ibmi-brunch-learn

Announcement

Collapse
No announcement yet.

Reading HTTP headers in GET API

Collapse
X
Collapse
 
  • Page of 1
  • Filter
  • Time
  • Show
Clear All
new posts
Previous template Next
  • #1

    Reading HTTP headers in GET API

    Hi

    I want to expose a "GET" API using YAJL that requires some input, basically user id and password for authentication. As the body will always be blank for GET.
    I am trying to look for CGI API/YAJL API that can be used to pass on the HTTP headers in the program.
    Any inputs?

    Thanks,
    Last edited by AS_Developer; August 4, 2019, 11:05 PM.
    Tags: None
  • #2
    Hello,

    You didn't say which software you are using to handle the HTTP communications. Considering that you're question is about how to access part of the HTTP protocol, I would've thought that'd be the FIRST thing you'd tell us?!

    If I had to guess, I'd say you're writing a program that is being called via the IBM HTTP Server (powered by Apache). If that's the case, headers are provided as environment variables. Usually, they are named with 'HTTP_' followed by the name of the header, but there are some exceptions. Details can be found here: https://www.ibm.com/support/knowledg...zaieenvvar.htm

    Comment

    • #3
      Hi Scott,

      I am using your YAJL library to expose my RPG program as a web service. I want to have some authentication and it can be done via a payload being sent from the caller but I am thinking for getting user and password from the headers. So that I can have authentication for GET API also.

      I was searching for an environment variable name that can be used for getenv to retrieve headers in RPG program.

      Thanks, I will have a look at the link provided.

      Comment

      • #4
        Hi Scott,

        I read the document and used QtmhGetEnv to retrieve variable "AUTH_TYPE" but it returns blank even when I make a call to webservice with basic auth.

        Am I missing something?

        Thanks,
        AS_DEVELOPER



        Comment

        • #5
          I don't think AUTH_TYPE is what you're looking for. This would return the type of authentication that is configured in Apache for the method you're using... I don't think that's what you're looking for?

          I'm thinking you want HTTP_AUTHORIZATION or similar. That's why I explained about HTTP_xxx variables, above.

          Comment

          • #6
            Hi Scott,

            Thank you very much it worked.


            Just putting all the information here, so that next person finds it handy.

            1) We need to set the environment variable in CGI as mentioned below.
            SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=$1

            2) We can now use
            d auth s 50
            /Free
            auth = %str(getenv('HTTP_AUTHORIZATION'));
            /End-Free

            3) The value received in variable "auth" is encoded in base64.
            4) This value now needs to be decoded into UTF-8 or job CCSID. For this, we can either use base64r4 service program (https://www.scottklement.com/base64/) or we can use the procedure "apr_base64_decode"
            provided by IBM.


            Thanks,
            AS_Developer

            Comment

            Previous template Next
            Working...
            X