2023 Dec 06 11:11 AM
Hi, experts why mo_http_client->response->get_status(IMPORTING code = lv_code reason = lv_error) can return 403 forbidden?
METHOD CALL_METHOD.
DATA
: lv_url TYPE string
, lv_body TYPE string
, ls_req TYPE ty_testname_req
, lv_error TYPE string
, lv_code TYPE sy-subrc
, ls_header TYPE TIHTTPNVP
.
.
IF mo_http_client IS NOT BOUND.
MESSAGE e026(zalk_gt) INTO lv_error.
ev_error = lv_error.
RETURN.
ENDIF.
CLEAR: ev_response, ev_error.
mo_http_client->refresh_request( ).
mo_http_client->request->set_method( if_http_request=>co_request_method_post ).
mo_http_client->request->set_version( if_http_request=>co_protocol_version_1_1 ).
mo_http_client->request->set_content_type( 'application/json' ).
lv_url = iv_method.
cl_http_utility=>set_request_uri(
EXPORTING
request = mo_http_client->request
uri = lv_url
).
mo_http_client->request->set_cdata( iv_request ).
mo_http_client->send(
EXCEPTIONS
http_communication_failure = 1
http_invalid_state = 2
http_processing_failed = 3
OTHERS = 4 ).
IF sy-subrc <> 0.
mo_http_client->get_last_error( IMPORTING code = lv_code message = lv_error ).
MESSAGE e027(zalk_gt) WITH lv_code lv_error INTO lv_error.
ev_error = lv_error.
RETURN.
ENDIF.
mo_http_client->receive(
EXCEPTIONS
http_communication_failure = 1
http_invalid_state = 2
http_processing_failed = 3
OTHERS = 4 ).
IF sy-subrc <> 0.
CALL METHOD mo_http_client->get_last_error
IMPORTING
code = lv_code
MESSAGE = lv_error.
MESSAGE e027(zalk_gt) WITH lv_code lv_error INTO lv_error.
ev_error = lv_error.
RETURN.
ENDIF.
mo_http_client->response->get_status( IMPORTING code = lv_code reason = lv_error ).
IF lv_code <> 200.
MESSAGE e027(zalk_gt) WITH lv_code lv_error INTO lv_error.
ev_error = lv_error.
RETURN.
ENDIF.
* mo_http_client->response->get_header_fields(
* CHANGING
* fields = ls_header
* ).
ev_response = mo_http_client->response->get_cdata( ).
ENDMETHOD.
I have simillar proramm and the difference only in cl_http_client=>create_by_destination destination parametr and it's working fine.
2023 Dec 06 11:44 AM
Hello Viktor,
Issue could be because of authorization
Could you please try setting authorization (may be in the HTTP Request Header) and send the request ?
create by destination logic works because the authorization have been defined already in it.
Thanks a lot.
Best Regards,
Muthu
2023 Dec 06 11:53 AM
Как это сделать?
Если это sm59, то у меня правильные параметры авторизации.
Is presence in rspc influence on it?
2023 Dec 06 12:13 PM
for basic authorization we can do something like this
CALL METHOD HTTP_CLIENT->REQUEST->SET_HEADER_FIELD
EXPORTING
NAME = 'authorization'
VALUE = 'Basic *********base64encoded Username:password************'.
2023 Dec 06 12:36 PM
it already filled after create_by_destination.
mo_http_client is type ref to IF_HTTP_CLIENT
data
: lv_dummy_msg type string
.
cl_http_client=>create_by_destination(
EXPORTING
destination = 'BELOIL' " Logical destination (specified in function call)
IMPORTING
client = mo_http_client " HTTP Client Abstraction
EXCEPTIONS
argument_not_found = 1
destination_not_found = 2
destination_no_authority = 3
plugin_not_active = 4
internal_error = 5
OTHERS = 6
).
IF sy-subrc <> 0.
MESSAGE e017(zalk_gt) INTO lv_dummy_msg.
zcx_alk_gt_common=>raise_sy( ).
ENDIF.
2023 Dec 06 12:41 PM
Ok In that case, can you check the destination is successful via SM59 ?
2023 Dec 06 12:51 PM
i don't know how password field fills throw this method and how to see a password in sm59. But username fills correctly.
In propperty m_password i have /RFC/name_of_connection_in_sm59
so it's /RFC/BELOIL at this example
2023 Dec 06 12:57 PM
No just select the destination and click on test connection. this way you can verify you destination don't have any auth issue
2023 Dec 06 1:02 PM
it doesn't work for both.
And it's suprising that it work with
mo_http_client->response->get_status( IMPORTING code = lv_code reason = lv_error ) at one case.
404 error
2023 Dec 06 1:10 PM
ok Viktor, could you please confirm the user in the destination has right access or roles ?
you can check this with security or basis team
2023 Dec 06 1:17 PM
User at sm59 can't have any roles. Cause it's an email adress. Like login
Which tries to connect to other website.
2023 Dec 06 2:42 PM
In destination1 (working) the user i.e. email address was able to login successfully but in destination 2 not working that you are trying now where the user email address not able to login
So there should some issue with the user in the destination 2 right?
2023 Dec 06 2:52 PM
Can you highlight what lv_error variable contains here ?
mo_http_client->response->get_status( IMPORTING code = lv_code reason = lv_error ).
2023 Dec 07 5:20 AM
I don't know which problem can be. lv_error is Initial here. And it becames 'Forbidden' after executing
2023 Dec 07 5:30 AM
And it can be that i don't have any problems with user and need to add something more in other transactions
2023 Dec 07 5:53 AM
I would like to suggest that if you are consuming external api, please first try to consume the service in the Postman or similar tool so that you can easily identify the issues beforehand.
Please check this Forbidden issue with the Service team who gave you this api as there is no detailed explanation why it has been forbidden for specific user
2023 Dec 07 1:01 PM
Problem inside mo_http_client->receive method, which appends 200 at first case and 403 at second to mo_http_client-M_LAST_RESPONSE_CODE.
If i try to go step-by-step at debugger it immidiatly goes to 'CL_ABAP_RUNTIME===============CCIMP'
And variable of status is already 200 or 403. That means it initialize before and i can't look where throw debugger.
2023 Dec 07 5:14 PM
shiz0frenik Do what Muthu recommends (Postman, etc.) No need to debug ABAP, it's not an ABAP problem, it's authorization problem with Web service. The providers document the authorizations to be used to access their Web services. If it's home development, ask the client team directly.
2023 Dec 08 7:45 AM
shiz0frenik Thanks for the feedback. If I understand well, you are saying that it was solved by using http instead of https. And so the header field "authorization" is useless too.
You'd better convert your comment into an answer and click "Accept" your answer.
2023 Dec 08 8:18 AM
Https, it was solved by asking a company, providing api, to add opportunity to use requests, advice to use postman really helped
2023 Dec 06 5:05 PM
What authorization is requested by the Web service? (check the documentation)
2023 Dec 08 7:33 AM
You was right, the problem was with rights to use https requests, which api company forgot to give me.
2023 Dec 08 11:46 AM
For future visitors, the OP said: "advice to use postman really helped"