Watch, Follow, &
Connect with Us

Please visit our new home
community.embarcadero.com.


Welcome, Guest
Guest Settings
Help

Thread: REST access to Magento 2 (OAuth)


This question is not answered. Helpful answers available: 2. Correct answers available: 1.


Permlink Replies: 0
Pascal Kaczmarek

Posts: 1
Registered: 8/11/14
REST access to Magento 2 (OAuth)  
Click to report abuse...   Click to reply to this thread Reply
  Posted: Jul 19, 2017 1:43 AM
Hello,

we try to develop an interface for Magento 2.1 in Delphi XE6.
Before Magento 2 we used SOAP but with changes in the API since Magento 2, we think this is not the best solution anymore.

Our problems:
We created and activated an integration in Magento with all necessary rights.
Now we get consumer key, consumer secret, access token and access token secret.

We have a RESTClient, RESTRequest, RESTResponse and a OAuth1Authenticator. The authenticator gets both tokens and both secrets.
We adjust the properties for Accept, AcceptCharset and AcceptEncoding.

If we put a GET-Request to http://192.168.200.108/index.php/rest/V1/orders/1 everything is fine and we get the first order, which was placed in the shop.
The IP 192.168.200.108 is a standard installation of Magento in a virtual machine in our local network.

If we want to get a filtered list of orders via http://192.168.200.108/index.php/rest/V1/ordersindex.php/rest/V1/orders?searchCriteria[filter_groups][0][filters][0][field]=created_at&searchCriteria[filter_groups][0][filters][0][value]=2017-06-01 00:00:00&searchCriteria[filter_groups][0][filters][0][condition_type]=gt, we get "invalid signature" as response.
But with the REST extension for Firefox we get a valid filtered list of orders with the same URL.

Signature method of the authenticator is HMAC_SHA1. We compared both requests (Firefox and Delphi) via Wireshark, but both look equal.
Delphi encodes the brackets via url encoding, the REST extension in Firefox doesn't. If we tell the RESTClient in Delphi, that the URL is already encoded, Delphi doesn't encode the brackets but we get an HTML error 400 with "Bad request".

  OAuth1Authenticator1.ConsumerKey := sCONSUMER_KEY;
  OAuth1Authenticator1.ConsumerSecrect := sCONSUMER_SECRET;
  OAuth1Authenticator1.AccessToken := sACCESS_TOKEN;
  OAuth1Authenticator1.AccessTokenSecret := sACCESS_TOKEN_SECRET;
 
  RestClient2.AcceptEncoding := 'gzip, deflate';
  RESTRequest2.AcceptEncoding := 'gzip, deflate';
 
  RestClient2.Accept := '*/*';
  RESTRequest2.Accept := '*/*';
 
  RESTClient2.AcceptCharset := 'UTF-8';
  RESTRequest2.AcceptCharset := 'UTF-8';
 
  RESTClient2.BaseURL := 'http://192.168.200.108/';
  RESTRequest2.Params.Clear;
  
  RESTRequest2.Resource := 'index.php/rest/V1/orders?searchCriteria[filter_groups][0][filters][0][field]=created_at&searchCriteria[filter_groups][0][filters][0][value]=2016-07-01 00:00:00&searchCriteria[filter_groups][0][filters][0][condition_type]=gt';  
  
  RESTRequest2.Method := rmGET;
  
  RESTRequest2.Params.Clear;
  RESTRequest2.Params.AddItem;
  RESTRequest2.Params[0].name := 'private_content_version';
  RESTRequest2.Params[0].Value := 'c6f9e0919d7028c78ee63e79593ef689';
  RESTRequest2.Params[0].ContentType := ctTEXT_PLAIN;
  RESTRequest2.Params[0].Kind := pkCOOKIE;
  RESTRequest2.Params[0].Options := RESTRequest2.Params[0].Options + [poDoNotEncode];
 
  RESTRequest2.Params.AddItem;
  RESTRequest2.Params[1].name := 'mage-messages';
  RESTRequest2.Params[1].Value := '%5B%5D';
  RESTRequest2.Params[1].ContentType := ctTEXT_PLAIN;
  RESTRequest2.Params[1].Kind := pkCOOKIE;
  RESTRequest2.Params[1].Options := RESTRequest2.Params[1].Options + [poDoNotEncode];
 
  RESTRequest2.Params.AddItem;
  RESTRequest2.Params[2].name := 'Accept-Language';
  RESTRequest2.Params[2].Value := 'null';
  RESTRequest2.Params[2].ContentType := ctTEXT_PLAIN;
  RESTRequest2.Params[2].Kind := pkHTTPHEADER;
  RESTRequest2.Params[2].Options := RESTRequest2.Params[2].Options + [poDoNotEncode];
 
  RESTRequest2.Params.AddItem;
  RESTRequest2.Params[3].name := 'DNT';
  RESTRequest2.Params[3].Value := '1';
  RESTRequest2.Params[3].ContentType := ctTEXT_PLAIN;
  RESTRequest2.Params[3].Kind := pkHTTPHEADER;
  RESTRequest2.Params[3].Options := RESTRequest2.Params[3].Options + [poDoNotEncode];
 
  RESTRequest2.Params.AddItem;
  RESTRequest2.Params[4].name := 'Connection';
  RESTRequest2.Params[4].Value := 'keep-alive';
  RESTRequest2.Params[4].ContentType := ctTEXT_PLAIN;
  RESTRequest2.Params[4].Kind := pkHTTPHEADER;
  RESTRequest2.Params[4].Options := RESTRequest2.Params[4].Options + [poDoNotEncode];
 
  RESTRequest2.Execute;
  Memo1.Lines.Add(RESTResponse2.Content);


Here the requests tracked with Wireshark.

Delphi:

GET /index.php/rest/V1/orders?searchCriteria%5Bfilter_groups%5D%5B0%5D%5Bfilters%5D%5B0%5D%5Bfield%5D=created_at&searchCriteria%5Bfilter_groups%5D%5B0%5D%5Bfilters%5D%5B0%5D%5Bvalue%5D=2016-07-01%2000:00:00&searchCriteria%5Bfilter_groups%5D%5B0%5D%5Bfilters%5D%5B0%5D%5Bcondition_type%5D=gt HTTP/1.1
Accept-Language: null
DNT: 1
Connection: keep-alive
Authorization: OAuth oauth_consumer_key="5cbx1us6n7tpn5iv0a33p6iyq0otupsp", oauth_nonce="D4F1CF6F5DBB4F833D6CE644D3C20D95", oauth_signature="iXk6yBvuasDKnbdcxfATSQRJ%2BEg%3D", oauth_signature_method="HMAC-SHA1", oauth_timestamp="1496824715", oauth_token="nvoankn2g8jraga3k22ax9eyf55lqk9e", oauth_version="1.0"
Host: 192.168.200.108
Accept: */*
Accept-Charset: UTF-8
Accept-Encoding: gzip, deflate, identity
User-Agent: Embarcadero RESTClient/1.0
Cookie: mage-messages=%5B%5D; private_content_version=c6f9e0919d7028c78ee63e79593ef689 


Firefox:

GET /index.php/rest/V1/orders?searchCriteria[filter_groups][0][filters][0][field]=created_at&searchCriteria[filter_groups][0][filters][0][value]=2016-07-01%2000:00:00&searchCriteria[filter_groups][0][filters][0][condition_type]=gt HTTP/1.1
Host: 192.168.200.108
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:53.0) Gecko/20100101 Firefox/53.0
Accept: */*
Accept-Language: null
Accept-Encoding: gzip, deflate
Authorization: OAuth oauth_version="1.0", oauth_signature_method="HMAC-SHA1", oauth_nonce="5xayplNhc6EVeoM", oauth_timestamp="1496824768", oauth_consumer_key="5cbx1us6n7tpn5iv0a33p6iyq0otupsp", oauth_token="nvoankn2g8jraga3k22ax9eyf55lqk9e", oauth_signature="Vl8tCEx%2F3abTjQFcxSfWcpzQ%2FHE%3D"
Cookie: private_content_version=c6f9e0919d7028c78ee63e79593ef689; mage-messages=%5B%5D
DNT: 1
Connection: keep-alive 


In Delphi we always got the Accept-Encoding "identity", which we aren't able to delete.
We deleted the Accept-Charset, which is in the request from Delphi but it doesn't make a difference.

Now we don't have any clues what else we can do. Maybe anyone of you had the same problem and could help us? Or maybe one of you has any ideas, what we could try?
Legend
Helpful Answer (5 pts)
Correct Answer (10 pts)

Server Response from: ETNAJIVE02