Forum Discussion

brindhavananb's avatar
brindhavananb
Occasional Contributor
10 months ago

Rest API GET request for authentication is failed, but response code is 200

Spoiler

 

Hi,

When I run the Rest API call from ReadyAPI it gives 200- ok.

But response in XML does not show- instead it shows up some logs also am getting error in HTML Tab.

If I run the same http request via chrome it works fine.

I set the authentication method as Auth2.0 in ReadyAPI.

 

HTML response:

Your browser is currently set to block cookies. You need to allow cookies to use this service.

Cookies are small text files stored on your computer that tell us when you're signed in. To learn how to allow cookies, check the online help in your web browser.

 

 

When i saved my XML response as html and tried to open, i got the below screen.

 

 

 

7 Replies

  • richie's avatar
    richie
    Community Hero

    Hey brindhavananb 

     

    The response only shows in the XML tab or the JSON tab IF the content is actually XML or JSON.

     

    Likewise - on the HTML tab - if your response is JSON - the HTML tab is going to say something like "unsupported content-type"

     

    Can you screenshot the RAW details of your response please?  That'll help understand what you're doing - the Content-Type header will indicate the data-type your response is.

     

    Struggling a bit to understand.  Can you explain what you are trying to do just to give a bit of background?

     

    Cheers,

     

    Rich

    • brindhavananb's avatar
      brindhavananb
      Occasional Contributor

      richie Thanks for your reply.

       

      I have tried to send GET request to microsoftonline to authenticate the credential.

       

      Please find the below RAW details:

      HTTP/1.1 200 OK
      Cache-Control: no-store, no-cache
      Pragma: no-cache
      Content-Type: text/html; charset=utf-8
      Expires: -1
      Vary: Accept-Encoding
      Strict-Transport-Security: max-age=31536000; includeSubDomains
      X-Content-Type-Options: nosniff
      X-Frame-Options: DENY
      Link: <https://aadcdn.msftauth.net>; rel=preconnect; crossorigin
      Link: <https://aadcdn.msftauth.net>; rel=dns-prefetch
      Link: <https://aadcdn.msauth.net>; rel=dns-prefetch
      X-DNS-Prefetch-Control: on
      P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
      x-ms-request-id: 63726bfe-a371-4219-8c65-0ead54dc9501
      x-ms-ests-server: 2.1.16693.3 - EUS ProdSlices
      x-ms-clitelem: 1,0,0,,
      X-XSS-Protection: 0
      Set-Cookie: buid=0.AXUAt2jXG92G6EqM0gOMu30WXMiFYa393DBCs9G2pm6jH751AAA.AQABAAEAAAAmoFfGtYxvRrNriQdPKIZ-moXNYaAOlTFG8ed7h9KgP0sYYVLBJmvCZaYOBn94JYEX9FjBlFSBSCLyM700cjG45K99It6ssKog0ECvDd-c74lh_oxeB57jin7pPq8CHhwgAA; expires=Fri, 08-Dec-2023 14:01:15 GMT; path=/; secure; HttpOnly; SameSite=None
      Set-Cookie: esctx=PAQABAAEAAAAmoFfGtYxvRrNriQdPKIZ-acNMdwlCE1CLOU-KvA3aS8p6xnOzblRXslVRHdIHOs99cVvy4gAPfP5hhe5IO6INnJYS-9JXPcxjSFkluhVElgCG4W2zyhwiCuWIk-6SRlzXGJW1onrH1y2uqDnaZr7UNmJGXUsLVkuNayGknKBlNzDkKbHp2aFxBr6QZ_ukU8sgAA; domain=.login.microsoftonline.com; path=/; secure; HttpOnly; SameSite=None
      Set-Cookie: esctx-htzCgaDaLBo=AQABAAEAAAAmoFfGtYxvRrNriQdPKIZ-vZzA3-SNr_Xd-DGvcOw691RoNN_BRcLoXncmmNsHqhI8cOTn2jGhIkWF3Hnhhvi9pOr7uHbJ-8nxGfB2Hyq97Dl5rY29m4ZuvnZfglLe9eWrMY9_3I1C1qmGO9oIh7-tUBKJYkiJiALq37dzFQEPfSAA; domain=.login.microsoftonline.com; path=/; secure; HttpOnly; SameSite=None
      Set-Cookie: fpc=Aq1QkNDzXvFHhW3FKHm4hT19fksrAQAAAKuL3dwOAAAA; expires=Fri, 08-Dec-2023 14:01:15 GMT; path=/; secure; HttpOnly; SameSite=None
      Set-Cookie: x-ms-gateway-slice=estsfd; path=/; secure; samesite=none; httponly
      Set-Cookie: stsservicecookie=estsfd; path=/; secure; samesite=none; httponly
      Date: Wed, 08 Nov 2023 14:01:14 GMT

       

      ---Please refer the next reply for continuation of this RAW details-----

      • brindhavananb's avatar
        brindhavananb
        Occasional Contributor

        ---Please refer below for continuation of RAW details-----

        <!-- Copyright (C) Microsoft Corporation. All rights reserved. -->
        <!DOCTYPE html>
        <html dir="ltr" class="" lang="en">
        <head>
        <title>Sign in to your account</title>
        <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
        <meta http-equiv="X-UA-Compatible" content="IE=edge">
        <meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=2.0, user-scalable=yes">
        <meta http-equiv="Pragma" content="no-cache">
        <meta http-equiv="Expires" content="-1">
        <link rel="preconnect" href="https://aadcdn.msftauth.net" crossorigin>
        <meta http-equiv="x-dns-prefetch-control" content="on">
        <link rel="dns-prefetch" href="//aadcdn.msftauth.net">
        <link rel="dns-prefetch" href="//aadcdn.msauth.net">

         

        ---Please refer the next reply for continuation of this RAW details-----

    • richie's avatar
      richie
      Community Hero

      Ha!  Serves me right for asking for the RAW! 😁

      Ok - I am a little confused - what are you actually trying to do here? - I'm struggling to work out what you want to do and also why you're doing what you're doing.

      I've copied your original post below and I'm gonna comment in RED text for each point you made that I've struggling to understand:

       

      "When I run the Rest API call from ReadyAPI it gives 200- ok.

      But response in XML does not show- instead it shows up some logs also am getting error in HTML Tab. - so the content you're getting back is html - now html has quite loose rules - xhtml has tighter rules that are just as tight as XMLs wellformed rules - but I dont know if MS are using html or xhtml - but the fact that you got a 200 is encouraging.  The API you hit, responded and gave you a 200.  So I'm not sure what you're concerned about.  If the response payload wasn't xhtml but only html - then the wellformed rules wouldn't be 'tight' enough to be successfully parsed by the xml parser - and so you wouldn't expect wellformed content to appear in the XML tab.    

      You mention logs - what logs are you looking at? are you looking the HTTP log? or ReadyAPI log? what does it say in the logs.

      You mention there's an error in the HTML tab - what does the error actually say? - is it "unsupported content" or something else?

      If I run the same http request via chrome it works fine. - when you say running the request in chrome runs fine - you mean submitting a GET on whatever MS resource you're trying to hit?  If  you get a 200 in ReadyAPI, but somewhere it's showing some errors - but your GET was successful - you get a 200 response, you get a payload back - what's wrong with that?  Remember if there are any slight issues with teh returned content in the request - Chrome isn't going to display those issues - Chrome's a browser - it's built to make things as easy as possible for the user and not to confuse - so it working fine in Chrome really doesn't help all that much.

      I set the authentication method as Auth2.0 in ReadyAPI. - Have you confirmed it should be using OAuth v2.0, rather than OAuth v2.0 (Azure)?  I'm asking this - but what I'mn actually asking is where did you get this info from - who gave you all the parm values for your OAuth v2.0 connection?

      HTML response: - OK - don't really know what you're getting at here - I'm lost - what are you saying here - are you saying that you had a warning in the Chrome that you needed to enable cookies or do you mean something else?

      Your browser is currently set to block cookies. You need to allow cookies to use this service.

      Cookies are small text files stored on your computer that tell us when you're signed in. To learn how to allow cookies, check the online help in your web browser.

       

      When i saved my XML response as html and tried to open, i got the below screen" - you mention XML response here - but the Content-Type of the response is text/html - so - do you actually mean the HTML response?

      How did you save the response......does the response render in the HTML tab of the response after all?  or did you copy the html out of the RAW details?

       

      You state "When i saved my XML response as html and tried to open, i got the below screen" - so - again - struggling abit - you saved the response as what - an .html file?  .mhtml file? .xml file? do you mean  like you saved a copy of the response onto your hard drive, then opened it within Chrome?

       

      If I'm following correctly and you're saying you copied the html response from a GET request you submitted in ReadyAPI, into the browser and submitted it - but couldn't login to the resource you were trying to hit - that is completely expected.  OAuth v2.0 is made to be secure.  There's loads of session stuff and other stuff that hinders you doing what you tried to do.

       

      So!  What were you trying to do?  If you can explain the objective behind your efforts - we might be able to help you a bit more than what I've done so far.

       

      Oh - please forgive all the questions - if there's something I dont understand it just ruins my understanding of the whole thing - I'm thick - I need things laid out nicely so I understand - so sorry making you answer all these questions!

       

      Cheers,

       

      Rich