[Developers] coldfusion CFHTTP COOKIE "authentication required"

Mark CE markce at btclick.com
Tue Aug 7 19:31:09 UTC 2007 

Brilliant, Ryan, that's sorted it; goodbye to "authentication required" error.

On with "Type /type/object does not have property query" !
...solved by passing this:

{"query": [{ etc }]}

instead of:

{"qname":
{"query": [{ etc }]}
}

...and I have results!!!



At 17:38 07/08/2007, Ryan Miller wrote:

>Mark,
>
>Bad news, CF automatically urlencodes the cookie which makes it
>unrecognizable to freebase's api service.  Why they do this I have no
>idea, it's about the worst thing I've ever seen in CF.  Yes, there is
>an attribute for "encoded" but it is ignored on Cookie types.  The
>good news is there is a workaround.
>
><cfhttpparam type="cgi" name="Cookie"
>value="metaweb-user=#metaWebUserValue#;metaweb-user-info:#metaWebUserInfoValue#"
>encoded="no" />
>
>Be sure you're getting just the values out of the login response cookie.
>
><cfset userCookie = cfhttp.responseHeader['set-cookie'][1] />
><cfset metaWebUserParam = listFirst(userCookie, ";") />
><cfset metaWebUserValue = listLast(metaWebUserParam, "=") />
>
><cfset userInfoCookie = cfhttp.responseHeader['set-cookie'][2] />
><cfset metaWebUserInfoParam = listFirst(userInfoCookie, ";") />
><cfset metaWebUserInfoValue = listLast(metaWebUserInfoParam, "=") />
>
>I'm using this on the mqlwrite service and it's not working 100% yet,
>but I'm not getting the failed authentication response anymore either.
>
>
>On 8/7/07, Mark CE <markce at btclick.com> wrote:
> >
> >  changed the email subject to make it more specific
> >
> >  I used your "toString" extraction into my code and the result does come
> > back as "Login Succeeded", so I still think the problem is in what I'm
> > posting to the mqlread service.  In fact the login call returns a success
> > with my plain user name; so apparently email is not necessary.
> >
> >  In fact I have also hard-coded (copied & pasted) the metaweb-user cookie
> > from my browser session into the cookie param for the mqlread 
> call; same 400
> > problem.
> >
> >  What I would be really keen to have is an example of working code for this
> > part:
> >
> >  <cfhttp url="http://www.freebase.com/api/service/mqlread"
> > method="POST">
> >       <cfhttpparam name="q" value="something that works here"
> > type="FORMFIELD">
> >       <cfhttpparam name="metaweb-user"
> > value="A|u_mycookie|g_...etc...Kug" type="COOKIE">
> >  </cfhttp>
> >
> >  I have tried adding this:
> >  <cfhttpparam name="Content-Type"
> > value="application/x-www-form-urlencoded" type="header" />
> >  but it makes no difference.
> >
> >  I have also tried the request with the "q" cfhttpparam on its own without
> > the cookie.
> >  And with the cookie cfhttpparam on its own without the q parameter.
> >  And with a dummy param, leaving out both q and cookie.
> >
> >  Same result every time.
> >
> >  One potential problem is that my cookie has a "#" in it.
> >  I resolved this by replacing it with "##" which is the usual practice for
> > escaping "#" in CF.
> >
> >
> >  Mark CE
> >
> >
> >  At 04:48 07/08/2007, Ryan Miller wrote:
> >
> >
> > Mark,
> >
> >  I was playing with the MQL Write services this afternoon and saw their
> >  example of using the login API, what you were tryin to do with the
> >  first http post in your code.  After messing around I figured out that
> >  the username needs to be your email address.  I also used a chttp
> >  param to specify the content type.  The returned content is a JSON
> >  string but CF turns it into a Java ByteArrayOutputStream.  Just use
> >  it's toString() method to see if the login succeeds (metaweb always
> >  returns a 200 status, even if the login fails, you need to inspect the
> >  JSON string to know if it succeeded.
> >
> >  <cfhttp URL=" http://www.freebase.com/api/account/login"
> > method="POST">
> >       <cfhttpparam name="Content-Type"
> >  value="application/x-www-form-urlencoded" type="header" />
> >       <cfhttpparam name="username" value="myaddy at gmail.com" 
> type="formfield"
> > />
> >       <cfhttpparam name="password" value="mypassword" type="formfield" />
> >  </cfhttp>
> >  <cfdump var="#cfhttp.filecontent.toString()#" />
> >
> >
> >  On 8/6/07, Ryan Miller <ninjascience at gmail.com> wrote:
> >  > from what I can tell you're trying to do an HTTP POST to the freebase
> >  > site with your username and password sent as POST variables, getting
> >  > the metaweb-user cookie out of that response, than using that to do
> >  > your mql POST.  Why not just lookup your metaweb-user cookie value out
> >  > of your browser and hard-code into your app?  When I tried your code
> >  > the first POST that should return the cookie doesn't, so if you want
> >  > to keep going this route, concentrate there.  Make sure your sending
> >  > the vars under the right names (including case), and fake the
> >  > user-agent string to a common browser.
> >  >
> >  > On 8/6/07, Mark CE <markce at btclick.com> wrote:
> >  > >
> >  > >
> >  > >  Don't worry I have tried both POST and GET, many times now!
> >  > >
> >  > >  Two crappy CF templates attached (testme.cfm which calls 
> testme2.cfm).
> >  I
> >  > > am not familiar with this list; if it doesn't accept attachments and I
> >  > > should be including the code in the body of this email, I guess I'll
> > find
> >  > > out when my message comes back.
> >  > >
> >  > >  Needless to say, the cookie-getting function does work and
> > successfully
> >  > > returns the two cookies:
> >  > >  metaweb-user and metaweb-user-info.
> >  > >
> >  > >  -----------------------
> >  > >  Originally I wasn't deserialising the JSON response so hence the
> > unhelpful
> >  > > error message.
> >  > >  Now the response is:
> >  > >
> >  > >  code: /api/status/error/input/invalid
> >  > >  message: authentication required
> >  > >  ----------------------
> >  > >
> >  > >  Thanks again
> >  > >  Mark
> >  > >
> >  > >
> >  > >
> >  > >  At 16:34 06/08/2007, you wrote:
> >  > >
> >  > >
> >  > > In addition to the cookie requirement, you probably need to do your
> >  > >  cfhttp call as a POST, cfhttp is a GET by default.  If that doesn't
> >  > >  work post your cfhttp code here to the list.
> >  > >
> >  > >  On 8/6/07, Mark CE <markce at btclick.com> wrote:
> >  > >  >
> >  > >  >
> >  > >  >  Hello there,
> >  > >  >  Has anyone successfully retrieved a query result from Freebase
> > using
> >  > >  > Coldfusion CFHTTP?
> >  > >  >  Or know of a reason why mine would return a 400 error?
> >  > >  >
> >  > >  >  HTTP/1.0 400 Bad Request X-Metaweb-Cost: dt=0.001, nreqs=0 Date:
> > Fri, 03
> >  > >  > Aug 2007 16:10:49 GMT X-Metaweb-TID:
> >  > >  >
> > cache;cache01.p01.sfo1:8101;2007-08-03T16:10:49Z;0002
> >  > >  > Server: Apache/2.0.58 Vary: Accept-Encoding Cache-Control: no-cache
> >  > >  > Content-Type: applic
> >  > >  >
> >  > >  >  If instead of CFHTTP I get my coldfusion code to output the URL to
> > the
> >  > >  > page; I copy and paste into the address bar, I get a 200 
> response...
> > and
> >  > > the
> >  > >  > query results I would expect.
> >  > >  >
> >  > >  >  Working code samples gratefully received!!!
> >  > >  >  Thanks
> >  > >  >  Mark CE
> >  > >  >
> >  > >  >
> >  > >  >
> >  > >  >  ________________________________
> >  > >  >  Mark Christian-Edwards
> >  > >  >  markce at btclick.com
> >  > >  >
> >  > >  >
> >  > >  >
> >  > >  >
> >  > >  > _______________________________________________
> >  > >  > Developers mailing list
> >  > >  > Developers at freebase.com
> >  > >  >
> > http://lists.freebase.com/mailman/listinfo/developers
> >  > >  >
> >  > >  >
> >  > >
> >  > >
> >  > >
> >  > >  --
> >  > >  No virus found in this incoming message.
> >  > >  Checked by AVG Free Edition.
> >  > >  Version: 7.5.476 / Virus Database: 269.11.6/938 - Release Date:
> > 05/08/2007
> >  > > 16:16
> >  > >
> >  > >
> >  > > No virus found in this outgoing message.
> >  > > Checked by AVG Free Edition.
> >  > > Version: 7.5.476 / Virus Database: 269.11.6/938 - Release Date:
> > 05/08/2007
> >  > > 16:16
> >  > >
> >  > >
> >  > >
> >  >
> >
> >
> >
> >  --
> >  No virus found in this incoming message.
> >  Checked by AVG Free Edition.
> >  Version: 7.5.476 / Virus Database: 269.11.6/938 - Release Date: 05/08/2007
> > 16:16
> >
> >
> > No virus found in this outgoing message.
> > Checked by AVG Free Edition.
> > Version: 7.5.476 / Virus Database: 269.11.6/938 - Release Date: 05/08/2007
> > 16:16
> >
> >
>
>
>
>--
>No virus found in this incoming message.
>Checked by AVG Free Edition.
>Version: 7.5.476 / Virus Database: 269.11.8/940 - Release Date: 
>06/08/2007 16:53


-- 
No virus found in this outgoing message.
Checked by AVG Free Edition. 
Version: 7.5.476 / Virus Database: 269.11.8/940 - Release Date: 06/08/2007 16:53

More information about the Developers mailing list