How to get information from Nx Witness using REST API?

Answered

Follow

Vitalii Malynka

• October 06, 2020 09:39
• Edited

Hi there!

I need to get information about all cameras in the system in 3rd part system.

I have already installed NX Witness locally and tested some functions using 'API Testing Tools'.

It works great only on the web from the 'API Testing Tools'. But when I try to get the same information from my app, I receive an error '401 Unauthorized'.

For example, 'http://login:password@localhost:7001/ec2/getCamerasEx' (login and pass changed) from the 'API Testing Tools' give me status 200 and data in json:

The same string from my app on the web browser

What's wrong? 

Is it correct to use API request which marked 'Requesting URL' on the 'API Testing Tools'?

0

• 

  Andrey Terentyev

  • October 06, 2020 12:29

  Hello Vitalii,

  You are using version 4.1.0.31398

  > But when I try to get the same information from my app
  I'm afraid I don't understand what are you trying to do. What is http://localhost:4200 ?

  Could you share your code, please?
  
  Here is the line which works for me

  curl -X GET -k "https://admin:<password>@localhost:7001/ec2/getCamerasEx"

  
  Here is the powershell code which works for me on the same machine

  

  0

  Comment actions Permalink
• 

  Vitalii Malynka

  • October 06, 2020 13:25

  Hello Andrey,
  I use Angular which starts the app on http://localhost:4200.
  Also, I tried to test request using the default XMLHttpRequest, but I got the same problem with 401 Unauthorized.
  For example,

   

   <script>

          function test_api(){

              let xhr = new XMLHttpRequest();  

                  xhr.open("GET", `http://admin:pass@127.0.0.1:7001/ec2/getCamerasEx`, true); 

                  xhr.onreadystatechange = function () {

                      console.log(xhr.readyState);

                      if (xhr.readyState == 4) { 

                          if (xhr.status == 200) { 

                             console.log('OK!!!!') // responseText - текст ответа полученного с сервера.

                          }

                      }

                  }

                  xhr.send();                    

          }

          test_api();

      </script>

   

   

  0

  Comment actions Permalink
• 

  Andrey Terentyev

  • October 06, 2020 15:55

  Hi,

  Have a look at this https://github.com/networkoptix/nx_open_integrations

  There is node_js folder with a framework with examples and documentation. I guess it's what you need.

  In particular mediaserverApi.js has this

  /**
  * Gets all of the cameras from system.
  * @return {Bluebird<void>}
  */
  MediaserverApi.prototype.getCameras = function () {
      return this.getWrapper('/ec2/getCamerasEx', {})
          .then(function (cameras) {
          return cameras;
      }, function (err) {
          logging.error(err);
          return [];
      });
  };

  0

  Comment actions Permalink
• 

  Vitalii Malynka

  • October 12, 2020 12:27

  Hello!

  Thanks!

  0

  Comment actions Permalink
• 

  Evgeny Balashov

  • October 12, 2020 17:24

  Vitalii, please check 'URL-based authentication' section in the API documentation. If you are developing a web-application and want to make the requests from the browser, this is the easiest (if not the only one) authentication method that will work for you. 

  0

  Comment actions Permalink
• 

  Vitalii Malynka

  • October 16, 2020 17:03

  Hi, Evgeny.

  I tried this method but unfortunately, it didn't work too.

  0

  Comment actions Permalink
• 

  Evgeny Balashov

  • October 16, 2020 22:01

  In this case, we need to know more details about how this method has failed you.

   

  Can you share a code example, or describe steps you took?

  Also, can you give an example of login, password, nonce, and generated auth_key?

  0

  Comment actions Permalink
• 

  Vitalii Malynka

  • October 17, 2020 07:51

  I use framework Angular with TypeScript in the project. I'll try to simplify the code for a better understanding.

  For test  'URL-based authentication' I use:

  • login 'admin'
  • pass 'test_root'

   

  First step: I send request

  private getAuthData(){

      return this.http.get(`http://127.0.0.1:7001/api/getNonce`);

    }

   

  http - is a HttpClient Module, which based on the RxJS library and describes methods of working with the server via HTTP API

   

  The server sends me such a response:

  1. error: "0"
  2. errorString: ""
  3. reply:
  1. nonce: "5b1d893bd18e8"
  2. realm: "VMS"

  After that, I configured method for create hash:

  private getHash(data){

      const md5 = new Md5();

      return md5.appendStr(data).end();

    }

  For this method, I am using the third party md5 library 'ts-md5'

   

  Next:

   digest = this.getHash('admin:VMS:5b1d893bd18e8'),

   partial_ha2 = this.getHash('GET:'),

   simplified_ha2 = this.getHash(`${digest}:5b1d893bd18e8:${partial_ha2}`);

   

  And after that, I use btoa method to create base-64 encoded string

  this.auth_digest = btoa(`admin:5b1d893bd18e8:${simplified_ha2}`);

   

  This operation give me a string: "YWRtaW46NWIxZDg5M2JkMThlODpiMmE1MWEyYzIyZWJkY2Q3MmQ3Yzg5MTkwN2RkODU5Ng=="

   

  Finally, I send the request:

  this.http.get(`http://127.0.0.1:7001/ec2/getCamerasEx?auth=YWRtaW46NWIxZDg4ZmUyZmY4MDo3MzdiMWVlYzRkZWU1NmQ4MDI2YjQ1ZDFhNmFkNTAxZg==`)

   

  and server give me response:

  1. error:
  1. details: "Auth_WrongDigest"
  2. error: "401"
  3. errorString: "Unauthorized"
  4. __proto__: Object
  2. headers: HttpHeaders {normalizedNames: Map(0), lazyUpdate: null, lazyInit: ƒ}
  3. message: "Http failure response for http://127.0.0.1:7001/ec2/getCamerasEx?auth=YWRtaW46NWIxZDg4ZmUyZmY4MDo3MzdiMWVlYzRkZWU1NmQ4MDI2YjQ1ZDFhNmFkNTAxZg==: 401 Unauthorized"
  4. name: "HttpErrorResponse"
  5. ok: false
  6. status: 401
  7. statusText: "Unauthorized"
  8. url: "http://127.0.0.1:7001/ec2/getCamerasEx?auth=YWRtaW46NWIxZDg4ZmUyZmY4MDo3MzdiMWVlYzRkZWU1NmQ4MDI2YjQ1ZDFhNmFkNTAxZg=="

   

  

  0

  Comment actions Permalink
• 

  Evgeny Balashov

  • October 27, 2020 21:36

  Vitalii, sorry for the delay

  When you calculate digest = this.getHash('admin:VMS:5b1d893bd18e8'),

  you need to do digest = this.getHash('admin:VMS:test_root') instead

   

   

  0

  Comment actions Permalink
• 

  Vitalii Malynka

  • October 29, 2020 09:26

  Hi, Evgeny.

  Thanks for finding a bug.

  Unfortunately, this did not solve the problem.

  Could you tell me what does "method" mean:

  "Specify the authentication hash in the URL parameter: http://127.0.0.1:7001/method?auth=auth_digest&other_params"?

  Is it HTTP method (e.g. "GET") or method of your API (e.g. /ec2/getCamerasEx)?

  Is it the correct string to get data using URL-based authentication: "http://127.0.0.1:7001/ec2/getCamerasEx?auth=YWRtaW46NWIyY2JhZDM3ODc2MDozODk1NmQ2NDBlMDA1ZjZmMjQ5ZWI2YjgxYmEyZGEzMA=="?

  0

  Comment actions Permalink
• 

  Anton Babinov

  • October 29, 2020 18:16

  Hi, Vitalii,
  
  >Is it HTTP method (e.g. "GET") or method of your API (e.g. /ec2/getCamerasEx)?

  HTTP method is being used to generate partial_ha2 value.

  Based on the values you provided earlier YWRtaW46NWIyY2JhZDM3ODc2MDozODk1NmQ2NDBlMDA1ZjZmMjQ5ZWI2YjgxYmEyZGEzMA== is incorrect string. Lets decode your string:

  echo -n 'YWRtaW46NWIyY2JhZDM3ODc2MDozODk1NmQ2NDBlMDA1ZjZmMjQ5ZWI2YjgxYmEyZGEzMA=='|base64 -d
  admin:5b2cbad378760:38956d640e005f6f249eb6b81ba2da30

  So in your case we have:

  login - admin
  password - test_root
  nonce - 5b2cbad378760

  By following http://10.0.1.108:7001/static/index.html#/developers/api/Calculating%20authentication%20hash example, lets calculate the correct auth string. digest:

  echo -n 'admin:VMS:test_root'|md5sum
  
  4b8c28c58e9be48fe51eb6871048fb01

  partial_ha2:

  echo -n 'GET:' |md5sum
  
  8f61ab83c6acab8a073a6d49e1517860

  simplified_ha2:

  echo -n '4b8c28c58e9be48fe51eb6871048fb01:5b2cbad378760:8f61ab83c6acab8a073a6d49e1517860'|md5sum
  d9051ad83badb2e42bfaa2ebfa25bb1c

  And finally, the auth_digest:

  echo -n 'admin:5b2cbad378760:d9051ad83badb2e42bfaa2ebfa25bb1c'|base64
  
  YWRtaW46NWIyY2JhZDM3ODc2MDpkOTA1MWFkODNiYWRiMmU0MmJmYWEyZWJmYTI1YmIxYw==

  So the correct request would be - http://127.0.0.1:7001/ec2/getCamerasEx?auth=YWRtaW46NWIyY2JhZDM3ODc2MDpkOTA1MWFkODNiYWRiMmU0MmJmYWEyZWJmYTI1YmIxYw==

  0

  Comment actions Permalink
• 

  Kramer Kramer

  • January 12, 2021 09:04

  Anton Babinov, I tried a lot to get the auth code correct but can't get it right, can you please let me show what the auth code should be for me? And is this authkey permanent?

  login: loginuser1

  pass: user1pass_test

  "nonce":"5b8b02cdf2650","realm":"VMS"

  0

  Comment actions Permalink
• 

  Anton Babinov

  • January 12, 2021 10:18

  Hello Kramer,

  the correct authkey for your credentials would be:

  bG9naW51c2VyMTo1YjhiMDJjZGYyNjUwOjhlYTUzZmU2ODhlNDRlZTQ4ZjU5OWRhODYwNDk1MWJj

  And is this authkey permanent?

  No, it isn't permanent. Once nonce is received from the server, you have 5 minutes to generate a new authkey with the given nonce and open connection to the server. After connection is established, authkey will be valid for as long as connection is active. 

  I tried a lot to get the auth code correct but can't get it right

  Could you please share your code that you use to generate authkey?

   

  0

  Comment actions Permalink

Please sign in to leave a comment.