[OH3] HowTo perform sendHttpGetRequest and sendHttpPutRequest in order to read/write through REST API

opus · November 18, 2020, 11:31am

I’m trying to read and write a value from a channel configuration (via REST).

In OH2 it worked like:

val systemstatus_thing =sendHttpGetRequest('http://127.0.0.1:8080/rest/things/systeminfo%3Acomputer%3Aopuspi3')
    sendHttpPutRequest('http://127.0.0.1:8080/rest/things/systeminfo%3Acomputer%3Aopuspi3','application/json',systemstatus_thing.replaceAll('"pid":([0-9]+)','"pid":' + openHAB_PID))

Now, I’m getting:
[ERROR] [enhab.core.model.script.actions.HTTP] - Fatal transport error: java.util.concurrent.ExecutionException: org.eclipse.jetty.client.HttpResponseException: HTTP protocol violation: Authentication challenge without WWW-Authenticate header

Bruce_Osborne · November 18, 2020, 12:09pm

OH3 API (at lease latest snapshots) requires wither Basic Authentication, if enabled, or an API Token.I do not recall when Basic Auth was introduced. I am testing HABApp with an API Token.

A Token can be created from your Admin page. More information here.

opus · November 19, 2020, 12:30pm

Getting a token is not the problem, however how to use it in the HTTP requests.
I wasn’t able to find any information about changed syntax (not even for the moved time setting) in any documentaion (especially on the next.openhab… site).

Bruce_Osborne · November 19, 2020, 12:46pm

I know @Spaceman_Spiff has the token working in HABApp. Perhaps he can help clarify.

Spaceman_Spiff · November 19, 2020, 4:15pm

If you use a basic auth you can just pass it in the url

http://user:password@127.0.0.1:8080/rest/things/systeminfo%3Acomputer%3Aopuspi3

Bruce_Osborne · November 19, 2020, 4:18pm

I was hoping it would at least be in a header. That is not even secured if you use https.

Spaceman_Spiff · November 19, 2020, 4:22pm

The header will automatically be created from the information from the url.
It’s built in.

Bruce_Osborne · November 19, 2020, 4:24pm

The token is in plain text in the URL though, like http get options. That is why forms use post.

opus · November 19, 2020, 4:29pm

I tried it with replacing user and password with my credentials, but failed with Unauthorized API request: Invalid Basic authentication credentials.
Should I use something like user=myUserName?

Spaceman_Spiff · November 19, 2020, 4:33pm

you have to enable basic auth first since it’s disabled by default

Edit:
Also I recommend creating a new user for every device.

opus · November 19, 2020, 4:42pm

Ups!
Switched it on and tried again. Now it’s a

Fatal transport error: java.util.concurrent.TimeoutException: Total timeout 5000 ms elapsed

BTW : A new used for each device? I’m trying to get data to and from the REST API, so it is the device which runs openHAB which tries to get something from itself.

Bruce_Osborne · November 19, 2020, 4:47pm

It is a service on the device ( & executed by a user) trying to get information from the openHAB service, outside of openHAB. The fact it is running on the same device does not matter to OH.

opus · November 20, 2020, 5:11pm

Using the commands like:

val systemstatus_thing =sendHttpGetRequest("http://opus:******@127.0.0.1:8080/rest/things/systeminfo%3Acomputer%3Aopuspi", 10000)
        val returnvalue = sendHttpPutRequest("http://opus:*****@127.0.0.1:8080/rest/things/systeminfo%3Acomputer%3Aopuspi","application/json",systemstatus_thing.replaceAll('"pid":([0-9]+)','"pid":' + openHAB_PID), 15000)

Can’t say if it would work with smaller timeouts. My testing-system got a bit unresponsive yesterday, that caused the problems. Now it is working, THANKS!

Schnuecks · February 4, 2021, 10:23pm

Hello,

i have a related problem with an thing i want to disable / enable per rule.

The url i got from API explorer, basic auth is enabled and added to url

var String url = "restuser:restpass@https://openhab.srv.local/rest/things/onkyo%3ATX-NR636%3A18b0a1bd-65a1-bdb9-70a8-bd0965b96cd5/enable"
var put = sendHttpPutRequest(url, "application/json", 'enabled', 5000)

failed: Invalid URI host: null (authority: null)

this is the original thing id
onkyo:TX-NR636:18b0a1bd-65a1-bdb9-70a8-bd0965b96cd5

what i am missing here?

Spaceman_Spiff · February 5, 2021, 4:32am

It’s like this:

var String url =" https://restuser:restpass@openhab.srv.local/rest/things/onkyo%3ATX-NR636%3A18b0a1bd-65a1-bdb9-70a8-bd0965b96cd5/enable"

Schnuecks · February 5, 2021, 6:44am

Oh no , i should get more sleep, thank you.

ariela · April 12, 2021, 4:49pm

Hi All,

how to use sendHttpGetRequest with a API token instead of Basic Auth?

I’m struggling from a while, trying almost all possible options … unlucky.

Any clue?

thanks
Andrea

Wolfgang_S · April 12, 2021, 5:40pm

Did you have a look to this thread [JavaScript] Syntax to insert API Token into SendHTTPGetRequest - #4 by alexxio

ariela · April 12, 2021, 5:48pm

I’ve seen that topic, but not sure how to change my rule

sendHttpPutRequest("http://user:password@127.0.0.1:8080/rest/things/openuv:uvreport:local:home/enable", "application/json", 'true')

Questions:

the user created via Karaf is common user (not admin) … is the normal user able to send a Put Request? to me, it sounds like a “write” permission, and it should be an admin characteristic
how to modify the user:pass structure with the API token?

btw if I need an admin user to send put requests, also the API token should be generated by an admin account right?

thanks
Andrea

ariela · April 13, 2021, 6:24am

found and tested the solution

val headers = newHashMap("Authorization" -> "Bearer <put_your_token_here>", "WWW-Authenticate"-> "Basic")
sendHttpPutRequest("http://127.0.0.1:8080/rest/things/openuv:uvreport:local/enable", "application/json", 'false', headers, 1000)

thanks @Wolfgang_S for the input

Andrea