So related to my last msg. I'm sending a JWT to an...
# adober
raymondcamden
04/11/2023, 6:46 PMSo related to my last msg. I'm sending a JWT to an endpoint to get an access token. Code works fine in Lucee, not in ACF, and the error mentions that the JWT is not properly encoded. So I'm assuming a slight diff in cfhttp in the two. Has anyone seen this before?
b
bdw429s
04/11/2023, 6:53 PMAdobe and Lucee do have different settings regarding encoding of params
r
raymondcamden
04/11/2023, 6:53 PMfigured as much. i may need to rediect my POST to an 'echo' to see if something is obvious
b
bdw429s
04/11/2023, 6:53 PMThe one that bites me is how Lucee auto-encodes the URI, which you can turn off with this setting
https://docs.lucee.org/reference/tags/http.html#attribute-encodeurl
bdw429s
04/11/2023, 6:54 PMHowever, I'm not clear how/where you're passing the JWT in your case
r
raymondcamden
04/11/2023, 6:54 PM Copy code
body = "client_id=#variables.client_ID#&client_secret=#variables.client_secret#&jwt_token=#variables.jwt_token#";
writedump(body);
cfhttp(method="post", url="<https://ims-na1.adobelogin.com/ims/exchange/jwt>", redirect=true) {
cfhttpparam(type='header', name='Content-Type', value='application/x-www-form-urlencoded');
cfhttpparam(type='body', value=body);
}
writeoutput("<hr>");
writedump(cfhttp.filecontent);raymondcamden
04/11/2023, 6:54 PMugly quick code 🙂
b
bdw429s
04/11/2023, 6:55 PMNot sure why you're making your own body, that seems terrible 🙂
bdw429s
04/11/2023, 6:55 PMSend them as invidiual fields
r
raymondcamden
04/11/2023, 6:55 PMthis was copied from Node code where the body is a set of key/value pairs
b
bdw429s
04/11/2023, 6:55 PMOtherwise, you'd need to URL encode those values as you built the string
bdw429s
04/11/2023, 6:57 PMHere's some code I have for a client app doing oauth stuff
Copy code
http method="POST" url="<https://login.microsoftonline.com/.../oauth2/v2.0/token>" result="local.cfhttp" {
httpparam type="formfield" name="client_id" value="...";
httpparam type="formfield" name="scope" value="User.Read";
httpparam type="formfield" name="code" value=rc.code;
httpparam type="formfield" name="redirect_uri" value="#session.redirectURL#";
httpparam type="formfield" name="grant_type" value="authorization_code";
httpparam type="formfield" name="client_secret" value="...";
}bdw429s
04/11/2023, 6:57 PMThat's Lucee-specific syntax BTW
bdw429s
04/11/2023, 6:57 PMbut just send them as form fields
r
raymondcamden
04/11/2023, 6:57 PMyeah i tried something similar -
b
bdw429s
04/11/2023, 6:57 PMCF will encode them in the request body
r
raymondcamden
04/11/2023, 6:58 PM Copy code
cfhttp(method="post", url="<https://ims-na1.adobelogin.com/ims/exchange/jwt>", redirect=true) {
cfhttpparam(type='header', name='Content-Type', value='application/x-www-form-urlencoded');
cfhttpparam(type='formfield', name='client_id', value=client_id);
cfhttpparam(type='formfield', name='client_secret', value=client_secret);
cfhttpparam(type='formfield', name='jwt_token', value=jwt_token);
}raymondcamden
04/11/2023, 6:58 PMsame result
b
bdw429s
04/11/2023, 6:58 PMThen check into this flag
https://docs.lucee.org/reference/tags/httpparam.html#attribute-encoded
r
raymondcamden
04/11/2023, 6:58 PMthats for type=url though, right?
raymondcamden
04/11/2023, 6:58 PMor cgi
b
bdw429s
04/11/2023, 6:59 PMNot sure what the docs mean by "cgi", that has nothing to do with form posts, lol
r
raymondcamden
04/11/2023, 7:00 PMyou can send CGI values in a network request i believe
raymondcamden
04/11/2023, 7:04 PMim resorting to the "post to echo.cfm" and running ACF+Lucee
raymondcamden
04/11/2023, 7:06 PMfascinating - yep, i see a difference
raymondcamden
04/11/2023, 7:07 PMACF is urlencoding
raymondcamden
04/11/2023, 7:11 PMand i can turn that off... and yet my post still doesnt work. sigh
raymondcamden
04/11/2023, 7:39 PMahah!
raymondcamden
04/11/2023, 7:40 PMits the NAME. ACF is changing jwt_token to jwt%5token