Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Post in HTTPs
#1
Hi, I have a problem with a call in https with method POST.

from the documentation...
...
POST /auth/signin  

the url is
https://demoauth.fatturazioneelettronica.aruba.it

this the istruction

"...
POST /auth/signin?grant_type=password&username=Utente&password=Password HTTP/1.1

Content-Type: application/x-www-form-urlencoded;charset=UTF-8
Content-Length: 56
Host: localhost:8080
..."

when try to executo the code i receive this error

"...Error HTTP/1.1 400 Bad request'



-----------------------------------------------------------
this my Code:
Delphi 10.2.2 Tokyo
-----------------------------------------------------------
var
  lHTTP: TIdHTTP;
  lParamList: TStringList;
 HttpAutenticazione : string;
begin
 HttpAutenticazione := 'https://demoauth.fatturazioneelettronica.aruba.it';
  lParamList := TStringList.Create;
  lParamList.Add('grant_type=password');
  lParamList.Add('username=demo');
  lParamList.Add('password=demo');

  lHTTP := TIdHTTP.Create;
  lHTTP.IOHandler := TIdSSLIOHandlerSocketOpenSSL.Create(lHTTP);

  lHTTP.HandleRedirects := True;
  lHttp.Request.ContentType := 'application/x-www-form-urlencoded;charset=UTF-8';
  lHttp.Request.ContentLength := 56;
  lHttp.Request.Host := 'localhost:8080';
  try
      Result := lHTTP.Post(HttpAutenticazione+'/auth/signin', lParamList);
  finally
    lHTTP.Free;
    lParamList.Free;
  end;
Reply
#2
(10-25-2018, 07:33 AM)staff@ergosoft.it Wrote: from the documentation...

Where is the documentation located exactly?  I can't find it.  However, from just what you have quoted above, the documented request looks wrong.  The login post data is being put in the URL query string (which is fine), but the request includes a Content-Length header that is not 0, implying that post data is also in the request body as well, which may or may not be fine depending on what that post data actually looks like, which you did not show from the documentation.

(10-25-2018, 07:33 AM)staff@ergosoft.it Wrote: when try to executo the code i receive this error

"...Error HTTP/1.1 400 Bad request'

Using the exact code you have shown, I do not get an "HTTP/1.1 400 Bad request" response.  I get an "HTTP/1.1 400" (no "Bad Request") response.   But more importantly, the response body contains the following JSON document:

Code:
{"error":"invalid_grant","error_description":"The user name or password is incorrect."}

You can access that JSON by catching the raised EIdHTTPProtocolException and read its ErrorMessage property:

Code:
try
 Result := lHTTP.Post(HttpAutenticazione+'/auth/signin', lParamList);
except
 on E: EIdHTTPProtocolException do begin
   // use E.ErrorMessage as needed...
 end
end;

Or, you can enable TIdHTTP's hoNoProtocolErrorException and hoWantProtocolErrorContent flags, then Post() will not raise the EIdHTTPProtocolException and the returned string will be the JSON:

Code:
lHTTP.HTTPOptions := lHTTP.HTTPOptions + [hoNoProtocolErrorException, hoWantProtocolErrorContent];
Response := lHTTP.Post(HttpAutenticazione+'/auth/signin', lParamList);
if (lHTTP.ResponseCode div 100) <> 2 then
begin
 // use Response as needed...
end else
 Result := Response;

That being said, there are some issues with your code:

Code:
// Post(TStrings) will set the ContentType for you...
lHttp.Request.ContentType := 'application/x-www-form-urlencoded;charset=UTF-8';

// DO NOT set a ContentLength manually, let Post() fill it in for you...
lHttp.Request.ContentLength := 56;

// this value is just plain wrong. Besides, Post() will fill in the Host for you...
lHttp.Request.Host := 'localhost:8080';

Just remove those 3 lines of code, you don't need them.  Also, your try..finally should be tweaked a little.

The below code produces the same "The user name or password is incorrect" response:

Code:
var
 lHTTP: TIdHTTP;
 lParamList: TStringList;
 HttpAutenticazione : string;
begin
 HttpAutenticazione := 'https://demoauth.fatturazioneelettronica.aruba.it';
 lParamList := TStringList.Create;
 try
   lParamList.Add('grant_type=password');
   lParamList.Add('username=demo');
   lParamList.Add('password=demo');

   lHTTP := TIdHTTP.Create;
   try
     lHTTP.IOHandler := TIdSSLIOHandlerSocketOpenSSL.Create(lHTTP);
     lHTTP.HandleRedirects := True;

     Result := lHTTP.Post(HttpAutenticazione+'/auth/signin', lParamList);
   finally
     lHTTP.Free;
   end;
 finally
   lParamList.Free;
 end;

Reply
#3
THANKS !

now is ok....
Reply


Forum Jump:


Users browsing this thread: 3 Guest(s)