Unable get pass the login

jsudhams
Dear All,
I am getting "The remote server returned an error: (403) Forbidden" Error.

I read the nodeJs and Python code to refer to post Url/Uri for access token which was https://api.kite.trade/session/token with api_key, request_token and checksum as parameter

Below is my code


========================================================
Private Sub btnGetAccessToken()


Dim request As HttpWebRequest
Dim response As HttpWebResponse = Nothing
Dim Url As String


Url = "https://api.kite.trade/session/token"

System.Net.ServicePointManager.Expect100Continue = False
' Create the web request

request = DirectCast(WebRequest.Create(Url), HttpWebRequest)
request.Method = "POST"

Dim PostString As String

PostString = "api_key=" & txtApiKey.Text & "&request_token=" & txtRequestToken.Text & "&checksum=" & txtCheckSum.Text

request.ContentType = "application/x-www-form-urlencoded"
request.ContentLength = PostString.Length
request.UserAgent = "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
request.Accept = "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8"
request.Referer = "https://api.kite.trade/"



Dim requestWriter As New StreamWriter(request.GetRequestStream())
requestWriter.Write(PostString)
requestWriter.Close()

' Get response

response = DirectCast(request.GetResponse(), HttpWebResponse)


Dim reader As New StreamReader(response.GetResponseStream())
Dim responseFromServer As String = reader.ReadToEnd()

Me.txtAccessToken.Text = responseFromServer
End Sub
==================================================

Please help with this , if this work out i could release a package for folks who need this.
Kailash Hope you can help with this.
  • Kailash
    @jsudhams 403 on a the token exchange call most likely is due to an invalid checksum (txtCheckSum). Can you paste the bit where you're computing it?
  • jsudhams
    Dear Kailash,
    Here is the calling function for has generartion

    Dim checksum As String = EncryptSHA256Managed(txtApiKey.Text & txtRequestToken.Text & txtApiSecret.Text)

    txtCheckSum.Text = checksum


    '/// Called function

    Public Function EncryptSHA256Managed(ByVal ClearString As String) As String

    Dim bytClearString() As Byte = Encoding.UTF8.GetBytes(ClearString)
    Dim sha As New System.Security.Cryptography.SHA256Managed()
    Dim hash() As Byte = sha.ComputeHash(bytClearString)
    Dim checksum As String
    checksum = ""
    For Each x In hash
    checksum += String.Format("{0:x2}", x)
    Next

    Return checksum

    End Function

    I check the created hash with http://www.xorbin.com/tools/sha256-hash-calculator and it matches
  • Kailash
    Hm, if the hash matches, then it has to be an issue with the request. Can you paste the JSON body (this'll have the error message) accompanying the 403 response?
  • jsudhams
    in error 403 exception , there was no data only header as application\json and due to forbidden error the data was empty.
    Also, any reason why the https://api.kite.trade/session/token URL always comes with "GeneralException" "Route not found" ? This looks like an invalid URL from client side view.

    In case any other route like https://api.kite.trade/orders does always give "Input Exception" that means route is working but in case /session/token it always comes back with "Route not found" when we try manually. Maybe that has something to with this issue which other users also seem to have.

    Here is my complete code



    ========================Start of Code================
    Imports System.IO
    Imports System.Net
    Imports System.Security.Cryptography
    Imports System.Text

    Public Class Form1
    Private Sub btnConnect_Click(sender As Object, e As EventArgs) Handles btnConnect.Click

    Dim url As String

    url = "https://kite.trade/connect/login?api_key=myapikey"

    wb.ScriptErrorsSuppressed = True
    wb.Navigate(New Uri(url))

    End Sub

    Private Sub wb_Navigated(sender As Object, e As WebBrowserNavigatedEventArgs) Handles wb.Navigated
    Dim SessionUrl As String

    ' get the request token which seem to be same as session id
    SessionUrl = wb.Url.ToString

    Dim RequestToken As String
    RequestToken = Web.HttpUtility.ParseQueryString(SessionUrl)("request_token")
    txtRequestToken.Text = RequestToken

    End Sub

    Public Function EncryptSHA256Managed(ByVal ClearString As String) As String

    Dim bytClearString() As Byte = Encoding.UTF8.GetBytes(ClearString)
    Dim sha As New System.Security.Cryptography.SHA256Managed()
    Dim hash() As Byte = sha.ComputeHash(bytClearString)
    Dim checksum As String
    checksum = ""
    For Each x In hash
    checksum += String.Format("{0:x2}", x)
    Next

    Return checksum

    End Function

    Private Sub btnGetAccessToken_Click(sender As Object, e As EventArgs) Handles btnGetAccessToken.Click


    Dim request As HttpWebRequest
    Dim response As HttpWebResponse = Nothing
    Dim Url As String
    Try

    Dim checksum As String = EncryptSHA256Managed(txtApiKey.Text & txtRequestToken.Text & txtApiSecret.Text)

    txtCheckSum.Text = checksum


    Url = "https://api.kite.trade/session/token"

    System.Net.ServicePointManager.Expect100Continue = False
    ' Create the web request



    Dim PostString As String

    PostString = "api_key=" & txtApiKey.Text & "&request_token=" & txtRequestToken.Text & "&checksum=" & txtCheckSum.Text

    request = DirectCast(WebRequest.Create(Url), HttpWebRequest)
    request.Method = "POST"

    request.ContentLength = PostString.Length

    Dim requestWriter As New StreamWriter(request.GetRequestStream())
    requestWriter.Write(PostString)
    requestWriter.Close()

    ' Get response
    response = DirectCast(request.GetResponse(), HttpWebResponse) ' getting the error here as 403

    Dim reader As New StreamReader(response.GetResponseStream())
    Dim responseFromServer As String = reader.ReadToEnd()

    txtAccessToken.Text = responseFromServer

    request.GetResponse().Close()

    response.Close()
    reader.Close()

    Catch ex As Exception
    Debug.Print(ex.Message)
    Debug.Print(ex.StackTrace)

    End Try
    End Sub


    End Class
    ==================End of Code======================

  • Kailash
    https://api.kite.trade/session/token only accepts POST, that's why it throws a "Route not found" when you try to access it from your browser (which sends a GET request).
  • jsudhams
    hmm ok but then not sure I still receive 403 so i changed the code...
  • jsudhams
    I still want to why we are getting Error 403 when all the data is posted to /session/token correctly
  • Kailash
    The 403 response will come with an error message describing the problem in the response body (JSON). What does the body say?
Sign In or Register to comment.