Android Question [SOLVED] REST API authentication with JWT

José J. Aguilar

Well-Known Member
Licensed User
Hi everyone¡:

I've just updated my PHPMaker license, and now it supports REST API.
I've been testing with B4A successfully without auth, but now I'm trying to test with login.

I've tested the login function, and I get the JWT token rigth:

B4X:
POST /api/
action=login&username=admin&password=master
I get the response
B4X:
{ "JWT": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJpYXQi.............." }
with this sub:
B4X:
Sub Login
    Dim j As HttpJob
    j.Initialize("", Me) 'name is empty as it is no longer needed
    j.Download("http://192.168.1.136/peru/api/?action=login&username=admin&password=master")
    Wait For (j) JobDone(j As HttpJob)
    If j.Success Then
        Dim parser As JSONParser
        parser.Initialize(j.GetString)
        Dim root As Map = parser.NextObject
        Dim JWT As String = root.Get("JWT")
        Pass = JWT
        Log("Password: " & Pass)
    End If
    j.Release
End Sub
Now, I think I have to pass the JWT token before getting data again. Default API JWT authorization header is X-Authorization

There's a Javascript sample
B4X:
            ....
            beforeSend: function(request) { // Set JWT header
                request.setRequestHeader('X-Authorization', 'Bearer ' + store.JWT);
            }   
            ....
I've tested a couple samples I've seen in the forum, something like

B4X:
Sub AddTask
    Dim j As HttpJob
    j.Initialize("", Me) 'name is empty as it is no longer needed
    j.GetRequest.SetHeader("X-Authorization","Bearer " & Pass)
    j.Download("http://192.168.1.136/peru/api/?action=add&object=tareas&descripcion=PRUEBA DE METER&fecha='2019-04-17'&asignada='SI'&completada='NO'")
    Wait For (j) JobDone(j As HttpJob)
    If j.Success Then
        Log("Añadido con éxito: " & j.GetString)
    End If
    j.Release
End Sub
I've tested several values of ("X-Authorization","Bearer " & Pass) with no success, I always get the error:

B4X:
Registro conectado a:  bq Aquaris X5 Plus
--------- beginning of crash
--------- beginning of main
*** Service (starter) Create ***
** Service (starter) Start **
** Activity (main) Create, isFirst = true **
** Activity (main) Resume **
*** Service (httputils2service) Create ***
** Service (httputils2service) Start **
Password: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9......
Error occurred on line: 235 (HttpJob)
java.lang.NullPointerException: Attempt to invoke virtual method 'okhttp3.Request$Builder okhttp3.Request$Builder.addHeader(java.lang.String, java.lang.String)' on a null object reference
    at anywheresoftware.b4h.okhttp.OkHttpClientWrapper$OkHttpRequest.SetHeader(OkHttpClientWrapper.java:470)
    at b4a.rest.main$ResumableSub_AddTask.resume(main.java:445)
    at b4a.rest.main._addtask(main.java:416)
    at b4a.rest.main._button2_click(main.java:652)
    at java.lang.reflect.Method.invoke(Native Method)
    at anywheresoftware.b4a.shell.Shell.runMethod(Shell.java:732)
    at anywheresoftware.b4a.shell.Shell.raiseEventImpl(Shell.java:348)
    at anywheresoftware.b4a.shell.Shell.raiseEvent(Shell.java:255)
    at java.lang.reflect.Method.invoke(Native Method)
    at anywheresoftware.b4a.ShellBA.raiseEvent2(ShellBA.java:144)
    at anywheresoftware.b4a.BA.raiseEvent2(BA.java:180)
    at anywheresoftware.b4a.BA.raiseEvent(BA.java:176)
    at anywheresoftware.b4a.objects.ViewWrapper$1.onClick(ViewWrapper.java:80)
    at android.view.View.performClick(View.java:5637)
    at android.view.View$PerformClick.run(View.java:22433)
    at android.os.Handler.handleCallback(Handler.java:751)
    at android.os.Handler.dispatchMessage(Handler.java:95)
    at android.os.Looper.loop(Looper.java:154)
    at android.app.ActivityThread.main(ActivityThread.java:6119)
    at java.lang.reflect.Method.invoke(Native Method)
    at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java:886)
    at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:776)
Thanks in advance
 

José J. Aguilar

Well-Known Member
Licensed User
It seems to be the problem, now It works¡¡

B4X:
j.Download("http://192.168.1.136/peru/api/?action=view&object=tareas&key=1")
j.GetRequest.SetHeader("X-Authorization","Bearer " & Pass)
Thanks Don
 
Top