Ruby get request with session key

Added by Otto almost 4 years ago

[I've also posted this question on stackoverflow: http://stackoverflow.com/questions/36385748/http-get-request-with-session-key]

I'm a bit of newbie regarding HTTP GET/POST request in Ruby. I want to use a get request that requires some kind of authorization.

Under "get list" in the next api (https://api.test.nordnet.se/api-docs/index.html) it says that it wants the following parameters:

Parameters
- Accept-Language: Language prefered in the response. Note: nb and nn will return the same as no header string
- Authorization: Basic auth. The session_id should be sent as both username and password header string

I use the following code to authorize myself, but the last "GET requests" gives an error:

require 'openssl'
require 'base64'
require 'uri'
require 'net/http'
require 'json'
username = 'MYUSERNAME'
password = 'MYPASSWORD'
service = 'NEXTAPI'
  1. Create auth
    string = Base64.encode64(username) + ':' + Base64.encode64(password) + ':' + Base64.encode64((Time.now.\
    to_i * 1000).to_s)
    public_key_data = File.read(service + '_TEST_public.pem')
    public_key = OpenSSL::PKey::RSA.new(public_key_data)
    auth = URI::escape(Base64.encode64(public_key.public_encrypt(string)),
    Regexp.new("[^#{URI::PATTERN::UNRESERVED}]"))
  1. Setup HTTPS
    http = Net::HTTP.new('api.test.nordnet.se', 443)
    http.use_ssl = true
  1. Get status of server
    response = http.get('/next/2/', {'Accept' => 'application/json'})
    puts response.body
  1. POST login
    response = http.post('/next/2/login', "auth=#{auth}&service=#{service}", {'Accept' => 'application/json'})
    puts response.body
    data = JSON.parse(response.body)
    session_key = data['session_key']
auth_string = "Basic " + session_key + ":" + session_key
response = http.get('/next/2/lists', {'Authorization' => auth_string })
puts response

Not sure what is going wrong here. Or what I need to do. I get the following error.

#<Net::HTTPNotAcceptable:0x007fac74276d20>

Question 1: How do I properly send my session key as both username and password?
Question 2: How would I actually send parameters and headers, and what are the differences?
Question 3: Is there a difference in what will be needed in regards to headers/parameters depending on if I send a GET or POST request?

Thanks


Replies (1)

RE: Ruby get request with session key - Added by Otto almost 4 years ago

Was able to solve it. The end part has a correct get request

require 'openssl'
require 'base64'
require 'uri'
require 'net/https'
require 'json'
require 'cgi'

username = 'USERNAME'
password = 'PASSWORD'
service  = 'NEXTAPI'

def http_get(path,params)
    http = Net::HTTP.new('api.test.nordnet.se', 443)
    http.use_ssl = true

    #return http.get("#{path}?", params)
    return http.get("#{path}?")
    #return Net::HTTP.get(path)
end

# Create auth                                                                                           
string = Base64.encode64(username) + ':' + Base64.encode64(password) + ':' + Base64.encode64((Time.now.\
to_i * 1000).to_s)
public_key_data = File.read(service + '_TEST_public.pem')
public_key = OpenSSL::PKey::RSA.new(public_key_data)
auth = URI::escape(Base64.encode64(public_key.public_encrypt(string)),
                   Regexp.new("[^#{URI::PATTERN::UNRESERVED}]"))

# Setup HTTPS                                                                                           
http = Net::HTTP.new('api.test.nordnet.se', 443)
http.use_ssl = true

# Get status of server                                                                                  
response = http.get('/next/2/', {'Accept' => 'application/json'})
puts response.body

# POST login                                                                                            
response = http.post('/next/2/login', "auth=#{auth}&service=#{service}", {'Accept' => 'application/json'})
puts response.body

data = JSON.parse(response.body)
session_key = data['session_key']

uri = URI('https://api.test.nordnet.se:443/next/2/lists')

Net::HTTP.start(uri.host, uri.port,
  :use_ssl => uri.scheme == 'https', 
  :verify_mode => OpenSSL::SSL::VERIFY_NONE) do |http|

  request = Net::HTTP::Get.new uri.request_uri
  request.add_field('Accept', 'application/json')
  request.basic_auth session_key, session_key

  response = http.request request # Net::HTTPResponse object

  puts response.body#  puts response.body
end

(1-1/1)