Howdy, Stranger!
Categories
- All Categories
- 73 General
- 73 Announcements
- 66.6K Microsoft Dynamics NAV
- 18.7K NAV Three Tier
- 38.4K NAV/Navision Classic Client
- 3.6K Navision Attain
- 2.4K Navision Financials
- 115 Navision DOS
- 854 Navision e-Commerce
- 1K NAV Tips & Tricks
- 772 NAV Dutch speaking only
- 615 NAV Courses, Exams & Certification
- 2K Microsoft Dynamics-Other
- 1.5K Dynamics AX
- 302 Dynamics CRM
- 109 Dynamics GP
- 10 Dynamics SL
- 1.5K Other
- 993 SQL General
- 384 SQL Performance
- 34 SQL Tips & Tricks
- 34 Design Patterns (General & Best Practices)
- Architectural Patterns
- 10 Design Patterns
- 5 Implementation Patterns
- 53 3rd Party Products, Services & Events
- 1.7K General
- 1.1K General Chat
- 1.6K Website
- 79 Testing
- 1.2K Download section
- 23 How Tos section
- 259 Feedback
- 12 NAV TechDays 2013 Sessions
- 13 NAV TechDays 2012 Sessions
WinHttp 5.1 oauth2 authentication
txeriff
Member Posts: 500
Hi all,
does any1 know if there is any one this automation to authenticate with oauth2?
'Microsoft WinHTTP Services, version 5.1'.WinHttpRequest
Or some other similar.
It needs to be automation since it´s old NAV and needs to run on a NAS.
https://developer.paypal.com/docs/api/get-an-access-token-curl/
thanks!
does any1 know if there is any one this automation to authenticate with oauth2?
'Microsoft WinHTTP Services, version 5.1'.WinHttpRequest
Or some other similar.
It needs to be automation since it´s old NAV and needs to run on a NAS.
https://developer.paypal.com/docs/api/get-an-access-token-curl/
thanks!
0
Answers
Yes, you can use 'Microsoft WinHTTP Services, version 5.1'.WinHttpRequest to connect to PayPal with OAuth2.
url := 'https://api.sandbox.paypal.com/v1/oauth2/token'; IF ISCLEAR(WinHttp) THEN CREATE(WinHttp); WinHttp.Open('POST', url, FALSE); WinHttp.SetRequestHeader('Accept', 'application/json'); WinHttp.SetRequestHeader('Accept-Language', 'en_US'); WinHttp.SetRequestHeader('Content-Type', 'application/x-www-form-urlencoded'); WinHttp.SetRequestHeader('Authorization', STRSUBSTNO('Basic %1', AUTHORIZATION)); WinHttp.Send('grant_type=client_credentials'); IF WinHttp.Status = 200 THEN MESSAGE(WinHttp.ResponseText);Where AUTHORIZATION is a Text constant with the Base64 value of your clientID and your secret, you can use the next Powershell scrpit to get the combined value:
And later on parse the response to get the access_code for the next request.
Regards.
> Hello @txeriff ,
>
> Yes, you can use 'Microsoft WinHTTP Services, version 5.1'.WinHttpRequest to connect to PayPal with OAuth2.
> url := 'https://api.sandbox.paypal.com/v1/oauth2/token'; IF ISCLEAR(WinHttp) THEN CREATE(WinHttp); WinHttp.Open('POST', url, FALSE); WinHttp.SetRequestHeader('Accept', 'application/json'); WinHttp.SetRequestHeader('Accept-Language', 'en_US'); WinHttp.SetRequestHeader('Content-Type', 'application/x-www-form-urlencoded'); WinHttp.SetRequestHeader('Authorization', STRSUBSTNO('Basic %1', AUTHORIZATION)); WinHttp.Send('grant_type=client_credentials'); IF WinHttp.Status = 200 THEN MESSAGE(WinHttp.ResponseText);
>
>
> Where AUTHORIZATION is a Text constant with the Base64 value of your clientID and your secret, you can use the next Powershell scrpit to get the combined value:
> $clientID = 'Af3DnhKLg7IUF7wekancR0359QwQ4XLNt8xqjaxK7R9g1bSiXeH5aCKfdDuGYMvUME5AZHF0OnY68fbh' $secret = 'EJq_4cd48l4uPXQXC596oH82QI9IofNMM5IH3eBWkBPytpmQBM5Mw8qJWCSgkoYNzh2zxS2jBTJwszwR' $b64 = [System.Convert]::ToBase64String([system.text.encoding]::UTF8.GetBytes($clientID+':'+$secret)) $b64
>
>
> And later on parse the response to get the access_code for the next request.
>
> Regards.
You saved me a lots of headache. Thanks.
I developed a tricky code with output and file reading for the token. (Create, make sure file not open, loop... delete read...)
This will make smooth
Thanks again.
Hi again,
I hope you can help me fixing this.
When I run codeunit manually, it works.
from NAS, it tells me the following, event viewer:
This message is for C/AL programmers:
The call to member Send failed. WinHttp.WinHttpRequest returned the following message:
A certificate is required to complete client authentication
This happens in the same machine or are different ones ??
Regards
tornero;c-327467"]Hello @txeriff,
This happens in the same machine or are different ones ??
Regards[/quote]
It happens in the same machine. I run it. all fine. I set NAS, this happens.
Iñve been trying and reading,may be that NAS runs in kind of different cointainer?
https://microsoft.public.winhttp.narkive.com/dMdsYpqA/sending-post-over-https-using-a-client-certificate-with-winhttprequest-5-1
I tried to install certificate file and i guess it succeded, also i make setclientcertificate ( I also have it from paypal but, as far as I understand is unnecessary and it works if I run CU) but anyway i get same error.
edit
https://docs.microsoft.com/en-us/windows/desktop/winhttp/winhttpcertcfg-exe--a-certificate-configuration-tool
I was doing some more test and in one of my machines get the certificate error in both cases, running the CU and of course with the NAS.
Using any certificate works for me, even a selfsigned one.
url := 'https://api.sandbox.paypal.com/v1/oauth2/token'; IF ISCLEAR(WinHttp) THEN CREATE(WinHttp, TRUE, TRUE); WinHttp.Open('POST', url, FALSE); WinHttp.SetRequestHeader('Accept', 'application/json'); WinHttp.SetRequestHeader('Accept-Language', 'en_US'); WinHttp.SetRequestHeader('Content-Type', 'application/x-www-form-urlencoded'); WinHttp.SetRequestHeader('Authorization', STRSUBSTNO('Basic %1', AUTHORIZATION)); // Adding the certificate WinHttp.SetClientCertificate('FTG2'); WinHttp.Send('grant_type=client_credentials'); IF WinHttp.Status = 200 THEN BEGIN IF GUIALLOWED THEN MESSAGE(WinHttp.ResponseText) ELSE BEGIN IF Tabla.FINDLAST THEN i := Tabla.NMov ELSE i := 0; Tabla.NMov := i + 1; Tabla.Valor := COPYSTR(WinHttp.ResponseText, 1, MAXSTRLEN(Tabla.Valor)); Tabla.INSERT; END; END;Regards.
PD: Hablas español?
FTG2 is the name of the certificate.
How do you pointed to the PayPal certificate ?
Si, hablo español.
Regards.
Hola ftornero,
Veras, lo ultimo que ha medio funcionado ha sido usando la cuenta del nas, en internet explorer, ir a settings>certificados> y ahi añadir el que tengo de paypal en todas partes. Despues hice un run y me funciono. Aun asi con el nas, me sigue sin funcionar.
Tu dices que te creaste cualquier certificado y te funciono? Donde almacenaste el ceertificado? en sitios de confiaza? personal?
muchas gracias. Esto esta siendo un quebradero de cabeza horrible.
The certificate must be in the user Personal folder
In this case the NAS user must to have installed the certificate in his Personal folder.
Regards.
It is still not working. I used my paypal certificate (even it is useless as any cert works as you said) . I entered "friendly name" SANDCERT.Then I do like you did before,
WinHttp.SetClientCertificate('SANDCERT').
Cerificate seems like to be into LOCAL COMPUTER PERSONAL CERTIFICATES and also in personal certificates now, I just imported, logged as nas user account
any ideas?
thanks!
SANDCERT is the name like the image ?
And with the NAS user can you see the certificate ?
Regards.
Would you tell me how quickly I can create that self certificate?
thanks again
Edit: I think i managed to self create one, I will try tomorrow.
In this link you can get a selfcerticate in PFX format with the name of PayPal2, like the image that I just created.
https://www.dropbox.com/s/ff1lyptz2f2p7vr/PayPal2.pfx?dl=1
Regards.
Thanks again for your help. I was missing your certificate password.
Anyway, i tried to make my own. Surprisingly "noafter" parameter does not work on windows server 2012!
PE:
New-SelfsignedCertificateEx -Subject "CN=Test Code Signing" -EKU "Code Signing" -KeySpec "Signature" `
-KeyUsage "DigitalSignature" -FriendlyName "Test code signing" -NotAfter $([datetime]::now.AddYears(5))
I tried to create it on my computer, export and import into the server. It said certificate was not valid.
At the end, it worked the following I created yesterday:
New-SelfSignedCertificate -DnsName <Computer name> -CertStoreLocation "cert:\LocalMachine\My"
It´s 2 years cert but.. i think i won´t try to change anything now.
and then I point to it:
WinHttp.SetClientCertificate('LOCAL_MACHINE\MY\localhost');
The password is P@ssword1
Seems like your cert does not work for me. It works the following:
Now I´m not sure if I created or it was already there cos the other ones I tried to create don´t say IIS Express on friendly name. This sounds more like visual studio project created it.
Edit:
maybe this could be useful
https://stackoverflow.com/questions/19338395/how-do-you-use-winhttp-to-do-ssl-with-a-self-signed-cert
SECURITY_FLAG_IGNORE_UNKNOWN_CA |
SECURITY_FLAG_IGNORE_CERT_WRONG_USAGE |
SECURITY_FLAG_IGNORE_CERT_CN_INVALID |
SECURITY_FLAG_IGNORE_CERT_DATE_INVALID;
There is a property in the automation called option. Perhaps this could skip the headache. I can´t test know but I will.
https://docs.microsoft.com/en-us/windows/desktop/winhttp/option-flags
SECURITY_FLAG_IGNORE_CERT_CN_INVALID
I also tried
winHTTP.Option(4,'0x3300');
https://www.autoitscript.com/forum/topic/196243-winhttpwinhttprequest51-certificate-error/
Oh god...
Any ideas?
The call to member Send failed. WinHttp.WinHttpRequest returned the following message:
The client certificate credentials were not recognized.
cd C:\Program Files (x86)\IIS Express
IisExpressAdminCmd.exe setupsslUrl -url:https://localhost:8080/ -UseSelfSigned
then, use "localhost" called certificate.
Only by IIS Express seems to be working.
Winhttpcfg.exe neither works.
No PM,please use the forum. || May the <SOLVED>-attribute be in your title!