I recently upgraded my REST server to authenticate using JSON Web Tokens (JWT) and I can authenticate with no problems… my Xojo application sends a username and password and the server responds back with access and refresh tokens. The problem comes when I attempt to use the access token for subsequent calls.
I can’t seem to get it to recognize my Bearer Token as the Authorization header in Xojo.
The following cURL command works great in Terminal…
$ curl --location --request GET 'http://localhost:8000/api/teams' \
--header 'Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ0b2tlbl90eXBlIjoiYWNjZXNzIiwiZXhwIjoxNTk4MDQ1ODI2LCJqdGkiOiJhMmQ2ZGVjZGFiMzg0MGZjOGI1YjU3ZmE0NTA4OGZkYiIsInVzZXJfaWQiOjZ9.RCbXfnyGqeJH7QQiQAXPsMaeRn3AbdNeo87U2OmXAFY'
Returns nice, juicy JSON content!
However, this code in my Xojo application always returns a response from the server as if no authorization header was sent.
Connection = New URLConnection
AddHandler Connection.ContentReceived, WeakAddressOf HandleRead
AddHandler Connection.Error, WeakAddressOf HandleError
Connection.RequestHeader("Authorization") = "Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ0b2tlbl90eXBlIjoiYWNjZXNzIiwiZXhwIjoxNTk4MDQ1ODI2LCJqdGkiOiJhMmQ2ZGVjZGFiMzg0MGZjOGI1YjU3ZmE0NTA4OGZkYiIsInVzZXJfaWQiOjZ9.RCbXfnyGqeJH7QQiQAXPsMaeRn3AbdNeo87U2OmXAFY"
Connection.Send("GET", "http://localhost:8000/api/teams")
Returns the same error that I receive if I send the cURL command without the header.
{
"detail": "Authentication credentials were not provided."
}
I’ve never used the Authorization header so I’m not sure if I’m using it correctly. I even tried to EncodeBase64 the token.
Thoughts and suggestions are welcome.