Magnus Carlstrm Posted September 4, 2019 Share Posted September 4, 2019 I am getting 401 error when I am trying to connect to sportfire api. My code public static UserDirectoryServiceClient CreateConnectionSpotifireAPI() { WcfCookieManager.CookieManagerEndpointBehavior_wcfCookieBehavior = new WcfCookieManager.CookieManagerEndpointBehavior(); BasicHttpBinding HTTPBinding = new BasicHttpBinding(); HTTPBinding.Security.Mode = BasicHttpSecurityMode.TransportCredentialOnly; HTTPBinding.Security.Transport.ClientCredentialType = HttpClientCredentialType.None; EndpointAddress DirectoryEndpoint = new EndpointAddress(ConfigurationManager.AppSettings["SpotfireEndpointAddress"].ToString()); UserDirectoryServiceClient uds = new UserDirectoryServiceClient(HTTPBinding, DirectoryEndpoint); uds.Endpoint.Behaviors.Add(_wcfCookieBehavior); getOAuthToken(ConfigurationManager.AppSettings["SpotfireStartpointAddress"].ToString(), _ wcfCookieBehavior); return uds; } static void getOAuthToken(string strServerURL, WcfCookieManager.CookieManagerEndpointBehavior _wcfCookieBehavior) { // config register-api-client --name APIImpersonateClient -Sapi.soap.impersonate // possible Scopes from com.spotfire.server.security.oauth.OAuthScopes class // "api.soap.library-service", "api.soap.update-analysis-service", // "api.soap.information-model-service", "api.soap.license-service", // "api.soap.user-directory-service", "api.soap.impersonate"; /* C:tibcotss7.13.0tomcatbin>config register-api-client -n TestAPIClient -Sapi.soap.library-service -Sapi.soap.user-directory-service C:tibcotss7.13.0tomcatbin>config register-api-client -n TestAPIClient -Sapi.soap.library-service -Sapi.soap.user-directory-service Tool password: Successfully registered a new API client with the display name 'TestAPIClient': Client ID: Client secret: To view the full client configuration, please use the 'show-oauth2-client' command. */ // New with api.soap.impersonate string oAuthClientID = ConfigurationManager.AppSettings["SpotfireClientId"].ToString(); string oAuthClientSecret = ConfigurationManager.AppSettings["SpotfireClientSecret"].ToString(); string urlOAuth = strServerURL + "/oauth2/token"; try { System.Console.WriteLine("Retrieving OAuth Token from: " + urlOAuth); HttpWebRequest wrOAuth = (HttpWebRequest)WebRequest.Create(urlOAuth); string oAuthClientInfo = WebUtility.UrlEncode(oAuthClientID) + ":" + WebUtility.UrlEncode(oAuthClientSecret); string base64OAuth = Convert.ToBase64String(Encoding.UTF8.GetBytes(oAuthClientInfo)); wrOAuth.Headers["Authorization"] = "Basic " + base64OAuth; wrOAuth.Method = "POST"; wrOAuth.ContentType = "application/x-www-form-urlencoded;charset=UTF-8"; byte[] postBytes = Encoding.UTF8.GetBytes("grant_type=client_credentials&scope=" + WebUtility.UrlEncode("api.soap.library-service api.soap.user-directory-service")); // WebUtility.UrlEncode("internal.automation-services-job.execute")); // api.soap.impersonate wrOAuth.ContentLength = (long)postBytes.Length; using (Stream requestStream = wrOAuth.GetRequestStream()) { requestStream.Write(postBytes, 0, postBytes.Length); } HttpWebResponse response = (HttpWebResponse)wrOAuth.GetResponse(); When I rungetresponse I get 401.. In the access log I get unknown [04/Sep/2019:13:42:53 +0200] "POST /spotfire/api/soap/oauth2/token HTTP/1.1" 401 - I have register the api likeconfig register-api-client -n TestAPIClient -Sapi.soap.library-service -Sapi.soap.user-directory-service and added administrator to that user. the api is enabled andCSRF is disabled. What is wrong I just upgraded to 10.4. It looks lite the authorization is not sent but it is added to the header. Link to comment Share on other sites More sharing options...
Shandilya Peddi Posted September 4, 2019 Share Posted September 4, 2019 To start with can enable debug logging on Spotfire Server, reproduce the issue and check for any errors in the server.log or you can attach the log here for review Link to comment Share on other sites More sharing options...
Magnus Carlstrm Posted September 4, 2019 Author Share Posted September 4, 2019 TRACE 2019-09-04T14:59:13,816+0200 [] server.security.RequestMatcher: Found URL pattern match /api/* for URL /api/soap/oauth2/token TRACE 2019-09-04T14:59:13,816+0200 [] server.security.RequestContextFilter: The request URL matches the security config 'public.api.new' TRACE 2019-09-04T14:59:13,816+0200 [unknown, #-, #3469] server.security.CustomAuthFilterWrapper: Skipping Custom Authentication Filter for request for /spotfire/api/soap/oauth2/token TRACE 2019-09-04T14:59:13,816+0200 [unknown, #-, #3469] server.security.SecurityFilter: Filtering request: HTTP POST /api/soap/oauth2/token on port 80 from 91.196.241.164 at port number 59350 TRACE 2019-09-04T14:59:13,816+0200 [unknown, #-, #3469] server.security.SecurityFilter: Checking the implicit security constraints for the requested FRONTEND resource /api/soap/oauth2/token TRACE 2019-09-04T14:59:13,816+0200 [unknown, #-, #3469] security.headers.HeadersFilter: Invoking header directives DEBUG 2019-09-04T14:59:13,816+0200 [unknown, #-, #3469] server.security.SecurityFilter: Returning from filter after requesting the client to authenticate Link to comment Share on other sites More sharing options...
Magnus Carlstrm Posted September 4, 2019 Author Share Posted September 4, 2019 I added trace code Link to comment Share on other sites More sharing options...
Jens Borgland Posted September 12, 2019 Share Posted September 12, 2019 This is not the right path to the OAuth2 token endpoint:/spotfire/api/soap/oauth2/token - remove the "api" and "soap" segments (so /spotfire/oauth2/token). "/spotfire/api/soap" is however the right prefix for the actual SOAP services. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now