2

The 23andme web site has an API and they give the following instructions:

Send a POST /token/ request with these parameters (client_id and client_secret are on your dashboard):

curl https://api.23andme.com/token/
 -d client_id=xxx \
 -d client_secret=yyy \
 -d grant_type=authorization_code \
 -d code=zzz \
 -d "redirect_uri=https://localhost:5000/receive_code/"
 -d "scope=basic%20rs3094315"

If successful, you'll get a 200 JSON response like this:

{"access_token":"89822b93d2",
 "token_type":"bearer",
 "expires_in": 86400,
 "refresh_token":"33c53cd7bb",
 "scope":"rs3094315 basic"}

So, here's what I tried, but it didn't work. I know Ruby, but have never used net/http or uri.

def self.get_token(code)
    uri = URI.parse("https://api.23andme.com/token")
    https = Net::HTTP.new(uri.host, uri.port)
    https.use_ssl = true

    request = Net::HTTP::Post.new(uri.path)

    request["client_id"]     = 'my client id goes here'
    request["client_secret"] = 'my client secret goes here'
    request["grant_type"]    = 'authorization_code'
    request["code"]          = code
    request["redirect_uri"]  = 'http://localhost:3000'
    request["scope"]         = 'names basic haplogroups relatives'

    response = https.request(request)
    return response.to_s
end
tommy.carstensen
  • 8,962
  • 15
  • 65
  • 108
Wayne Magor
  • 23
  • 4
  • This is another thing - I think my answer resolved your original question. Try setting `http.verify_mode = OpenSSL::SSL::VERIFY_NONE` after the line `https.use_ssl = true` – Rafa Paez Mar 20 '14 at 23:35

2 Answers2

0

You are doing it right using curl with the -d option to set the parameter in the body of the POST request. However, with the Net::HTTP::Post object, the syntax request["key"] = value is used to set the headers of the Http object.

Use set_form_data to set all the parameters into the body of the POST request.

For example, use it in this way:

request.set_form_data({"client_id" => "my client id goes here", "code" => code})

The following will clarify the above:

$ > request["client_id"] = 'my client id goes here'
# => "my client id goes here" 
$ > request.body
# => nil # body is nil!!!
$ > request.each_header { |e| p e }
# "client_id"
# => {"client_id"=>["my client id goes here"]} 

$ > request.set_form_data("client_secret" => 'my client secret goes here')
# => "application/x-www-form-urlencoded" 
$ > request.body
# => "client_secret=my+client+secret+goes+here" # body contains the added param!!!
Rafa Paez
  • 4,820
  • 18
  • 35
  • Thank you for the response. I have implemented this and it now gets back a #. The https.verify_mode mod made a difference. There must be just one little thing that is still wrong. – Wayne Magor Mar 21 '14 at 02:35
0

I just wanted to post the code that worked. Thanks to Rafa.

def self.get_token(code)
    uri = URI.parse("https://api.23andme.com/token")
    https = Net::HTTP.new(uri.host, uri.port)
    https.use_ssl = true
    https.verify_mode = OpenSSL::SSL::VERIFY_NONE

    request = Net::HTTP::Post.new(uri.path,
                initheader = {'Content-Type' =>'application/json'})

    request.set_form_data({"client_id"     => 'my client id',
                           "client_secret" => 'my client secret',
                           "grant_type"    => 'authorization_code',
                           "code"          => code,
                           "redirect_uri"  => 'http://localhost:3000/receive_code/',
                           "scope"         => 'names basic haplogroups relatives'})

    response = https.request(request)
    data = JSON.load response.read_body

    return data["access_token"]
end
Wayne Magor
  • 23
  • 4