Android Question [SOLVED] REST API authentication with JWT

Discussion in 'Android Questions' started by José J. Aguilar, Apr 18, 2019.

  1. José J. Aguilar

    José J. Aguilar Active Member Licensed User

    Hi everyone¡:

    I've just updated my PHPMaker license, and now it supports REST API.
    I've been testing with B4A successfully without auth, but now I'm trying to test with login.

    I've tested the login function, and I get the JWT token rigth:

    Code:
    POST /api/
    action=login&username=admin&password=master
    I get the response
    Code:
    "JWT""eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJpYXQi.............." }
    with this sub:
    Code:
    Sub Login
        
    Dim j As HttpJob
        j.Initialize(
    "", Me) 'name is empty as it is no longer needed
        j.Download("http://192.168.1.136/peru/api/?action=login&username=admin&password=master")
        
    Wait For (j) JobDone(j As HttpJob)
        
    If j.Success Then
            
    Dim parser As JSONParser
            parser.Initialize(j.GetString)
            
    Dim root As Map = parser.NextObject
            
    Dim JWT As String = root.Get("JWT")
            Pass = JWT
            
    Log("Password: " & Pass)
        
    End If
        j.Release
    End Sub
    Now, I think I have to pass the JWT token before getting data again. Default API JWT authorization header is X-Authorization

    There's a Javascript sample
    Code:
    ....
                beforeSend: function(request) { // Set JWT header
                    request.setRequestHeader(
    'X-Authorization', 'Bearer ' + store.JWT);
                }   
                ....
    I've tested a couple samples I've seen in the forum, something like

    Code:
    Sub AddTask
        
    Dim j As HttpJob
        j.Initialize(
    "", Me) 'name is empty as it is no longer needed
        j.GetRequest.SetHeader("X-Authorization","Bearer " & Pass)
        j.Download(
    "http://192.168.1.136/peru/api/?action=add&object=tareas&descripcion=PRUEBA DE METER&fecha='2019-04-17'&asignada='SI'&completada='NO'")
        
    Wait For (j) JobDone(j As HttpJob)
        
    If j.Success Then
            
    Log("Añadido con éxito: " & j.GetString)
        
    End If
        j.Release
    End Sub
    I've tested several values of ("X-Authorization","Bearer " & Pass) with no success, I always get the error:

    Code:
    Registro conectado a:  bq Aquaris X5 Plus
    --------- beginning of crash
    --------- beginning of main
    *** 
    Service (starter) Create ***
    ** 
    Service (starter) Start **
    ** 
    Activity (main) Create, isFirst = true **
    ** 
    Activity (main) Resume **
    *** 
    Service (httputils2service) Create ***
    ** 
    Service (httputils2service) Start **
    Password: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9......
    Error occurred on line: 
    235 (HttpJob)
    java.lang.NullPointerException: Attempt 
    to invoke virtual method 'okhttp3.Request$Builder okhttp3.Request$Builder.addHeader(java.lang.String, java.lang.String)' on a null object reference
        at anywheresoftware.b4h.okhttp.OkHttpClientWrapper$OkHttpRequest.SetHeader(OkHttpClientWrapper.java:470)
        at b4a.rest.main$ResumableSub_AddTask.resume(main.java:
    445)
        at b4a.rest.main._addtask(main.java:
    416)
        at b4a.rest.main._button2_click(main.java:
    652)
        at java.lang.reflect.Method.invoke(Native Method)
        at anywheresoftware.b4a.shell.Shell.runMethod(
    Shell.java:732)
        at anywheresoftware.b4a.shell.Shell.raiseEventImpl(
    Shell.java:348)
        at anywheresoftware.b4a.shell.Shell.raiseEvent(
    Shell.java:255)
        at java.lang.reflect.Method.invoke(Native Method)
        at anywheresoftware.b4a.ShellBA.raiseEvent2(ShellBA.java:
    144)
        at anywheresoftware.b4a.BA.raiseEvent2(BA.java:
    180)
        at anywheresoftware.b4a.BA.raiseEvent(BA.java:
    176)
        at anywheresoftware.b4a.objects.ViewWrapper$
    1.onClick(ViewWrapper.java:80)
        at android.view.View.performClick(
    View.java:5637)
        at android.view.View$PerformClick.run(
    View.java:22433)
        at android.os.Handler.handleCallback(Handler.java:
    751)
        at android.os.Handler.dispatchMessage(Handler.java:
    95)
        at android.os.Looper.loop(Looper.java:
    154)
        at android.app.ActivityThread.main(ActivityThread.java:
    6119)
        at java.lang.reflect.Method.invoke(Native Method)
        at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java:
    886)
        at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:
    776)
    Thanks in advance
     
  2. DonManfred

    DonManfred Expert Licensed User

    Move the setheader after the l.download
     
    José J. Aguilar likes this.
  3. José J. Aguilar

    José J. Aguilar Active Member Licensed User

    It seems to be the problem, now It works¡¡

    Code:
    j.Download("http://192.168.1.136/peru/api/?action=view&object=tareas&key=1")
    j.GetRequest.SetHeader(
    "X-Authorization","Bearer " & Pass)
    Thanks Don
     
Loading...
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice