KB Article #179669
MailGate API calls for Secure Collaboration
Problem
How the API calls should look like to be able to send secure messages through the API.
Resolution
Here is the input and the expected (normal) output examples when CSRF is enabled. If it is disabled just remove all the “?te=
Autherntication:
Auth step 1:
Input:
bb554:~ # curl -v "https://10.232.10.124/api/5.0/preferences" -k
Output:
* About to connect() to 10.232.10.124 port 443 (#0)
* Trying 10.232.10.124... connected
* Connected to 10.232.10.124 (10.232.10.124) port 443 (#0)
* successfully set certificate verify locations:
* CAfile: none
CApath: /etc/ssl/certs/
* SSLv3, TLS handshake, Client hello (1):
* SSLv3, TLS handshake, Server hello (2):
* SSLv3, TLS handshake, CERT (11):
* SSLv3, TLS handshake, Server key exchange (12):
* SSLv3, TLS handshake, Server finished (14):
* SSLv3, TLS handshake, Client key exchange (16):
* SSLv3, TLS change cipher, Client hello (1):
* SSLv3, TLS handshake, Finished (20):
* SSLv3, TLS change cipher, Client hello (1):
* SSLv3, TLS handshake, Finished (20):
* SSL connection using ECDHE-RSA-AES256-SHA
* Server certificate:
* subject: C=ee; ST=ee; L=ee; O=ee; OU=ee; CN=end; emailAddress=end@end.com
* start date: 2017-12-13 11:58:00 GMT
* expire date: 2018-12-13 11:57:00 GMT
* issuer: C=in; ST=in; L=in; O=in; OU=in; CN=inter; emailAddress=inter@inter.com
* SSL certificate verify result: self signed certificate in certificate chain (19), continuing anyway.
> GET /api/5.0/preferences HTTP/1.1
> User-Agent: curl/7.19.7 (x86_64-suse-linux-gnu) libcurl/7.19.7 OpenSSL/0.9.8j zlib/1.2.7 libidn/1.10
> Host: 10.232.10.124
> Accept: */*
>
< HTTP/1.1 401 Unauthorized
< Date: Mon, 05 Feb 2018 14:45:02 GMT
< Server: Apache
< X-Frame-Options: SAMEORIGIN
< X-XSS-Protection: 1; mode=block
< Set-Cookie: JSESSIONID=6CE5C6FF06E74647852CB86D1A1DB25D; Path=/api; Secure; HttpOnly
< Set-Cookie: te=2C4B8A28DFFC871613ABE38BDEB1609724B084C5E8B0F11C9080F92096F0CCCE;Path=/;Secure;
< Set-Cookie: te=2C4B8A28DFFC871613ABE38BDEB1609724B084C5E8B0F11C9080F92096F0CCCE;Path=/;Secure;
< Content-Encoding: UTF-8
< Content-Length: 82
< Content-Type: application/json
<
* Connection #0 to host 10.232.10.124 left intact
* Closing connection #0
* SSLv3, TLS alert, Client hello (1):
Unauthorized","errorCode":"unauthorized","permissions":["CreateDrafts"]}
Auth step 2:
Input:
bb554:~ # curl -v -d 'j_username=some@none.com&j_password=1' --dump-header headers 'https://10.232.10.124/api/j_security_check' -H 'Cookie: JSESSIONID=6CE5C6FF06E74647852CB86D1A1DB25D;te=2C4B8A28DFFC871613ABE38BDEB1609724B084C5E8B0F1' -k
Output
* About to connect() to 10.232.10.124 port 443 (#0)
* Trying 10.232.10.124... connected
* Connected to 10.232.10.124 (10.232.10.124) port 443 (#0)
* successfully set certificate verify locations:
* CAfile: none
CApath: /etc/ssl/certs/
* SSLv3, TLS handshake, Client hello (1):
* SSLv3, TLS handshake, Server hello (2):
* SSLv3, TLS handshake, CERT (11):
* SSLv3, TLS handshake, Server key exchange (12):
* SSLv3, TLS handshake, Server finished (14):
* SSLv3, TLS handshake, Client key exchange (16):
* SSLv3, TLS change cipher, Client hello (1):
* SSLv3, TLS handshake, Finished (20):
* SSLv3, TLS change cipher, Client hello (1):
* SSLv3, TLS handshake, Finished (20):
* SSL connection using ECDHE-RSA-AES256-SHA
* Server certificate:
* subject: C=ee; ST=ee; L=ee; O=ee; OU=ee; CN=end; emailAddress=end@end.com
* start date: 2017-12-13 11:58:00 GMT
* expire date: 2018-12-13 11:57:00 GMT
* issuer: C=in; ST=in; L=in; O=in; OU=in; CN=inter; emailAddress=inter@inter.com
* SSL certificate verify result: self signed certificate in certificate chain (19), continuing anyway.
> POST /api/j_security_check HTTP/1.1
> User-Agent: curl/7.19.7 (x86_64-suse-linux-gnu) libcurl/7.19.7 OpenSSL/0.9.8j zlib/1.2.7 libidn/1.10
> Host: 10.232.10.124
> Accept: */*
> Cookie: JSESSIONID=6CE5C6FF06E74647852CB86D1A1DB25D;te=2C4B8A28DFFC871613ABE38BDEB1609724B084C5E8B0F11C9080F92096F0CCCE
> Content-Length: 37
> Content-Type: application/x-www-form-urlencoded
>
< HTTP/1.1 302 Moved Temporarily
< Date: Mon, 05 Feb 2018 14:45:47 GMT
< Server: Apache
< X-Frame-Options: SAMEORIGIN
< X-XSS-Protection: 1; mode=block
< Location: https://10.232.10.124/api/5.0/preferences?te=2C4B8...
< Content-Length: 0
<
* Connection #0 to host 10.232.10.124 left intact
* Closing connection #0
* SSLv3, TLS alert, Client hello (1):
Note that JSESSIONID (and CSRF token) is taken from the first response and added to the second and third call.
Auth step 3:
Input:
bb554:~ # curl -v https://10.232.10.124/api/5.0/preferences? -H 'Cookie: JSESSIONID=6CE5C6FF06E74647852CB86D1A1DB25D;te=2C4B8A28DFFC871613ABE38BDEB1609724B084C5E8B0F11C9080F92096F0CCCE' -k
Output:
* About to connect() to 10.232.10.124 port 443 (#0)
* Trying 10.232.10.124... connected
* Connected to 10.232.10.124 (10.232.10.124) port 443 (#0)
* successfully set certificate verify locations:
* CAfile: none
CApath: /etc/ssl/certs/
* SSLv3, TLS handshake, Client hello (1):
* SSLv3, TLS handshake, Server hello (2):
* SSLv3, TLS handshake, CERT (11):
* SSLv3, TLS handshake, Server key exchange (12):
* SSLv3, TLS handshake, Server finished (14):
* SSLv3, TLS handshake, Client key exchange (16):
* SSLv3, TLS change cipher, Client hello (1):
* SSLv3, TLS handshake, Finished (20):
* SSLv3, TLS change cipher, Client hello (1):
* SSLv3, TLS handshake, Finished (20):
* SSL connection using ECDHE-RSA-AES256-SHA
* Server certificate:
* subject: C=ee; ST=ee; L=ee; O=ee; OU=ee; CN=end; emailAddress=end@end.com
* start date: 2017-12-13 11:58:00 GMT
* expire date: 2018-12-13 11:57:00 GMT
* issuer: C=in; ST=in; L=in; O=in; OU=in; CN=inter; emailAddress=inter@inter.com
* SSL certificate verify result: self signed certificate in certificate chain (19), continuing anyway.
> GET /api/5.0/preferences? HTTP/1.1
> User-Agent: curl/7.19.7 (x86_64-suse-linux-gnu) libcurl/7.19.7 OpenSSL/0.9.8j zlib/1.2.7 libidn/1.10
> Host: 10.232.10.124
> Accept: */*
> Cookie: JSESSIONID=6CE5C6FF06E74647852CB86D1A1DB25D;te=2C4B8A28DFFC871613ABE38BDEB1609724B084C5E8B0F11C9080F92096F0CCCE
>
< HTTP/1.1 200 OK
< Date: Mon, 05 Feb 2018 14:46:30 GMT
< Server: Apache
< X-Frame-Options: SAMEORIGIN
< X-XSS-Protection: 1; mode=block
< X-Powered-By: Servlet 2.5; JBoss-5.0/JBossWeb-2.1
< Cache-Control: no-cache
< Expires: 0
< Pragma: no-cache
< Content-Encoding: UTF-8
< Content-Length: 184
< Content-Type: application/json
<
* Connection #0 to host 10.232.10.124 left intact
* Closing connection #0
* SSLv3, TLS alert, Client hello (1):
{"brand":"def","firstName":"","lastName":"","language":"en","junkAction":"default","bulkAction":"default","showSendConfirmation":false,"emailFormat":"html","notifyOnPackageView":false}
At this point the Authentication is successful and it is equivalent as being passed through login page on enduser UI.
Create message:
Input:
bb554:~ # curl -v --insecure -X POST https://10.232.10.124/api/5.0/messages?te=2C4B8A28... -d "to=bobby@best.com" -H "Cookie: JSESSIONID=6CE5C6FF06E74647852CB86D1A1DB25D;te=2C4B8A28DFFC871613ABE38BDEB1609724B084C5E8B0F11C9080F92096F0CCCE; path=/api;Secure;HttpOnly" -H "Content-Type: application/x-www-form-urlencoded; charset=UTF-8"
Output:
* About to connect() to 10.232.10.124 port 443 (#0)
* Trying 10.232.10.124... connected
* Connected to 10.232.10.124 (10.232.10.124) port 443 (#0)
* successfully set certificate verify locations:
* CAfile: none
CApath: /etc/ssl/certs/
* SSLv3, TLS handshake, Client hello (1):
* SSLv3, TLS handshake, Server hello (2):
* SSLv3, TLS handshake, CERT (11):
* SSLv3, TLS handshake, Server key exchange (12):
* SSLv3, TLS handshake, Server finished (14):
* SSLv3, TLS handshake, Client key exchange (16):
* SSLv3, TLS change cipher, Client hello (1):
* SSLv3, TLS handshake, Finished (20):
* SSLv3, TLS change cipher, Client hello (1):
* SSLv3, TLS handshake, Finished (20):
* SSL connection using ECDHE-RSA-AES256-SHA
* Server certificate:
* subject: C=ee; ST=ee; L=ee; O=ee; OU=ee; CN=end; emailAddress=end@end.com
* start date: 2017-12-13 11:58:00 GMT
* expire date: 2018-12-13 11:57:00 GMT
* issuer: C=in; ST=in; L=in; O=in; OU=in; CN=inter; emailAddress=inter@inter.com
* SSL certificate verify result: self signed certificate in certificate chain (19), continuing anyway.
> POST /api/5.0/messages?te=2C4B8A28DFFC871613ABE38BDEB1609724B084C5E8B0F11C9080F92096F0CCCE HTTP/1.1
> User-Agent: curl/7.19.7 (x86_64-suse-linux-gnu) libcurl/7.19.7 OpenSSL/0.9.8j zlib/1.2.7 libidn/1.10
> Host: 10.232.10.124
> Accept: */*
> Cookie: JSESSIONID=02326631892C65F6E690D7E49A3B347D;te=2C4B8A28DFFC871613ABE38BDEB1609724B084C5E8B0F11C9080F92096F0CCCE; path=/api;Secure;HttpOnly
> Content-Type: application/x-www-form-urlencoded; charset=UTF-8
> Content-Length: 17
>
< HTTP/1.1 200 OK
< Date: Mon, 05 Feb 2018 16:07:17 GMT
< Server: Apache
< X-Frame-Options: SAMEORIGIN
< X-XSS-Protection: 1; mode=block
< X-Powered-By: Servlet 2.5; JBoss-5.0/JBossWeb-2.1
< Cache-Control: no-cache
< Expires: 0
< Pragma: no-cache
< Content-Encoding: UTF-8
< Content-Length: 184
< Content-Type: application/json
<
* Connection #0 to host 10.232.10.124 left intact
* Closing connection #0
* SSLv3, TLS alert, Client hello (1):
{"info":"Draft was successfully created","messageId":"f973bd131b3eade6d1c5bdffe211c2fcd5f17f44f9c2f0a19decf6ddb63fbdffbf612fb0aeda45458ec6da12f743236531bf9986cd1541da951b1764581386cc"}
Get Information for a message:
Input:
curl -v -X GET -H 'Cookie: JSESSIONID=02326631892C65F6E690D7E49A3B347D;te=2C4B8A28DFFC871613ABE38BDEB1609724B084C5E8B0F11C9080F92096F0CCCE' https://10.232.10.124/api/5.0/messages/f973bd131b3... -k
Output:
* About to connect() to 10.232.10.124 port 443 (#0)
* Trying 10.232.10.124... connected
* Connected to 10.232.10.124 (10.232.10.124) port 443 (#0)
* successfully set certificate verify locations:
* CAfile: none
CApath: /etc/ssl/certs/
* SSLv3, TLS handshake, Client hello (1):
* SSLv3, TLS handshake, Server hello (2):
* SSLv3, TLS handshake, CERT (11):
* SSLv3, TLS handshake, Server key exchange (12):
* SSLv3, TLS handshake, Server finished (14):
* SSLv3, TLS handshake, Client key exchange (16):
* SSLv3, TLS change cipher, Client hello (1):
* SSLv3, TLS handshake, Finished (20):
* SSLv3, TLS change cipher, Client hello (1):
* SSLv3, TLS handshake, Finished (20):
* SSL connection using ECDHE-RSA-AES256-SHA
* Server certificate:
* subject: C=ee; ST=ee; L=ee; O=ee; OU=ee; CN=end; emailAddress=end@end.com
* start date: 2017-12-13 11:58:00 GMT
* expire date: 2018-12-13 11:57:00 GMT
* issuer: C=in; ST=in; L=in; O=in; OU=in; CN=inter; emailAddress=inter@inter.com
* SSL certificate verify result: self signed certificate in certificate chain (19), continuing anyway.
> GET /api/5.0/messages/f973bd131b3eade6d1c5bdffe211c2fc56a89f2251b95f359b03201f184c7a152b70c5771f2e4422a52189c49ced87adce7c74022353426f9747be814e28f492?te=2C4B8A28DFFC871613ABE38BDEB1609724B084C5E8B0F11C9080F92096F0CCCE HTTP/1.1
> User-Agent: curl/7.19.7 (x86_64-suse-linux-gnu) libcurl/7.19.7 OpenSSL/0.9.8j zlib/1.2.7 libidn/1.10
> Host: 10.232.10.124
> Accept: */*
> Cookie: JSESSIONID=6CE5C6FF06E74647852CB86D1A1DB25D;te=2C4B8A28DFFC871613ABE38BDEB1609724B084C5E8B0F11C9080F92096F0CCCE
>
< HTTP/1.1 200 OK
< Date: Mon, 05 Feb 2018 15:56:30 GMT
< Server: Apache
< X-Frame-Options: SAMEORIGIN
< X-XSS-Protection: 1; mode=block
< X-Powered-By: Servlet 2.5; JBoss-5.0/JBossWeb-2.1
< Cache-Control: no-cache
< Expires: 0
< Pragma: no-cache
< Content-Encoding: UTF-8
< Content-Length: 791
< Content-Type: application/json
<
* Connection #0 to host 10.232.10.124 left intact
* Closing connection #0
* SSLv3, TLS alert, Client hello (1):
{"id":"f973bd131b3eade6d1c5bdffe211c2fc56a89f2251b95f359b03201f184c7a152b70c5771f2e4422a52189c49ced87adce7c74022353426f9747be814e28f492","sender":{"address":"some@None.com","name":""},"recipients":[{"address":"some@none.com","primaryEmail":"some@None.com","name":"some@none.com","category":"to"}],"subject":"1","state":1,"deliveryStatus":{},"expirationPeriod":57,"sendTime":1517577015399,"size":8,"unread":false,"folder":"Inbox","attachments":[],"content":[{"streamId":"f973bd131b3eade6d1c5bdffe211c2fc56a89f2251b95f359b03201f184c7a152b70c5771f2e4422a52189c49ced87adce7c74022353426f9747be814e28f492eb98f396e9b8477dbe13c4f76d18716f","type":"text\/plain","size":8,"streamType":1}],"rejectReason":"","brand":"def","brandingType":0,"isDailyLimitReached":false,"isSenderOrSenderIsRecipient":true}
Check sent folder:
Input:
bb554:~ # curl -v https://10.232.10.124/api/5.0/folders/Sent?te=4FB8... -H 'Cookie: JSESSIONID=02326631892C65F6E690D7E49A3B347D;te=4FB83AC890AAE1C653B61EE08CFEE1EED47EB8FDEC0A422C02FD2045AB901B73' -k
Output:
* About to connect() to 10.232.10.124 port 443 (#0)
* Trying 10.232.10.124... connected
* Connected to 10.232.10.124 (10.232.10.124) port 443 (#0)
* successfully set certificate verify locations:
* CAfile: none
CApath: /etc/ssl/certs/
* SSLv3, TLS handshake, Client hello (1):
* SSLv3, TLS handshake, Server hello (2):
* SSLv3, TLS handshake, CERT (11):
* SSLv3, TLS handshake, Server key exchange (12):
* SSLv3, TLS handshake, Server finished (14):
* SSLv3, TLS handshake, Client key exchange (16):
* SSLv3, TLS change cipher, Client hello (1):
* SSLv3, TLS handshake, Finished (20):
* SSLv3, TLS change cipher, Client hello (1):
* SSLv3, TLS handshake, Finished (20):
* SSL connection using ECDHE-RSA-AES256-SHA
* Server certificate:
* subject: C=ee; ST=ee; L=ee; O=ee; OU=ee; CN=end; emailAddress=end@end.com
* start date: 2017-12-13 11:58:00 GMT
* expire date: 2018-12-13 11:57:00 GMT
* issuer: C=in; ST=in; L=in; O=in; OU=in; CN=inter; emailAddress=inter@inter.com
* SSL certificate verify result: self signed certificate in certificate chain (19), continuing anyway.
> GET /api/5.0/folders/Sent?te=4FB83AC890AAE1C653B61EE08CFEE1EED47EB8FDEC0A422C02FD2045AB901B73 HTTP/1.1
> User-Agent: curl/7.19.7 (x86_64-suse-linux-gnu) libcurl/7.19.7 OpenSSL/0.9.8j zlib/1.2.7 libidn/1.10
> Host: 10.232.10.124
> Accept: */*
> Cookie: JSESSIONID=02326631892C65F6E690D7E49A3B347D;te=4FB83AC890AAE1C653B61EE08CFEE1EED47EB8FDEC0A422C02FD2045AB901B73
>
< HTTP/1.1 200 OK
< Date: Mon, 05 Feb 2018 16:09:33 GMT
< Server: Apache
< X-Frame-Options: SAMEORIGIN
< X-XSS-Protection: 1; mode=block
< X-Powered-By: Servlet 2.5; JBoss-5.0/JBossWeb-2.1
< Cache-Control: no-cache
< Expires: 0
< Pragma: no-cache
< Content-Encoding: UTF-8
< Content-Length: 938
< Content-Type: application/json
<
* Connection #0 to host 10.232.10.124 left intact
* Closing connection #0
* SSLv3, TLS alert, Client hello (1):
{"nRecords":1,"nDisplayRecords":1,"folderId":"f973bd131b3eade6d1c5bdffe211c2fc9f0d7515049e1cef2326ab75da631cb9","data":[{"id":"f973bd131b3eade6d1c5bdffe211c2fc9f0d7515049e1cef2326ab75da631cb92b70c5771f2e4422a52189c49ced87ad907fc595677a40b89a0bb28b8de10084","sender":{"address":"some@None.com","name":""},"recipients":[{"address":"some@none.com","primaryEmail":"some@None.com","name":"some@none.com","category":"to"}],"subject":"test","tracking":"received","state":1,"deliveryStatus":{"some@none.com":{"description":"received","descriptionParams":[1517577088934]}},"expirationPeriod":57,"sendTime":1517577015399,"size":8,"unread":false,"isRecallable":true,"folder":"Sent","attachments":[],"content":[{"streamId":"f973bd131b3eade6d1c5bdffe211c2fc9f0d7515049e1cef2326ab75da631cb92b70c5771f2e4422a52189c49ced87ad907fc595677a40b89a0bb28b8de10084eb98f396e9b8477dbe13c4f76d18716f","type":"text\/plain","size":8,"streamType":1}],"rejectReason":""}]}