400 BAD REQUEST when using Nest API for Authorization

Question

I am currently trying to use the Nest API but I can't get past the authorization part. Here is the PHP code I use to call the API :

//access token url used for authorization 
$url="https://api.home.nest.com/oauth2/access_token?code=".$_GET['pin']."&client_id=".$api_key."&client_secret=".$secret_key."&grant_type=authorization_code"; 
$ch = curl_init ($url);

curl_setopt ($ch, CURLOPT_RETURNTRANSFER, true);

//https
curl_setopt($ch, CURLOPT_SSLVERSION,1);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);

curl_setopt($ch, CURLOPT_POST,true);

//to have headers in response
curl_setopt($ch, CURLOPT_HEADER, 1);

$result = curl_exec ($ch);
if($result){ 
    echo "Result : " .$result;
}else{
    echo curl_error($ch);
}

And I get the following result for this call :

Result : HTTP/1.1 200 Connection established HTTP/1.1 400 BAD_REQUEST Content-Length: 0 Connection: Close

Is there other options I need to set in order to get it working?

EDIT : The generated url ($url) works fine with HTTPRequester (Firefox addon) so the problem comes most certainly from the curl request itself

Thanks in advance.

"The 400 Bad Request error is an HTTP status code that means that the request you sent to the website server (e.g. a request to load a web page) was somehow malformed therefore the server was unable to understand or process the request." — , Jan 15 '15 at 16:11
Is there a particular reason you're setting CURLOPT_SSL_VERIFYPEER to `false`? (I don't think it's directly relevant to the problem, but it makes me curious.) — Matt Gibson, Jan 16 '15 at 09:07
Also—is this all your code, or is there more later? Is anything else echoing below the curl_error echo you're showing in the question? I'm a little nonplussed by you apparently getting both a 200 and a 400 response. — Matt Gibson, Jan 16 '15 at 09:15
@MattGibson This is almost all the code : the api key and secret are not shown here but that's all. Commenting the CURLOPT_VERIFYPEER or setting it to `true` gives me this error : `SSL certificate problem: self signed certificate in certificate chain`. — ToasterChips, Jan 16 '15 at 09:32
@ToasterChips In that case I would suggest you to create your own Certificate. Have a look at http://unitstep.net/blog/2009/05/05/using-curl-in-php-to-access-https-ssltls-protected-sites/ — Gaurav Dave, Jan 16 '15 at 09:36
@GauravDave I now have this error `error setting certificate verify locations: CAfile: -home.nest.com.crt CApath: C:\wamp\www\testAPI\ajax`. I searched quickly what could be the problem but I didn't find relevant information. — ToasterChips, Jan 16 '15 at 10:08
You may find your answer here: http://stackoverflow.com/questions/14448815/how-to-make-an-https-request-using-curl — Gaurav Dave, Jan 16 '15 at 10:11
@GauravDave The call worked by executing the code on a server where I had set up https. That didn't exactly solve the problem using wamp but at least I get something working. Thanks a lot for the information! — ToasterChips, Jan 16 '15 at 10:29
Note that Nest returns 400 bad request even if the request conforms to the HTTP spec and is just missing parameters required by the Nest API; you should check the response body nonetheless. — , Jan 16 '15 at 20:58
All the response was included in the result : the body for the call was empty. — ToasterChips, Jan 19 '15 at 08:20

score 0 · Answer 1 · answered Jan 16 '15 at 08:20

0

HTTP Status codes

400 - Bad request - typically this occurs when a bad parameter is given to a method

So, try this:

echo $url;
exit;

before:

$ch = curl_init ($url);

and copy paste that url to your browser address bar. See where you're posting wrong parameter.

See, if that helps.

answered Jan 16 '15 at 08:20

Gaurav Dave

6,838
9
25
39

Tried the request with the Firefox extension HttpRequester (since the request needs to be POSTed) with the generated url and I successfully receive a token. This means the problem comes from the curl part of the code, but where? – ToasterChips Jan 16 '15 at 08:40
Add this: curl_setopt($ch, CURLOPT_VERBOSE, 1); to your code. Visit http://curl.haxx.se/mail/curlphp-2008-03/0064.html. Might tell you where it is failing. – Gaurav Dave Jan 16 '15 at 08:53
Adding this doesn't provide any additional information. Might be because there is no curl error with the call (I have a 200 code then a 400 in the response header) – ToasterChips Jan 16 '15 at 09:39

score 0 · Answer 2 · answered Nov 29 '19 at 04:31

I think dev and inspect are running on same port. so remove the port and host for inspect on node by setting "inspect": false

angular.json

"serve": {
  "builder": "@nrwl/node:execute",
  "options": {
    "buildTarget": "api:build",
    "inspect": false
  }
},

400 BAD REQUEST when using Nest API for Authorization

2 Answers2