Application Development Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Showing results for 
Search instead for 
Did you mean: 
A New Home in the New Year for SAP Community!

SAP Developer Challenge - APIs - Task 5 - Call the country date format API endpoint

qmacro
Employee
Employee

(Check out the SAP Developer Challenge - APIs blog post for everything you need to know about the challenge to which this task relates!)

Now you're familiar with the Date and Time API, you are in a position to try out one of the endpoints.

Background

For many APIs on the SAP Business Accelerator Hub there are options to "try out" the endpoints. You can define your own environment that you can then use to connect to from the hub:

add-new-environment.png

There's also a sandbox environment that's available for some of the API packages too, and this Date and Time API is one that is available in this sandbox environment.

Your task

Your task is to make a call to a specific endpoint in this API.

That endpoint is one of those that you might have seen in the previous task, but not one that met the criteria of that task. It's this one:

/getCountryDateFormat

The reason it doesn't meet the criteria is because a response to a request to this endpoint is returned in a text representation, i.e. MIME type text/plain, and not JSON.

You must specify the value DE for the country parameter.

But rather than just use the Try Out facility on the hub, you should instead make the call using an HTTP client of your choice. There's some examples given in the Hints and tips section of Task 0.

In order to "persuade" you to make the HTTP call yourself, you need not only the response to such a call, but you'll need also a specific header from the HTTP response. That header is a custom header, i.e. is prefixed with x- and relates to a traditional programming language in the SAP world.

So you need to take two values:

  • the content of the response payload (remember, it is in a text/plain representation)
  • the x- prefixed SAP language related header name, as it appears in the HTTP response

The header name should already appear in lower case, but please make sure it is, i.e. before you use it (see the next paragraph), ensure that it is all-lowercase.

You must join these two values together into a single string, concatenated with a comma.

It's this single string that you must send to be hashed and shared in a reply to this discussion thread as described in Task 0.

So for example, if the response payload was:

"banana"

and the response headers looked like this:

Date: Thu, 27 Jul 2023 12:05:40 GMT
Content-Type: application/json
Content-Length: 12
Connection: keep-alive
vary: Accept-Encoding
x-abap-hidden-header: 123.456ms
x-request-id: 54dcdcb3-cf10-4d2b-6a2d-64ad846bd1e5
x-response-time: 417.10979ms
x-vcap-request-id: 54dcdcb3-cf10-4d2b-6a2d-64ad846bd1e5
strict-transport-security: max-age=31536000; includeSubDomains; preload;
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false

then the string to hash would be:

"banana",x-abap-hidden-header

Hints and tips

You'll need to find out how to authenticate the HTTP request, and provide the appropriate authentication details. If you don't, your request will be refused, with an HTTP 401 status code. Here's an example, where you see the headers of the request (identified with > characters at the start of the line) and of the response (identified with < characters at the start of the line):

> GET /dateandtime/getTimezoneFromLocation?country=DE HTTP/1.1
> Host: sandbox.api.sap.com
> User-Agent: curl/7.74.0
> Accept: */*
> 
< HTTP/1.1 401 Unauthorized
< Date: Thu, 27 Jul 2023 11:59:48 GMT
< Content-Type: application/json
< Content-Length: 146
< Connection: keep-alive
< 

You'll also receive some JSON in the response body telling you what's missing.

In order to get the authentication details you need, you'll need to be logged on to the hub.

You'll need to get your HTTP client or client library to emit the details of the HTTP response, so you can see the headers and find the one required. For example with curl, you could use the --include option, or even the --verbose option.

For discussion

Have you seen x- prefixed headers before? What does this prefix signify? Is this still common practice these days?

105 REPLIES 105

harsh_itaverma
Galactic 4
Galactic 4
0 Kudos

8898365d70a3e31036797f78e85a8eceda5260ea364eb7a330d8773659f2edaf

seVladimirs
Galactic 4
Galactic 4
0 Kudos

a0e16215ca28402d1eaf56a13e910bebd2b5682a9c872e5644bc00c95463fd84

Frank_Haschick
Galactic 3
Galactic 3
0 Kudos

a52cde5e66513754cf02d111c5c2f5d15be911419ee2debc8c4b6b0802e4c2ac

abdullahgunes
Galactic 3
Galactic 3
0 Kudos
2af2f9128fc1834076ba842e8e9d855aa1b6f0819e8b03ae099dbcd68a43a12c

kasch-code
Galactic 3
Galactic 3
0 Kudos

72e3182f0cb7b921df9012f370a88a2ab2b6444ae43b879e6b120cc20e2824c0

Tomas_Buryanek
Galactic 4
Galactic 4
0 Kudos

63d3f3e7ab25200c3e63c644bebb0130c9ae8de6a5396e038d43eea2207d8250

RaulVega
Galactic 3
Galactic 3
0 Kudos

360de92ace3f6adb20237b7f60be042d131b65e4556a140c078eb904d1b3643c

prachetas
Galactic 2
Galactic 2
0 Kudos

0fde67cdda4944a297a25fcd288fbb36baf06010b762c340272af55b9fcc32fb

beserk
Galactic 3
Galactic 3
0 Kudos

a2bbf5a6ed4de3bc82a1cd3bb88c925c2c4bc770ed49ae181bda82b8e0e8bee2

jasshauer
Galactic 3
Galactic 3
0 Kudos

26b5e27d9dac255a55d0d94a2819452bd079d57e3cb629480939071fe5384a26

anupamduttaroy
Galactic 4
Galactic 4
0 Kudos

a0e16215ca28402d1eaf56a13e910bebd2b5682a9c872e5644bc00c95463fd84

SandipAgarwalla
Galactic 4
Galactic 4

So looks like I am missing something here. I executed the API using Postman, only had to set the APIkey. Setting any header with "x-" in response was not needed. What am I missing here?  Thanks

You might want to check the instructions. There is nowhere in there that requires you to set and send an 'x-' prefixed header ... 🙂

Yes, it was my bad 😶

anupamduttaroy
Galactic 4
Galactic 4

@qmacro The response text is in uppercase, do we need to use it as lowercase as well? 

Checked with few community ids; my hash value is not matching with most of the responses except @seVladimirs . Not sure who are missing something here. 🙂

-Anupam

 

Are you sure you called the correct endpoint? According to the task it should be 

/getCountryDateFormat

Thanks @kasch-code ... good tip 😉

Thanks a lot @kasch-code . I clicked on 'Try Out' reach to API Hub and assumed it to be the required endpoint. My bad. 

-Anupam 

qmacro
Employee
Employee

Greetings lovely participants!

Just a quick note to suggest you check you've followed the instructions carefully, I see from the logs that some of you may seem to be calling a different API endpoint. Remember that the response from the call should be a date format. Not a timezone 🙂

0 Kudos

Oh, wait then my answer is wrong 🤓

Thanks for this hint 

0 Kudos

@qmacro Thanks DJ. I thought 'Try Out' had taken me to right endpoint. 😞 

I have edited my response. Hope that counts. 😄

-Anupam

qmacro
Employee
Employee

Thanks for checking! But note that the payload of the response is not all in upper case. And anyway, the instructions only ask that you set the response header to lower case, not the payload value.

SandipAgarwalla
Galactic 4
Galactic 4
0 Kudos

708584f7fd7d86f075d7ad190561529c92a74064dec51d4a373a06fce5280ed8

thomas_jung
Employee
Employee
0 Kudos

22e01ea0196151197a3c4cd615593b4400a20690e0055cf8c543bf9270e5c57a

FooThePolarBear
Galactic 2
Galactic 2
0 Kudos

145933fc85999421a687e80f912a7537779cb8d7c14ebdb97813eb5e6cf21076

sabarna17
Galactic 3
Galactic 3
0 Kudos

c686c6f524bc489a35472b0d65cf9841645cd322d28b965f849ce8e394f9b441

0 Kudos

Hi @sabarna17 thanks for sharing the screenshot. But you might want to check the instructions in Task 0 for sharing your hash 😉

Thanks @qmacro  - I missed the note. Removing all the screenshots from all the task submissions. Hope that rectifies my older submissions.

dan_wroblewski
Employee
Employee
0 Kudos

a46d7af3115a59ddfe85080a32cc24cb501f0246bfdd97602afa943515cfc25d




--------------
See all my blogs and connect with me on Twitter / LinkedIn

se38
Galactic 4
Galactic 4
0 Kudos

1d777061ea2555802448a901ec53f8b1bb49435eb34a9bfe1b030cd8848b8325

Best practice is to not use any X-prefixes anymore (see also RFC6648 from 2012!)

More important: publish as few information about the API server as possible to the outside. It's just an additional attack vector which provides no real value.

0 Kudos

Indeed! It made sense at the time, but adoption of a previously non-standard header towards becoming a standard meant that existing implementations would break or at least have to be changed to remove the `x-` prefix.

martinstenzig
Galactic 4
Galactic 4
0 Kudos

f67e520a4f13141549085d2fe25f379e888fe1c0e89ad1076a5c05d5e95ea301

eakucuk
Galactic 3
Galactic 3
0 Kudos

ee27d875453ed847da5ab9c8ff23115a623dacba2a2646ba6d95e17109f805d0

ecem_yalim
Galactic 3
Galactic 3
0 Kudos

ecf219afc085d5c4c5bd0872f4090c0ee37a83e6123abee827b894e6870fe09f

SyamisUnique
Galactic 3
Galactic 3
0 Kudos

c77feb91f1a4cbf95d354d13ecfcd4a08243a46f574959f6f85528132547ba66

ajmaradiaga
Employee
Employee
0 Kudos

7bc63bbe57fac0f9d441388f3878ebc0f116d07eff8445ca39cc0a7a34c4e7f2

choujiacheng
Galactic 3
Galactic 3
0 Kudos

da1674412189329742f9adfc7111dd0a0dae5a45838f3315e9dd78c0c0d8a31a

An x-prefix is a customised header used to annotate the HTTP request. It is something I never noticed before, even though I have used API calls a lot during development for one of my apps. These days, some would prefer to fully customise their custom header names to something more identifiable to their brand without relying on the x-prefix.