API3
rickgeyer at September 5th, 2021 00:17 — #1
I have been trying to fix a problem with POSTS and PUTS and seems like I've tried everything to fix this. I am using Node.js and the GETS are working fine. I only get this error when I'm trying to update with either PUT or POST. My example below uses POST, but I've changed it to PUT, .../contacts/{id}, and included appropriate data, and get the same 400 error. Any help would be appreciated!
here is what I get:
status: 400,
message: 'Invalid auth token',
error_name: 'invalid_auth_token',
error_message: 'Authorization token is invalid',
Here's my code, which I have reduced to a very simple example (I've obviously hidden my credentials).
let requestMethod = 'POST', uid = '****', key = '****';
let fullUrl = 'https://app.onepagecrm.com/api/v3/contacts.json'
let timestamp = Math.round(new Date().getTime() / 1000);
let authData = [uid, timestamp, requestMethod, CryptoJS.SHA1(fullUrl).toString()]
let requestHeader = {};
let data = null;
//insert a simple contact with first name, last name, and company name
let postData = {
"first_name": "Broseph",
"last_name": "Schmidt",
"company_name": "Simple Insert Test Corp"
}
if (requestMethod === 'POST' || requestMethod === 'PUT') {
requestHeader = {
'Content-Type': 'application/json',
'Accept': 'application/json'
};
let jsonData = JSON.stringify(postData);
console.log(jsonData);
data = jsonData
authData.push(CryptoJS.SHA1(jsonData).toString())
}
// Set auth headers if we are logged in
if (key !== null) {
let hash = CryptoJS.HmacSHA256(authData.join('.'),
CryptoJS.enc.Base64.parse(key));
requestHeader = {...requestHeader,
'X-OnePageCRM-UID': uid,
'X-OnePageCRM-TS': timestamp,
'X-OnePageCRM-Auth': hash
}
}
try {
console.dir(requestHeader);
console.dir(await axios({
method: requestMethod.toUpperCase(),
url: fullUrl,
headers: requestHeader,
data
}));
} catch(err) {
console.log(`************ ERROR STATUS ${err.response.status} **********`);
console.dir(err.response.data);
}
PS. I have any idea that my problem may be related to the headers. Seems like I got all this to work once, but can't remember what I had set the headers to. Thanks!
sajedalmorsy at September 6th, 2021 05:44 — #2
Hi @rickgeyer,
Thanks for reaching out
You can use Basic Auth with the User ID and API key which you will find on API configuration page: https://app.onepagecrm.com/app/api
So something like the following should work:
let requestMethod = 'POST', uid = '****', key = '****';
let fullUrl = 'https://app.onepagecrm.com/api/v3/contacts.json'
let requestHeader = {};
let data = null;
//insert a simple contact with first name, last name, and company name
let postData = {
"first_name": "Broseph",
"last_name": "Schmidt",
"company_name": "Simple Insert Test Corp"
}
if (requestMethod === 'POST' || requestMethod === 'PUT') {
requestHeader = {
'Content-Type': 'application/json',
'Accept': 'application/json'
};
let jsonData = JSON.stringify(postData);
console.log(jsonData);
data = jsonData
}
// Set auth headers if we are logged in
if (key !== null) {
let base64 = btoa(uid + ':' + key);
requestHeader = {...requestHeader,
'Authorization': 'Basic ' + base64
}
}
try {
console.dir(requestHeader);
console.dir(await axios({
method: requestMethod.toUpperCase(),
url: fullUrl,
headers: requestHeader,
data
}));
} catch(err) {
console.log(`************ ERROR STATUS ${err.response.status} **********`);
console.dir(err.response.data);
}
Sajed Almorsy
OnePageCRM
rickgeyer at September 6th, 2021 14:33 — #3
Thanks so much for your help, @SajedAlmorsy! Using Basic Authentication WASN'T the problem, but what it allowed me to do was simplify the example in order to get a more appropriate error message. I realized very quickly that I had been converting the HTTP PUT/POST data payload to JSON. I remembered that while fetch() requires the data payload to be JSON, in fact axios() does not, and will try to convert the string again, thus sending garbage and causing failure.
So, I kept my Authentication token logic intact, and simply removed the JSON.stringify()-converted data in the axios() call, and all worked beautifully. Here is the complete, working solution in case anyone else needs it.
//use your own login credentials
async onePageApiCall (url, requestMethod, postData=[], uid='xxx', key='xxx') {
let fullUrl = 'https://app.onepagecrm.com/api/v3/' + url;
let timestamp = Math.round(new Date().getTime() / 1000);
let authData = [uid, timestamp, requestMethod,
CryptoJs.SHA1(fullUrl).toString()]
let requestHeader = {};
let data = null;
//VERY IMPORTANT: For POST and PUT requests, we need to convert our post data
//to JSON for purposes of computing the hash, but using axios below, SEND
//postData as REGULAR JS OBJECT (because axios converts data payload to JSON)
if (requestMethod === 'POST' || requestMethod === 'PUT') {
requestHeader = {
'Content-Type': 'application/json',
'Accept': 'application/json'
};
let jsonData = JSON.stringify(postData); //jsonData used only for hash
authData.push(CryptoJs.SHA1(jsonData).toString())
}
// Set auth headers if we are logged in
if (key !== null) {
let hash = CryptoJs.HmacSHA256(authData.join('.'),
CryptoJs.enc.Base64.parse(key))
requestHeader = {...requestHeader,
'X-OnePageCRM-UID': uid,
'X-OnePageCRM-TS': timestamp,
'X-OnePageCRM-Auth': hash
}
}
try {
return await axios({
method: requestMethod.toUpperCase(),
url: fullUrl,
headers: requestHeader,
data: postData //NOT converted to JSON but rather just a JS Object
});
} catch(err) {
console.log(`********************* ERROR ***********************`);
console.error(err);
return {err};
}
} //end onePageApiCall()
Happy integrating!
Rick Geyer, CTO and Co-Founder
aiLead, Inc.
rick.geyer@aiLead.co
http://aiLead.co (changing soon to https://PureBlue.ai)
sajedalmorsy at September 6th, 2021 15:14 — #4
Great @rickgeyer,
Glad to hear it's working now
Powered by Discourse, best viewed with JavaScript enabled