• 114 comments

  •   •   almost 9 years ago

    Yeah, did move the parameters to the URI instead of the body, and it did not help... just got more of the same type of errors.

    Looked around decided to use another library that allows you to bypass SSL checks. So currently the request looks like this:

    header = {'Content-type': 'application/x-www-form-urlencoded', 'Authorization':'Basic ' + encoded_string, 'Connection': 'Keep-Alive', 'Host':'greenbutton.affsys.com'}
    payload='grant_type=authorization_code&code=' + request.args['code'] + '&state=' + request.args['state'] + '&redirect_uri=http://xxx.com/listening_to_requests'
    url = 'https://greenbutton.affsys.com/auth/j_oauth_resolve_access_code'

    response = requests.post(url, data=payload, headers=header, verify=False)

    We are getting a 200 OK now, but we are not being redirected to the redirect_uri and receiving an access token ... so clearly something is going wrong. The reason we are trying to put the payload into the data is because it was specified that it needs the input as FORM parameters.

    Any other ideas as to what is going wrong??? It is not getting redirected at all but it seems like the request is going through...

  •   •   almost 9 years ago

    From what I see you still putting parameters to the body. "data=payload" is the body. I don't know where it is specified but if it is not URI parameters you will not get anything.
    response = requests.post(url+'?'+payload, data='', headers=header, verify=False)

  •   •   almost 9 years ago

    When I add the parameters into the URI, I get a 400 error (syntactically incorrect request)

  •   •   almost 9 years ago

    Now you get better response as luan_ngo but he hasn't figured it our yet and our support guys also not replying when it can happen. Can you remove state parameter completely, you actually don't need it.

    Can you post full Uri including real code and all parameters after it is built?

  •   •   almost 9 years ago

    I just noticed that in both cases (you and luan_ngo) the contents type is not
    Content-Type: application/atom+xml
    Can you try to change your Content-Type ?

  •   •   almost 9 years ago

    Removed the status parameter and it is not helping. I don't understand why it is returning 200 when it doesn't redirect properly ... and why when it fails it fails.

    Hopefully the error messages quality can be improved so we have a better idea as to what is going on. We need to move on to the rest of the app development so getting the access_token would be GREAT!!!

    Support people?

  •   •   almost 9 years ago

    did you try to change content type?

  •   •   almost 9 years ago

    Can you post full request including real code and all parameters captured by WireShark or Fiddler or something else? It is hard to help without seeing the full raw outgoing message

  • Manager   •   almost 9 years ago

    Hello all,

    We're working to resolve this. Please do share as much information as you can.

    Thanks for all of your help, @yshteinm.

    Lindsay

  •   •   almost 9 years ago

    Thanks Yshtein and Lindsay. We will post the code shortly.

  •   •   almost 9 years ago

    Please no code :-) just captured raw request

  •   •   almost 9 years ago

    Hi,

    Thanks again for your help.

    Was unable to get Charles to pick up on the request unfortunately. Tried through the Postman client on Chrome and we have the following (returning status 0):

    POST /auth/j_oauth_resolve_access_code HTTP/1.1
    Host: greenbutton.affsys.com
    Cache-Control: no-cache

    ----WebKitFormBoundaryE19zNvXGzXaLvS5C
    Content-Disposition: form-data; name="grant_type"

    authorization_code
    ----WebKitFormBoundaryE19zNvXGzXaLvS5C
    Content-Disposition: form-data; name="code"

    eyJhbGciOiJSUzI1NiJ9.NWFlNDE1NDMtZmFmMy00ZGJkLWE4ZjItZjBlZDA0YjUyMDgzMTM4NjUzMzg4MzI3MA.G-r3LmAHZb1NFumHkRA7lEp3DeJwfcr5ZsRTgowq2woNy1E86BTmKpCKcsEh5TSsFiVmwAj5sH2o6Nv-_mqKI1djFYD4ljKWvhKwJ9rwbvlRemrmUBqq0qg-h-r0aZps-LCICCZ4mjykHDOabxHGv6GYevlNef26LHASJ_kpagti3dD8S9qnC9NqEwhP7WxutOYx6jc8uMXT42GVnt_KG9zXW6ZdtEWSpXAQfptOmcGyIqVMZZ4LbHPuyJ_6R9-Vzp7wbrv_u6Q4cGfrR_b89OT6BJg2aFaaHkhHRkjvwO3TIqrYcseOpQSc4wtiuO-1y3R31xZSarCpw8p9UMfwfw
    ----WebKitFormBoundaryE19zNvXGzXaLvS5C
    Content-Disposition: form-data; name="redirect_uri"

    http://xxx.com/listening_to_requests
    ----WebKitFormBoundaryE19zNvXGzXaLvS5C

    Added the following 2 headers:
    'Content-type': 'application/atom+xml',
    'Authorization':'Basic ' + encoded_string

    Tried requesting with 'Content-type' : 'application/x-www-form-urlencoded' as well for the same results.

    So essentially we are getting 200 OK requests when we request through the code with content-type set to atom+xml but start failing at x-www-form-urlencoded even though that is what we are supposed to be sending in?

    Is there something wrong with the format we are requesting it in?

  •   •   almost 9 years ago

    You suppose to send atom+xml but in this case I don't think it is critical as you don't actually send any content. I still have the feeling that your parameters are posted as form data in the body. They should be part of URI

    So, you don't get error now? You get 200 with no tokens? In this case it may be if the code is wrong or expired (I think I experienced that when I sent wrong code but I am not sure)

  •   •   almost 9 years ago

    Modified it so that the parameters are part of the URI and now am getting an error that there was no response.

    Raw request:
    POST /auth/j_oauth_resolve_access_code?grant_type=authorization_code&code=eyJhbGciOiJSUzI1NiJ9.NWFlNDE1NDMtZmFmMy00ZGJkLWE4ZjItZjBlZDA0YjUyMDgzMTM4NjUzMzg4MzI3MA.G-r3LmAHZb1NFumHkRA7lEp3DeJwfcr5ZsRTgowq2woNy1E86BTmKpCKcsEh5TSsFiVmwAj5sH2o6Nv-_mqKI1djFYD4ljKWvhKwJ9rwbvlRemrmUBqq0qg-h-r0aZps-LCICCZ4mjykHDOabxHGv6GYevlNef26LHASJ_kpagti3dD8S9qnC9NqEwhP7WxutOYx6jc8uMXT42GVnt_KG9zXW6ZdtEWSpXAQfptOmcGyIqVMZZ4LbHPuyJ_6R9-Vzp7wbrv_u6Q4cGfrR_b89OT6BJg2aFaaHkhHRkjvwO3TIqrYcseOpQSc4wtiuO-1y3R31xZSarCpw8p9UMfwfw&redirect_uri=http://xxx.com/listening_to_requests HTTP/1.1
    Host: greenbutton.affsys.com
    Content-type: application/atom+xml
    Authorization: Basic aWQtYzc5NjY4YmUtZjY5OS00YTY4LTk4ZjEtMDY4NTY0NDYzNDIxOnNlY3JldC1lNWMzOTlmMy1mMTI0LTQxYTgtOGI3OS0yNGY2NDQyMmM4YmQ=
    Cache-Control: no-cache

    The response I get is:
    Could not get any response
    This seems to be like an error connecting to https://greenbutton.affsys.com/auth/j_oauth_resolve_access_code?grant_type=authorization_code&code=eyJhbGciOiJSUzI1NiJ9.NWFlNDE1NDMtZmFmMy00ZGJkLWE4ZjItZjBlZDA0YjUyMDgzMTM4NjUzMzg4MzI3MA.G-r3LmAHZb1NFumHkRA7lEp3DeJwfcr5ZsRTgowq2woNy1E86BTmKpCKcsEh5TSsFiVmwAj5sH2o6Nv-_mqKI1djFYD4ljKWvhKwJ9rwbvlRemrmUBqq0qg-h-r0aZps-LCICCZ4mjykHDOabxHGv6GYevlNef26LHASJ_kpagti3dD8S9qnC9NqEwhP7WxutOYx6jc8uMXT42GVnt_KG9zXW6ZdtEWSpXAQfptOmcGyIqVMZZ4LbHPuyJ_6R9-Vzp7wbrv_u6Q4cGfrR_b89OT6BJg2aFaaHkhHRkjvwO3TIqrYcseOpQSc4wtiuO-1y3R31xZSarCpw8p9UMfwfw&redirect_uri=http://xxx.com/listening_to_requests. The response status was 0.
    Check out the W3C XMLHttpRequest Level 2 spec for more details about when this happens.

    ???

  •   •   almost 9 years ago

    Request seems to be ok. I also just checked the server, it works. Status code 0 from what I found on internet:
    status 0 appear when an ajax call was cancelled before getting the response by refreshing the page or requesting a URL that is unreachable.
    this status is not documented but exist over ajax and makeRequest call's from gadget.io.

  •   •   almost 9 years ago

    Any updates?

  •   •   almost 9 years ago

    @azizsye1 Sorry this reply is coming late. Based on your use of the "urllib" library, I'm assuming you're using python. I have a working python implementation of the api. My requests look like:

    POST /auth/j_oauth_resolve_access_code HTTP/1.1
    Host: greenbutton.affsys.com
    Content-Length: 520
    Accept-Encoding: gzip, deflate, compress
    Accept: */*
    User-Agent: python-requests/2.0.1 CPython/2.7.6 Linux/3.12.2-1-ARCH
    Content-Type: application/x-www-form-urlencoded
    Authorization: Basic aWQtYTZhMmZhMDItYzg2Mi00NzI4LWIxNDktNzI2ZWQ2MTRiMDI0OnNlY3JldC1hMDJjNGI4Mi0yYTllLTQ0NzctYWQwMS0wMWQ3OTMyYzhmYjI=

    code=eyJhbGciOiJSUzI1NiJ9.YzlhYTRkMGYtMjY3Yy00ZWEwLWE5YTktMmU0ZTkxY2ZmNDczMTM4Njc5MDM2MzAzOA.ejNdZLPjfjVfDOCTRLpN0b2oarRs-ldzERpNH5sivh2k4o8ugkLPah-fVPBJB01fQDubUqjBVlmCgvLgE6SEuXA8P7CNW7YmhVI6HkvHFW3RfclgLHGYnoLrcjD0IyjdmS4BsiChMd0rkPdEg5VKJvQIW6zLjmdFXKprxrN_CSHamrgUl-yPTI_fdYcmGNe4Iu_dVtG0k4xWq7G8exX3Y9hYZP3mMzMB-ZMmjYDWV2lxdUMforA0LaNEgp-xUz0tSWeG8iS6WJ48pyoOmECiMjmmna9oM_0cpMnRiRg5vgtErvnQb14wdz-qObApYjSPIWExDHS8IyetTVJbun0rzQ&grant_type=authorization_code&redirect_uri=http%3A%2F%2Flocalhost%3A8080%2Ftoken_get

    By the way, if you're using the "requests" library, you can get nice verbose debugging statements with:

    import httplib
    httplib.HTTPConnection.debuglevel = 1

  •   •   almost 9 years ago

    Guys it finally worked!! I got an access_token and a refresh_token!!! Finally!!!! :D Thanks a lot yshteinm and JBilkey!

    Now that I am finally in possession of this magical token of glory, am I able to finally use it to unlock the gates of Mordor? Can I at the very least request data?? I am looking at the other requests and it seems like the GET call for data does not use this token, it takes in an AuthKey of customer's application (which is the token perhaps?). I just did a quick test for that and I am getting a 500 error from the server while it throws a NullPointerException.

    I'm positive I'm missing something very tiny before I can finally taste sweet victory over this data, any idea??

  •   •   almost 9 years ago

    @azizsye1 Here is a sample request I've been using for EUI data

    GET /ldc/api/v1/UsagePoint?duration=15897600&start=1364788800 HTTP/1.1
    Host: greenbutton.affsys.com
    Accept: */*
    Accept-Encoding: gzip, deflate, compress
    Authorization: Bearer eyJhbGciOiJSUzI1NiJ9.eyJqdGkiOiI1ODQuZGExNjZjZDctM2U5NC00NTFkLWI4ODItZjBjYjFlNTI1ZGY0IiwiYXVkIjoiY29tbWVyY2UiLCJwcm4iOiJ2ZXJub25AZGF0YWN1c3RvZGlhbi5jb20iLCJyZWFsbV9hY2Nlc3MiOnsicm9sZXMiOlsidXNlciJdfX0.HoagWJ0Amm_f68bP_D2qzsz6BtxKr7P5myt6hanxTPTe4B7nfJtZAnU3cw7KAS1_tDYKkjflL98xYbSqzvvPc8nmHCakVFVDwyni2Mo-ccQdxq9XyitQ-_mIzIXFvrq7v3rhwtLu4_uAK9RdwRgD7NDZzKdQwFIB9iSn3_Hvti1rABWzncffm-ylvmf-bKOBy7Ej77yl8BlJV112tNdmn8QCNAvVDzDJpH8PwC3-FT4W54YK7KWK2S_IW2UIs9S_jrmX7eKNjCWx5R4LYcfEsgq48U4eN-3O0X6hWpsC0B6WgEkYejq5HwAxjYV09QLbL_W8AYj6RUG8OP2vdHfgsg
    User-Agent: python-requests/2.0.1 CPython/2.7.6 Linux/3.12.2-1-ARCH

    I hope that helps you out!

  •   •   almost 9 years ago

    Thanks, will try it out soon!

    Also, was going through the flow again to get the access_token and it looks like it is only possible if you do it from step 1 and not just in separate pieces (so if you login and get redirected then get the code and everything ... not just getting the code?) It starts giving me 400's and syntactically incorrect requests if I do that

  •   •   almost 9 years ago

    What was the problem before when you couldn't get the token?

  •   •   almost 9 years ago

    Thanks again for all the useful suggestions and tips.

    @yshteinm

    There were two problems before:
    a) we were getting a 200 OK with no access_token -- we thought the problem might be in our requesting library so we changed it
    b) we were getting a 404 or a 500 -- we thought the problem was our request itself, so we were trying to modify it

    @yshteinm @JBilkey
    That is the #4 GET EUI data request. How does this differ from #6 Request EUI? Request EUI has an extra parameter (type) and is a POST not a GET. Trying #4 GET though I get a 200OK but no data ... lol. This seems to be a reoccurring theme. The request I am sending is:

    GET /ldc/api/v1/UsagePoint?duration=15897600&start=1364788800 HTTP/1.1
    Host: greenbutton.affsys.com
    Authorization: Bearer eyJhbGciOiJSUzI1NiJ9.eyJqdGkiOiI5MTYuNGM4MWMxNTktMTc3NS00OGQyLTg0M2MtOTlhNDZjNzNlMmMwIiwiYXVkIjoiY29tbWVyY2UiLCJwcm4iOiJ2ZXJub25AZGF0YWN1c3RvZGlhbi5jb20iLCJyZWFsbV9hY2Nlc3MiOnsicm9sZXMiOlsidXNlciJdfX0.be-mH-deto5kIL2PaAcPgBf70o4DTVSgVsrEWqiRPul95BwPblgEj_lWSk2cew03xp7Re3yggx9uXriuViyt5TDU2ImTUvaMqEx052Do6KVJbLx5mSC042ODWdsbdXATHa-hRIPZmhHsarJ9jtqfBLve9N72vXLnQAmnzZCQ8jkWPo4cbYApOha9r6F1ppxH1XtHlVXNBehhLR2VdDV_jK_K_jb9HW2d1IOlDQg2Bk2IsOZjFt4hB_fCwbKuw5mCLFZ0cU978oHjd_J_KtObg59D_Q5lfRspgoulsJS6pPNY8K-IiCwZM1LGD4xPvUEXsHVg9NWUXwfbOQhSwyyHcw","refresh_token":"eyJhbGciOiJSUzI1NiJ9.eyJqdGkiOiI5MTcuZDFkOTlhMWYtNDkxZi00NDNjLWFhYzUtYjVmYTMyMzI5ZDYyIiwiYXVkIjoiY29tbWVyY2UiLCJwcm4iOiJhZG1pbiIsInJlYWxtX2FjY2VzcyI6eyJyb2xlcyI6WyJhZG1pbiJdfX0.ZqPTWQ_7zxoOQKJUtMsTnzUsdaGwnNjO_teLgJijz-QjvPJvhtMwWArXEJuzpjhfBQlgpMKOhUg0Xxfl-aXxVWmzoiE1BFFjjdg3tBcPZBQXq8FuHSQXXQycYSiF8DwmJAIZSmTCjOkoUOTRseBJMqshW6fmcz1gEcNyuT2Usl5gz23atdEDty8MGAHw-AsbRTAvuxNZxIp-Y-LdKVFHpP7PRbg3aLasmKyl_lefh5HQ0pzszdAO33E_xDYHN7W_LS5rmmSxS65W6vWp3XQ1gg3pTTJZ0dDGvlK3bEbnzK3HIT4GU0kVT43ojaOYqnKAVG2AnhF8ZiqWby7M4I2sCg
    Cache-Control: no-cache

  •   •   almost 9 years ago

    You are sending wrong token. Llok in your data you provided. After access token ends you still send
    cw","refresh_token":"eyJhbG
    Your request should end by SwyyHcw

  •   •   almost 9 years ago

    @yshteinm D'oh ):
    Lack of sleep I guess. Completely did not notice that lol. What is the refresh token for? After how long does the data expire? The GET call does work for me though :)

    Also, I tried the #6 request (Request EUI) and I get a NullPointerException for that -- same parameters as above and I added in type='data'. I tried both with FORM parameters and URL params in a POST request for the same result.

  •   •   almost 9 years ago

    Refresh token is to request a new access token when it expires. When you get reply from ReadAuthorizationStatus it says when access token expires. Don't worry about it, in test lab it never expires.

    Request EUI is async call. Get EUI is sync call. More details in the documentation.

Comments are closed.