SslHttpCli1.URL := 'https://secure.bla.com/api/v2.0/bla/blabla';




    ShowMessage ('GET Failed !');

    ShowMessage ('StatusCode   = ' + IntToStr(SslHttpCli1.StatusCode));

    ShowMessage ('ReasonPhrase = ' + SslHttpCli1.ReasonPhrase);



    //  display the response

    memo1.Lines.Append( response.DataString );





If I look at the working request using Fiddler, it looks like this should
be a simple process. The Request View in Fiddler shows the following RAW

POST http://www.hurl.it/execute_request HTTP/1.1

Host: www.hurl.it

Connection: keep-alive

Content-Length: 290

Accept: */*

Origin: http://www.hurl.it

X-Requested-With: XMLHttpRequest

User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML,
like Gecko) Chrome/32.0.1700.107 Safari/537.36

Content-Type: application/x-www-form-urlencoded; charset=UTF-8

DNT: 1

Referer: http://www.hurl.it/

Accept-Encoding: gzip,deflate,sdch

Accept-Language: en-US,en;q=0.8,en-GB;q=0.6

Cookie: _ga=GA1.2.798759816.1392716338


For some strange reason, we've not been able to pass the token back to the

Apparently, the following would be the equivalent using curl:

curl -X GET -I --user YmhcOMy4HTVF3WIP9guWYKrMobQKnapLNS5BnE8Y:

I've tried setting the ServerAuth type to basic and passing the token as a
username parameter but without success.

Any idea how to achieve this seemingly simple process? Basically, it's
making no sense to me.

Kind Regards,

Wayne Phipps
To unsubscribe or change your settings for TWSocket mailing list
please goto http://lists.elists.org/cgi-bin/mailman/listinfo/twsocket
Visit our website at http://www.overbyte.be

Reply via email to