ALM Rest API : site-session returns 'The remote server returned an error: (400) Bad Request.'

Question

I am getting '(400) Bad Request.' when I try complete authenticate against an ALM REST API, the first part (authentication) is successful) and I get the LWSSO_COOKIE_KEY, but site-session always fails with a 400 error code.

What am I doing wrong please... very confused!

    // Authentication XML : 0 = User, 1 = Password
    private const string AuthenticationXML = @"<alm-authentication>" +
        "<user>{0}</user><password>{1}</password></alm-authentication>";

    baseRequestURL = settings.QualityCentreURL + "/qcbin/";

Authentication is done first (and is successful) :

string authRequest = baseRequestURL + "authentication-point/alm-authenticate";
HttpWebRequest myauthrequest = (HttpWebRequest)WebRequest.Create(authRequest);

string xml = String.Format(AuthenticationXML, qcSettings.Username, qcSettings.Password);

byte[] Requestbytes = Encoding.UTF8.GetBytes(xml);
myauthrequest.Method = "POST";
myauthrequest.ContentType = "application/xml";
myauthrequest.ContentLength = Requestbytes.Length;
myauthrequest.Accept = "application/xml";

Stream RequestStr = myauthrequest.GetRequestStream();
RequestStr.Write(Requestbytes, 0, Requestbytes.Length);
RequestStr.Close();
HttpWebResponse myauthres = (HttpWebResponse)myauthrequest.GetResponse();

authenticationCookie = myauthres.Headers.Get("Set-Cookie"); 

The Site-Session code is :

    public void GetSiteSession()
    {
        // Creat the web request fore site-session.
        string request = baseRequestURL + "rest/site-session";
        HttpWebRequest webRequest = (HttpWebRequest)WebRequest.Create(request);

        string xml = String.Empty;
        byte[] requestbytes = Encoding.UTF8.GetBytes(xml);

        // Update the attributes before sending.
        webRequest.Method = "POST";
        webRequest.ContentType = "application/xml";
        webRequest.Accept = "application/xml";
        webRequest.Headers.Set(HttpRequestHeader.Cookie, authenticationCookie);

        try
        {
            Stream requestStream = webRequest.GetRequestStream();
            requestStream.Write(requestbytes, 0, requestbytes.Length);
            requestStream.Close();

            HttpWebResponse webRequestResponse = (HttpWebResponse)webRequest.GetResponse();
            Stream responseStream = webRequestResponse.GetResponseStream();
            XDocument doc = XDocument.Load(responseStream);
        }
        catch (System.Net.WebException except)
        {
            Console.WriteLine(except.Message);
        }
    }

I have tried cutting ;Path=/;HTTPOnly from LWSSO_COOKIE_KEY as per this question , but to no avail.

The API reference I found( here ) seems to be a big vague or, possibly that I haven't understood it... :P

Answer 1

Apologies, it seems that with 12.53 I should have been using 'api/authentication/sign-in'

        string requestURL = baseRequestURL + "api/authentication/sign-in";

        try
        {
            HttpWebRequest request = (HttpWebRequest)WebRequest.Create(requestURL);

            var credentials = String.Format("{0}:{1}", qcSettings.Username, qcSettings.Password);
            request.CookieContainer = authenticationCookieContainer;
            request.Headers.Set(HttpRequestHeader.Authorization, "Basic " + Convert.ToBase64String(Encoding.UTF8.GetBytes(credentials)));

            var authResponse = request.GetResponse();
            errorString = String.Empty;
        }
        catch (System.Net.WebException except)
        {
            errorString = except.Message;
            return false;
        }

        errorString = String.Empty;
        return true;
    }