This topic contains 11 replies, has 5 voices, and was last updated by diglin 10 years, 1 month ago.
Starting from March 1, 2020 the forum has been switched to the read-only mode. Please head to StackOverflow for support.
- CreatorTopic
- February 2, 2014 at 1:49 am #30058
Hi
I’m having problem understanding exactly how are the API filter commands are to be executed. I see that the format is/api/rest/{version}/user/filter
and for user command there is 2 filters of either email or username but I don’t understand exactly where to initiate these filter variables.
All help will be greatly appreciated.
Best Regards
Ari Kurtz
- CreatorTopic
- AuthorReplies
- February 3, 2014 at 8:38 am #30059
Hi.
Now only pagination supported in “list” requests. For user there is filter by email and username it should be called in following format
1$.getJSON('/api/rest/latest/user/filter?email=admin@example.com', function(data){console.log(data); })March 7, 2014 at 2:48 am #30060Hi
Can you help me.
How I can auth by WSSE in /api/rest with jquery?March 7, 2014 at 9:45 am #30061Hello.
Are you going to use REST inside the platform/crm application ?
If so you do not need to pass WSSE because user already will have authorization cookie.JQuery code could be similar to following:
$.ajax('http://crmdev.lxc/app_dev.php', {
type: "GET",
beforeSend: function(xhrObj){
xhrObj.setRequestHeader("Authorization",'WSSE profile="UsernameToken"');
xhrObj.setRequestHeader("X-WSSE", '');
},
});
But keep in mind that to access from different domain you should allow CORS access.
March 10, 2014 at 9:40 pm #30062Hi.
I try this:123456789$.ajax('/app_dev.php/api/rest/latest/accounts/1', {type: "GET",beforeSend: function(xhrObj){xhrObj.setRequestHeader("Authorization",'WSSE profile="UsernameToken"');xhrObj.setRequestHeader("X-WSSE", 'UsernameToken Username="admin", PasswordDigest="LV4oH7WplbjXbfM5Xk4i4oZSGBU=", Nonce="OTZlNmRiODU1NWE5N2I2Mg==", Created="2014-03-11T11:26:00+07:00"');}}).done(function( data ) {console.log(data);});And have result:
1GET /app_dev.php/api/rest/latest/accounts/1 401 (Unauthorized)What I doing wrong?
March 11, 2014 at 10:40 am #30063Hi.
Recently we updated version of WSSE bundle and now it uses salt to generate “digest”. So i guess used
app/console oro:wsse:generate-header
command, am I right ?
If so there will be small issue, here is a patch for you.Hope it will help.
P.S. Also keep in mind that new version of WSSE bundle requires unique “nonce” on each request to prevent “replay attack”. So header should be regenerated with unique nonce.
March 11, 2014 at 7:39 pm #30064Thank you very much! It works!
How can I not regenerate headers each request? I have a lot of requests.March 12, 2014 at 6:39 am #30065Seems that it’s correct behavior for WSSE. So for security reasons you should regenerate it.
Please let us know if you have any other questions.
March 19, 2014 at 4:46 pm #30066@ZOTTIG, this is an issue, we’ll solve this in next release at the beginning of April.
March 21, 2014 at 10:38 am #30067The patch works for me too but regenerating each time the key is not fun….
At the moment I generate those keys via CLI. But am I right? normally I should generate it only once to use it from a third party application. So @dima this is what you mean that it will be fixed and only once this key should be generated.
Thanks for the reply
March 22, 2014 at 5:25 am #30068@diglin It will work as I described before(the same in WSSE specs). You can find algorithm for header generation in our GenerateWSSEHeaderCommand and implement it in your client application.
Issue that will be fixed in next release is related to “salt”, the problem was that you unable to generate header without “salt” and regular user should not know anything about it.
March 22, 2014 at 7:08 am #30069@asmaga Thanks for the explanation
- AuthorReplies
The forum ‘OroCRM’ is closed to new topics and replies.