0
votes

In my Phoenix app, I am trying to use the HTTPoison HTTP client (https://hexdocs.pm/httpoison/api-reference.html) to make a post request to the AgileCRM API. I was able to use cURL to make a successful request, but my attempt to replicate it in Phoenix is failing with a 401 UNAUTHORIZED error.

My successful cURL:

$ curl https://domain.agilecrm.com/dev/api/contacts/search/email \
-H "Accept: application/json" \
-d 'email_ids=["[email protected]"]' \
-u [email protected]:api_key

which returns status 200 and the requested data.

My failing HTTPoison:

url = "https://domain.agilecrm.com/dev/api/contacts/search/email"
body = Poison.encode!(%{"body": "email_ids=['[email protected]']"})
headers = [{"Accept", "application/json"}, {"Authorization", "[email protected]:api_key"}]

response = HTTPoison.post!(url, body, headers)

IO.inspect response

which returns

%HTTPoison.Response{body: "<html><head>\n<meta http-equiv=\"content-type\" content=\"text/html;charset=utf-8\">\n<title>401 UNAUTHORIZED</title>\n</head>\n<body text=#000000 bgcolor=#ffffff>\n<h1>Error: UNAUTHORIZED</h1>\n</body></html>\n",
headers: [{"X-TraceUrl", "/appstats/details?time=1509129565372&type=json"},
{"WWW-Authenticate", "Basic realm=\"agilecrm\""},
{"Content-Type", "text/html; charset=utf-8"},
{"X-Cloud-Trace-Context", "8de994n2tbu2o356891bc3e6"},
{"Date", "Fri, 27 Oct 2017 18:39:25 GMT"}, {"Server", "Google Frontend"},
{"Content-Length", "200"}],
request_url: "https://domain.agilecrm.com/dev/api/contacts/search/email", status_code: 401}

From the message, I'm assuming (perhaps incorrectly) that the issue is with the authorization data. My understanding was that the -u flag in a cURL is the equivalent of adding an Authorization header, but perhaps not?

HTTPoison also allows for an options parameter, and one of the options (ha!) is ":proxy_auth - proxy authentication {User, Password} tuple", but passing [proxy_auth: {"[email protected]", "api_key"}] produces the same result.

Any thoughts on this would be much appreciated

2

2 Answers

5
votes

The equivalent of curl -u is the basic_auth option of hackney, not HTTPoison's proxy_auth. You can use it like this:

HTTPoison.post!(url, body, headers, hackney: [basic_auth: {"[email protected]", "api_key"}])
2
votes

Actually curl -u does more, check this answer: What is -u flag on cURL actually doing?.

It encodes your user:password into base 64 string and adds Basic prefix.

You should send a header like this

Authorization: Basic base64 encoded string