Delphi XE7 Indy idHTTP client post error authorising

1
votes

I'm attempting to connect to an online API using Indy HTTP client. The error I'm getting is "Authorisation failed (that's our message) EIdOSSLUnderlyingcryptoerror Error connecting with SSL, error:14094410: ssl ROUTINES:SSL3_READ_BYTES:SSLV3 alert handshake failure."

The idSSLIOHandler is set with the mode as sslmClient.

`procedure TOnLineSettingsForm.Button5Click(Sender : TObject);
var
S: TStringStream;
R : TStringStream;
sTest : String;
sResponse : String;
sAuthCode : AnsiString;
begin
//S := TStringList.Create;
R := TStringStream.Create;
if Length(edCert.Text) <> 0 then
begin
   try
     try
        sAuthCode := 'AUTHORISATION:' + edCert.Text;
        S := TStringStream.Create('AUTHORISATION:' + edCert.Text,   TEncoding.UTF8);
        S.Position := 0;
        with IdHTTP1 do
        begin
           IOHandler := IdSSLIOHandlerSocketOpenSSL1;
           Post('https://api.cloudwaitress.com/V1/...', S); //  sAuthCode);
           sResponse := ResponseText;
        end;
        sTest := R.DataString;
     except
        on e:exception do
        begin
           Showmessage('Authorisation failed....' + e.ClassName + ' ' + e.Message);
           sTest := R.DataString;
        end;
     end;
  finally
     s.Free;
     R.Free;
  end;
end else
begin
   Beep;
  Beep;
  ShowMessage('Please enter the id code.');
end;
end;`

The documentation says the folowing is required for authentication

curl https://api.cloudwaitress.com/v1/... -H "Authorization: YOUR_API_KEY"

I was concerned that the "..." at the end of the url would be invalid, so I left it out. Got the error so put it back. Same error. So, I suspect, the problem is with something else. I note the authorisation doesn't include anything about content type. Although other requests for this API do and require "application/json".

Is it possible a handshake failure simply means the API connection isan't valid?

Sorry - should have said - the Indy version is 10.6.1.5182. I note that the same error can be triggered if TLS is required on the server. And that Indy 10.6.2 fixed that problem. Could it be I nned to get a more recent version of Indy?

Thanks

Alan

1
apidelphiauthorizationindyidhttp
... should be replaced with API method you want to execute. - Olvin Roght
I suspected that may be the case. And tried it. No change. Identical result. I'm beginning to think there is something wrong with the documentation. - Alan Jeffery

1 Answers

0
votes

The error I'm getting is "Authorisation failed (that's our message) EIdOSSLUnderlyingcryptoerror Error connecting with SSL, error:14094410: ssl ROUTINES:SSL3_READ_BYTES:SSLV3 alert handshake failure."

EIdOSSLUnderlyingCryptoError has nothing to do with HTTP itself, it is an encryption library error. In this case, it is saying the SSL/TLS handshake is failing, before the HTTP request can be sent over the connection. For instance, that could happen if the API requires TLS v1.1+, as TIdSSLIOHandlerSocketOpenSSL defaults to TLS v1.0 only, but you can manually enable TLS v1.1 and v1.2 in the SSLIOHandler's SSLOptions.SSLVersions property.

Also, the post stream is the wrong place to send an HTTP Authorization header.

Try this:

procedure TOnLineSettingsForm.Button5Click(Sender : TObject);
var
  S: TStringStream;
  sResponse : String;
begin
  if edCert.GetTextLen > 0 then
  begin
    try
      S := TStringStream.Create('...', TEncoding.UTF8);
      try
        IdSSLIOHandlerSocketOpenSSL1.SSLOptions.SSLVersions := [sslvTLSv1, sslvTLSv1_1, sslvTLSv1_2];
        IdHTTP1.IOHandler := IdSSLIOHandlerSocketOpenSSL1;
        IdHTTP1.Request.CustomHeaders.Values['Authorization'] := edCert.Text;
        sResponse := IdHTTP1.Post('https://api.cloudwaitress.com/V1/...', S);
      finally
        S.Free;
      end;
    except
      on E: Exception do
      begin
        ShowMessage('Error.... ' + e.ClassName + ' ' + e.Message);
      end;
    end;
  end else
  begin
    Beep;
    Beep;
    ShowMessage('Please enter the id code.');
  end;
end;

the Indy version is 10.6.1.5182... Indy 10.6.2 fixed that problem. Could it be I need to get a more recent version of Indy?

Whether it fixes the problem or not, 10.6.1 is very old, so you should upgrade anyway. At the time of this writing, the current version is 10.6.2.5518.