on 02-23-2016 5:05 PM
Hi IDM Experts!
I've set up the REST API for our IDM 8.0 instance and testing the API, by getting the CSRF tokens via an initial GET, and then using the received token to perform a POST operation on an existing User:
Making a slight update to Jannis' useful function, I am now using this to test my REST API:
// Main function:testAPI
function testAPI(Par) {
// import all needed Java Classes
importClass(Packages.java.net.HttpURLConnection);
importClass(Packages.java.net.URL);
importClass(Packages.java.io.DataOutputStream);
importClass(Packages.java.io.InputStreamReader);
importClass(Packages.java.io.BufferedReader);
importClass(Packages.java.lang.StringBuffer);
importClass(Packages.java.lang.Integer);
var urlString = "http://localhost:50000/idmrestapi/v2/service/ET_MX_PERSON(ID=20,TASK_GUID=guid'8885B716-42ED-440B-AD5A-20DEE87F9F82')";
var urlParameters = "{“SV_MX_LASTNAME” : “Benz”}";
var username = "APITestUser";
var password = "password123";
var encoding = uToBase64(username + ":" + password);
//BEGIN - GET CSRF TOKEN FIRST
var url = new URL(urlString); // + "?" + urlParameters);
var readConn = url.openConnection();
readConn.setRequestProperty("Authorization", "Basic " + encoding);
readConn.setRequestMethod("GET");
readConn.setDoInput(true);
readConn.setRequestProperty("Content-Type", "JSONHttpRequest");
readConn.setRequestProperty("Content-Type", "application/x-www-form-urlencoded");
readConn.setRequestProperty("charset", "utf-8");
readConn.setRequestProperty("X-Requested-With", "JSONHttpRequest");
readConn.setRequestProperty("X-Requested-With", "XMLHttpRequest");
readConn.setRequestProperty("X-CSRF-Token", "Fetch");
readConn.connect();
//first get CSRF TOKEN via GET
//get the result and print it out
var responseCode = readConn.getResponseCode();
var xCSRFToken = readConn.getHeaderField("x-csrf-token");
uWarning("Response Code for the GET CSRF: " + responseCode);
uWarning("GOT THE CSRF TOKEN: " + xCSRFToken);
readConn.disconnect();
//END - GET CSRF TOKEN FIRST
//BEGIN - DO POST USING CSRF TOKEN
var writeConn = url.openConnection();
writeConn.setRequestMethod("POST");
writeConn.setDoOutput(true);
writeConn.setDoInput(true);
writeConn.setRequestProperty("Authorization", "Basic " + encoding);
writeConn.setRequestProperty("X-CSRF-Token", xCSRFToken);
writeConn.setRequestProperty("Content-Type", "JSONHttpRequest");
writeConn.setRequestProperty("Content-Type", "application/x-www-form-urlencoded");
writeConn.setRequestProperty("charset", "utf-8");
writeConn.setRequestProperty("X-Requested-With", "JSONHttpRequest");
writeConn.setRequestProperty("X-Requested-With", "XMLHttpRequest");
writeConn.setUseCaches(false);
var os = new DataOutputStream(writeConn.getOutputStream());
os.writeBytes(urlParameters);
os.flush();
os.close();
writeConn.connect();
//first get CSRF TOKEN via GET
//get the result and print it out
responseCode = writeConn.getResponseCode();
uWarning("Response Code for the POST METHOD with CSRF: " + responseCode);
writeConn.disconnect();
//END - DO POST USING CSRF TOKEN
}
Using this updated function, and now performing the POST to the REST API using the required X-CSRF-Token, I am still getting a HTTP 403 error:
Why is this still happening even after using the necessary X-CSRF-Token? Is something wrong with the way the POST request is composed? are the urlParameters wrong? or is the URI for the POST request, wrong?
Would greatly appreciate your help with trying to resolve this error!
Thanks a ton in advance!
Best regards,
Sandeep
This message was moderated.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
82 | |
10 | |
10 | |
9 | |
6 | |
6 | |
5 | |
5 | |
4 | |
3 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.