• Replies 11 replies
  • Subscribers 15 subscribers
  • Views 2301 views
  • Users 0 members are here
Options
Related

Comm.makeJsonRequest and https

Former Member
Former Member over 8 years ago
Hi,

Im trying to make a simple call to a API which is https only. The method requires a accesstoken, which I add like this:
Comm.makeJsonRequest(url,
{
"access_token" => "52b6b1581b7759710304b77a|644b691510848295a2acc6300141205a"
}, {}, method(:onReceive));

the url is an https://mywebsite.com/api/myMethod

But the call fails with a 404 error. Does Android Connect Mobile support https?
  • over 8 years ago
    If I point a web browser (chrome) to that address, I get an error..

    This site can’t provide a secure connection

    mywebsite.com sent an invalid response.
    Try:
    Reloading the page
    Learn more about this problem.
    ERR_SSL_PROTOCOL_ERROR


    If I use curl to request the same resource from the command line, I get a similar error...

    C:\Development\Projects>curl --get --verbose --insecure --header "access_token: 52b6b1581b7759710304b77a|644b691510848295a2acc6300141205a" https://mywebsite.com:443/api/myMethod
    * Trying 2607:f1c0:1000:8086:c0ed:1eec:ee8d:82f...
    * Connected to mywebsite.com (2607:f1c0:1000:8086:c0ed:1eec:ee8d:82f) port 443 (#0)
    * Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH
    * TLSv1.2 (OUT), TLS Unknown, Certificate Status (22):
    * TLSv1.2 (OUT), TLS handshake, Client hello (1):
    * error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol
    * Closing connection 0
    curl: (35) error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol


    If I change the URL to something that I know works with https, I get a valid response.

    C:\Development\Projects>curl -G -v -k -H "access_token: 52b6b1581b7759710304b77a|644b691510848295a2acc6300141205a" https://www.tinyurl.com
    * Rebuilt URL to: https://www.tinyurl.com/
    * Trying 2400:cb00:2048:1::6814:5741...
    * Connected to www.tinyurl.com (2400:cb00:2048:1::6814:5741) port 443 (#0)
    * Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH
    * TLSv1.2 (OUT), TLS Unknown, Certificate Status (22):
    * TLSv1.2 (OUT), TLS handshake, Client hello (1):
    * TLSv1.2 (IN), TLS handshake, Server hello (2):
    * NPN, negotiated HTTP1.1
    * TLSv1.2 (IN), TLS handshake, Certificate (11):
    * TLSv1.2 (IN), TLS handshake, Server key exchange (12):
    * TLSv1.2 (IN), TLS handshake, Server finished (14):
    * TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
    * TLSv1.2 (OUT), TLS change cipher, Client hello (1):
    * TLSv1.2 (OUT), TLS handshake, Unknown (67):
    * TLSv1.2 (OUT), TLS handshake, Finished (20):
    * TLSv1.2 (IN), TLS change cipher, Client hello (1):
    * TLSv1.2 (IN), TLS handshake, Finished (20):
    * SSL connection using TLSv1.2 / ECDHE-ECDSA-AES128-GCM-SHA256
    * Server certificate:
    * subject: OU=Domain Control Validated; OU=PositiveSSL Multi-Domain; CN=ssl323461.cloudflaressl.com
    * start date: Jan 3 00:00:00 2016 GMT
    * expire date: Dec 31 23:59:59 2016 GMT
    * issuer: C=GB; ST=Greater Manchester; L=Salford; O=COMODO CA Limited; CN=COMODO ECC Domain Validation Secure Server CA 2
    * SSL certificate verify result: unable to get local issuer certificate (20), continuing anyway.
    > GET / HTTP/1.1
    > Host: www.tinyurl.com
    > User-Agent: curl/7.46.0
    > Accept: */*
    > access_token: 52b6b1581b7759710304b77a|644b691510848295a2acc6300141205a
    >
    < HTTP/1.1 301 Moved Permanently
    < Date: Sun, 05 Jun 2016 21:26:14 GMT
    < Content-Length: 0
    < Connection: keep-alive
    < Set-Cookie: __cfduid=daae084894bb4f7d8254ad5f63001cb451465161974; expires=Mon, 05-Jun-17 21:26:14 GMT; path=/; domain=.tinyurl.com; HttpOnly
    < Location: http://tinyurl.com/
    < Server: cloudflare-nginx
    < CF-RAY: 2ae6b3a556a829e9-SEA
    <
    * Connection #0 to host www.tinyurl.com left intact


    It seems to me that it is not a problem with Garmin Connect Mobile, but an issue with your service or the hosting environment configuration.
  • Former Member
    Former Member over 8 years ago
    Sorry

    That address was just an example on the API call :)

    Couldn't list both my URL and my ACCESS_TOKEN :D

    So the question was more of the general sort.. Does the Comm.makeJsonRequest support https.

    Thomas
  • over 8 years ago
    That address was just an example on the API call :)

    Couldn't list both my URL and my ACCESS_TOKEN :D

    So the question was more of the general sort.. Does the Comm.makeJsonRequest support https.

    Thomas


    I am running into this also. When I switch from my development environment (which is HTTP and works fine) to a production API endpoint that is HTTPS, I get an error. There are differences in terms of the actual servers running the two endpoints (production supports compressed responses, etc) so I will try to eliminate those and see if it's that or the actual HTTPS protocol that is the problem (which would be terribly sad).

    Cheers,
    Douglas
  • over 8 years ago
    Since I have control of the production server I'm hitting I added the ability to make the same request with HTTP and the request works fine. Furthermore, I checked the logs and the HTTPS requests don't even hit the server. Instead the callback method seems to be called with a responseCode == 0 and the data == null.

    Might need some input from a Garmin Connect IQ expert on this one. Either we're making the requests in the wrong way or Connect IQ doesn't support HTTPS. However, since the JsonRequest sample (found in the SDK at /samples/JsonRequest) has an HTTPS URL in the source (/samples/JsonRequest/source/JsonRequestView.mc) you would think that HTTPS is supported.

    I'll continue to investigate and post any updates.

    Cheers,
    Douglas
  • over 8 years ago
    If I change my JSON request code to the code used in the sample, which hits an HTTPS endpoint, the request works just fine. The sample is as such:

    Comms.makeJsonRequest(
    "https://httpbin.org/get",
    {
    "Monkeys" => "Awesome",
    "ConnectIQ" => "1337"
    },
    {
    "Content-Type" => Comms.REQUEST_CONTENT_TYPE_URL_ENCODED
    },
    method(:setStationInfo)
    );


    So it seems that HTTPS requests are fine but there is something else that is causing an error.
  • over 8 years ago
    You may want to (if you control both end points) is testing what TLS versions and ciphers are supported.
  • over 8 years ago
    Yes, https is supported.

    Have you tried connecting to the service port with a browser or other test utility (wget, curl, ...)? If you can't connect with one of these tools, it is unlikely you will be able to connect with ConnectIQ.

    Your hosting environment may require some specific instructions be followed to get https working. Again, if this is the problem, you can test with other tools.

    Travis
  • Former Member
    Former Member over 8 years ago
    https working

    Hi,

    My fault, the service no responds. Updated to SDK 1.2.10.

    var url = "api.some-website.com/.../getmydata";
    var options = { :method => Comm.HTTP_REQUEST_METHOD_POST };
    var params = {
    "access_token" => "52c6b1581b7759710304b77a|166db44fad7ef9776d559995cd06beeb"
    };
    Comm.makeJsonRequest(url,params,options, method(:onReceive));

    This methodcall fires correctly, but it responds with responsecode 400 and:
    {error=>{code=>1, message=>Access token is missing}}

    while curl works with this call
    curl -X POST -F "access_token=52c6b1581b7759710304b77a|166db44fad7ef9776d559995cd06beeb" https://api.some-website.com/api/getdata

    is there something wrong with my syntax?
  • Former Member
    Former Member over 8 years ago
    Wrong header

    Hi,

    My fault, the service no responds. Updated to SDK 1.2.10.

    var url = "api.some-website.com/.../getmydata";
    var options = { :method => Comm.HTTP_REQUEST_METHOD_POST };
    var params = {
    "access_token" => "52c6b1581b7759710304b77a|166db44fad7ef9776d559995cd06beeb"
    };
    Comm.makeJsonRequest(url,params,options, method(:onReceive));
    ...


    Added :header and noe I get data back:
    var url = "api.some-website.com/.../getmydata";
    var options = { :method => Comm.HTTP_REQUEST_METHOD_POST,
    :headers => { "Content-Type" => Comm.REQUEST_CONTENT_TYPE_JSON }

    var params = {
    "access_token" => "52c6b1581b7759710304b77a|166db44fad7ef9776d559995cd06beeb"
    };
    Comm.makeJsonRequest(url,params,options, method(:onReceive));


    Thank you for your help!

    Thomas
  • over 8 years ago
    curl -X POST -F "access_token=52c6b1581b7759710304b77a|166db44fad7ef9776d559995cd06beeb" https://api.some-website.com/api/getdata


    This is going to send a POST request with the body that is a multipart message. It would like this...

    POST /test HTTP/1.1
    Host: 127.0.0.1:8082
    User-Agent: curl/7.46.0
    Accept: */*
    Content-Length: 204
    Expect: 100-continue
    Content-Type: multipart/form-data; boundary=------------------------b3c92801d7ac11e5

    --------------------------b3c92801d7ac11e5
    Content-Disposition: form-data; name="access_token"

    52c6b1581b7759710304b77a|166db44fad7ef9776d559995cd06beeb
    --------------------------b3c92801d7ac11e5--


    This is not what you'll see from ConnectIQ. If you want to more closely simulate what you'd see from ConnectIQ to communicate with a JSON-based web service, I believe you'd use this...

    curl -X POST -d "{\"access_token\": \"52c6b1581b7759710304b77a|166db44fad7ef9776d559995cd06beeb\"}" \
    -H "Content-Type=application/json" https://127.0.0.1:8081/test


    or

    curl -X POST -d "access_token%3D52c6b1581b7759710304b77a%7C166db44fad7ef9776d559995cd06beeb" \
    -H "Content-Type=application/x-www-form-urlencoded" https://127.0.0.1:8081/test


    Note that the data (the argument following -d) must be encoded according to the content-type header that you send.

    Travis