403 access denied when posting new work
138 views
Skip to first unread message
Martin Vassilev
Apr 10, 2014, 11:00:33 AM4/10/14
to orcid-a...@googlegroups.com
Hello,
I have trouble when trying to post a new work to ORCID using the API (following http://support.orcid.org/knowledgebase/articles/171893-tutorial-add-works-with-curl ). I get 403 Access denied error.
So far I am successfully obtaining the access token following http://support.orcid.org/knowledgebase/articles/179969-methods-to-generate-an-access-token-for-testing and when I use it along with the following command:
everything works fine - the new work is posted. This means that the problem is in my code but still it is a little weird because I believe I am modeling the exact same curl command in python pycurl (urllib2 and requests libraries were used but with the same result of access denied).
I was wondering if you had came across to a similar problem... Could it be a certificate problem ?
I am applying more or less the entire push-to-orcid function - http://pastebin.com/cm7CNHYT
I am ready to provide the responses from the server for every step taken (setting cookies, requesting authorization, granting authorization, getting access token) containing the session ids, client id, secret code and access token if requested.
Best regards,
Martin
I have trouble when trying to post a new work to ORCID using the API (following http://support.orcid.org/knowledgebase/articles/171893-tutorial-add-works-with-curl ). I get 403 Access denied error.
So far I am successfully obtaining the access token following http://support.orcid.org/knowledgebase/articles/179969-methods-to-generate-an-access-token-for-testing and when I use it along with the following command:
curl -H 'Content-Type: application/orcid+xml' -H 'Authorization: Bearer <my token>' -d '@/Documents/new_work.xml' -X POST 'https://api.sandbox.orcid.org/v1.1/<my ORCID>/orcid-works'
everything works fine - the new work is posted. This means that the problem is in my code but still it is a little weird because I believe I am modeling the exact same curl command in python pycurl (urllib2 and requests libraries were used but with the same result of access denied).
I was wondering if you had came across to a similar problem... Could it be a certificate problem ?
I am applying more or less the entire push-to-orcid function - http://pastebin.com/cm7CNHYT
I am ready to provide the responses from the server for every step taken (setting cookies, requesting authorization, granting authorization, getting access token) containing the session ids, client id, secret code and access token if requested.
Best regards,
Martin
Peters, Robert
Apr 10, 2014, 11:40:39 AM4/10/14
to Martin Vassilev, orcid-a...@googlegroups.com
I haven't tested, nor am I a pythonista. But could it be "Authorization : Bearer ". That extra space would be different then the curl statement.
Cheers,
Rob
Cheers,
Rob
--
You received this message because you are subscribed to the Google Groups "ORCID API Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to orcid-api-use...@googlegroups.com.
To post to this group, send email to orcid-a...@googlegroups.com.
Visit this group at http://groups.google.com/group/orcid-api-users.
For more options, visit https://groups.google.com/d/optout.
Emanuil Tolev
Apr 10, 2014, 12:28:15 PM4/10/14
to orcid-a...@googlegroups.com
Sorry, not in a position to test your example right now, but I have written something which interacts with the ORCID submission bits (specifically I create new ORCID-s).
It's a really simplistic script which posts previously made XML-s to the ORCID API, but if that's specifically the issue you're having, then it might help you.
Lines 56-62 use the (deservedly) prevalent Python requests library to send an XML file with a researcher's personal information (incl. works).
The authorisation token_type is what ORCID gives you back: "bearer" (which is why it's capitalised to "Bearer").
So your whole Authorization header looks exactly like this:
"Bearer<space character><your long access token, 5 groups of hex digits separated by dashes>"
The problem is that yours looks OK. It could be the space after the header name ("Authorization " vs "Authorization") as Rob suggests though I do hope web servers aren't *that* fussy nowadays.
--
Martin Vassilev
Apr 11, 2014, 3:19:12 AM4/11/14
to orcid-a...@googlegroups.com
Hi,
Thank you guys. You were both right - it was the interval in the headers.
was c.setopt(pycurl.HTTPHEADER, ["Content-Type : application/orcid+xml", "Authorization : Bearer %s" % self.access_token])
should be c.setopt(pycurl.HTTPHEADER, ["Content-Type: application/orcid+xml", "Authorization: Bearer %s" % self.access_token])
Emanuil, Robert, thanks once again.
Martin
Thank you guys. You were both right - it was the interval in the headers.
was c.setopt(pycurl.HTTPHEADER, ["Content-Type : application/orcid+xml", "Authorization : Bearer %s" % self.access_token])
should be c.setopt(pycurl.HTTPHEADER, ["Content-Type: application/orcid+xml", "Authorization: Bearer %s" % self.access_token])
Emanuil, Robert, thanks once again.
Martin
Reply all
Reply to author
Forward
0 new messages