Update: my cookie logger died on 7/16. Time to go dig up the new login process.
After some updates, command/wake_up POST isn't working for me but all the (non-streaming) data_request GETs are. Any tips on what I might be messing up? Thanks.
System.Net.WebException: The remote server returned an error: (401) Unauthorized.
I figure it might be useful to share with the class, in case others run into similar issues. Some of these are "non-changes" from my earlier implementation, but after a few refactorings I realized some things that changed for the worse and had to be fixed/restored.
1. Very early in your design, set up a method to save/load the login authorization token so that when debugging your app you don't make the server cranky. (Lots of requests seems fine. Lots of logins not so much.)
2. Streaming URL is the same as before the cookie -> OAuth changes.
3. Streaming URL "Authorization" header value must be "Basic" not "Bearer".
4. The new post-login OAuth URLs must have "Authorization" header value of "Bearer".
5. For #4, the Authorization must begin with title case ("Bearer") despite login returning the type in lowercase ("bearer").
6. Similar to #5, "Basic ####" not "basic ####".
7. For streaming URL, the authorization value part (#### in #6) needs to be encoded. I use:
Code:
Convert.ToBase64String(Encoding.Default.GetBytes("[I]loginname[/I]" + ":" + "[I]tokenvalue[/I]"))
.
8. (Might be C# specific.) Only the wake_up URL is a POST that requires authorization, which makes it the only URL that finds the issue: when building your HttpWebRequest, make sure you populate the headers before the content. Otherwise the headers are lost and you get the Unauthorized issue noted above.
9. Wake_up POST request content should be "{}\n" (though "{}" might be ok). Empty string didn't seem to work.
10. With the cookie -> OAuth transition, some of the responses now say "response" rather than "result". (I think they all return "response" now.)
11. The "id" field in the response for "vehicles" method is now larger than 32-bit. Using 64-bit (even signed) seems large enough.
12. Observation: The wake_up POST request now seems to provide the tokens which allows for not having to repeat the "vehicles" method, presumably. (I haven't applied that optimization yet.)
13. Optimization: Cookies are no longer needed throughout the web requests (GETs and POSTs) at all. Allowed for a lot of code trimming for me.