We Keep Coding

Autorization using bearer token failing

Friends
I am accessing an API using bearer token authorization and getting HTTP status 401.
The problematic code is Dart code (in a Flutter app). I have Swift code that accesses the same API so I can check the headers I am passing.
The Dart code:
var client = http.Client();
var url = Uri.https(<site>, <path>);
Map<String, String> body = {
<Hash entries to define request>
};
var headers = <String, String>{
"Content-Type" : "application/x-www-form-urlencoded; charset=UTF-8",
"Accept" : "application/json, text/javascript, */*; q=0.01",
"Authorization" : "Bearer <Hex token>",
};
var response = await client.post(url, headers: headers, body: body);
http is from: import 'package:http/http.dart' as http;
The hex token is taken from a successful login. It is the same as I see after a successful login with the Swift app.
The "Accept" and "Content-Type" are also the same as the Swift app.
In result the statusCode is 401 and reasonPhrase is "Unauthorized"
The Swift app is working perfectly

This was not the problem I thought.
The Authorization header is ignored by the server and it does some cookie magic to authorise.
In Swift the cookies were set without my intervention. So I never understood that the Bearer.... authorization was ignored.

How i can get Token from headers?

I did authorization via http. post, send a JSON Body with username and password, in the response I get a Header, the Header has a token, it is stored in 'set_cookie: Authorization=token', how do I get it and write it to the storage?

You can get the cookie from the response of login request using the following code
HttpClient _httpClient = new HttpClient();
HttpClientRequest request = await _httpClient.postUrl(Uri.parse(url));
request.headers.set('content-type', 'application/json');
request.add(utf8.encode(json.encode(jsonMap)));
HttpClientResponse response = await request.close();
print(response.cookies); // this is a List<Cookie>, you can iterate and find the required cookie
Now you can store the cookie using shared_preference plugin, and use it in your all the future requests.
HttpClient client = new HttpClient();
HttpClientRequest clientRequest =
await client.getUrl(Uri.parse("http: //www.example.com/"));
clientRequest.cookies.add(Cookie("sessionid", "asdasdasqqwd"));
You can also explore dio library and use AuthInterceptor to add the token for all the requests for you.

Error while generating access_token using Ebay 's REST API - Python requests

I'm trying to use the ebay REST-API for the first. I am simply trying to generate an access_token using the client credentials grant-request. I followed the instructions here https://developer.ebay.com/api-docs/static/oauth-client-credentials-grant.html
HTTP method: POST
URL (Sandbox): https://api.sandbox.ebay.com/identity/v1/oauth2/token
HTTP headers:
Content-Type = application/x-www-form-urlencoded
Authorization = Basic <B64-encoded_oauth_credentials>
Request body (wrapped for readability):
grant_type=client_credentials&
redirect_uri=<RuName-value>&
scope=https://api.ebay.com/oauth/api_scope
I'm getting this error: {'error': 'invalid_client', 'error_description': 'client authentication failed'} and my code looks like this:
path = 'https://api.sandbox.ebay.com/'
app_json = 'application/json'
headers = {
'Content-Type': 'application/x-www-form-urlencoded',
'Authorization': base64.b64encode(b'Basic CLIENT_ID:CLIENT_SECRET')
}
payload = 'grant_type=client_credentials&redirect_uri=Searchez&scope=https://api.ebay.com/oauth/api_scope'
def get_oath_token():
url = 'https://api.sandbox.ebay.com/identity/v1/oauth2/token'
r = requests.post(url, headers=headers, data=payload)
print(r.json())
get_oath_token()
What do I have configured incorrectly? Thanks.

You're base64encoding "Basic " and shouldn't be.
The doc says just encode your Client ID + ":" + Client Secret, and leave the word "Basic" and the space that follows it alone.

In your code, i can see sandbox endpoint URI but in the request body scope, you have used production URL, instead of sandbox

Setting authorization header in http client in ionic and angular 5

I am learning ionic for mobile development latest version. I used http client for calling REST API. But I am facing some issues -
1) I am using POST but it showing me as option.
2) How to set authorization header . I am using bearer token and my rest API is written in PHP.

Use HttpHeaders to set your token. token can be defined in a string
func() {
var headers = new HttpHeaders();
let body = new HttpParams();
body = body.set('key','value');
headers = headers.set("Authorization", "Bearer " + token)
return this.http.post('post-url.com', body,{
headers:headers
});
}
Hope that helps!

PayPal API - (401) Unauthorized when requesting Access Token

I am trying to incorporate PayPal payments into our project, but I am failing at the moment hehe.
Basically, first step is to get the access token request and response, which I am trying to do with WebRequest, but it spits out 401 at me.
Following instructions from: https://developer.paypal.com/docs/integration/direct/make-your-first-call/
Here's the code:
ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12;
WebRequest request = WebRequest.Create("https://api.sandbox.paypal.com/v1/oauth2/token");
request.ContentType = "application/x-www-form-urlencoded";
request.Method = "POST";
request.Credentials = new NetworkCredential("client_id", "secret");
request.PreAuthenticate = true;
string body = "grant_type=client_credentials";
byte[] buffer = Encoding.UTF8.GetBytes(body);
request.ContentLength = buffer.LongLength;
var reqStr = request.GetRequestStream();
reqStr.Write(buffer, 0, buffer.Length);
reqStr.Close();
WebResponse response = request.GetResponse();
Ofcourse, client_id and secret are replaced with real values in the code :)
Thank you for your help!

Figured it out thanks to: C# HttpWebRequest using Basic authentication
Turns out I was not using Basic Auth as intended by PayPal.
Oops :D
Hope someone finds this useful.