×

Discussion Board

Results 1 to 11 of 11
  1. #1
    Registered User
    Join Date
    Jul 2009
    Posts
    5

    Why Authorization Http Header is not accepted ?

    I want develop a widget to retrieve the contacts of a GMail account, but is required the use of the Authorization Header in the XMLHttpRequest.

    Someone knows why this header is not accepted in WRT ?

    Some alternative or just wait to be implemented in further versions ?

    Thanks.

  2. #2
    Nokia Developer Moderator
    Join Date
    Jun 2008
    Location
    Tampere
    Posts
    833

    Re: Why Authorization Http Header is not accepted ?

    Welcome to Forum!

    What phone are you using? (model and software (enter *#0000# into dialer)

    At least gmail atom feed is working with N97.

    Either by using
    Code:
    ajaxrequest.open("get", url, true, username, password);
    or
    Code:
    ajaxrequest.open("GET", url,true);
    ajaxrequest.setRequestHeader("Authorization", "Basic "+ Base64.encode(username+":"+password));

    -Ilkka

  3. #3
    Registered User
    Join Date
    Jul 2009
    Posts
    5

    Re: Why Authorization Http Header is not accepted ?

    Hi,

    Model : 5530 XpressMusic
    Sw : 10.0.050

    The first alternative works fine for GMail, but not for retrieve contacts.

    The second way don't work.

    Thanks for reply.

  4. #4
    Nokia Developer Moderator
    Join Date
    Jun 2008
    Location
    Tampere
    Posts
    833

    Re: Why Authorization Http Header is not accepted ?

    Ok.

    Could you tell which API you are using and possible share some code?
    That would make it easier to trace the root cause of the problem.

    -Ilkka

  5. #5
    Registered User
    Join Date
    Jul 2009
    Posts
    5

    Re: Why Authorization Http Header is not accepted ?

    This is the index.html of widget application. I'm working with Aptana and WRT Plugin.

    For GMail feed show the response text. For Google Contacts Feeds url, the returned http code is 401.

    Code:
    <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
    <html xmlns="http://www.w3.org/1999/xhtml">
        <head>
            <title>Sample Widget</title>
            <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
            <link rel="stylesheet" href="basic.css" type="text/css">
            <META NAME="Generator" CONTENT="Nokia WRT plug-in for Aptana Studio 2.3.0" />
        </head>
        <body>
            TEST
            <div id="respuesta">
            </div>
            <script>
                
                
                try {
                
                    netscape.security.PrivilegeManager.enablePrivilege("UniversalBrowserRead");
                    
                    var req = new XMLHttpRequest();
                    
    				var username = "XXXXXXX";
    				var password = "XXXXXXX";
    				var url = "https://www.google.com/m8/feeds/";
    				//var url = "https://mail.google.com/mail/feed/atom/";
    				
                    req.open("get", url, true, username, password);
                    
                	req.onreadystatechange = handler;
    				
    				req.send(null);
                    
                } 
                catch (e) {
                    document.getElementById('respuesta').innerHTML = e.description;
                }
                
                function handler(){
                    document.getElementById('respuesta').innerHTML = "Respuesta : " + req.status + " " + req.readyState;
                    
                    if (req.readyState == 4 && req.status == 200) {
                        document.getElementById('respuesta').innerHTML = req.responseText;
                    }
                }
                
                
            </script>
        </body>
    </html>
    Last edited by paolo.soto.pino; 2009-12-31 at 12:08.

  6. #6
    Nokia Developer Moderator
    Join Date
    Jun 2008
    Location
    Tampere
    Posts
    833

    Re: Why Authorization Http Header is not accepted ?

    I believe this is more complicated issue than just HTTP headers.

    Contacts Data API authentication part states that AuthSub should be used to authenticate the requests.

    However in the WRT context this won't work because widget it self is lost, when redirect happens. In addition widget does not have a URL where user could be redirected after successful authentication.

    OAuth for Gadgets could be worth of investigation, but I don't know that much about it.

    Br,
    Ilkka

  7. #7
    Registered User
    Join Date
    Jul 2009
    Posts
    5

    Re: Why Authorization Http Header is not accepted ?

    I was trying with ClientLogin ( http://code.google.com/apis/gdata/do...ml#ClientLogin ) , this method return a token when make a login. But for request a list of contacts is necessary set the authorization header in the httprequest, and is there where i have the problem.

  8. #8
    Nokia Developer Moderator
    Join Date
    Jun 2008
    Location
    Tampere
    Posts
    833

    Re: Why Authorization Http Header is not accepted ?

    So you have already done this step:

    Code:
    function authenticate(){
    	var username = document.getElementById("username").value;
    	var pass = document.getElementById("password").value;
    	
    	var params = "HOSTED_OR_GOOGLE&Email="+username+"@gmail.com&Passwd="+pass+"&service=cp&source=TestWidget_01";
    	
    	sendAuthPostReq("https://www.google.com/accounts/ClientLogin", params);	
    }
    
    function sendAuthPostReq(url, params){
    	
    	try {	 
    		netscape.security.PrivilegeManager.enablePrivilege('UniversalBrowserRead');	
    	} catch (e) {}
    	
    	try{
    		if (!authenticateReq) {
    			authenticateReq = new XMLHttpRequest();
    		}else if (authenticateReq.readyState != 0){
    			authenticateReq.abort();
    			writelog("auth aborted");
    		}			
    		authenticateReq.open("POST", url, true);	
    		authenticateReq.onreadystatechange = handleAuthResponse;
    		authenticateReq.overrideMimeType("application/x-www-form-urlencoded");
    		authenticateReq.setRequestHeader("Content-length", params.length);	
    		authenticateReq.setRequestHeader("Connection", "close");
    				
    		authenticateReq.send(params);
    		
    		writelog("Auth POST sent");	
    	}
    	catch(e){
    		writelog("ajaxrequest sending error "+e);	
    	}
    }
    
    function handleAuthResponse(){
    	if(authenticateReq.readyState == 4) {
    	  		writelog("4 (Loaded) All data received. responseTex/responseBody  available.");
    			
    			if (authenticateReq.status == 200){			
    				writelog("Auth response got");
    								
    								
    				var authTokenIndex = authenticateReq.responseText.indexOf("Auth=");
    				
    				if(authTokenIndex != -1){
    					var authToken = authenticateReq.responseText.substr(authTokenIndex+5,authenticateReq.responseText.length);
                                            authToken = authToken.replace(/^\s+|\s+$/g,""); //to get rid of the extra space at the end
    					alert(authToken);	
    				
    				}				
    				
    			}else{				
    				writelog("Authenticate error: " + authenticateReq.status+ " "+ authenticateReq.statusText);
    			}
    		
    	}
    }
    Then you just have to set the header


    Code:
    var url = "http://www.google.com/m8/feeds/contacts/default/full";
    var auth = "GoogleLogin auth=D..YOUR AUTH..o";
    sendajaxrequest(url, auth);	
    	
    function sendajaxrequest(url, auth){	
    
    	writelog("ajaxrequest setup started");
    	
    	try {	 
    		netscape.security.PrivilegeManager.enablePrivilege('UniversalBrowserRead');	
    	} catch (e) {}
    	
    	try{
    		if (!ajaxrequest) {
    			ajaxrequest = new XMLHttpRequest();
    		}else if (ajaxrequest.readyState != 0){
    			ajaxrequest.abort();
    			writelog("ajaxrequest aborted");
    		}	
    				
    		ajaxrequest.open("GET", url, true);
    		ajaxrequest.onreadystatechange = handleAjaxResponse;
     		ajaxrequest.setRequestHeader("Content-type", "application/atom+xml");
    		ajaxrequest.setRequestHeader("Authorization", auth);
    		ajaxrequest.send(null);
    		writelog("ajaxrequest GET sent");		
    	}
    	catch(e){
    		writelog("ajaxrequest sending error "+e);	
    	}
    }
    For some reason you will get SYNTAX_ERR: DOM Exception 12 if you try to call sendajaxrequest directly from the handleAuthResponse.
    However it works if you first login and then get the contacts by using stored auth token.

    Ps.
    The script presented does not handle the login event from top to bottom. For example CAPTCHA handling is omitted.

    -Ilkka
    Last edited by isalento; 2010-01-05 at 14:43. Reason: Code fix

  9. #9
    Registered User
    Join Date
    Jul 2009
    Posts
    5

    Re: Why Authorization Http Header is not accepted ?

    Is just in this line where i yhave the problem :

    Code:
    ajaxrequest.setRequestHeader("Authorization", auth);
    The description of the error is : undefined.

    With others http headers don't have problems.

  10. #10
    Nokia Developer Moderator
    Join Date
    Jun 2008
    Location
    Tampere
    Posts
    833

    Re: Why Authorization Http Header is not accepted ?

    Unfortunately this seems to be issue with 7.0 browser

    The provided code works with N97 (7.1 browser), but asks for credentials on 5530.
    Can you confirm this behavior or does it fails some other way in your use case?

    Ps.
    SYNTAX_ERR: DOM Exception 12 was caused by a white space trailing to auth token.
    Remember to remove it by authToken = authToken.replace(/^\s+|\s+$/g,"");

    -Ilkka

  11. #11
    Registered User
    Join Date
    May 2010
    Posts
    2

    Re: Why Authorization Http Header is not accepted ?

    I am having the same issue as Paolo. I have updated my N97 firmware to the latest, and now the browser version is something like 7.1.x, but the code still gets stuck get "ajaxrequest.setRequestHeader("Authorization", auth);".

Similar Threads

  1. Http Basic authorization
    By pillar in forum Symbian Web Runtime
    Replies: 6
    Last Post: 2010-02-26, 14:43
  2. Trying to Get HTTP Header
    By kiranpuranik in forum Symbian C++
    Replies: 3
    Last Post: 2007-11-01, 18:08
  3. HTTP header
    By xrsu in forum General Messaging
    Replies: 1
    Last Post: 2002-12-11, 08:11
  4. HTTP header and WAP209 header equivalence/precedence/conf licts
    By mobilecohesion in forum General Messaging
    Replies: 0
    Last Post: 2002-12-03, 11:49
  5. HTTP header info. What fields can I as a wap developer expect to receive fr
    By ask_expert in forum Mobile Web Site Development
    Replies: 1
    Last Post: 2002-05-10, 16:24

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •