How to send form-data in Ruby http post - ruby

I'd like to send a post from my Rails app to an API. I can get this to work using POSTMAN:
If I click on Preview in POSTMAN, it shows this as the request:
POST /api/users/status HTTP/1.1
Host:
Cache-Control: no-cache
----WebKitFormBoundaryE19zNvXGzXaLvS5C
Content-Disposition: form-data; name="params"
{"pgb": "sample_token", "token": "sample_token" }
----WebKitFormBoundaryE19zNvXGzXaLvS5C
Which is what I want to send. But I can't seem to replicate form-data when using Ruby's Net::HTTP::Post. Here's what I have so far, but this posts with x-www-form-urlencoded as the content-type:
url = URI.parse(ENV['URL'])
req = Net::HTTP::Post.new(url.path)
req.set_form_data({"params" => data.to_json})
https = Net::HTTP.new(url.host, url.port)
https.use_ssl = true
https.verify_mode = OpenSSL::SSL::VERIFY_NONE
https.set_debug_output $stdout
resp = https.request(req)
response = JSON.parse(resp.body)
Is there any way to post just form-data with ruby?

you could try using some of Ruby gems like Rest client. http://rubygems.org/gems/rest-client
Just type the following
gem install rest-client
The documentation can be found here http://rubygems.org/gems/rest-client.

Related

Trying to replicate Mobile App POST Request in Ruby, Getting 502 Gateway Error

I'm trying to automate actions I can take manually in an iPhone app using Ruby, but when I do, I get a 502 bad gateway error.
Using Charles Proxy I got the request the iPhone app is making:
POST /1.1/user/-/friends/invitations HTTP/1.1
Host: redacted.com
Accept-Locale: en_US
Accept: */*
Authorization: Bearer REDACTED
Content-Encoding: gzip
Accept-Encoding: br, gzip, deflate
Accept-Language: en_US
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Content-Length: 66
Connection: keep-alive
X-App-Version: 814
invitedUserId=REDACTED&source=PROFILE_INVITATION
I wrote the following code in Ruby to send this same request:
#header_post = {
"Host" => "redacted.com",
"Accept-Locale" => "en_US",
"Accept" => "*/*",
"Authorization" => "Bearer REDACTED",
"Content-Encoding" => "gzip",
"Accept-Encoding" => "br, gzip, deflate",
"Accept-Language" => "en_US",
"Content-Type" => "application/x-www-form-urlencoded; charset=UTF-8",
"Connection" => "keep-alive",
"X-App-Version" => "814"
}
http = Net::HTTP.new(uri.host, uri.port)
http.use_ssl = true
path = '/1.1/user/-/friends/invitations'
data = "invitedUserId=REDACTED&source=PROFILE_INVITATION"
resp, data = http.post(path, data, #header_post)
Unfortunately I get a 502 Bad Gateway Error when running this code.
One thing I noticed which I think is key to the solution here is that, in the POST request the mobile app is making, the content length is 66. But the length of the string "invitedUserId=REDACTED&source=PROFILE_INVITATION" with un-redacted userId is only 46.
Am I missing another form variable with format "&param=value" which has length 20? Or am I missing something else?
Thank you in advance!
This is probably not directly tied to the body length you're sending.
I see possibly 2 problems here :
the 502 error : are your uri.host and port correct ? A 502 error means there is something wrong on the server side. Also try by removing the Host header.
body content is not gzipped
You're defining an header Content-Encoding: gzip but you didn't compress the data (Net::Http doesn't do that automatically).
Try with something like that :
require "gzip"
#header_post = {
# ...
}
http = Net::HTTP.new(uri.host, uri.port)
path = '/1.1/user/-/friends/invitations'
data = "invitedUserId=REDACTED&source=PROFILE_INVITATION"
# instanciate a new gzip buffer
gzip = Zlib::GzipWriter.new(StringIO.new)
# append your data
gzip << data
# get the gzip body and use it in your request
body = gzip.close.string
resp, data = http.post(path, body, #header_post)
Alternatively, maybe the server is accepting a non-gzipped content. You could try simply by deleting the Content-Encoding
error from your original code.
However if it was the only mistake, the server should not send a 502 but a 4xx error. So I'm guessing there is another issue there with the uri config like a suggested above.

Ruby GET NET HTTP request does not work with AUTHORIZATION and ACCEPT when passed in a header

I've been using the code below to call a third party API . This code works fine (i've changed the url and the credentials but the structure of the code is the same) :
require 'base64'
require 'httparty'
require 'json'
######################################################################
# Get the token first
######################################################################
consumer_key = "my_key"
consumer_secret = "my_secret"
credentials = Base64.encode64("#{consumer_key}:#{consumer_secret}").gsub("\n", '')
url = "https://mysite/token"
body = "grant_type=client_credentials"
headers = {
"Authorization" => "Basic #{credentials}",
"Content-Type" => "application/x-www-form-urlencoded;charset=UTF-8"
}
r = HTTParty.post(url, body: body, headers: headers)
bearer_token = JSON.parse(r.body)['access_token']
######################################################################
# Use the token in a call as authorisation header
######################################################################
api_url = "https://apisite/the_value_i_am_looking_for_in_the_api"
url = URI.parse(api_url)
req = Net::HTTP.new(url.host, url.port)
req.use_ssl = true
# If we are just passing a key that doesn't need to be in the token format
headers = {
'Authorization' => "Bearer #{bearer_token}"
}
# Get the response back (he data is in the response body: resp.body )
resp = req.get(url, headers)
My issue is that the API providers have changed their API so you now need to pass an "accept" into the call via the header. I used POSTMAN to make the call, added the accept to the header and was able to get it working without issue. So far so good.
I then changed my ruby code to extend the headers section to include the accept, using the code below:
headers = {
'Authorization' => "Bearer #{bearer_token}",
'Accept' => 'application/vnd.bluebadge-api.v1+json'
}
I've not added an accept to a header before so I may have gotten the syntax wrong.
However, this returns an unauthorised 401 response code:
#<Net::HTTPUnauthorized 401 Unauthorized readbody=true>
I thought I might have the credentials wrong so remove the accept, try again and this changes to a 406 response code:
#<Net::HTTPNotAcceptable 406 Not Acceptable readbody=true>
If I examine the response I get the message I would expect that the accept header is not the supported version. So I know the credentials are correct (and the fact they match the postman credentials which works):
"{\"apiVersion\": \"1\",\"context\": null,\"id\": null,\"method\": null,\"error\": {\"code\": null,\"message\": null,\"reason\": \"Accept header version is not a currently supported version.\",\"errors\": null}}\n"
So I know all my credentials are correct because I've copied them into the postman request which works with no errors. The value for the accept header is correct because I copied that from a working postman request too.
I am at a loss for why this wouldn't work.
I've looked through the NET HTTP library and cant find anything to help me there. I've seen a couple of posts elsewhere which I've tried and they haven't worked either.
I appreciate any help in trying to solve this.
Found the problem. I was using the credentials from the production environment to get the token then trying to query the test environment API. In my defence they look very similar (only 3 characters different). I think I had a case of the code blindness.
The code I posted does work when I put the correct URL for the environments.
I also found that I could use this:
uri = URI.parse("https://myapi/some_text")
http = Net::HTTP.new(uri.host, uri.port)
http.use_ssl = true
request = Net::HTTP::Get.new(uri.request_uri)
request["Authorization"] = "Bearer #{bearer_token}"
request["Accept"] = "application/vnd.bluebadge-api.v1+json"
response = http.request(request)
Or using HTTParty like this:
response = HTTParty.get('https://myapi/some_text', {
headers: {"Authorization" => "Bearer #{bearer_token}", "Accept" => "application/vnd.bluebadge-api.v1+json" }
})
I would prefer the format of my orginal code or the HTTparty code because it is easy to see from the code that you're passing headers. Hopefully this will help others to double check their authorization credentials...

Post Request from client With Proper Headers Always return 401- UnAuthorized

Am a newbie to ruby. I am trying to invoke a REST API from ruby code. I have tried the code with both as standalone ruby code and inside a application using sinatra. But am facing same issue every where. Below are the options I have tried.
My Code to Invoke Post API using RestClient. Have modified the data to make it generic
url="https://myapiurl.com/endpointname"
person={"name"=>"Sample Name","age"=>"20"}
headers={
"Content-Type"=>"application/json",
"api-key"=>"ABCDEFGHIJKL"
}
response=RestClient.post url,person.to_json,headers
puts response
I wrote the above block of code in a function and tried calling. But I got response as below
{"status": 401, "error":"Unauthorized Access"}
I tried the same api via postman with below settings and was able to get a proper response from the api.
URL : https://myapiurl.com/endpointname
Headers : Content-Type: application/json, api-key:"ABCDEFGHIJKL"
Body: Raw:application/json: {"name":"Sample Name","age":"20"}
When I tried not passing api-key in the headers via postman I got similar response as I got via ruby code.
Next I tried generating code from postman option. Below is the code that got generated from postman for Ruby(Net::Http).
I removed the post params of cache-control and postman-token from the ruby code and tried running the ruby code. Again I got the same 'Unauthorized' response only !
require 'uri'
require 'net/http'
url = URI("https://myapiurl.com/endpointname")
http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true
http.verify_mode = OpenSSL::SSL::VERIFY_NONE
request = Net::HTTP::Post.new(url)
request["content-type"] = 'application/json'
request["api-key"] = 'ABCDEFGHIJKL'
request["cache-control"] = 'no-cache'
request["postman-token"] = 'some value got generated'
request.body = "{\"name\":\"Sample Name\",\"age\":\"20\"}"
response = http.request(request)
puts response.read_body
I suspected is it some IP level issue is blocking hence tried used curl command to hit the api as below. I got proper response from the API.
curl -X POST \
https://myapiurl.com/endpointname \
-H 'content-type: application/json' \
-H 'api-key: ABCDEGHIJKL' \
-d '{"name":"Sample Name","age":"20"}'
I believe that the api-key is not getting passed to the request via the ruby code. Is my way of sending the api-key in headers via ruby code correct?

Ruby - Send GET request with headers

I am trying to use ruby with a website's api. The instructions are to send a GET request with a header. These are the instructions from the website and the example php code they give. I am to calculate a HMAC hash and include it under an apisign header.
$apikey='xxx';
$apisecret='xxx';
$nonce=time();
$uri='https://bittrex.com/api/v1.1/market/getopenorders?apikey='.$apikey.'&nonce='.$nonce;
$sign=hash_hmac('sha512',$uri,$apisecret);
$ch = curl_init($uri);
curl_setopt($ch, CURLOPT_HTTPHEADER, array('apisign:'.$sign));
$execResult = curl_exec($ch);
$obj = json_decode($execResult);
I am simply using an .rb file with ruby installed on windows from command prompt. I am using net/http in the ruby file. How can I send a GET request with a header and print the response?
Using net/http as suggested by the question.
References:
Net::HTTP https://ruby-doc.org/stdlib-2.4.1/libdoc/net/http/rdoc/Net/HTTP.html
Net::HTTP::get https://ruby-doc.org/stdlib-2.4.1/libdoc/net/http/rdoc/Net/HTTP.html#method-c-get
Setting headers: https://ruby-doc.org/stdlib-2.4.1/libdoc/net/http/rdoc/Net/HTTP.html#class-Net::HTTP-label-Setting+Headers
Net::HTTP::Get https://ruby-doc.org/stdlib-2.4.1/libdoc/net/http/rdoc/Net/HTTP/Get.html
Net::HTTPGenericRequest https://ruby-doc.org/stdlib-2.4.1/libdoc/net/http/rdoc/Net/HTTPGenericRequest.html and Net::HTTPHeader https://ruby-doc.org/stdlib-2.4.1/libdoc/net/http/rdoc/Net/HTTPHeader.html (for methods that you can call on Net::HTTP::Get)
So, for example:
require 'net/http'
uri = URI("http://www.ruby-lang.org")
req = Net::HTTP::Get.new(uri)
req['some_header'] = "some_val"
res = Net::HTTP.start(uri.hostname, uri.port, use_ssl: uri.scheme == 'https') { |http|
http.request(req)
}
puts res.body # <!DOCTYPE html> ... </html> => nil
Note: if your response has HTTP result state 301 (Moved permanently), see Ruby Net::HTTP - following 301 redirects
Install httparty gem, it makes requests way easier, then in your script
require 'httparty'
url = 'http://someexample.com'
headers = {
key1: 'value1',
key2: 'value2'
}
response = HTTParty.get(url, headers: headers)
puts response.body
then run your .rb file..
As of Ruby 3.0, Net::HTTP.get_response supports an optional hash for headers:
Net::HTTP.get_response(URI('http://www.example.com/index.html'), { 'Accept' => 'text/html' })
Unfortunately this does not work for Ruby 2 (up to 2.7).

Sending POST request with HTTP headers

quite new to this been learning about API's in Ruby. Using an Emails service's API to create a user in a system.
This is an example of the POST:
POST http://localhost:8080/core/postgres-pages-xy/api/rest/v4/user/create?email=user003#test.invalid HTTP/1.1
Authorization: Basic bWFzdGVyQGVuubXVjLmVjaXJjbGUuZGU6aDhuc3d1cnN0
User-Agent: curl/7.29.0
Host: localhost:8080
Proxy-Connection: Keep-Alive
Content-Type:application/json
Accept:application/json
Content-Length: 86
[{"name":"user.FirstName","value":"Stan"}, {"name":"user.LastName", "value":"Laurel"}]
I think I am close(ish)? in Ruby was hoping someone would tell me how I send my authentication through. System requires login headers not sure how to do that, will be an email and a password:
require 'uri'
require 'net/http'
uri = URI("https://site.com/api/rest/v4/user/create?email=ruby1#ruby.com")
https = Net::HTTP.new(uri.host, uri.port)
request = Net::HTTP::Post.new(uri.path)
request.basic_auth 'email', 'pass'
request["user.FirstName"] = 'Liam'
request["user.LastName"] = 'Coates'
response = https.request(request)
puts response
Thanks for feedback or learnings.
You can enter the credentials in the URL:
url = "http://username:password#localhost:8080/core/postgres-pages-xy/api/rest/v4/user/create"
If the username and password are there, it should automatically do HTTP basic auth (source).
However supposedly this is deprecated, so there is a longer solution:
req = Net::HTTP::Post.new(uri)
req.basic_auth 'user', 'pass'
res = Net::HTTP.start(uri.hostname, uri.port) {|http|
http.request(req)
}
puts res.body

Resources