[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1306
  • Last Modified:

HTTP Request / HTTP Basic Authentication

We are running a classic ASP site. As part of our system upgrades, I'm trying to implement social media login on OneAll. For the most part, it works well, but to fully implement, they specify the inclusion of a callback script for authentication purposes. The examples they provide are for PHP and Java. For security purposes, I would like to do it in VBScript. However, I do not have the skill set to accomplish what is needed.

They tell me the requirements are:
   * making a connection to a distant server and parsing a JSON structure
   * making an HTTP request to their API server and using HTTP Basic authentication

I'm not even sure that this is possible on our site. So, that is my first question.

Here is the code I've attempted to put together:

<%@LANGUAGE="VBSCRIPT" CODEPAGE="65001"%>
<%
      On Error
      If request("connection_token") <> "" Then  
        Dim conn, rs, sql, valid
        Dim connection_token, site_domain, site_subdomain, site_public_key, site_private_key, resource_uri
            Dim result_json, site_authentication, encoded_site_authentication, result, line

            'Get connection_token
            connection_token = request("connection_token")
      
            'Site Settings
        site_subdomain = "lightningco"
        site_public_key = "c680dg0b-767f-40d8-8951-32ab89b1be7e"
        site_private_key = "d0b63263-bb99-4ab6-b3b8-40d4b11b5981"
            
            'API Access Domain
            site_domain = site_subdomain + ".api.oneall.com"
            
            'Connection Resource
            resource_uri = "https://" + site_domain + "/connection.json"
            
            'Result Container
            result_json = ""
            
            'Forge authentication string username:password
            site_authentication = site_public_key + ":" + site_private_key
            encoded_site_authentication = new (new Base64().encode(site_authentication.getBytes())).replaceAll("[\n\r]", "")
            
            'Set up connection
            URL url = new URL (resource_url
            HttpURLConnection connection = (HttpURLConnection) url.openConnection()
            
            'Connect using basic auth
            connection.setRequestMethod("GET")  
              connection.setRequestProperty("Authorization", "Basic " +  encoded_site_authentication)
              connection.setDoOutput(true)
              connection.setReadTimeout(10000)
              connection.connect()
              connection.getInputStream()
            
            'Read result
            BufferedReader rd = new BufferedReader(new InputStreamReader(connection.getInputStream()))
            
            'Read result
            line = ""
            While Not rd.AtEndOfStream
                  line = line & rd.ReadLine
            Wend
            
            'Done
            Response.Write("<script language=VBScript>MsgBox """ + line + """</script>")

      End If
End If%>

(Error handling has not been included as yet)
The first error occurs under 'Forge authentication:
encoded_site_authentication = new (new Base64().encode(site_authentication.getBytes())).replaceAll("[\n\r]", "")

I'm lost as to know what this is doing or if it can be done in VBScript.

Any help would be greatly appreciated.
0
slegy
Asked:
slegy
1 Solution
 
Scott Fell, EE MVEDeveloperCommented:
I only quickly looked at the documentation. You want to use xmlhttp post

site_subdomain = 'REPLACE WITH YOUR SITE SUBDOMAIN';
site_public_key = 'REPLACE WITH YOUR SITE PUBLIC KEY';
site_private_key = 'REPLACE WITH YOUR SITE PRIVATE KEY';
' API Access Domain
site_domain = site_subdomain&".api.oneall.com"
 'connection Resource
resource_uri = "https://"&site_domain&"/connections.json"


DataToSend="site_subdomain="&site_subdomain&"&site_public_key="&site_public_key
  Dim xmlhttp
  Set xmlhttp = Server.CreateObject("MSXML2.ServerXMLHTTP")
 xmlhttp.setTimeouts 30,500,1000,1000
  xmlhttp.Open "POST", resource_uri
 xmlhttp.setRequestHeader "Content-Type", "application/x-www-form-urlencoded"

  On Error Resume Next
  xmlhttp.Send DataToSend
  
  If Err.Number Then
     theResponse = "Could Not create tickets"
   Err.Clear
  Else
    theResponse = xmlhttp.responseText
  End If
  On Error Goto 0
  Set xmlhttp = nothing

Open in new window


It is the response you need to parse from json http://docs.oneall.com/api/basic/responses-and-errors/

Note, the documentation on that link shows you can request json or xml.

I have not read this, but you probably need to get authorization, get a token, then submit an api call
0
 
slegyAuthor Commented:
Close to working. Login appears to be successful, but an error message is being returned. Thanks for getting me on the right track.
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now