1
votes

I'm trying to use the API on a website, here's the part of the manual:

Authenticated Sessions (taken from here)

To create an authenticated session, you need to request an authToken from the '/auth' API resource.

  • URL: http://stage.amee.com/auth (this is not my domain)
  • Method: POST
  • Request format: application/x-www-form-urlencoded
  • Response format: application/xml, application/json
  • Response code: 200 OK
  • Response body: Details of the authenticated user, including API version.
  • Extra data: "authToken" cookie and header, containing the authentication token that should be used for subsequent calls.

    Parameters: username / password

Example

Request

POST /auth HTTP/1.1
Accept: application/xml
Content-Type: application/x-www-form-urlencoded

username=my_username&password=my_password

Response

HTTP/1.1 200 OK Set-Cookie: authToken=1KVARbypAjxLGViZ0Cg+UskZEHmqVkhx/Pm...;
authToken: 1KVARbypAjxLGViZ0Cg+UskZEHmqVkhx/PmEvzkPGp...==
Content-Type: application/xml; charset=UTF-8

QUESTION:

How do I get that to work?

I tried jQuery, but it seems to have problem with XSS. Actual code snippet would be greatly appreciated.

p.s.

All I was looking for was WebClient class in C#

2

2 Answers

2
votes

You need to put application/json in your Accept header, this tells the server you want it to respond in that format - not xml.

2
votes

I am using rails to extract the same authentication token cookie from stage.amee.com/auth as mentioned above. it took a bit of experimentation before I created and customised the correct request object that returned a 200 OK, with the authtoken as a cookie. i haven't found an effective method of reading the request object or I would post exactly what it looks like. here is my ruby code from the app's controller

#define parameters
uri=URI.parse('http://stage.amee.com')
@path = '/auth'
@login_details = 'username=your_username&password=your_password'
@headers = {'Content-Type' => 'application/x-www-form-urlencoded', 'Accept' => 'application/json'}

#create request object
req = Net::HTTP.new(uri.host, uri.port)

#send the request using post, defining the path, body and headers
resp, data = req.post(@path, @login_details, @headers)

#print response details to console
puts "response code = " << resp.code
puts "response inspect = " << resp.inspect
resp.each do |key, val| 
  puts "response header key : " + key + " = " + val 
end 
puts "data: " + data