How to "Authorization" in HTTP Header?

Greetings Pierre,

Was this 10 days ago, or more recent? The only logged errors I see for you are on February 17th, where it appears that you were missing the "g" in front of a profile ID in an immediate-family call. I suspect you got that worked out, though, and that whatever problem you're having is more recent but not being logged for some reason...?

This is happening yesterday and today (minutes ago). I am trying every permutation under the sun:

Authorization: OAuth %s
500 Internal Server Error

Authorization: %s
302 https://www.geni.com/api/profile/immediate-family.xml

Authorization: OAuth "%s"
500 Internal Server Error

Authorization: OAuth token %s
500 Internal Server Error

I really appreciate some help, I am gung-ho to get this up & running today :o)

Here's the header I get back:

HTTP/1.1 500 Internal Server Error
Server: nginx/0.7.65
Date: Sun, 27 Feb 2011 15:53:12 GMT
Content-Type: application/xml; charset=utf-8
Connection: keep-alive
Status: 500 Internal Server Error
X-API-Rate-Limit: 40
X-API-Rate-Window: 10
Content-Length: 84
Set-Cookie: gsession=BAh7CDoPc2Vzc2lvbl9pZCIlYjE5MjEyNDI3NWZhYTgxOTNhZTcxMzQ3OWY2MGIzMjc6FGdlbmlfc2Vzc2lvbl9pZCIlMzRjMzgxMjM1NjU2MzJmZDNkNTk2YzllYWYxM2I3ZTYiDXJlZl90eXBlIgxvcmdhbmlj--d49ba4cf0895c2bccb1253674cbdaef9e577b215; path=/; HttpOnly
X-API-Rate-Remaining: 40
Cache-Control: no-cache

Well I can see how that doesn't help you very much. :-/

Can you try passing --trace <file> to curl and send me the contents of the trace file? (Either post here or send me a Geni message if you prefer)

Whoops, sorry, I see you said "curl library" -- do you happen to know if there's a way to enable tracing through the library interface?

Here is the trace log captured by a debugging function:

GET /?code=vLs8E1Im7zQLdjcZnJXx HTTP/1.1
Host: 127.0.0.1:55555
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 ( .NET CLR 3.5.30729; .NET4.0E)
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

https://www.geni.com/oauth/token?client_id=IKPCwc6QmjBg4LbKRLoVzBWf...
curl_debug_func: About to connect() to www.geni.com port 443

curl_debug_func: Trying 208.78.87.80...
curl_debug_func: connected

curl_debug_func: Connected to www.geni.com (208.78.87.80) port 443

curl_debug_func: CAfile: curl-ca-bundle.crt
CApath: none

curl_debug_func: SSLv2, Client hello (1):

curl_debug_func:


curl_debug_func: SSLv3, TLS handshake, Server hello (2):

curl_debug_func: 
curl_debug_func: SSLv3, TLS handshake, CERT (11):

curl_debug_func: 
curl_debug_func: SSLv3, TLS handshake, Server finished (14):

curl_debug_func: 
curl_debug_func: SSLv3, TLS handshake, Client key exchange (16):

curl_debug_func: 
curl_debug_func: SSLv3, TLS change cipher, Client hello (1):

curl_debug_func:

curl_debug_func: SSLv3, TLS handshake, Finished (20):

curl_debug_func: 
curl_debug_func: SSLv3, TLS change cipher, Client hello (1):

curl_debug_func:

curl_debug_func: SSLv3, TLS handshake, Finished (20):

curl_debug_func: 
curl_debug_func: SSL connection using RC4-MD5

curl_debug_func: Server certificate:

curl_debug_func: subject: /serialNumber=/lPhimBQlVfNkaJkSEPRisRh-EM7Acws/C=US/O=*.geni.com/OU=GT97122710/OU=See www.rapidssl.com/resources/cps (c)10/OU=Domain Control Validated - RapidSSL(R)/CN=*.geni.com

curl_debug_func: start date: 2010-08-25 03:58:32 GMT

curl_debug_func: expire date: 2011-08-28 19:35:09 GMT

curl_debug_func: subjectAltName: www.geni.com matched

curl_debug_func: issuer: /C=US/O=Equifax/OU=Equifax Secure Certificate Authority

curl_debug_func: SSL certificate verify ok.

curl_debug_func: GET /oauth/token?client_id=IKPCwc6QmjBg4LbKRLoVzBWfBWlNH4T9jTDSZ9N8&client_secret=***&code=vLs8E1Im7zQLdjcZnJXx&redirect_uri=http://127.0.0.1:55555 HTTP/1.1
User-Agent: Charting Companion/1.0 (Progeny Genealogy Inc.)
Host: www.geni.com
Accept: */*
Referer: www.progenygenealogy.com

curl_debug_func: HTTP/1.1 200 OK

HTTP/1.1 200 OK
curl_debug_func: Server: nginx/0.7.65

Server: nginx/0.7.65
curl_debug_func: Date: Sun, 27 Feb 2011 18:08:30 GMT

Date: Sun, 27 Feb 2011 18:08:30 GMT
curl_debug_func: Content-Type: application/json; charset=utf-8

Content-Type: application/json; charset=utf-8
curl_debug_func: Connection: keep-alive

Connection: keep-alive
curl_debug_func: Status: 200 OK

Status: 200 OK
curl_debug_func: ETag: "c9ee41a7528e72ceb78f5f3891d8fe44"

ETag: "c9ee41a7528e72ceb78f5f3891d8fe44"
curl_debug_func: X-Runtime: 58

X-Runtime: 58
curl_debug_func: Content-Length: 53

Content-Length: 53
curl_debug_func: Set-Cookie: ref=www.progenygenealogy.com; path=/; expires=Mon, 28-Feb-2011 18:08:30 GMT

Set-Cookie: ref=www.progenygenealogy.com; path=/; expires=Mon, 28-Feb-2011 18:08:30 GMT
curl_debug_func: Set-Cookie: gsession=BAh7CjoLbG9jYWxlIgplbi1VUzoQc2F2ZV9sb2NhbGVGOg9zZXNzaW9uX2lkIiUxZWY1MDYyNWRkOWQ4OWUxMzM5ZWQ1ZGU3N2RmOGZmNiINcmVmX3R5cGUiDG9yZ2FuaWM6FGdlbmlfc2Vzc2lvbl9pZCIlOGVmYzdiMjQyMWMxNzI2ZjA2YmUwM2NmNjYyMDg1MGI%3D--20923a7d044a973aa53de2e2baaf3aadf568a9cd; path=/; HttpOnly

Set-Cookie: gsession=BAh7CjoLbG9jYWxlIgplbi1VUzoQc2F2ZV9sb2NhbGVGOg9zZXNzaW9uX2lkIiUxZWY1MDYyNWRkOWQ4OWUxMzM5ZWQ1ZGU3N2RmOGZmNiINcmVmX3R5cGUiDG9yZ2FuaWM6FGdlbmlfc2Vzc2lvbl9pZCIlOGVmYzdiMjQyMWMxNzI2ZjA2YmUwM2NmNjYyMDg1MGI%3D--20923a7d044a973aa53de2e2baaf3aadf568a9cd; path=/; HttpOnly
curl_debug_func: Cache-Control: private, max-age=0, must-revalidate

Cache-Control: private, max-age=0, must-revalidate

curl_debug_func: access_token=I2CJLCgd44FFRZdaCm8Fbev0GOVdi0Xn0Dw6tAcE
curl_debug_func: Connection #0 to host www.geni.com left intact

getAccessToken ret = 200
cCURL::appendHeader "Authorization: OAuth I2CJLCgd44FFRZdaCm8Fbev0GOVdi0Xn0Dw6tAcE"
The thread 'Win32 Thread' (0x10e0) has exited with code 0 (0x0).
curl_debug_func: About to connect() to www.geni.com port 80

curl_debug_func: Trying 208.78.87.80...
curl_debug_func: connected

curl_debug_func: Connected to www.geni.com (208.78.87.80) port 80

curl_debug_func: GET /api/profile/immediate-family.xml HTTP/1.1
User-Agent: Charting Companion/1.0 (Progeny Genealogy Inc.)
Host: www.geni.com
Accept: */*
Referer: www.progenygenealogy.com
Authorization: OAuth I2CJLCgd44FFRZdaCm8Fbev0GOVdi0Xn0Dw6tAcE

curl_debug_func: HTTP/1.1 500 Internal Server Error

HTTP/1.1 500 Internal Server Error
curl_debug_func: Server: nginx/0.7.65

Server: nginx/0.7.65
curl_debug_func: Date: Sun, 27 Feb 2011 18:08:31 GMT

Date: Sun, 27 Feb 2011 18:08:31 GMT
curl_debug_func: Content-Type: application/xml; charset=utf-8

Content-Type: application/xml; charset=utf-8
curl_debug_func: Connection: keep-alive

Connection: keep-alive
curl_debug_func: Status: 500 Internal Server Error

Status: 500 Internal Server Error
curl_debug_func: X-API-Rate-Limit: 40

X-API-Rate-Limit: 40
curl_debug_func: X-API-Rate-Window: 10

X-API-Rate-Window: 10
curl_debug_func: Content-Length: 84

Content-Length: 84
curl_debug_func: Set-Cookie: gsession=BAh7CDoPc2Vzc2lvbl9pZCIlZDQ3MWY5OGVhNzc5ZmM1YmY0NGNlM2Q2ZGM5MmQ2ZDAiDXJlZl90eXBlIgxvcmdhbmljOhRnZW5pX3Nlc3Npb25faWQiJTE1ZDFmNGJiM2QzY2RjZDcyYTVhZDBkNTVhYmEzMzgz--1603503331e51edd11ea58b2f3afacb83509dce4; path=/; HttpOnly

Set-Cookie: gsession=BAh7CDoPc2Vzc2lvbl9pZCIlZDQ3MWY5OGVhNzc5ZmM1YmY0NGNlM2Q2ZGM5MmQ2ZDAiDXJlZl90eXBlIgxvcmdhbmljOhRnZW5pX3Nlc3Npb25faWQiJTE1ZDFmNGJiM2QzY2RjZDcyYTVhZDBkNTVhYmEzMzgz--1603503331e51edd11ea58b2f3afacb83509dce4; path=/; HttpOnly
curl_debug_func: X-API-Rate-Remaining: 40

X-API-Rate-Remaining: 40
curl_debug_func: Cache-Control: no-cache

Cache-Control: no-cache

curl_debug_func: <?xml version="1.0" encoding="UTF-8"?>
<error>
<type>ApiException</type>
</error>

curl_debug_func: Connection #1 to host www.geni.com left intact

Well, I'm sorry I wasn't able to get you an answer today.. they day you have to work on your app, happens to coincide with the day we usually don't work on ours. :-/

No problem - this is a full-time job for me, I'm available seven days a week to work on the GENI version of my app.

So, how do I formulate the "Authorization" part of the header? Are there any written specifications available? Am I doing something incorrect, or is the "ApiException" coming from the GENI code?

Sure appreciate the help.

Here is a sample of the charts I will be creating directly from GENI data:

http://progenygenealogy.com/Products/FamilyTreeCharts/SampleCharts....

I think you're using an OAuth1-style header to make the call.

Try this url: https://www.geni.com/api/profile/immediate-family.xml?access_token=... code returned from token call)

That did the trick. The access token is not delimited by quotes:

https://www.geni.com/api/profile/immediate-family.xml?access_token=...

I don't know Ruby, but I examined the example here (https://github.com/intridea/oauth2/commit/607af1ca78fa20b796de6260a...) and assumed that this meant we had to add the Authorization code to the header:

headers = headers.merge 'Authorization' => "OAuth #{@token}"

Thanks very much. BTW accurate, up-to-date documentation is really appreciated. We will read it and ask fewer dumb questions.

I think the code should look like this:

headers.merge 'Authorization' => "OAuth oauth_signature_method=PLAINTEXT&oauth_token=#{@token}"

BUMP!

Private User - Itried the Authorization OAuth oauth_signature_method=PLAINTEXT&oauth_token=xxx
request header method and got a 400, Bad Request error.

{"error":{"type":"ApiException","message":"Bad Request"}}

Could you check up what kind of header Geni accept for OAuth Authorization?

I try to avoid having to unpack and repack the url just add the oauth_token parameter.

Could you also check what kind of parameters or headers Geni require to get to this page by replying with a 302 Location response to the access_token message:

http://i632.photobucket.com/albums/uu41/bpbrox/AllowedRequest.png

We're in the process of updating our OAuth code. Have you tried this on the sandbox?

I don't think I have access to the sandbox.
PM me information ad I can make some tests.

No need for PM. It's http://sandbox.geni.com/

You'll have to create an account there it's not linked with production.

BUMP.

I did some testing and found out that Geni supports using an authorization header using the same syntax as Google:

Authorization: Bearer your-oauth2-token

Example from above:
Authorization: Bearer 8gBTGDcFPlJQ3ra2gi6Kw96xspK1wmAPfRMKe2iR

This means that you can drop using the oauth_token parameter.

However: You get a 400, Bad Request error id using the Authorization header on loading mugshot images.

OK, I'll look into this.

BTW: My GeniSDK is fully converted to use the new host: api.geni.com instead of www.geni.com/api in case it does not work for you.

Can you elaborate on "You get a 400, Bad Request error id using the Authorization header on loading mugshot images"? Do you mean that Charting Companion won't display images? I did a test and it seems to display the photos OK.

Do you have an example?

Hello! I guess this is the best place to ask this question. I cannot start Charting Companion for Geni, because authorization seems to fail. I use Google Chrome. Mike Stangel Is the problem with Geni or the program?

Unhandled Exception
Code: 0xC0000005
Description: EXCEPTION_ACCESS_VIOLATION
Exception Address: 0x753747C3
Read attempted @ 0x01E1C2A4

MODULE: C:\Program Files (x86)\Charting Companion for Geni\libcurl.dll
BASE: 0x00120000
ADDRESS: 0x0012437F

Ok, the newest version of Chrome caused it.