HTTPS Auth for REST and/or Basecamp API help?

Fri Aug 09, 2013 11:44 am

Hi everyone,

We have a student who wants to connect to the basecamp API (https://github.com/37signals/bcx-api).

Now in c# I can work this no issue, but having some issues setting up the service parameters in appery, it just doesn't seem to want to authenticate over HTTPS at all for this. I've setup username + password parameters in my service request, but every time I click test It just says your session has expired. Is this an issue with basic authentication over HTTPS for rest services with appery?

Has anyone used the basecamp api at all with any success? I can't see why it wouldn't' work, it's a standard REST API returning JSON.

Kind regards

// Carl

Fri Aug 09, 2013 1:19 pm

Hi Carl,

Appery.io isn't limited in query capabilities. It's possible to implement any request. If you can't create a query via a standard service, you can try to implement it manually using Generic request. There you will have full control over what is happening.

We do not know basecamp service API in detail, so we can't say anything concrete. Give us a brief quotes from their documentation and what you try to implement in Appery.io. Then we'll be able to find and fix the problem.

Fri Aug 09, 2013 2:09 pm

Hi Katya,

I included the link to their API in my OP but here's an extract on authentication, I can call it fine in a browser or using curl, but whenever i try it as a service in appery I get an error saying my session has expired?

---------------------------------------------------------------------------------------------------------------------------

Making a request

All URLs start with https://basecamp.com/999999999/api/v1/. SSL only. The path is prefixed with the account id and the API version. If we change the API in backward-incompatible ways, we'll bump the version marker and maintain stable support for the old URLs.

To make a request for all the projects on your account, you'd append the projects index path to the base url to form something like https://basecamp.com/999999999/api/v1.... In curl, that looks like:

curl -u user:pass -H 'User-Agent: MyApp (a href="mailto:yourname@example.com" rel="nofollow"yourname@example.com/a)' https://basecamp.com/999999999/api/v1...
To create something, it's the same deal except you also have to include the Content-Type header and the JSON data:

curl -u username:password \
-H 'Content-Type: application/json' \
-H 'User-Agent: MyApp (a href="mailto:yourname@example.com" rel="nofollow"yourname@example.com/a)' \
-d '{ "name": "My new project!" }' \
https://basecamp.com/999999999/api/v1...
That's all!

Fri Aug 09, 2013 3:15 pm

As I understand you need to send
codecurl -u username:password/code
Instead of this you can send username and password in header parameter Authorization
This parameter content should be like
codeBasic dXNlcm5hbWU6cGFzc3dvcmQ=/code
where dXNlcm5hbWU6cGFzc3dvcmQ= is base 64 encoded string
codeusername:password/code
You can use js in mapping if you want to generate this base 64 encoded string. Or you can use Base 64 online encoder to generate this string for test purposes.

Fri Aug 09, 2013 4:00 pm

Hi Oleg,

And thanks for your input, but I'm still getting the same problem. I've now setup a new paramter called Basic in my request, and base64 encoded the user:pass, but whenever I go to test it comes back saying "your session has expired. Please login and try again. Click here for this action"

I've tried several browsers and logging out and in again, no difference

Fri Aug 09, 2013 4:03 pm

Here are the errors from the javascript console

Failed to load resource: the server responded with a status of 405 (Not Allowed) /api/v1/projects.json]https://basecamp.com/[removed]/api/v1...
Failed to load resource: Origin http://appery.io is not allowed by Access-Control-Allow-Origin. /api/v1/projects.json]https://basecamp.com/[removed]/api/v1...
XMLHttpRequest cannot load /api/v1/projects.json]https://basecamp.com/[removed]/api/v1.... Origin http://appery.io is not allowed by Access-Control-Allow-Origin.

Fri Aug 09, 2013 4:14 pm

1) You don't need new parameter Basic. This string should be in content of Authorization parameter

2) Use Appery.io Proxy for this service

Fri Aug 09, 2013 4:20 pm

haha i was just logging in to say I'd figured out what was wrong too Yep I was adding the header as basic, not Authorization with a content of Basic.

Thank you Oleg, i'll pass the info on, that will make one very happy student.

Thanks