We Keep Coding

Get Headers for API Authentication [duplicate]

I'm working on a simple Flutter mobile app that needs to call out to an API that uses Basic Auth.
I can hit the API in Postman using email & password credentials and it encodes the email & password in Base64 (I assume with a ":" separating) before performing the request.
I'm not sure how to do this in Flutter / Dart...
I've tinkered with the http package and tried to do the Base64 encoding... but I just get back errors from the server.
Can anyone provide some guidance or an example for a basic auth request?

Assuming that your server expects that the username:password combo will be encode it UTF-8 (see RFC 7617 for more details) then use this:
import 'dart:convert';
import 'package:http/http.dart';
main() async {
String username = 'test';
String password = '123£';
String basicAuth =
'Basic ' + base64.encode(utf8.encode('$username:$password'));
print(basicAuth);
Response r = await get(Uri.parse('https://api.somewhere.io'),
headers: <String, String>{'authorization': basicAuth});
print(r.statusCode);
print(r.body);
}

I know it's late but I am posting this if it can help others.
import 'dart:convert';
var auth = 'Basic '+base64Encode(utf8.encode('$username:$password'));
Future<Response> callAPI(param) async {
await dio.post('/api/test',
data: {'param': param},
options: Options(headers: <String, String>{'authorization': auth}));
}

Flutter REST api call with Basic auth returns 401, despite correct credentials

I'm trying to call an api from flutter but i keep getting 401 Unauthorized. According to the api documentation it uses basic authentiocation and is UTF-8 encoded. The username and password is provided by the docs and if try the api in a web browser and enter those credentials it goes through and i recieve the data. This is the code i'm using in flutter:
Future<void> requestData() async {
String username = 'abc';
String password = '123';
String basicAuth = 'Basic ' + base64Encode(utf8.encode('$username:$password'));
Response r = await get(
Uri.parse('http://api.example.com'),
headers: {
HttpHeaders.authorizationHeader: basicAuth,
});
print(r.body);
print(r.statusCode);
}
I've also tried this variation which gave the same result:
headers: <String, String>{
'authorization': basicAuth
}
Seeing as the username and password are correct there must be something wrong with how i make the call, but i've tried to do it a bunch of different ways and nothing works. Any help would be greatly appreciated!

As per my experience, there is no need of token or basic auth while doing login. And login is post method not get.

Turns out the documentation i read was outdated/incorrect. The api uses "Digest authentication" which i looked up and was able to implement. This is the code if anyone is interested:
import 'package:http/http.dart';
import 'package:http_auth/http_auth.dart';
...
Response res = await DigestAuthClient("USERNAME", "PASSWORD")
.get(Uri.parse("API_URL")).timeout(const Duration(seconds: 20));

Escape " in axios

I am making an api call to WuFoo forms
to do a dateCreated filter it needs to look like this (note double quote):
Filter1=DateCreated+Is_greater_than+"2019-11-13 12:00:00"
However, Axios urlencodes it to look like this:
Filter1=DateCreated%2BIs_greater_than%2B%222019-11-13+12:00:00%22'
and WuFoo unfortunately returns incorrect response to that.
I have tried escaping the encoding by using paramSerializer:
const instance = axios.create({
baseURL: 'https://subdomain.wufoo.com/api/v3',
timeout: 1000,
headers: { 'Authorization': 'Basic fjdkalfjkdafldklaskflsdkl' },
paramsSerializer: function(params) { return params }
});
....
instance.get('/forms/form/entries.json',{
params:{
Filter1: qDateFilter
}
})
qDateFilter = DateCreated+Is_greater_than+"2019-11-13 12:00:00"
However I now have the following error:
TypeError [ERR_UNESCAPED_CHARACTERS]: Request path contains unescaped characters
at new ClientRequest (_http_client.js:139:13)
at Object.request (https.js:309:10)
at RedirectableRequest._performRequest (/home/node/app/node_modules/follow-redirects/index.js:169:24)
at new RedirectableRequest (/home/node/app/node_modules/follow-redirects/index.js:66:8)
at Object.wrappedProtocol.request (/home/node/app/node_modules/follow-redirects/index.js:307:14)
at dispatchHttpRequest (/home/node/app/node_modules/axios/lib/adapters/http.js:180:25)
at new Promise (<anonymous>)
at httpAdapter (/home/node/app/node_modules/axios/lib/adapters/http.js:20:10)
at dispatchRequest (/home/node/app/node_modules/axios/lib/core/dispatchRequest.js:59:10)
at processTicksAndRejections (internal/process/task_queues.js:93:5) {
code: 'ERR_UNESCAPED_CHARACTERS'
}
Attempts to just use a straight full string as a URL don't work either, it still encodes it.
Using straight " in postman works fine, same with curl.
Any other options?

WuFoo got back to me. It wasn't the " it was actually the encoding of the + sign. I replaced with spaces and it worked.

Trying to use 'Postman' and having trouble setting Basic access authentication Headers

I have an API endpoint that I am trying to test with the google app: 'Postman'. I need to set the headers which use 'Basic authentication'. I am not sure what should go in 'Header: Value'
This is how the admin said the headers should be set:
"The head value is the word 'Basic' followed by your org name and your Api key separated by a colon and base64 encoded."
I have tried numerous things but I am not getting it quite right. The error I get is "Message: Token not set".

Your header field should look like this:
Header : Authorization
Value : Basic base64('YourOrgName:YourAPIKEY');
You can get the base64 value of your string here:
https://www.base64encode.org/
For example, for my-org-name:123key4api it should be bXktb3JnLW5hbWU6MTIza2V5NGFwaQ==.
The complete header would look like:
Authorization: Basic bXktb3JnLW5hbWU6MTIza2V5NGFwaQ==

Looks like you are facing trouble in getting the base64 value. Well you can make use of in-built function in Javscript as below.
Simply run below code in any JS runtime, (Simplest would be - open console tab in chrome developer tool)
"username:password!" // Here I used basic Auth string format
// Encode the plain string to base64
btoa("username:password!"); // output: "dXNlcm5hbWU6cGFzc3dvcmQh"
// Decode the base64 to plain string
atob("dXNlcm5hbWU6cGFzc3dvcmQh"); // output: "username:password!"

It's 2019 and with Version 6.5.3 we have a separate tab to use different kind of Authentication techniques.
For basic auth you just have to give username and password after selecting "Basic Auth" under Authentication tab

Putting it all together in a pre-request script
(and then use the access_token for oauth).
var Base64={_keyStr:"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=",encode:function(e){var t="";var n,r,i,s,o,u,a;var f=0;e=Base64._utf8_encode(e);while(f<e.length){n=e.charCodeAt(f++);r=e.charCodeAt(f++);i=e.charCodeAt(f++);s=n>>2;o=(n&3)<<4|r>>4;u=(r&15)<<2|i>>6;a=i&63;if(isNaN(r)){u=a=64}else if(isNaN(i)){a=64}t=t+this._keyStr.charAt(s)+this._keyStr.charAt(o)+this._keyStr.charAt(u)+this._keyStr.charAt(a)}return t},decode:function(e){var t="";var n,r,i;var s,o,u,a;var f=0;e=e.replace(/[^A-Za-z0-9\+\/\=]/g,"");while(f<e.length){s=this._keyStr.indexOf(e.charAt(f++));o=this._keyStr.indexOf(e.charAt(f++));u=this._keyStr.indexOf(e.charAt(f++));a=this._keyStr.indexOf(e.charAt(f++));n=s<<2|o>>4;r=(o&15)<<4|u>>2;i=(u&3)<<6|a;t=t+String.fromCharCode(n);if(u!=64){t=t+String.fromCharCode(r)}if(a!=64){t=t+String.fromCharCode(i)}}t=Base64._utf8_decode(t);return t},_utf8_encode:function(e){e=e.replace(/\r\n/g,"\n");var t="";for(var n=0;n<e.length;n++){var r=e.charCodeAt(n);if(r<128){t+=String.fromCharCode(r)}else if(r>127&&r<2048){t+=String.fromCharCode(r>>6|192);t+=String.fromCharCode(r&63|128)}else{t+=String.fromCharCode(r>>12|224);t+=String.fromCharCode(r>>6&63|128);t+=String.fromCharCode(r&63|128)}}return t},_utf8_decode:function(e){var t="";var n=0;var r=c1=c2=0;while(n<e.length){r=e.charCodeAt(n);if(r<128){t+=String.fromCharCode(r);n++}else if(r>191&&r<224){c2=e.charCodeAt(n+1);t+=String.fromCharCode((r&31)<<6|c2&63);n+=2}else{c2=e.charCodeAt(n+1);c3=e.charCodeAt(n+2);t+=String.fromCharCode((r&15)<<12|(c2&63)<<6|c3&63);n+=3}}return t}};
var userPass = pm.environment.get("oauth_key") + ':' + pm.environment.get("oauth_secret")
pm.sendRequest({
url: pm.environment.get("basepath")+"/oauthpreview/token",
method: 'POST',
header: {
'Accept': 'application/json',
'cache-control':"no-cache",
'Authorization' : 'Basic ' + Base64.encode(userPass),
'Content-Type': 'application/x-www-form-urlencoded'
},
body: {
mode: 'urlencoded',
urlencoded: [
{key: "grant_type", value: "client_credentials", disabled: false}
]
}
}, function (err, res) {
pm.environment.set("access_token", res.json().access_token);
})

Why parenthesis is needed in this Coffeescript?

I have this piece of code
#_showSection(
{ redirect: url, token: token },
FailedView)
In Coffeescript, parenthesis is optional, so I tried to remove them
#_showSection
{ redirect: url, token: token },
FailedView
I got a SyntaxError: unexpected INDENT
I tried a few other changes e.g.
#_showSection
redirect: url, token: token
FailedView
They are not accepted by coffeescript compiler either.
Why in this case the removal of parenthesis is not acceptable?

This works fine for me:
#_showsection
redirect: url, token: token
FailedView
And your indentation is wrong in the second example. You also can put the key/value pairs each on one line.
#_showsection
redirect: url
token: token
FailedView
What doesn't work, is putting the object argument on its own line with braces.
Edit:
If you want a solution with braces, you could go with something like this:
#_showsection {
redirect: url,
token: token
},
FailedView
Also, if you want all the extras, you can use the shortened syntax for object description (if you use braces):
#_showsection {
redirect: url,
token},
FailedView
I still couldn't find one where the first argument starts on the second line with a brace.