api v2 - POSTMAN examples

fxlepoutre
Contributor

Re: api v2 - POSTMAN examples

Hello @christophe_keom 

 

Thanks for the hint. I juste tested your suggestion..

 

1. Changed my authorization header to be the following:

 

Authorization:CACertificate {{anaplan_certificate_base64}}

 

 2. Added a line to the Pre-Req script:

 

pm.environment.set("anaplan_certificate_base64", btoa(pm.environment.get("anaplan_certificate")));

 

 

This transforms correctly my certificate value "MIIFHzCCBAegAwIBA.............EWmQjqsbcj2zY09pew==" to "TUlJRkh6Q0NCQWVnQ........21RanFzYmNqMnpZMDlwZXc9PQ==" which corresponds to the Base64 text value of the certificate.

 

But still, the test gives me 401 reply, with a "FAILURE_BAD_CREDENTIAL" message. 😞

Any other idea?

 

Thanks,

FX

christophe_keom
Occasional Contributor

Re: api v2 - POSTMAN examples

FX,

 

Seeing the outcome of what you get makes me think that it might be a simple issue.

Can you ensure that you keep those titles:

"-----BEGIN CERTIFICATE-----"

"-----END CERTIFICATE-----"

when you try to generate that

anaplan_certificate_base64

value

?

After reading your previous post, I guess this is what happened.

You should have a value starting with "LS0.."

 

Rgds,

 

Christophe K.

Jason_C
Certified Master Anaplanner

Re: api v2 - POSTMAN examples

When I test via Postman I absolutely use the certificate. That is the only way, if you are looking at data loaded into a file on Anaplan can truly confirm you are looking at the right data.

You can use a tool called openssl (https://www.openssl.org) to help convert your certificates.  

Example: enc -base64 -in "C:\OpenSSL-Win64\bin\anaplan_api_v2_1.0.0\random_strg_100.txt" -out "C:\OpenSSL- Win64\bin\anaplan_api_v2_1.0.0\random_strg_100.txt.base64"

 

OR 

 

Per instructions from the Anaplan support team:

  1. Use a Base-64 encoder (e.g. https://www.base64encode.org/ ) to encrypt the CN and PEM string, separated by a colon. For example, paste this in:
    your.name@company.com:-----BEGIN CERTIFICATE-----
    CERTCONTENTS
    -----END CERTIFICATE-----
kleches
Not applicable

Re: api v2 - POSTMAN examples

Hello,

 

I am trying to do the same with postman but not working (i have Error 400 Bad Request Result)

I am using java to sign and encode data like i found in the following link (https://anaplanauthentication.docs.apiary.io/#reference/authentication-token)

 

In postman Header, i have added : 

 

Content-Type : application / json

Autorization : CACertificate LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS[..................]kQgQ0VSVElGSUNBVEUtLS0tLQ

 

In Body part :

 

 

{ 
'encodedData': 'VOOBp3PvmX+DQL[..........................]Dn6zKU+x1MJQ==',
'encodedSignedData': 'p1pnJ4/O8YcizY++b2OmZNfF70PWjvm0vPR6y+PoqrKhfPVi8f6YcTi66QTdV9dR+X7S69ooWqgG894PLny[............................]xPCtmNV7gIdfvk4W4rL04KKvNvqfV+pvLTtC7gBWE0Rg=='
}

 

 

(EncodedData is random string from 100char encoded to base64 => 136char

EncodedSignedData is random string signed with the private key and encoded to base64 => 344char)

 

Do i need to put simple quote in the Json ? In the Header for the CACertificate ?

I think this is just a little thing but i am not able to found it.

 

Thank you and best regards,

fxlepoutre
Contributor

Re: api v2 - POSTMAN examples

Hi @Jason_C and/or @christophe_keom 

I'm sorry I don't get it. I really think I am not very far, but it still continues to fail. 😟

I now have a header looking like this: "Authorization: CACertificate LS0.....", so it seems OK.
But still a 401 FAILURE_BAD_CREDENTIAL.

The full code I have in the pre-req script is the following:

 

function randomString(length, chars) {
    var result = '';
    for (var i = length; i > 0; --i) result += chars[Math.floor(Math.random() * chars.length)];
    return result;
}

var anaplan_privatekey = "-----BEGIN PRIVATE KEY-----\
MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDg/EygC4681MTB\
MToJXByMoFHhyPZNSTLtl7xRLjVNJ7N31JQLtf8Anv5e1hRcjDy4mQcPgxvhWvVa\
.....
Vcfg8G3Jbel2sz6HGjR9SohMFx038K5C2F43L5hRW0MF4dxwGYeWs3Ic0Z7CC9IR\
tgkrHJ+SKp/EFH2PhBx1xjE=\
-----END PRIVATE KEY-----"

var anaplan_certificate = "-----BEGIN CERTIFICATE-----\
MIIFHzCCBAegAwIBAgIQBghdO0SjwpaGWIjw5OftnTANBgkqhkiG9w0BAQ0FADBl\
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3\
...
TxAKO5P+pU1Hc8vVW2jtMY4ajNn4C2L6vUfQ0rfMW3jSrBWXlG3GJWYiYJ1BkNxJ\
tDCDJO1yEWmQjqsbcj2zY09pew==\
-----END CERTIFICATE-----"

var privatekey = anaplan_privatekey.replace(/(?:\r\n|\r|\n)/g, "").replace("-----BEGIN PRIVATE KEY-----", "").replace("-----END PRIVATE KEY-----", "")

var randomString = randomString(150, '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ');
var signedString = CryptoJS.HmacSHA512(randomString, privatekey);

// var certificate = anaplan_certificate.replace(/(?:\r\n|\r|\n)/g, "").replace("-----BEGIN CERTIFICATE-----", "").replace("-----END CERTIFICATE-----", "")
var certificate = anaplan_certificate;

var randomStringBase64 =  btoa(randomString);
var signedStringBase64 = btoa(signedString);
var certificateBase64 = btoa(certificate);

console.log("privatekey: " + privatekey);
console.log("randomString: " + randomString);
console.log("randomStringBase64: " + randomString);
console.log("signedString: " + signedString);
console.log("signedStringBase64: " + signedStringBase64);
console.log("certificate: " + certificate);
console.log("certificateBase64: " + certificateBase64);

pm.environment.set("anaplan_encodedString", randomStringBase64);
pm.environment.set("anaplan_signedString", signedStringBase64);
pm.environment.set("anaplan_certificate_base64", certificateBase64);

 

I feel like the CryptoJS.HmacSHA512() function is not behaving like Anaplan expects.

For reference, the body of the request does not change:

{
    "encodedData": {{anaplan_encodedString}},
    "encodedSignedData": {{anaplan_signedString}}
}

Any other ideas?

Thanks a lot,
FX

matKa
New Contributor

Re: api v2 - POSTMAN examples

Hi @fxlepoutre did you manage to solve this issue? I seem to have the same problem.

fxlepoutre
Contributor

Re: api v2 - POSTMAN examples

Hi @matKa 

Unfortunately not.

From my understanding, Postman's javascript function "CryptoJS.HmacSHA512()" is not generating a signature as required by Anaplan of the random string.

Our developers managed to do the integration in Java on their environment without the Postman example finally, but based on the Python and C# examples posted previously on the thread.

If you manage to do the signature within the pre-req scripts of Postman, I'd be glad if you can share your code.

Have a good day,