Setting up the REST API

[BenHur]

Hello all,

We tryng the new functions of the 4.x branch on our test database (our prod is on 3.x) but we have a problem setting up the REST API.

We are with the last version 4.1.12.1 with
 

We copy the .htaccess file (and rename it of course) but we have still the message :

" The API endpoint is not giving the expected response. Check you followed the instructions correctly. The URL being tested is: xxx"

The htacess file contains :

<IfModule mod_setenvif.c>
SetEnvIf Authorization .+ HTTP_AUTHORIZATION=$0
</IfModule>
<IfModule mod_rewrite.c>
Options -MultiViews
RewriteEngine On
RewriteBase /testipsv4/api/
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule .* index.php [E=HTTP_AUTHORIZATION:%{HTTP:Authorization},L]
</IfModule>

When i go to the URL :

{
    "errorCode": "2S290\/6",
    "errorMessage": "NO_API_KEY"
}

 

The support team of Invision don't wan't to help us until we go to the production environnement.

" To ensure that all customers receive fair and comparable support, I'm afraid we are unable to provide support for test or development installations via the client area. If, however, the issue persists with your live / production installation, please do let us know and we will be happy to investigate further."

In the system log of Invision :

06/05/2016 5:00 PM

api

IPS\Api\Exception (401) NO_API_KEY

No error in my error.log from Apache.

Thanks all for your help,

Regards,

Benjamin

[Nathan Explosion]

Hunch: this might be down to your PHP configuration.

Take a look at system\Dispatcher\Api.php, and search for 2S290 and you'll get to the code block is throwing that error code. It's because the $rawApiKey value is not set. It is being determined in the code block just prior to this area, and starts out as set to NULL, then the server environment is being queried to determine its true value.

[BenHur]

Thanks Nathan for this first clue ! I start to investigate and indeed this line (98) is not right for my $_SERVER.
if ( mb_substr( $k, -18 ) == 'HTTP_AUTHORIZATION' )

I will check why the .htaccess is not taken by my Apache and come back here, i hope, with the why and a solution.

 

[PedroNL]

Nathan,

 

Right now I have enabled my API with the .htaccess file but IPS says it isn't there software it is just how apache is handling the ," Please contact your host and inquire as to why authentication information is not being passed appropriately to Apache. Unfortunately, this is a limitation or issue with your server hosting environment and as such is not something we can provide much further assistance with. "  My hosting provider said everything is setup properly I have added the correct file but it still isn't working any advise?