Apiary Documents Out of Date?

I’m trying to kick around the ogs api with curl, perhaps for app building but the api documentation doesn’t seem to line up…

https://ogs.docs.apiary.io/#reference/authentication/oauth2-user-token-generator/request-a-user-token

After registering an app I try:

$ curl -v -H "Content-Type: application/x-www-form-urlencoded" \ 
   --request POST \
   --data-binary  "client_id=not-my-client-id&client_secret=not-my-secret&grant_type=password&username=AndrewOfC&password=not-my-password" \
    http://online-go.com/api/oauth2/access_token

I get a
HTTP/1.1 301 Moved Permanently
Location: xxxx

I switch to that URL and I get a 404

Curl -v transscript:

< HTTP/1.1 404 Not Found
< Date: Thu, 01 Aug 2019 17:26:53 GMT
< Content-Type: text/html
< Content-Length: 77
< Connection: keep-alive
< Set-Cookie: __cfduid=da7ced0e761de9ff2fe597c524d6b9bde1564680413; expires=Fri, 31-Jul-20 17:26:53 GMT; path=/; domain=.online-go.com; HttpOnly
< Vary: Cookie, Accept-Language, Origin
< Content-Language: en
< Set-Cookie: csrftoken=QggwXogQPppr04ShVxKCCxvviZur8x6R6iHdsTZO4DdBvCy2yus90ccIQ5IuZE4J; expires=Thu, 30 Jul 2020 17:26:53 GMT; Max-Age=31449600; Path=/; SameSite=Lax
< Expect-CT: max-age=604800, report-uri=“https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct
< Server: cloudflare
< CF-RAY: 4ff98505bcec9f40-IAD
<

Not Found

The requested resource was not found on this server.

Yes, the API doc is out of date.

To get an oauth2 token you can follow How can I get an oauth2 token?

curl -X POST -d 'grant_type=password&username=${username}&password=${password}&client_id=${client_id}&client_secret=${client_secret}' https://online-go.com/oauth2/token/

If you already have a token and it expired, you can get a new one with

curl -X POST -d 'grant_type=refresh_token&username=${username}&refresh_token=${refresh_token}&client_id=${client_id}&client_secret=${client_secret}' https://online-go.com/oauth2/token/

If you got the token you can add it to the header of your requests as Authorization=Bearer ${auth_token}

3 Likes

curl -v -H “Content-Type: application/x-www-form-urlencoded” -X POST --data-binary “@data/oauth.urlencoded” https://online-go.com/api/oauth2/token

(output truncated)

< HTTP/1.1 404 Not Found
< Date: Fri, 02 Aug 2019 12:22:13 GMT
< Content-Type: text/html
< Content-Length: 77
< Connection: keep-alive
< Set-Cookie: __cfduid=d298ddf625ba9ab5d658877c50f7846551564748533; expires=Sat, 01-Aug-20 12:22:13 GMT; path=/; domain=.online-go.com; HttpOnly
< Vary: Cookie, Accept-Language, Origin
< Content-Language: en
< Set-Cookie: csrftoken=T71U5ztzy1p9VXBVQPKWSYt8hMKdm00LaYeMPF0AU4EEjYo0YmQDE7AGxqb1XsVK; expires=Fri, 31 Jul 2020 12:22:13 GMT; Max-Age=31449600; Path=/; SameSite=Lax
< Expect-CT: max-age=604800, report-uri=“https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct
< Server: cloudflare
< CF-RAY: 5000041e0d1d95a2-IAD
<

Not Found

The requested resource was not found on this server.

✔ ~/subversion/X/tg/ogsbrin

The ulr shouldn’t contain /api. It’s
https://online-go.com/oauth2/token

$ curl -v -H “Content-Type: application/x-www-form-urlencoded” --request POST --data-binary “@data/oauth.urlencoded” https://online-go.com/oauth2/token

(output truncated)

  • upload completely sent off: 531 out of 531 bytes
    < HTTP/1.1 301 Moved Permanently
    < Date: Fri, 02 Aug 2019 12:48:53 GMT
    < Content-Type: text/html; charset=utf-8
    < Content-Length: 0
    < Connection: keep-alive
    < Set-Cookie: __cfduid=db261d7ffca4e0156b9e623fa92401dc61564750133; expires=Sat, 01-Aug-20 12:48:53 GMT; path=/; domain=.online-go.com; HttpOnly
    < Location: /oauth2/token/
    < Vary: Origin
    < Server: cloudflare
    < CF-RAY: 50002b2f3e35cf34-IAD
    <
  • Connection #0 to host online-go.com left intact
curl -v -X POST -d 'grant_type=password&username=${username}&password=${password}&client_id=${client_id}&client_secret=${client_secret}' https://online-go.com/oauth2/token/
*   Trying 104.25.35.20:443...
* TCP_NODELAY set
* Connected to online-go.com (104.25.35.20) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
*   CAfile: /etc/ssl/certs/ca-certificates.crt
  CApath: none
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
* TLSv1.3 (IN), TLS handshake, Certificate (11):
* TLSv1.3 (IN), TLS handshake, CERT verify (15):
* TLSv1.3 (IN), TLS handshake, Finished (20):
* TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.3 (OUT), TLS handshake, Finished (20):
* SSL connection using TLSv1.3 / TLS_AES_256_GCM_SHA384
* ALPN, server accepted to use h2
* Server certificate:
*  subject: C=US; ST=CA; L=San Francisco; O=CloudFlare, Inc.; CN=online-go.com
*  start date: Dec  4 00:00:00 2018 GMT
*  expire date: Dec  4 12:00:00 2019 GMT
*  subjectAltName: host "online-go.com" matched cert's "online-go.com"
*  issuer: C=US; ST=CA; L=San Francisco; O=CloudFlare, Inc.; CN=CloudFlare Inc ECC CA-2
*  SSL certificate verify ok.
* Using HTTP2, server supports multi-use
* Connection state changed (HTTP/2 confirmed)
* Copying HTTP/2 data in stream buffer to connection buffer after upgrade: len=0
* Using Stream ID: 1 (easy handle 0x565210a68f30)
> POST /oauth2/token/ HTTP/2
> Host: online-go.com
> User-Agent: curl/7.65.3
> Accept: */*
> Content-Length: 246
> Content-Type: application/x-www-form-urlencoded
> 
* We are completely uploaded and fine
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
* old SSL session ID is stale, removing
* Connection state changed (MAX_CONCURRENT_STREAMS == 256)!
< HTTP/2 200 
< date: Fri, 02 Aug 2019 13:04:25 GMT
< content-type: application/json
< content-length: 176
< set-cookie: __cfduid=xxx; expires=Sat, 01-Aug-20 13:04:25 GMT; path=/; domain=.online-go.com; HttpOnly
< cache-control: no-store
< pragma: no-cache
< vary: Accept-Language, Cookie, Origin
< content-language: en
< set-cookie: csrftoken=xxx; expires=Fri, 31 Jul 2020 13:04:25 GMT; Max-Age=31449600; Path=/; SameSite=Lax
< expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
< server: cloudflare
< cf-ray: 500041ee8eb4bedd-FRA
< 
* Connection #0 to host online-go.com left intact
{"access_token": "xxx", "expires_in": 36000, "token_type": "Bearer", "scope": "read write groups", "refresh_token": "xxx"}

“In” Much appreciated

curl -v -H “Content-Type: application/x-www-form-urlencoded” --request POST -dgrant_type=password&username=xxx&password=xxx&client_id=xxx&client_secret=xxx

“access_token”: “xxx”, “expires_in”: 36000, “token_type”: “Bearer”, “scope”: “read write groups”, “refresh_token”: “xxx”}

Is there an updated API Spec?

I don’t know of an up to date or complete version.

Most of the requests on apiary should work. (The URLs should be /api/v1 instead of just /v1 through)

I usually take a look at the pages requests or source code to find specific commands. You can search the forum as well and ask if you need specific informations.

1 Like