Pentaho

 View Only
  • 1.  REST digest auth How-to

    Posted 10-09-2022 09:22
    Hi

    I'm having a hard time trying to set up digest Auth to get data from an API call. I have read and tried every advice found by google :(
    Via a web browser, it's enough to open https://apiservername/user?groupName=group to get a signin popup for username/password. And this gives me an XML file to save locally.

    With Pentaho Spoon, I currently have set these steps up:

    1. generate rows (1 row where I may define useful values like URL, user, password...)
    2. modify javaScript value (not really used but ready )
    3. Rest client (POST to try and get a token...)
    4. modify javaScript value (this is where I expect to be able to extract a token from the header returned by the previous step)
    5. Rest client (GET where I expect to ask and receive the XML file, result of my request)
    what I get at step3 is some kind of table in the header as result of the POST:
    {"Transfer-Encoding":"chunked","Server":"nginx","WWW-Authenticate":"Digest qop=\"auth\", realm=\"apiservername.com\", nonce=\"W5Ro76MktlUNvQVVnTsxtixinlUryqEU_1665320280\"","Connection":"keep-alive","Date":"Sun, 09 Oct 2022 12:58:00 GMT"}

    Can someone help me find the next steps ?
    How do I extract and use these header data ?
    I think I should be looking for some "token" but still have not found where to find it.

    Please any advice is welcome.

    Thx
    Marc


  • 2.  RE: REST digest auth How-to

    Posted 10-20-2022 11:25
    Hi Marc,
    digest authentication  is not so simple, flow is for ex. here: https://www.w3.org/Protocols/HTTP/Issues/digest-authentication.html

    IMHO better is use any Java HTTP client in JS step and download directly to file or field in stream. On classpath are available classes of httpclient.jar for ex.

    ------------------------------
    Petr Prochazka
    Systems Engineer
    P.V.A. systems s.r.o.
    ------------------------------



  • 3.  RE: REST digest auth How-to

    Posted 10-25-2022 12:39
    Thx Petr

    I will keep trying a bit more to build the Digest Auth.
    I'm now facing something more related to Javascript.
    I get a response in JSON format (it's not XML as I wrote, if I understand correctly now):
    {"Transfer-Encoding":"chunked","Server":"nginx","WWW-Authenticate":"Digest qop=\"auth\", realm=\"apiservername.com\", nonce=\"W5Ro76MktlUNvQVVnTsxtixinlUryqEU_1665320280\"","Connection":"keep-alive","Date":"Sun, 09 Oct 2022 12:58:00 GMT"}

    I'm able to "extract" or parse this JSON and I can get the values of "Server" or "Connection"
    but I cannot get the "WWW-Authenticate" nor "Transfer-Encoding" values
    and I suspect that it is caused by the dash "-" in those field names.

    Is there a simple syntax change to correct my script ?

    I write:

    //Script here
    var authget ;
    var server ;
    var encoding;
    authget = JSON.parse(responseheader);
    server = authget.Server;
    encoding = authget.Connection;

    but trying to add
    authentication = authget.WWW-Authenticate,

    and error:
    2022/10/25 18:36:00 - Modified JavaScript value.0 - ERROR (version 9.3.0.0-428, build 9.3.0.0-428 from 2022-04-12 04.56.25 by buildguy) : Unexpected error
    2022/10/25 18:36:00 - Modified JavaScript value.0 - ERROR (version 9.3.0.0-428, build 9.3.0.0-428 from 2022-04-12 04.56.25 by buildguy) : org.pentaho.di.core.exception.KettleValueException:
    2022/10/25 18:36:00 - Modified JavaScript value.0 - Javascript error:
    2022/10/25 18:36:00 - Modified JavaScript value.0 - ReferenceError: "Authenticate" is not defined. (script#12)

    thx

    ------------------------------
    Marc M
    Chief Information Officer
    mkmr
    ------------------------------



  • 4.  RE: REST digest auth How-to

    Posted 10-26-2022 02:24
    Hi Marc,
    JSON object is standard JS object. Nonstandard attribute names can access like this:
    var json = JSON.parse(header)
    
    var enc = json["Transfer-Encoding"]
    var auth = json["WWW-Authenticate"]


    ------------------------------
    Petr Prochazka
    Systems Engineer
    P.V.A. systems s.r.o.
    ------------------------------



  • 5.  RE: REST digest auth How-to

    Posted 01-02-2023 09:59
    Sorry for the late reply.
    Thank you Petr. Your answer was the solution.

    ------------------------------
    Marc M
    Chief Information Officer
    mkmr
    ------------------------------



  • 6.  RE: REST digest auth How-to

    Posted 01-02-2023 10:20
    For anyone reading this post and looking for a solution:

    I added a HTTP client step including authentication before the REST client step and passed the response header received by HTTP step to REST step.
    That was good enough to be authenticated and get the API response rows.

    Unfortunately, I then encountered an other difficulty with a partial response and how to loop for "next" rows...

    ------------------------------
    Marc M
    Chief Information Officer
    mkmr
    ------------------------------