We are trying to integrate to a HTTP JSON API using Delphi 7.
Before we started, we tested the remote API using an online service http://www.hurl.it/ to better understand the requirements. Now we've come to implement the interface in Delphi, we've hit a hurdle. The process should be as follows: 1) Use HTTP POST to pass username and password parameters to login URL 2) A token string is returned if login was successful 3) The token is then used as Basic Authentication using HTTP GET to retrieve JSON from different API URL We can complete this whole process using hurl.it but only steps 1 & 2 in Delphi using the OverByte ICS TSslHttpCli component (I believe v9). Step 3 in Delphi fails with a 401 Unauthorized error basically not getting our token as auth. We can even copy the token retrieved using Delphi in step 1 & 2 and paste it as basic auth on hurl.it where setp 3 runs without error. An code example is as follows: procedure TForm1.getOrders(tokenString: string); var params : TStringStream; response: TStringStream; begin memo1.Lines.Append( tokenString ); // create our paramater list params := TStringStream.Create(''); //params.WriteString ( '&username=' + tokenString); params.Position := 0; // this also works params.Seek(0, soFromBeginning ); // create our response stream response := TStringStream.Create(''); // set our properties SslHttpCli1.ServerAuth := httpAuthBasic; SslHttpCli1.Username := tokenString; SslHttpCli1.SendStream := params; SslHttpCli1.RcvdStream := response; SslHttpCli1.URL := 'https://secure.bla.com/api/v2.0/bla/blabla'; try SslHttpCli1.Get; except ShowMessage ('GET Failed !'); ShowMessage ('StatusCode = ' + IntToStr(SslHttpCli1.StatusCode)); ShowMessage ('ReasonPhrase = ' + SslHttpCli1.ReasonPhrase); Exit; end; // display the response memo1.Lines.Append( response.DataString ); SslHttpCli1.Close; params.Free; response.Free; end; If I look at the working request using Fiddler, it looks like this should be a simple process. The Request View in Fiddler shows the following RAW data: POST http://www.hurl.it/execute_request HTTP/1.1 Host: www.hurl.it Connection: keep-alive Content-Length: 290 Accept: */* Origin: http://www.hurl.it X-Requested-With: XMLHttpRequest User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/32.0.1700.107 Safari/537.36 Content-Type: application/x-www-form-urlencoded; charset=UTF-8 DNT: 1 Referer: http://www.hurl.it/ Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8,en-GB;q=0.6 Cookie: _ga=GA1.2.798759816.1392716338 follow_redirects=&method=GET&url=https%3A%2F%2Fsecure.bla.com %2Fapi%2Fv2.0%2Fbla%2Fblabla *&username=YmhcOMy4HTVF3WIP9guWYKrMobQKnapLNS5BnE8Y* &password=&digest_username=&digest_password=&consumer_key=&consumer_secret=&access_token=&token_secret=&signature_type=query&body= For some strange reason, we've not been able to pass the token back to the API. Apparently, the following would be the equivalent using curl: curl -X GET -I --user YmhcOMy4HTVF3WIP9guWYKrMobQKnapLNS5BnE8Y: https://secure.bla.com/api/v2.0/bla/blabla I've tried setting the ServerAuth type to basic and passing the token as a username parameter but without success. Any idea how to achieve this seemingly simple process? Basically, it's making no sense to me. Kind Regards, Wayne Phipps -- To unsubscribe or change your settings for TWSocket mailing list please goto http://lists.elists.org/cgi-bin/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be