MATLAB Answers

Ways to finesse HTTP HeaderField constraints?

22 views (last 30 days)
Hey folks,
Webwrite isn't meeting my needs for POSTing data to a RESTful web service, so I decided to go with the lower level matlab.net.http.RequestMessage functionality, which sometimes works, but setting the Header with my authorization token sometimes fails depending on the token I get.
URL = 'https://api.tdameritrade.com/v1/accounts/1234567890/orders';
r = matlab.net.http.RequestMessage;
r.Method = 'Post';
r.Header(1).Name = "Authorization";
r.Header(1).Value = "Bearer " + token; % Token is long and changes periodically. **Usually** Matlab throws error
The problem is in setting the Header, which requires a field Name called "Authorization" and the Value of "Bearer " + token. The "token" value is very lengthy, around 1,200 characters (example at bottom of this post) and I have to get a new one every 30min to keep accessing this service. Sometimes Matlab is okay and accepts the token, but most of the tokens are rejected when I try to set the value, giving me an error like the one below:
Screen Shot 2019-08-23 at 7.47.13 PM.png
The Matlab class HeaderField is clearly doing a validation routine on the Value and determining it is not valid.
Here's what I've tried:
  1. Remove space after "Bearer", or using "Bearer%20" or "Bearer+". Matlab accepts this, but then web server returns "unauthorized"
  2. I've noticed that if I take the first 1,144 characters in token then Matlab accepts (e.g. "Bearer " + token(1:1144), but of course the web server returns "unauthorized" since I'm not providing the full token
Any ideas for how to enter "Bearer " + token to avoid the above error?
Here's an example token (I changed one character just to be sure no one can use it):
token = "zgzMa4kOwPmVxbQ3tp0unIp4JIXv1Hzh7fzRs3JmQbTnPVFeXX7oF2pJH+3gL4KYEfXFIuiL7IKHOJRUdxe0HXnU0yN+Gn9cZUyU/eovZVyG4kVTqu47hyDnNkq0C1gShWhBtWcvI8uKjzHjGMJP8Ot2Gjhbw3/l6YfQe3q3PBQ+6wLsSV7gHBm406PukLdql7schTpvrqLi8h308G7OIVrTJB2oXgqfIVGGDYbQNuw6iGamxJUqOZ8Fv8PeRapG92iT8B1p1sW5LFq5Vpu6N2pFgkhoSilmW0aZ+aq03R9V8FYFsZ30/jrNqSxllf3WFELkVYlJlGNOvudzIzJwANcfcl4UzvDYpduN33lOarpIK3a17tRlsjIimtgiLhyxEYlUnVLiuwI5l1+9tkJ0HjC3asEL6kWj+ysW5gx36YWyb8tbhOz5I5wFkqGkcjZNJjUQ12Ou4+DVG/tCwhCHwJOR+x8imWbZqTcDwNRMKyQkn1CXSY463Ycxf3XE6boRBkK2OtAQ/m4Q276i26HhRGjuMFfDW1fzCrrXy23zERVAkAo9t100MQuG4LYrgoVi/JHHvlwCIoz+tGIgiaHeuLUSTR/PGs5RLwaXaMkRXixdeWNw5qOODbq9fsFHe0zBCweEkN8CK5Uxa3+FXv3OtlJUDZ8Pytum96pRkgDPvib1n2sDmtV0DgHc1q2zJqfitAcfS3lmIYPx7RcGBHJV/jn1Ojp6mcN9tu0C8S7u/Mk4gqV+dwkdLIICRGe3u2ASbsX6j16Nrbv+XHy9sxQRVh0eWpvLppM0ICBlSxrZ6qr/d6pYqn505fB6gICX0D+326pFZF/fgcyLnfGjCaHv9v5qMv0LTNooGYZ5BguM4IZGOCts4h+/zm3wGCchBczi3BWh/AXw+fNro1TOAkGDdzshZs6GyBoo52vziYR319E/pep9qDs0talrh1OJGnOOquBhnqY9ej2kzQdDtf3sBxQjSXn3JEIlAcszSCQbPDwwrr5sPDMWuhHsgbuU1+CIGOPEKiL0zi57fne5zTjAvMBov8/FWmCULZ+dEGRiBfdqK4OJMyZn8Kpcq+oN2JYSOBcE+c/6Y3XrOjW/8D1U+Hvb2sYhWk/f1hYh2AHDO2dwlbCoRtPipQ==212FD3x19z9sWBHDJACbC00B75E"
Note that I can set the header with webwrite and successfully use the RESTful service that way, but unfortunately the response when using webwrite is empty and I need the info that gets returned from the non-webwrite approach described above.
Thanks,
Paul S

  0 Comments

Sign in to comment.

Accepted Answer

Paul Shoemaker
Paul Shoemaker on 24 Aug 2019
Hey folks,
I think I may have fixed the issue. The trick seems to be creating a GenericHeader object, which does not validate supplied values. Then assign the GenericHeader field to the RequestMessage Header.
Here's how it looks:
URL = 'https://api.tdameritrade.com/v1/accounts/1234567890/orders';
r = matlab.net.http.RequestMessage;
r.Method = 'Post';
genericHeader = matlab.net.http.field.GenericField('Authorization',"Bearer " + token); % This bypasses Matlab value validation
r.Header = genericHeader; % Assign to RequestMessage. Fortunately, the RequestMessage class accepts generic header objects
r.Body(1).Data = order; % trade/order to POST
response = r.send(URL); % Works like a charm and output contains the info I need.
I hope this helps someone else out there.
Paul S

  3 Comments

Joe R
Joe R on 14 May 2020
Works great on older version of matlab that will not let you use the "Authorization Bearer token" header with matlab.net.http.HeaderField.
Nickolas LaSorte
Nickolas LaSorte on 10 Aug 2020
Paul,
Could you share more code for you TD Ameritrade API call?
Thanks
Nick

Sign in to comment.

More Answers (0)

Community Treasure Hunt

Find the treasures in MATLAB Central and discover how the community can help you!

Start Hunting!