I have the oAuth stuff working as expected. No challenges there. I now need to use the access token to do something. Nothing I have tried works. I'm sure it's very simple, but I am not sure how to translate the examples in curl to http post/get requests.
Box.com help says:
curl https://api.box.com/2.0/folders/FOLDER_ID \
-H "Authorization: Bearer YOUR_ACCESS_TOKEN"
How do i write that using http post/get?
As long as the requests are being sent via standard http functionality I don't believe my platform matters. Regardless, I'm using Apex to write this in Salesforce.com.
Note: I know there is an app on the AppExchange to integrate Box.com and Salesforce. For my purposes I don't want to rely on apps that are unique to a specific platform.
Any help is appreciated.
It's simply a GET request with headers and optionally XML / JSON as POST payload, not sure what's your specific problem? Have you actually tried writing some code?
Simple example: http://www.salesforce.com/us/developer/docs/api_asynch/Content/asynch_api_quickstart_login.htm
Bit more advanced: http://developer.force.com/cookbook/recipe/scheduling-an-apex-call-from-the-command-line
CURL is a powerful tool and the list of it's commandline options is not for the faint of heart. Still - use it as a reference, especially "-H" meaning HTTP header. I think the "\" is just indicating that it's a multiline command, you can ignore it.
Related
I am trying to implement a REST protocol and have realized in trying to debug that my web server is disallowing the PUT request.
I have tested and confirmed this further by running:
curl -X PUT http://www.mywebserver.com/testpage
Which for my web server gives back a 403 - Forbidden error.
The same happens for DELETE, where as for POST and GET everything is fine.
I am wondering if this is a common issue that those who use REST encounter and what the work-around might be?
Could I make a simple change to an .htaccess file? Or do I need to modify the protocol to set a hidden variable "_method" in the POST query string?
Often web servers will be configured to block anything except GET and POST since
99% of the time they're all that are needed and there have been problems in the
past with applications assuming the requests were one of those two.
You don't say which server it is but, for example, you can tell Apache which
methods to allow with the directive:
eg:
<Limit POST PUT DELETE>
Require valid-user
</Limit>
It sounds like maybe some helpful sysadmin has used this to block non GET/POST
You could try an .htaccess with
<Limit GET POST PUT DELETE>
Allow from all
</Limit>
(I'm not an expert at apache, this may not be exactly correct)
in the official trigger.io docs there seems to be no provision for custom http headers when it comes to the forge.file module. I need this so I can download files behind an http authentication scheme. This seems like an easy thing to add, if support is not already there.
any workarounds? any chance of a quick fix in the next update? I know I could use forge.request instead, but I'd like to keep a local copy (saveURL).
thanks
Unfortunately the file module just uses simple "download url" methods rather than a full HTTP request library, which makes it a fairly big task to add support for custom headers.
I've added a task to our backlog for this, but I don't have a timeframe for it being added.
Currently on iOS you can do basic auth by using urls in the form http://user:password#url.com in case that helps.
Maybe to avoid this you can configure your server differently, or have a proxy server in front that allows you to pass authentication details as get parameters?
The restrictions of a https callbackUrl and the nature of the subscriptions as a whole makes it seem like this is something that can only be done with a publicly accessible url.
So far I have come across two potential solutions to make local development / debugging easier.
The first is the Subscription Proxy service offered by google. This workaround essentially lets you remove the SSL restriction and proxy subscription callbacks to a custom URL.
The second and most helpful way I have found to do development locally is to capture a subscription callback request (say from a server that is publicly accessible) into a log and then use curl to reproduce that request on your local/dev machine using something like:
curl -H "Content-type: application/json" -X POST \
-d '{"json for":"the notification"}' http://localhost:8080/notify
Since the requests can sometimes be large, or you might want to test multiple callback types, I also found it useful to put the JSON of the subscript request into various files (ex: timeline-respond.json) and then run
curl -H "Content-Type: application/json" \
--data #timeline-respond.json http://localhost:8080/notify
I'm curious as to what other people are doing to test their application subscriptions locally.
The command line curl technique that you mention is the best I've found to date.
I've experimented with other solutions, such as an App Engine subscription target paired with a local script which pulls that App Engine service for new notifications to relay to localhost, but so far I haven't found one that's worth the added complexity.
Alternatively, there are many localhost proxies available. My favorite is ngrok.com.
You might want to give localtunnel a try.
I've been working on a REST implementation with my existing Cake install, and it's looking great except that I want to use HTTP Digest Authentication for all requests (Basic Auth won't cut it). So great, I'll generate a header in the client app (which is not cake) and send it to my cake install. Only problem is, I can't find a method for extracting that Digest from the request...
I've looked through the Cake API for something that I can use to get the Digest Header. You'd think that Request Handler would be able to grab it, but I can't find anything resembling that.
There must be another method of getting the digest that I am overlooking?
In the meantime I'm writing my own regex to parse it out of the Request... once I'm done I'll post it here so no one has to waste as much time as I did hunting for it.
Figured it out. It's already accessible via PHP as $_SERVER['PHP_AUTH_DIGEST']
So then you pass to parseDigestAuthData($_SERVER['PHP_AUTH_DIGEST']);
<bangs head against wall>
i have some parsed data in two files. i need to send these to a webserver of a website. i also need to be logged into the webserver first. i am new to this web interaction thing. i just need to know how might i go about doing this. i am learning the libcurl library so i guess it can send standard HTTP POST messages. i will make a simple webserver to test it myself. can anyone tell me what kind of interaction is needed. by that i mean how do i send the username and password information, know that i am logged in and then be send the files. may be some examples of Form Posts which i believe is what i shud be doing right now.
Depending on the type of authentication being performed, the libcurl library may have functionality already built into it to support what you are trying to do. Check out the curl_easy_setopt function--specifically the section dealing with authentication.
For basic authentication, you can do the following.
curl_easy_setopt( curl, CURLOPT_HTTPAUTH, CURLAUTH_BASIC );
curl_easy_setopt( curl, CURLOPT_USERPWD, "username:password" );
You can use for example an old Wininet.dll (http://msdn.microsoft.com/en-us/library/aa385473%28VS.85%29.aspx) or more recent Winhttp.dll on the client side. The last one (WinHTTP) has two C/C++ API and COM Interface. Moreover, in WinHTTP you have more Authentication options (http://msdn.microsoft.com/en-us/library/aa383144%28VS.85%29.aspx).
On the other side old Wininet.dll has function like InternetWriteFile. In InternetConnect (Wininet.dll) you can give lpszUsername and lpszPassword.
In WinHTTP you should use WinHttpSetOption and WinHttpSetCredentials to give Username and password.
Search for both Wininet and WinHTTP and you will find enough Information to decide which one is better for your requirements.