Help with ESP8266 usage of API

billp9 · June 7, 2021, 4:02pm

I will admit I only sort of know what I am doing, especially around SSL. Help appreciated, especially if I am doing something stupid.
I am trying to setup a command to Rachio (gen 3) to turn on a valve when my fountain level goes low. Using an ESP8266 and c-code.

For a test, I am only trying to get my person ID.
On my PC with a Win 10 CMD window, if I use the following command and0 I get my personal ID (I also have curl commands that work for turning on the valve, but lets keep this simple):
curl -v https://api.rach.io/1/public/person/info -H “Authorization: Bearer my-bearer-API-id”
That suggests I have the correct bearer and since a valve works, I also have my personal ID.

I want to code that in the ESP8266. I have the SSL certificate and fingerprint updated. Below is the code. It succeeds in the initial 'client.connect", but when I then ask for the info, I get a message:

{“errors”:[{“message”:“The client is not authorized.”}]}

When I do the curl command -v (verbose) I get a LOT of handshaking messages and get more info messages which I think must be the secure permissions activity.
Any thoughts on my code? Or is there a higher level of security that Rachio uses that an ESP8266 doesn’t support?

Parts of ESP8266 code

…

const char fingerprint PROGMEM = “8f9ae2ecdf807656888d6f68b80e3a95f55e39cf”;
const char* host = “api.rach.io”;
const int httpsPort = 443;

…

WiFiClientSecure client;
client.setFingerprint(fingerprint);
Serial.print("Connecting to ");
Serial.println(host);

if (!client.connect(host, httpsPort)) {
Serial.println(“Connection failed”);
return;
}

String url = “/1/public/person/info”;
Serial.print("Requesting URL: ");
Serial.println(url);

client.print(String("GET “) + url + " HTTP/1.1\r\n” +
"Host: " + host + “\r\n” +
“Authorization: Bearer 219b20a9-xxxx-xxxx-xxxx-6e887f2dxxxx” +
“Connection: close\r\n\r\n”);

Serial.println(“Request sent”);
while (client.connected()) {
String line = client.readStringUntil(‘\n’);
if (line == “\r”) {
Serial.println(“Headers received”);
break;
}
}
String line = client.readStringUntil(‘\n’);

Serial.println(“Reply was:”);
Serial.println(“==========”);
Serial.println(line);
Serial.println(“==========”);
Serial.println(“Closing connection”);
}

Gene · June 7, 2021, 4:17pm

I think you forgot “\r\n” between Authorization and Connection headers.

billp9 · June 7, 2021, 4:46pm

ARGGGGGGGGH, I stared at that code for hours…
That fixed it!

Thank you so much.