How to pass authentication parameters in REST API?

vundamat · July 13, 2015, 9:19pm

How can I pass the authentication parameters into the rest api call in openmrs?

cioan · July 14, 2015, 2:48am

One possible way is to use HTTPBasicAuthFilter:

PIH/openmrs-module-importpatientfromws/blob/master/api/src/main/java/org/openmrs/module/importpatientfromws/api/impl/ImportPatientFromWebServiceImpl.java#L283


        throw new IllegalArgumentException("Unknown remote server: " + serverName + ". Known servers are " + remoteServers.keySet());
    }
    if (!remoteServerConfiguration.getUrl().startsWith("https://")) {
        log.warn("non-HTTPS connection to " + serverName);
    }


    WebResource resource = restClient.resource(remoteServerConfiguration.getUrl()).path("ws/rest/v1/patient").queryParam("v", "full");
    if(timeout!=null){
        restClient.setReadTimeout(timeout);
    }
    resource.addFilter(new HTTPBasicAuthFilter(remoteServerConfiguration.getUsername(), remoteServerConfiguration.getPassword()));
    return resource;
}


@Override
public List<RemotePatient> searchRemoteServer(String serverName, String id, Integer timeout) throws IOException {
    RemoteServerConfiguration remoteServerConfiguration = remoteServers.get(serverName);
    WebResource resource = setUpWebResource(serverName, remoteServerConfiguration, timeout);


    resource = resource.queryParam("id", id);

jdick · July 14, 2015, 7:08am

We send a request to the session rest resource with an authorization header in the format "basic : " + base64-encode(username + “:” + password). For an example using angular see (especially line61):

https://github.com/AMPATH/ng-amrs/blob/master/app/scripts/openmrs_rest_services/authentication.service.js

yousefhamza · July 14, 2015, 10:29am

like @jdick said.

In general just send the request with header “Authorization” example:

Authorization: Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==

michael · July 15, 2015, 1:30pm

I moved a post to a new topic: How to change UI styling of OpenMRS 2.2?

vundamat · July 27, 2015, 8:58pm

Thanks that worked! I sent it in Java using the following code:

String url="http://localhost:8081/openmrs-standalone/remotecommunication/postHl7.form";
URL object=new URL(url);
HttpURLConnection con = (HttpURLConnection) object.openConnection();
con.setDoOutput(true);
con.setDoInput(true);
//adding the request headers
String encoding = DatatypeConverter.printBase64Binary("admin:Admin123".getBytes("UTF-8"));
con.setRequestProperty("Authorization: Basic ",encoding);

Hope this helps other newbies like me in the future !

Thanks!

vundamat · July 27, 2015, 8:59pm

Thank you!

vundamat · July 27, 2015, 9:00pm

Thank you…!

mrdedhia · June 6, 2016, 12:51pm

I need to make REST API calls with an already authenticated session. E.g. if I develop my own mobile client for OpenMRS, where the physician logs in once and subsequently, the data is accessed using REST calls. In this case, what should I pass in place of base64 encoded credentials?

wyclif · June 6, 2016, 7:46pm

I’m not sure if am getting you well, are you asking how to pass in your login credentials to get authenticated or how to make subsequent calls upon successful login?

mrdedhia · June 7, 2016, 7:23am

How to make subsequent calls post successful login? Because I won’t have the user name and password to pass in the REST call header, only the session id of a valid authenticated session.

wyclif · June 7, 2016, 8:21pm

You need to send the jsessonId on every subsequent call after login, but the thing is that you need to fetch it from the server after login as shown on this page under the authentication section

smuwanga · September 6, 2016, 3:43am

Am using AJAX and a fragment controller. Am experiencing a UI Session Authentication error. How would you do authentication in AJAX?

Here is my discussion: Find Patient by Fingerprint - #12 by dkayiwa

@wyclif @lluismf

dkayiwa · September 6, 2016, 7:18am

By the time you make the REST call, can you ensure that you are logged in the browser?