Seona Bellamy

It works on a straight curl request, so I'm figuring we have the right priviledges unless curl works differently - I'm not really that familiar with it.

Hi folks,

I need to make a number of calls to an API, some of which are GET requests and some of which are PUT requests. I've tried to make a common function since there's a bunch of security stuff that needs to happen, and I'm not sure if a) I'm actually doing it right in the first place, or b) there's a better/simpler/cleaner/more reliable way to do it instead.

I have the following function to handle the contact with the Smart API:


def callSmart(apipath,format)
pem = File.read("#{Rails.root}/private/websummit.pem")
uri = URI.parse(apipath)
http = Net::HTTP.new(uri.host, uri.port)
http.use_ssl = true
http.cert = OpenSSL::X509::Certificate.new(pem)
http.key = OpenSSL::PKey::RSA.new(pem, ENV['KEY_PASSWORD'])
http.verify_mode = OpenSSL::SSL::VERIFY_NONE
http.start {
if format == 'get'
request = Net::HTTP::Get.new(apipath)
elsif format == 'put'
request = Net::HTTP::Put.new(apipath)
end
http.request(request) {|res|
respond_to do |format|
result = { :message => res.body }
format.json { render :json => result }
end
}
}
end


I can pass it an appropriate URL such as:

callSmart('https://api.prod.smartservices.car2go.com/vega/vehicles/CAR01?fields=connection.connected','get')

and get the result:

{"message":"{\"connection\":{\"connected\":true}}"}

So far, so good. However I then tried calling one of the actions on the car, rather than passively requesting data:

callSmart('https://api.prod.smartservices.car2go.com/vega/vehicles/CAR01/blink','put')

This got me the following response:

{"message":"{\"message\":\"Service is not authenticated\"}"}

Given that it's running the same authentication code, do you have any idea why one is working and the other not?