Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Try Vanilla Forums Cloud product
Please upgrade to 2.3 here. The 2.2 and earlier branches are no longer being updated.

How to use the API (authorization and POST)

This discussion is related to the API addon.

Hi guys!

Sorry for the questions, but I'm new with those kind of things (first year of Computer Science).
The thing I'm trying to do is to add (for example) a category automatically whenever I add a new group in my website, which is in the same server as the Forum, or to sync the profile images between the website and forum.
SSO is already enabled and working, and I can retrieve information with GET requests, but I didn't understand how to make POST requests.

I have 2 situations (and need both working):

1) Form submitted. For example I'm using this script (Javascript):

<script type="text/javascript"> $(document).ready(function() { $("#submit").click(function(event) { event.preventDefault(); var name = $("input#name").val(); var body = $("input#body").val(); var catid = $("input#CategoryID").val(); jQuery.ajax({ type: "POST", url: "http://mywebsite/Forum/api/discussions", contentType: "application/json; charset=utf-8", dataType: "json", data: {'Name': name, 'Body': body, 'CategoryID': catid}, success: function(res) { if (res) { //Success } else { //Error } } }); }); }); </script>
But I'm getting Code:400, API.Error.ContentType.
The Content-Type in the Request Header is: "Content-Type:application/json; charset=UTF-8".

2) Just sending a request via curl (PHP)
$data = array( "Name" => "Test", "Body" => "Test API call", "CategoryID" => "5" ); $data_string = json_encode($data); $ch = curl_init('http://mywebsite/Forum/api/discussions'); curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "POST"); curl_setopt($ch, CURLOPT_POSTFIELDS, $data_string); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); curl_setopt($ch, CURLOPT_HTTPHEADER, array( 'Content-Type: application/json', 'Content-Length: ' . strlen($data_string)) ); $result = curl_exec($ch); $httpcode = curl_getinfo($ch, CURLINFO_HTTP_CODE); $contenttype = curl_getinfo($ch, CURLINFO_CONTENT_TYPE); print "Status: $httpcode" . "\n"; print "Content-Type: $contenttype" . "\n"; print "\n" . $result . "\n";

But in this case I'm getting Code: 401, API.Error.AuthRequired, because I'm not sendind the cookies.

I tried everything with Postman (like the tutorial that i found in this Forum, but with session auth), and I'm getting a third error: Code: 400,
"Corpo è richiesto. Categoria è richiesto. Nome è richiesto." (=Body required. Category required. Name required.).

Can you please help me?
I tried to figure it out by myself, but my knowledge about those things it's zero and google didn't helped.

Thank you!

Comments

  • KasperKasper Scholar of the Bits Copenhagen Vanilla Staff

    To shortly answer your questions:

    1. The content type checking is currently pretty strict and has to be one of (exactly as they appear):

      • text/xml
      • application/xml
      • application/json
      • application/jsonp

      See https://github.com/kasperisager/vanilla-api/blob/9ba7728fd684cc82d8d318f0df6869235142cb9a/library/class.apiengine.php#L272-L286

    2. In this case you'd need to authenticate using an API key as described in https://github.com/kasperisager/vanilla-api/wiki/Authentication#signature-based.

    Kasper Kronborg Isager (kasperisager) | Freelance Developer @Vanilla | Hit me up: Google Mail or Vanilla Mail | Find me on GitHub

    hgtonight
  • TimP4wTimP4w New
    edited February 2016

    @Kasper , i've followed the signature-based authentication explanation and i ended up with this:

    `
    $data = array(
    "Name" => "Test",
    "Body" => "Test API call",
    "CategoryID" => "5",
    "username" => "...username...",
    "timestamp" => time()
    );

        ksort($data, SORT_STRING);
        $signature = hash_hmac("sha256", strtolower(implode("-", $data)), "secret...");
        $data['token'] = $signature;
        $data_string = json_encode($data);
    
        $ch = curl_init('http://127.0.0.1/Forum/api/discussions');
    
        curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "POST");
        curl_setopt($ch, CURLOPT_POSTFIELDS, $data_string);
        curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
        curl_setopt($ch, CURLOPT_HTTPHEADER, array(
                'Content-Type: application/json',
                'Content-Length: ' . strlen($data_string))
        );
    
        curl_setopt($ch, CURLOPT_HEADER, 1);
        curl_setopt($ch, CURLINFO_HEADER_OUT, true);
        $result = curl_exec($ch);
    
        $httpcode = curl_getinfo($ch, CURLINFO_HTTP_CODE);
        $contenttype = curl_getinfo($ch, CURLINFO_CONTENT_TYPE);
    
    
        curl_close($ch);
    `
    

    I'm still getting "Code":401,"Exception":"Authentication required for this endpoint".

    Content of var $data_string: {"Body":"Test API call","CategoryID":"5","Name":"Test","timestamp":1455545132,"username":"..username..","token":"..hash.."}

    Btw. I deleted "; charset=utf-8" in the javascript code, but now it still throw the exception "Body required. Category required. Name required".

  • nvm. Solved, just added: " curl_setopt($ch, CURLOPT_COOKIE, $_SERVER["HTTP_COOKIE"]);".

    hgtonight
Sign In or Register to comment.