BookmarkSubscribeRSS Feed
☑ This topic is solved. Need further help from the community? Please sign in and ask a new question.
asasgdsfa
Obsidian | Level 7

Hi

 

May I ask someone to help me with following code?

 

%let url=xxx;
%let token=_very_long_token_;

filename out temp;
proc http
      url="&url"
      method="GET"
      out=out;
      headers "Authorization" = "Token token = &token" ;
 run;
%put Received code: &SYS_PROCHTTP_STATUS_CODE.;
%put Received phrase: &SYS_PROCHTTP_STATUS_PHRASE.;

 

It which gives result:

%put Received code: &SYS_PROCHTTP_STATUS_CODE.;

Received code: 401

%put Received phrase: &SYS_PROCHTTP_STATUS_PHRASE.;

Received phrase: Unauthorized

 

When the same is done in bash, it works correctly:

url=xxx;
token=_very_long_token_;

curl -k -H "Authorization: Token token=\"$token\"" "$url"

Why the SAS code does not work identically to the bash?

1 ACCEPTED SOLUTION

Accepted Solutions
asasgdsfa
Obsidian | Level 7
Solved by adding the certificate. However, it remains mysterious to me, because bash ("curl -k") doesn't use any, while SAS needs it.

View solution in original post

9 REPLIES 9
ChrisHemedinger
Community Manager

Are you certain the form is "Authorization: Token token <token-value>" ?  And not just "Authorization: Token <token-value>" ? 

 

I've seen a lot of APIs and token schemes, but using the token keyword twice and then the actual token seems odd.

Learn from the Experts! Check out the huge catalog of free sessions in the Ask the Expert webinar series.
ChrisHemedinger
Community Manager

Oh, also your bash script puts the token value in quotes, but your SAS code does not have that.  Maybe you need something like:

 

 headers "Authorization" = "Token token = ""&token""" ;

 

Learn from the Experts! Check out the huge catalog of free sessions in the Ask the Expert webinar series.
asasgdsfa
Obsidian | Level 7

Chris, thank you for the suggestions!

 

"Token token = ": I'm not completely sure about it, but since it works in bash, it should be correct.

 

Quotes: Yes, I know about this difference, but I've already tried your suggestion, as well as (one by one and a few other modifications how to pass the quotes):

%let token=%22&token%22;
%let token=%str(%")&token%str(%");
%let token=%bquote(")&token%bquote(");

Nothing works. Sorry, I should have mentioned that in my original post.

 

ChrisHemedinger
Community Manager

You can try the DEBUG LEVEL=3; statement on PROC HTTP to maybe get more details about what is being sent. Also, since you are using the -k flag on curl, maybe you need this statement in PROC HTTP:

SSLPARMS "SSLREQCERT"="ALLOW";
Learn from the Experts! Check out the huge catalog of free sessions in the Ask the Expert webinar series.
asasgdsfa
Obsidian | Level 7

Do you suggest

 

proc http
      url="&url"
      method="GET"
      out=out;
      headers "Authorization" = "Token token = ""&token""" ;
SSLPARMS "SSLREQCERT"="ALLOW";
DEBUG LEVEL=3; run;

?

 

If my syntax is correct (I haven't found an example of the SSLPARMS usage), it makes no difference. The debug level of 3 procudes:

> GET /XXX/YYY/ZZZ HTTP/1.1
> User-Agent: SAS/9
> Host: XXX
> Accept: */*
> Connection: Keep-Alive
> Authorization: ************
>
< HTTP/1.1 401 Unauthorized
< server: nginx
< date: Wed, 02 Aug 2023 14:41:52 GMT
< content-type: text/plain
< content-length: 21
< cache-control: no-cache
< x-request-id: ea3c2385-fcf4-4a21-9df0-69ade9a4b6c7
< x-runtime: 0.000492
< 
< 00007F765802B461: 41 75 74 68 6F 72 69 7A 61 74 69 6F 6E 20 6D 69 Authorization mi
< 00007F765802B471: 73 73 69 6E 67                                  ssing           
NOTE: PROCEDURE HTTP used (Total process time):
      real time           0.00 seconds
      cpu time            0.00 seconds
      
Received code: 401
Received phrase: Unauthorized

Url and the host are correct and identical to the bash, I just don't want to share it unless really necessary.

 

I also tried various options of quoting the token, no success.

 

ChrisHemedinger
Community Manager

Is it a documented API that we can see somewhere? Or something that's internal/proprietary. Sometimes by looking at API doc I can work out the magic incantation.

Learn from the Experts! Check out the huge catalog of free sessions in the Ask the Expert webinar series.
asasgdsfa
Obsidian | Level 7

Ok, if you are willing to dig into the topic, I'm trying to use conjure api with the token: https://docs.conjur.org/Latest/en/Content/Developer/Conjur_API_Authenticate.htm?tocpath=Developer%7C...

 

It's equivalent of the last example without the certificate (it works without it in bash, see my original post).

curl --cacert <certfile> \
     -H "Authorization: Token token=\"$response\"" \
     <url>

I haven't found any example for the conjure API with SAS.

 

The token has been previously obtained by another proc http and coded to base64. This should be correct, because when I copy-paste the token obtained in SAS to the shell script, it also works (when not using a "hard-copy" of the token, the bash script downloads the token itself as well).

 

There is a limited time validity of the token; but, of course, I'm sure that all the time I'm using a valid one, which was downloaded right before this proc http.

 

Edit: This may be slightly more appropriate: https://docs.conjur.org/Latest/en/Content/Developer/Conjur_API_Retrieve_Secret.htm?tocpath=Developer... (obtaining a password, the authentication is used as shown above)

asasgdsfa
Obsidian | Level 7
Solved by adding the certificate. However, it remains mysterious to me, because bash ("curl -k") doesn't use any, while SAS needs it.
ChrisHemedinger
Community Manager

It may be that your curl/bash environment was finding the cert via normal environment variables that were not available in your SAS session.

Learn from the Experts! Check out the huge catalog of free sessions in the Ask the Expert webinar series.

SAS Innovate 2025: Register Now

Registration is now open for SAS Innovate 2025 , our biggest and most exciting global event of the year! Join us in Orlando, FL, May 6-9.
Sign up by Dec. 31 to get the 2024 rate of just $495.
Register now!

How to Concatenate Values

Learn how use the CAT functions in SAS to join values from multiple variables into a single value.

Find more tutorials on the SAS Users YouTube channel.

SAS Training: Just a Click Away

 Ready to level-up your skills? Choose your own adventure.

Browse our catalog!

Discussion stats
  • 9 replies
  • 4422 views
  • 1 like
  • 2 in conversation