Replicate this curl post

oliver9523 · 20 February 2020 16:38

I'm trying to login to a server, the following curl command works

curl --insecure --request POST "https://IP:PORT/login" --form "username=user" --form "password=pass"

If I try to replicate this with Node-RED using

msg.payload = { username: "user", password: "pass" };
msg.headers = {'content-type':'application/x-www-form-urlencoded'};
return msg;

I'm using the HTTP request function node, it's set to POST, I've configured the SSL/TLS certificates. But I get an 'unauthorized' message from the server. I can replicate this 'unauthorized' message with curl if, for example, I change the login details to something invalid.

curl --insecure --request POST "https://IP:PORT/login" --form "username=user" --form "password=wrongpass"

returns 'unauthorized' from the server

I also get the same response if I use "multipart/form-data" for the header.

What am I missing to replicate the curl command?

sambarnes90 · 20 February 2020 18:32

Can you post the whole message debug from the request?

How exactly is the data body looking in the response?

Anything in Debug or the Console?

oliver9523 · 20 February 2020 20:41

I'm using node-red 0.19.3 on RPi if that makes any difference.
The full message debug looks like

_msgid: "c20f6921.631e28"
topic: ""
payload: "unauthorized↵"
headers: object
server: "nginx/1.17.7"
date: "Thu, 20 Feb 2020 20:36:34 GMT"
content-type: "text/plain; charset=utf-8"
content-length: "13"
connection: "close"
x-content-type-options: "nosniff"
strict-transport-security: "max-age=31536000;"
x-node-red-request-node: "20a71027"
statusCode: 401

sambarnes90 · 20 February 2020 20:57

This is going to sound silly but I'm just thinking out loud...

Try and initialise a new object with the body then pass that as the payload?

let headerObject = {'content-type':'application/x-www-form-urlencoded'};
let bodyObject = { username: "user", password: "pass" };
let newmsg = { headers: headerObject, payload: bodyObject };
return newmsg

Just in case it's something to do with the object cloning?

oliver9523 · 20 February 2020 21:01

no luck, still get the 'unauthorized' message...
curl command still works fine.

sambarnes90 · 20 February 2020 21:02

Hmm - can you change the debug level to trace in settings.js then get us a full output of the console log?

Can you screenshot the setup of the HTTP request settings too?

oliver9523 · 20 February 2020 21:56

20 Feb 21:54:13 - [trace] runtime event: {"id":"runtime-state","retain":true}
20 Feb 21:54:13 - [trace] runtime event: {"id":"runtime-deploy","payload":{"revision":"4f3162d66a107a10a0dc91d86dfc0adc"},"retain":true}
20 Feb 21:54:13 - [info] Starting flows
20 Feb 21:54:13 - [debug] red/nodes/flows.start : starting flow : global
20 Feb 21:54:13 - [debug] red/nodes/flows.start : starting flow : b6263066.0ae12
20 Feb 21:54:13 - [trace] [flow:global] start flow
20 Feb 21:54:13 - [trace] [flow:global] ------------------|--------------|-----------------
20 Feb 21:54:13 - [trace] [flow:global] id | type | alias
20 Feb 21:54:13 - [trace] [flow:global] ------------------|--------------|-----------------
20 Feb 21:54:13 - [trace] [flow:global] b8131fa3.0b165 | tls-config |
20 Feb 21:54:13 - [trace] [flow:global] ------------------|--------------|-----------------
20 Feb 21:54:13 - [trace] [flow:b6263066.0ae12] start flow
20 Feb 21:54:13 - [trace] [flow:b6263066.0ae12] ------------------|--------------|-----------------
20 Feb 21:54:13 - [trace] [flow:b6263066.0ae12] id | type | alias
20 Feb 21:54:13 - [trace] [flow:b6263066.0ae12] ------------------|--------------|-----------------
20 Feb 21:54:13 - [trace] [flow:b6263066.0ae12] eda0f865.9a64f8 | http request |
20 Feb 21:54:13 - [trace] [flow:b6263066.0ae12] 1315f340.2a058d | function |
20 Feb 21:54:13 - [trace] [flow:b6263066.0ae12] b34d3406.aa03c8 | inject |
20 Feb 21:54:13 - [trace] [flow:b6263066.0ae12] 4bf05c2d.b856f4 | debug |
20 Feb 21:54:13 - [trace] [flow:b6263066.0ae12] 3558d5c3.9914ca | debug |
20 Feb 21:54:13 - [trace] [flow:b6263066.0ae12] ------------------|--------------|-----------------
20 Feb 21:54:13 - [trace] runtime event: {"id":"runtime-state","retain":true}
20 Feb 21:54:13 - [info] Started flows
20 Feb 21:54:13 - [audit] {"event":"comms.open","level":98,"timestamp":1582235653572}
20 Feb 21:54:13 - [trace] comms.open I5fPOrqeyPzcO7mXxKEiE3Hv9o5o1Eig
20 Feb 21:54:22 - [metric] {"level":99,"nodeid":"b34d3406.aa03c8","event":"node.inject.receive","msgid":"c4b5dd99.95a43","timestamp":1582235662999}
20 Feb 21:54:23 - [metric] {"level":99,"nodeid":"b34d3406.aa03c8","event":"node.inject.send","msgid":"c4b5dd99.95a43","timestamp":1582235663020}
20 Feb 21:54:23 - [metric] {"level":99,"nodeid":"1315f340.2a058d","event":"node.function.receive","msgid":"c4b5dd99.95a43","timestamp":1582235663021}
20 Feb 21:54:23 - [metric] {"level":99,"nodeid":"1315f340.2a058d","event":"node.function.send","msgid":"c4b5dd99.95a43","timestamp":1582235663025}
20 Feb 21:54:23 - [metric] {"level":99,"nodeid":"eda0f865.9a64f8","event":"node.http request.receive","msgid":"c4b5dd99.95a43","timestamp":1582235663025}
20 Feb 21:54:23 - [metric] {"level":99,"nodeid":"3558d5c3.9914ca","event":"node.debug.receive","msgid":"c4b5dd99.95a43","timestamp":1582235663026}
20 Feb 21:54:23 - [metric] {"level":99,"nodeid":"1315f340.2a058d","event":"node.function.duration","msgid":"c4b5dd99.95a43","value":3.98,"timestamp":1582235663027} 20 Feb 21:54:23 - [metric] {"level":99,"nodeid":"eda0f865.9a64f8","event":"node.http request.duration.millis","msgid":"c4b5dd99.95a43","value":"210.636","timestamp":1582235663241}
20 Feb 21:54:23 - [metric] {"level":99,"nodeid":"eda0f865.9a64f8","event":"node.http request.size.bytes","msgid":"c4b5dd99.95a43","value":260,"timestamp":1582235663241}
20 Feb 21:54:23 - [metric] {"level":99,"nodeid":"eda0f865.9a64f8","event":"node.http request.send","msgid":"c4b5dd99.95a43","timestamp":1582235663242}
20 Feb 21:54:23 - [metric] {"level":99,"nodeid":"4bf05c2d.b856f4","event":"node.debug.receive","msgid":"c4b5dd99.95a43","timestamp":1582235663242}
20 Feb 21:54:26 - [metric] {"level":99,"event":"runtime.memory.rss","value":60993536,"timestamp":1582235666566}
20 Feb 21:54:26 - [metric] {"level":99,"event":"runtime.memory.heapTotal","value":20738048,"timestamp":1582235666566}
20 Feb 21:54:26 - [metric] {"level":99,"event":"runtime.memory.heapUsed","value":18586432,"timestamp":1582235666567}
20 Feb 21:54:41 - [metric] {"level":99,"event":"runtime.memory.rss","value":60329984,"timestamp":1582235681590}
20 Feb 21:54:41 - [metric] {"level":99,"event":"runtime.memory.heapTotal","value":20475904,"timestamp":1582235681591}
20 Feb 21:54:41 - [metric] {"level":99,"event":"runtime.memory.heapUsed","value":17733764,"timestamp":1582235681591}

oliver9523 · 20 February 2020 21:58

obviously the url is actually set correctly but it's not a public server so i've hidden it for now

sambarnes90 · 20 February 2020 22:05

Can you temporarily try accessing over http instead of https in case it's something to do with the TLS configuration?

Or make another endpoint on the API you're trying to reach accessible without authentication?

Nothing I've seen so far is jumping out at me - all seems to be correct!

Can you send the output of the request to a function node and JSON stringify the entire object then log that?

oliver9523 · 20 February 2020 22:23

yeah there's something funky going on...
http://IP:8080/login2/
works in node-red

sambarnes90 · 20 February 2020 22:25

Trailing slashes redirected?

Try it with the / after /login?

TLS/SSL settings not working - how's that all set up?

system · 20 April 2020 22:25

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Curl- > http req General http-request	7	992	28 March 2022
Using a Working curl with node-red http-request General http-request	6	818	29 August 2022
Retrieve HTTP POST cUrl data on node-red General http-request	17	568	7 July 2022
Use the HTTP-Request to recreate an curl command General	19	198	30 March 2023
cURL in Node red General	4	1711	20 April 2022

Replicate this curl post

Related Topics