@kasper, I am still stuck on Invalid Token error. On further checking I found that the Token created from the calling script changes while refreshing the page whereas signature generated from the authenticateRequest is the same. So it never matches. What could be the reason?
The token is supposed to change between every request as it's dependant on a timestamp. Please let me know (in code) exactly how you're generating the token and what the request you're sending off to the server looks like. I've used the token-based authenticating system for the past few months with great success and can verify that it works just as intended.
You're sending the data as POST fields - that's not what you're supposed to do. You need to append them to the URL as query parameters, as per the documentation:
We can now add the token to our request and send it off to the server:
@kasper, Can you tell me what's the reason behind the following error. This error is generated when I try to get the following request through Postman Client. Basically I want to create a new comment for the discussion id 6
The API operates purely in JSON or XML so that's what you'll need to send in all POST/PUT/DELETE requests – and remember to set the "Content Type" header of course. Per design, form data is not supported.
P.S.: You may want to remove the locale_map.ini file in your cache directory. That should force the Vanilla API locale to be loaded, providing you with more descriptive error messages. In this case, the full error would be:
I think you may have uncovered a bug – HTTP_CONTENT_TYPE seems to be non-standard, but just so happens to work in Nginx which I'm using. I'll put together a possible fix.
@kasper, please ignore my above post. It was due to a specification in header instead of Content-type I had Accept in postman client. You can go ahead and commit the change.
Comments
@kasper, I am still stuck on Invalid Token error. On further checking I found that the Token created from the calling script changes while refreshing the page whereas signature generated from the authenticateRequest is the same. So it never matches. What could be the reason?
The token is supposed to change between every request as it's dependant on a timestamp. Please let me know (in code) exactly how you're generating the token and what the request you're sending off to the server looks like. I've used the token-based authenticating system for the past few months with great success and can verify that it works just as intended.
Kasper Kronborg Isager (kasperisager) | Freelance Developer @Vanilla | Hit me up: Google Mail or Vanilla Mail | Find me on GitHub
@kasper I use the following code:
$date = new DateTime(); $dtimestamp= $date->getTimestamp(); $secret='xxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxx'; $Request = array(); $Request['username'] = 'admin'; $Request['email'] = 'admin@admin.com'; $Request['timestamp'] = $dtimestamp; ksort($Request, SORT_STRING); // Delimit the data values with a dash $Request = implode('-', $Request); $Token = hash_hmac('sha256', strtolower($Request), $secret); $username='admin'; $email='admin@admin.com'; $curl_handle=curl_init(); curl_setopt($curl_handle,CURLOPT_URL,'http://127.0.0.1/vanilla/api/discussions/'); $frequest = "username=$username&email=$email×tamp=$dtimestamp&token=$Token"; curl_setopt($curl_handle, CURLOPT_POSTFIELDS, $frequest); $buffer = curl_exec($curl_handle); curl_close($curl_handle); if (empty($buffer)){ print "Nothing returned from url.<p>"; } else{ print $buffer; }You're sending the data as POST fields - that's not what you're supposed to do. You need to append them to the URL as query parameters, as per the documentation:
>
Kasper Kronborg Isager (kasperisager) | Freelance Developer @Vanilla | Hit me up: Google Mail or Vanilla Mail | Find me on GitHub
@kasper, still no luck. I am trying this way
$frequest = "?username=$username&email=$email×tamp=$dtimestamp&token=$Token"; $curl_handle=curl_init(); curl_setopt($curl_handle,CURLOPT_URL,'http://127.0.0.1/vanilla/api/discussions/'.$frequest); curl_setopt($curl_handle, CURLOPT_RETURNTRANSFER, true); curl_setopt($curl_handle, CURLOPT_HTTPGET, 1); $buffer = curl_exec($curl_handle); curl_close($curl_handle); if (empty($buffer)){ print "Nothing returned from url.<p>"; } else{ print $buffer; }Interesting thing is that when I remove the $frequest parameter from the above code, all the discussions are printed.
@kasper, It is working now perfectly. The problem was I had a space in between the username. Thanks for your guidance.
@kasper, Can you tell me what's the reason behind the following error. This error is generated when I try to get the following request through Postman Client. Basically I want to create a new comment for the discussion id 6
Response:
{ "Code": 400, "Exception": "API.Error.ContentType" }The API operates purely in JSON or XML so that's what you'll need to send in all POST/PUT/DELETE requests – and remember to set the "Content Type" header of course. Per design, form data is not supported.
P.S.: You may want to remove the
locale_map.inifile in your cache directory. That should force the Vanilla API locale to be loaded, providing you with more descriptive error messages. In this case, the full error would be:Kasper Kronborg Isager (kasperisager) | Freelance Developer @Vanilla | Hit me up: Google Mail or Vanilla Mail | Find me on GitHub
@kasper, I've set Content-Type as application/json. Still getting the error
{ "Code": 400, "Exception": "Unsupported content type: " }The content type isn't in the request, which is why the error looks like it does. Which web server are you using?
Kasper Kronborg Isager (kasperisager) | Freelance Developer @Vanilla | Hit me up: Google Mail or Vanilla Mail | Find me on GitHub
@kasper, I am using Wamp server.
@kasper, I am using wamp server.
@kasper, I am using wamp server. I am attaching the screenshot of my postman request below.
I think you may have uncovered a bug –
HTTP_CONTENT_TYPEseems to be non-standard, but just so happens to work in Nginx which I'm using. I'll put together a possible fix.Kasper Kronborg Isager (kasperisager) | Freelance Developer @Vanilla | Hit me up: Google Mail or Vanilla Mail | Find me on GitHub
@kasper, After your fix, please let me know. Thanks
Actually, could you try implementing the fix before I start changing stuff in the app? You simply need to edit the
HTTP_CONTENT_TYPEpart on this line https://github.com/kasperisager/vanilla-api/blob/master/library/class.apiengine.php#L379 and change it toCONTENT_TYPE, removing theHTTP_prefix. I.e. this...$type = static::getServerArguments('HTTP_CONTENT_TYPE');...needs to be this:
$type = static::getServerArguments('CONTENT_TYPE');Let me know if that solves the issue!
Kasper Kronborg Isager (kasperisager) | Freelance Developer @Vanilla | Hit me up: Google Mail or Vanilla Mail | Find me on GitHub
@kasper, I changed that line. Now getting the following error
{ "Code": 405, "Exception": "Method Not Allowed" }Perfect! I'll commit a fix ASAP.
As for the new error, you can't send a POST to an existing discussion, which is why you're getting a 405.
Kasper Kronborg Isager (kasperisager) | Freelance Developer @Vanilla | Hit me up: Google Mail or Vanilla Mail | Find me on GitHub
@kasper, Sorry. this is the error I am getting when I change that line removing http.
{ "Code": 400, "Exception": "Unsupported content type: text/plain;charset=utf-8" }The method not allowed I got earlier was when I experiemented directly assigned application/json to the $type. Sorry for the confusion.
@kasper, please ignore my above post. It was due to a specification in header instead of Content-type I had Accept in postman client. You can go ahead and commit the change.