I am creating a django rest api, and I'm trying to send JSON data via PUT request from an Android device, using HttpUrlConnection.
URL url = new URL(myurl);
conn = (HttpURLConnection) url.openConnection();
conn.setReadTimeout(10000 /* milliseconds */);
conn.setConnectTimeout(15000 /* milliseconds */);
conn.setRequestMethod("PUT");
conn.setDoInput(true);
conn.setDoOutput(true);
conn.setRequestProperty("Content-Type", "application/json; charset=UTF-8");
conn.setRequestProperty("Accept", "application/json");
Log.v("Apiput", MainActivity.cookieManager.getCookieStore().getCookies().get(0).toString());
conn.connect();
if(conn.getResponseCode() != 200) {
return "" + conn.getResponseCode();
}
OutputStreamWriter osw = new OutputStreamWriter(conn.getOutputStream());
osw.write(put);
osw.flush();
osw.close();`
I know I have to send a csrf token, but I think that I'm sending it already.
By examining the META in my request I can see the csrf token both in headers and cookies:
'HTTP_COOKIE': 'csrftoken=3jLNzfLIu1P5dBH4WWwggHMH7oDQC7Rx;'
And in my android device i have a CookieManager that says that the csrf cookie has the same value.
V/Apiput﹕ csrftoken=3jLNzfLIu1P5dBH4WWwggHMH7oDQC7Rx
I am getting a 403 (Forbidden) Http error besides the user is authenticated (I can make GET Requests)
[26/Sep/2015 00:16:04]"PUT /api/works/34/ HTTP/1.1" 403 58
With curl I am able to send the request without any problem, with the same user credentials.
I wonder if anyone can tell me what am I doing wrong.
Thanks.
You don't have to set the cookie if you're doing a JSON call to Django REST framework.
It would definitively help if you can provide the permissions associated to the view.
Related
I want to post the request in same formate.
POST /mga/sps/oauth/oauth20/token HTTP/1.1
Host: example.com
Content-Type: application/x-www-form-urlencoded
Authorization: Basic aaabbbCCCdddeeefffGGG
client_id=xxx&client_secret=yyy&grant_type=authorization_code
&code=3v6MJzt9vKtRkxpTFnkJG3IyspWC2k
&redirect_uri=xyz%2Ffolder
I have Implemented but getting bad request and unable to print the post content what I am sending I also want to get the json response after sending this request.
String urlParameters = "grant_type=authorization_code"+"&redirect_uri="+session.getAttribute("redirect_uri")+"&code_verifier="+session.getAttribute("codeVerifier")+"&code="+session.getAttribute("code")+"&state="+session.getAttribute("state");
byte[] postData = urlParameters.getBytes( StandardCharsets.UTF_8 );
int postDataLength = postData.length;
URL url = new URL( "https://example/oauth20/token" );
HttpURLConnection conn= (HttpURLConnection) url.openConnection();
conn.setDoOutput(true);
conn.setInstanceFollowRedirects(false);
conn.setRequestMethod("POST");
conn.setRequestProperty("Content-Type", "application/x-www-form-urlencoded");
conn.setRequestProperty("charset", "utf-8");
conn.setRequestProperty("Content-Length",
Integer.toString(postDataLength ));
conn.setRequestProperty("Host","example.com");
conn.setRequestProperty("Authorization","clientID=xyz");
conn.setUseCaches(false);
DataOutputStream wr = new
DataOutputStream(conn.getOutputStream());
wr.write(postData);
System.out.println(conn.getResponseCode());
System.out.println(conn.getResponseMessage());
conn.disconnect();
You have multiple options.
You can start with Java HTTP Client - Refer
The HTTP Client was added in Java 11. It can be used to request HTTP
resources over the network. It supports HTTP/1.1 and HTTP/2, both
synchronous and asynchronous programming models, handles request and
response bodies as reactive-streams, and follows the familiar builder
pattern.
Apache HttpClient - Refer
RestTemplate - Refer
JAX-RS Client - Example
Spring 5 WebClient - Example
OkHttpClient - Example
Comparison
I am not familiar with https requests so please take it easy on me.
I want to make a post call and retrieve a token for a url. The url is something like:
/auth/token?param1=value1¶m2=value2¶m3=value3¶m4={{value4}}¶m5={{value5}}
I make the post
HttpURLConnection conn = (HttpURLConnection) authentication.openConnection();
conn.setDoOutput(true);
conn.setRequestProperty("Content-Type", "application/x-www-form-urlencoded");
conn.setRequestMethod("POST");
but in order to get the response I have to send the parameters.
I've tried to write the url params as string to the connection outputstream but it doesnt work.
Any help is appreciated.
I am consuming API using HttpURLConnection in my android application and its running fine but if I get response code except then 200 ok (like 404, 500) my port is changing when I hit next request after error response code:
my code for android request is below and wireshark log as well:
try {
url = new URL(path_url + apiMsg); //in the real code, there is an ip and a port
conn = (HttpURLConnection) url.openConnection();
conn.setDoInput(true);
conn.setDoOutput(true);
conn.setConnectTimeout(5000);
conn.setRequestProperty("Content-Type", "application/json; charset=UTF-8");
conn.setRequestMethod("POST");
conn.setRequestProperty("Accept","*/*");
}
Please refer wireshark log:
https://files.fm/u/w7umrwwk
So how to avoid PORT change in error scenario as well like in success 200 case, so that we continue to run on the same PORT.
read about sun.net.http.errorstream.enableBuffering in HttpURLConnection source code.
By default when response code is >= 400 then the connection is closed.
It is a clean though not so efficient way of handling error streams.
Instead of setting obscure system properties to handle this, it would be better to move to a proper http client like apache.
I am developing an Android app that uses an API I developed.
I am doing this connection using HttpUrlConnection and so far the login works fine. The problem arises with the logout. It´s not doing anything. When I do the logout request with Postman then it works fine, but with HttpUrlConnection it does not.
The logout works like this:
Do a POST request to http://ipaddress:12345/api/LogOut
and in the header include the token of the logged user. Then the server should go to the database and delete the token for that user:
This is how I´m trying to do the request:
URL url = new URL(getString(R.string.url) + "LogOut");
HttpURLConnection con = (HttpURLConnection) url.openConnection();
con.setRequestProperty("Content-Type", "application/json");
con.setRequestProperty("Token", TokenSingleton.getToken());
con.setReadTimeout(10000);
con.setConnectTimeout(15000);
con.setRequestMethod("POST");
con.setDoInput(true);
con.setDoOutput(true);
con.setUseCaches(false);
con.connect();
con.getOutputStream().flush();
con.getOutputStream().close();
con.disconnect();
Nothing happens until you do some input. At least call getResponseCode() to see whether you got a 200 or not. Preferably you should consume the input stream, if 200 <= response code <= 299, otherwise the error stream.
NB setDoOutput(true) sets the request method to POST. You don't need to do that yourself. And setDoInput(true) is the default. And close() implies flush().
I am trying to do a http PATCH request but I always get the 404 error, so maybe the settings of my connection are not correct:
URL url = new URL("MyPath");
HttpURLConnection conn = (HttpURLConnection) url.openConnection();
conn.setDoOutput(true);
conn.setRequestProperty("X-HTTP-Method-Override", "PATCH");
conn.setRequestProperty("Content-Type", "application/json");
conn.setRequestProperty("Accept", "application/json");
conn.setRequestMethod("POST");
JsonObject jo = createMyJson();
OutputStreamWriter out = new OutputStreamWriter(conn.getOutputStream());
out.write(jo.toString());
out.close();
System.out.println(conn.getResponseCode());
System.out.println(conn.getResponseMessage());
I get the 404 error, Not found. When doing the same request using Postman, this is working..
Thank you for your help.
Not all servers support X-HTTP-Method-Override. In that case your last resort is (if you are not using a decent HTTP client) to hack the URLConnection object.
I posted a complete solution here on SO, check it out.