I ask for a token, it works :
POST auth-user.coi.im/login_check {"username": "reader", "password": "reader"}
{"token":
eyJ0eXAiOiJKV..........................................................." }
without token : it's ok ! i have the error message
auth-user.coi.im/api/users/1
{"code":401,"message":"JWT Token not found"}
with token :
auth-user.coi.im/api/users/1
Authorization Bearer eyJ0eXAiOiJKV...........................................................
Could not get any response
There was an error connecting to auth-user.coi.im/api/users/1.
or with curl and with token:
curl -X POST -H "Content-Type: application/json" -H "Authorization: Bearer eyJ0eXAiOiJKV1QiLC......................"
curl: (56) Recv failure: Connection was reset
HELP !
I have the same answer as if I put anything like url
why, does it work on my computer and not on a remote server?
If you use apache server, it will strip any Authorization header not in a valid HTTP BASIC AUTH format
Create a .htaccess file at the root of your project, and add this rule,
SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=$1
Found in the : jwt docs
Related
I have a curl request
curl --proxy 'http://proxy_host:4000' --url 'http://url.com'
How do I translate this into a valid Http Message? I'm unsure of how to structure it and which headers I need to use.
Can Nginx natively parse the Authorization header (base 64) and return the username password? Or is a custom Lua function required to do this?
Example Request
curl -v -u USERNAME:PASSWORD https://example.com
> GET / HTTP/2
> Host: example.com
> Authorization: Basic dXNlcm5hbWU6cGFzc3dvcmQ=
when executed this command:
curl -H "Host:" http://127.0.0.1
it response 400 Bad request.
from http rfc:
If the requested URI does not include an Internet host name for the service being requested, then the Host header field MUST be given with an empty value.
why?
Because -H "Host:" removes the header altogether. See the docs for -H, --header <header/#file>:
[...] Remove an internal header by giving a replacement without content on the right side of the colon, as in: -H "Host:". If you send the custom header with no-value then its header must be terminated with a semicolon, such as -H "X-Custom-Header;" to send "X-Custom-Header:".
You need -H "Host;" to send an empty host header.
I'm working with a stm32f4 microcontroller using lwip/stack, i use it to controle send http requests via ethernet .
the following code works fine:
sprintf(buffer, "GET /api/callAction?deviceID=80&name=turnOn\r\n");
strcat(buffer, "Host: 192.168.2.7\r\n");
strcat(buffer, "Connection: close\r\n");
strcat(buffer, "\r\n");
the problem is when the sever needs authentication like this :
admin:admin#192.168.2.7/api/callAction?deviceID=80&name=turnOn
i have tried adding an authorization part to the code :
strcat(buffer, "Host: admin:admin#192.168.2.7\r\n");
But the http request doesn't work .
Any ideas?
ps: im using Keil ARM /stm32f4 / lwip stack
Server: Fibaro home center lite
Have a read here:
https://en.wikipedia.org/wiki/Basic_access_authentication
you want to pass this string
Authorization: Basic XXXXXXXXXXXXXXXX
where XXXXXXXXXXXXXXXX is the Base64 version of username:password
for example, if username is Aladdin and password is OpenSesame then you have to Base64 encode the string Aladdin:OpenSesame which results into QWxhZGRpbjpPcGVuU2VzYW1l
you string is then:
Authorization: Basic QWxhZGRpbjpPcGVuU2VzYW1l
Just strcat it as you do for all the other stuff:
strcat(buffer, "Authorization: Basic QWxhZGRpbjpPcGVuU2VzYW1l\r\n");
I am sending the following request via command line osx
curl -X POST "http://thing.com/feeds/auth" -d "username=name" -d "password=password"
I am receiving a message as follows:
<authentication status="passed">
<timestamp timeZone="EST">20140317194754</timestamp>
</authentication>
I need to capture the cookie that is created when i authenticate so I can use if for further requests. How would I do this?
Thanks!
Use the parameter --dump-header to save the header into a file. From there you can get the cookie. It will be beside the response header Set-Cookie:
--dump-header /var/tmp/xyz/header.txt