EldoS | Feel safer!

Software components for data protection, secure storage and transfer

Proper RestClient usage

Posted: 08/28/2016 09:11:20
by Pierre Archambault (Standard support level)
Joined: 08/15/2016
Posts: 30


I've been trying to implement the following curl command line with partial success:

curl -v https://api.sandbox.paypal.com/v1/oauth2/token -H "Accept: application/json" -H "Accept-Language: en_US" -u " ** USERNAME:PASSWORD" -d "grant_type=client_credentials"

Here's what I did:

TElRESTClient restclient = new TElRESTClient();
restclient.OnCertificateValidate += Restclient_OnCertificateValidate;
restclient.RequestParameters.Username = "USERNAME";
restclient.RequestParameters.Password = "PASSWORD";
restclient.RequestParameters.Accept = "application/json";
restclient.RequestParameters.AcceptLanguage = "en_US";
restclient.SetRequestHeader("grant_type", "client_credentials");

Two way mutual authentication completed successfully. I can confirm using WireShark.

From ResponseHeaders of SBHTTPSClient.TEIHTTPSClient I get HTTP1.0 400 Bad Request.

So I assume I'm not building the request properly.

Can someone assist?

Thanks a lot.
Posted: 08/28/2016 11:06:24
by Eugene Mayevski (Team)

Thank you for contacting us.

Documentation for -d parameter says, that what follows -d is sent in a body of a POST request, "using the content-type application/x-www-form-urlencoded". You are putting the data into the header, and this won't work.

Strictly speaking, your request doesn't seem to be a REST request, as it sends neither JSON nor XML. So TElHTTPSClient is more appropriate, than TElRESTClient. While technically you can use TElRESTClient as well (it's a descendant of TElHTTPSClient), the PostWebForm() method, which you need to use to emulate that -d option, would not process the response even if it's JSON or XML.

So what you need to do is
1) Prepare the FormFields parameter by adding the string you have (the one after -d parameter) to the instance of TElStringList class.
2) use PostWebForm() method and post the TElStringList there
3) handle the response data as you need - if it's XML, you can use TElXMLDOMDocument to load that XML, and if it's JSon (as it is supposed to be), use TElJsonEntity.Read() method to load the response to the instance of TElJsonEntity and work with JSON after that.

Sincerely yours
Eugene Mayevski
Posted: 08/28/2016 20:48:02
by Pierre Archambault (Standard support level)
Joined: 08/15/2016
Posts: 30

Hi Eugene,

I'm getting the same result.

With the same parameters as before, I've added the following:

SBStringList.TElStringList strl = new SBStringList.TElStringList();
strl.Add("grant_type", "client_credentials");
client.PostWebForm("https://api.sandbox.paypal.com/v1", strl, "", "", null, "application/x-www-form-urlencoded", false);

The answer should be a JSON.


Posted: 08/29/2016 05:09:35
by Pierre Archambault (Standard support level)
Joined: 08/15/2016
Posts: 30

Hi Eugene,

After playing a bit more with some other parameters, it is working now.

I'm able to get the connection completed, authentication confirmed and response back from the server.

Thanks again.


Posted: 08/29/2016 11:27:11
by Eugene Mayevski (Team)

Would you mind your complete code snippet, that works? It would help other customers solve similar problems. Thank you in advance.

Sincerely yours
Eugene Mayevski
Posted: 09/06/2016 11:59:00
by Pierre Archambault (Standard support level)
Joined: 08/15/2016
Posts: 30

Here it is:

TElHTTPSClient client = new TElHTTPSClient();
client.OnCertificateValidate += Client_OnCertificateValidate;
client.RequestParameters.Username = "USERNAME";
client.RequestParameters.Password = "PASSWORD";
client.RequestParameters.Accept = "application/json";
client.RequestParameters.AcceptLanguage = "en_US";

client.OnData += (object Sender, byte[] Buffer) => {
// Process received data here

client.HTTPVersion = SBHTTPSConstants.TSBHTTPVersion.hvHTTP11;
client.Post(@"https://api.sandbox.paypal.com/v1/oauth2/token", "grant_type=client_credentials");

void Client_OnCertificateValidate(object Sender, SBX509.TElX509Certificate X509Certificate, ref bool Validate)
{// Confirm server Cert
Validate = true;

Hope this help;

Posted: 09/06/2016 16:59:54
by Eugene Mayevski (Team)

Thank you for the code. You MUST validate the certificate, though, - your setting of Validate to "true" undermines security.

Sincerely yours
Eugene Mayevski



Topic viewed 1704 times

Number of guests: 1, registered members: 0, in total hidden: 0


Back to top

As of July 15, 2016 EldoS business operates as a division of /n software, inc. For more information, please read the announcement.

Got it!