[Developers] coldfusion CFHTTP COOKIE "authentication required"

Tim Sturge tsturge at metaweb.com
Thu Aug 9 21:08:01 UTC 2007 

Hi Mark, Ryan,

Would you mind trying

{"qname":
{"query": [{ etc }]}
}

again, but changing the 

      <cfhttpparam name="q" value="something that works here"
type="FORMFIELD">

from "q" to "queries"?

The reason I'm asking is that "?q=" was an old syntax we used to use internally. We never documented it and are very close to removing it completely. The doubly nested form is a little bit more complex to begin with, but it has a lot of advantages if you need to pass multiple queries, or you need to pass query options (to control what language you use for example)

We really want to avoid breaking API users code; if you have any problem with queries=, please let me know and I'll investigate.

Thanks,

Tim


Mark CE wrote:
> Brilliant, Ryan, that's sorted it; goodbye to "authentication required" error.
>
> On with "Type /type/object does not have property query" !
> ...solved by passing this:
>
> {"query": [{ etc }]}
>
> instead of:
>
> {"qname":
> {"query": [{ etc }]}
> }
>
> ...and I have results!!!
>
>
>
> At 17:38 07/08/2007, Ryan Miller wrote:
>
>   
>> Mark,
>>
>> Bad news, CF automatically urlencodes the cookie which makes it
>> unrecognizable to freebase's api service.  Why they do this I have no
>> idea, it's about the worst thing I've ever seen in CF.  Yes, there is
>> an attribute for "encoded" but it is ignored on Cookie types.  The
>> good news is there is a workaround.
>>
>> <cfhttpparam type="cgi" name="Cookie"
>> value="metaweb-user=#metaWebUserValue#;metaweb-user-info:#metaWebUserInfoValue#"
>> encoded="no" />
>>
>> Be sure you're getting just the values out of the login response cookie.
>>
>> <cfset userCookie = cfhttp.responseHeader['set-cookie'][1] />
>> <cfset metaWebUserParam = listFirst(userCookie, ";") />
>> <cfset metaWebUserValue = listLast(metaWebUserParam, "=") />
>>
>> <cfset userInfoCookie = cfhttp.responseHeader['set-cookie'][2] />
>> <cfset metaWebUserInfoParam = listFirst(userInfoCookie, ";") />
>> <cfset metaWebUserInfoValue = listLast(metaWebUserInfoParam, "=") />
>>
>> I'm using this on the mqlwrite service and it's not working 100% yet,
>> but I'm not getting the failed authentication response anymore either.
>>
>>
>> On 8/7/07, Mark CE <markce at btclick.com> wrote:
>>     
>>>  changed the email subject to make it more specific
>>>
>>>  I used your "toString" extraction into my code and the result does come
>>> back as "Login Succeeded", so I still think the problem is in what I'm
>>> posting to the mqlread service.  In fact the login call returns a success
>>> with my plain user name; so apparently email is not necessary.
>>>
>>>  In fact I have also hard-coded (copied & pasted) the metaweb-user cookie
>>> from my browser session into the cookie param for the mqlread 
>>>       
>> call; same 400
>>     
>>> problem.
>>>
>>>  What I would be really keen to have is an example of working code for this
>>> part:
>>>
>>>  <cfhttp url="http://www.freebase.com/api/service/mqlread"
>>> method="POST">
>>>       <cfhttpparam name="q" value="something that works here"
>>> type="FORMFIELD">
>>>       <cfhttpparam name="metaweb-user"
>>> value="A|u_mycookie|g_...etc...Kug" type="COOKIE">
>>>  </cfhttp>
>>>
>>>  I have tried adding this:
>>>  <cfhttpparam name="Content-Type"
>>> value="application/x-www-form-urlencoded" type="header" />
>>>  but it makes no difference.
>>>
>>>  I have also tried the request with the "q" cfhttpparam on its own without
>>> the cookie.
>>>  And with the cookie cfhttpparam on its own without the q parameter.
>>>  And with a dummy param, leaving out both q and cookie.
>>>
>>>  Same result every time.
>>>
>>>  One potential problem is that my cookie has a "#" in it.
>>>  I resolved this by replacing it with "##" which is the usual practice for
>>> escaping "#" in CF.
>>>
>>>
>>>  Mark CE
>>>
>>>
>>>  At 04:48 07/08/2007, Ryan Miller wrote:
>>>
>>>
>>> Mark,
>>>
>>>  I was playing with the MQL Write services this afternoon and saw their
>>>  example of using the login API, what you were tryin to do with the
>>>  first http post in your code.  After messing around I figured out that
>>>  the username needs to be your email address.  I also used a chttp
>>>  param to specify the content type.  The returned content is a JSON
>>>  string but CF turns it into a Java ByteArrayOutputStream.  Just use
>>>  it's toString() method to see if the login succeeds (metaweb always
>>>  returns a 200 status, even if the login fails, you need to inspect the
>>>  JSON string to know if it succeeded.
>>>
>>>  <cfhttp URL=" http://www.freebase.com/api/account/login"
>>> method="POST">
>>>       <cfhttpparam name="Content-Type"
>>>  value="application/x-www-form-urlencoded" type="header" />
>>>       <cfhttpparam name="username" value="myaddy at gmail.com" 
>>>       
>> type="formfield"
>>     
>>> />
>>>       <cfhttpparam name="password" value="mypassword" type="formfield" />
>>>  </cfhttp>
>>>  <cfdump var="#cfhttp.filecontent.toString()#" />
>>>
>>>
>>>  On 8/6/07, Ryan Miller <ninjascience at gmail.com> wrote:
>>>  > from what I can tell you're trying to do an HTTP POST to the freebase
>>>  > site with your username and password sent as POST variables, getting
>>>  > the metaweb-user cookie out of that response, than using that to do
>>>  > your mql POST.  Why not just lookup your metaweb-user cookie value out
>>>  > of your browser and hard-code into your app?  When I tried your code
>>>  > the first POST that should return the cookie doesn't, so if you want
>>>  > to keep going this route, concentrate there.  Make sure your sending
>>>  > the vars under the right names (including case), and fake the
>>>  > user-agent string to a common browser.
>>>  >
>>>  > On 8/6/07, Mark CE <markce at btclick.com> wrote:
>>>  > >
>>>  > >
>>>  > >  Don't worry I have tried both POST and GET, many times now!
>>>  > >
>>>  > >  Two crappy CF templates attached (testme.cfm which calls 
>>>       
>> testme2.cfm).
>>     
>>>  I
>>>  > > am not familiar with this list; if it doesn't accept attachments and I
>>>  > > should be including the code in the body of this email, I guess I'll
>>> find
>>>  > > out when my message comes back.
>>>  > >
>>>  > >  Needless to say, the cookie-getting function does work and
>>> successfully
>>>  > > returns the two cookies:
>>>  > >  metaweb-user and metaweb-user-info.
>>>  > >
>>>  > >  -----------------------
>>>  > >  Originally I wasn't deserialising the JSON response so hence the
>>> unhelpful
>>>  > > error message.
>>>  > >  Now the response is:
>>>  > >
>>>  > >  code: /api/status/error/input/invalid
>>>  > >  message: authentication required
>>>  > >  ----------------------
>>>  > >
>>>  > >  Thanks again
>>>  > >  Mark
>>>  > >
>>>  > >
>>>  > >
>>>  > >  At 16:34 06/08/2007, you wrote:
>>>  > >
>>>  > >
>>>  > > In addition to the cookie requirement, you probably need to do your
>>>  > >  cfhttp call as a POST, cfhttp is a GET by default.  If that doesn't
>>>  > >  work post your cfhttp code here to the list.
>>>  > >
>>>  > >  On 8/6/07, Mark CE <markce at btclick.com> wrote:
>>>  > >  >
>>>  > >  >
>>>  > >  >  Hello there,
>>>  > >  >  Has anyone successfully retrieved a query result from Freebase
>>> using
>>>  > >  > Coldfusion CFHTTP?
>>>  > >  >  Or know of a reason why mine would return a 400 error?
>>>  > >  >
>>>  > >  >  HTTP/1.0 400 Bad Request X-Metaweb-Cost: dt=0.001, nreqs=0 Date:
>>> Fri, 03
>>>  > >  > Aug 2007 16:10:49 GMT X-Metaweb-TID:
>>>  > >  >
>>> cache;cache01.p01.sfo1:8101;2007-08-03T16:10:49Z;0002
>>>  > >  > Server: Apache/2.0.58 Vary: Accept-Encoding Cache-Control: no-cache
>>>  > >  > Content-Type: applic
>>>  > >  >
>>>  > >  >  If instead of CFHTTP I get my coldfusion code to output the URL to
>>> the
>>>  > >  > page; I copy and paste into the address bar, I get a 200 
>>>       
>> response...
>>     
>>> and
>>>  > > the
>>>  > >  > query results I would expect.
>>>  > >  >
>>>  > >  >  Working code samples gratefully received!!!
>>>  > >  >  Thanks
>>>  > >  >  Mark CE
>>>  > >  >
>>>  > >  >
>>>  > >  >
>>>  > >  >  ________________________________
>>>  > >  >  Mark Christian-Edwards
>>>  > >  >  markce at btclick.com
>>>  > >  >
>>>  > >  >
>>>  > >  >
>>>  > >  >
>>>  > >  > _______________________________________________
>>>  > >  > Developers mailing list
>>>  > >  > Developers at freebase.com
>>>  > >  >
>>> http://lists.freebase.com/mailman/listinfo/developers
>>>  > >  >
>>>  > >  >
>>>  > >
>>>  > >
>>>  > >
>>>  > >  --
>>>  > >  No virus found in this incoming message.
>>>  > >  Checked by AVG Free Edition.
>>>  > >  Version: 7.5.476 / Virus Database: 269.11.6/938 - Release Date:
>>> 05/08/2007
>>>  > > 16:16
>>>  > >
>>>  > >
>>>  > > No virus found in this outgoing message.
>>>  > > Checked by AVG Free Edition.
>>>  > > Version: 7.5.476 / Virus Database: 269.11.6/938 - Release Date:
>>> 05/08/2007
>>>  > > 16:16
>>>  > >
>>>  > >
>>>  > >
>>>  >
>>>
>>>
>>>
>>>  --
>>>  No virus found in this incoming message.
>>>  Checked by AVG Free Edition.
>>>  Version: 7.5.476 / Virus Database: 269.11.6/938 - Release Date: 05/08/2007
>>> 16:16
>>>
>>>
>>> No virus found in this outgoing message.
>>> Checked by AVG Free Edition.
>>> Version: 7.5.476 / Virus Database: 269.11.6/938 - Release Date: 05/08/2007
>>> 16:16
>>>
>>>
>>>       
>>
>> --
>> No virus found in this incoming message.
>> Checked by AVG Free Edition.
>> Version: 7.5.476 / Virus Database: 269.11.8/940 - Release Date: 
>> 06/08/2007 16:53
>>     
>
>
>

More information about the Developers mailing list