Ways to finesse HTTP HeaderField constraints?

Question

Paul Shoemaker 2019년 8월 24일

0
링크

이 질문에 대한 바로 가기 링크

https://kr.mathworks.com/matlabcentral/answers/477389-ways-to-finesse-http-headerfield-constraints

댓글: Ken 2024년 2월 13일

Hey folks,

Webwrite isn't meeting my needs for POSTing data to a RESTful web service, so I decided to go with the lower level matlab.net.http.RequestMessage functionality, which sometimes works, but setting the Header with my authorization token sometimes fails depending on the token I get.

URL = 'https://api.tdameritrade.com/v1/accounts/1234567890/orders';
r = matlab.net.http.RequestMessage;
r.Method = 'Post';
r.Header(1).Name = "Authorization";
r.Header(1).Value = "Bearer " + token; % Token is long and changes periodically. **Usually** Matlab throws error

The problem is in setting the Header, which requires a field Name called "Authorization" and the Value of "Bearer " + token. The "token" value is very lengthy, around 1,200 characters (example at bottom of this post) and I have to get a new one every 30min to keep accessing this service. Sometimes Matlab is okay and accepts the token, but most of the tokens are rejected when I try to set the value, giving me an error like the one below:

Screen Shot 2019-08-23 at 7.47.13 PM.png

The Matlab class HeaderField is clearly doing a validation routine on the Value and determining it is not valid.

Here's what I've tried:

Remove space after "Bearer", or using "Bearer%20" or "Bearer+". Matlab accepts this, but then web server returns "unauthorized"
I've noticed that if I take the first 1,144 characters in token then Matlab accepts (e.g. "Bearer " + token(1:1144), but of course the web server returns "unauthorized" since I'm not providing the full token

Any ideas for how to enter "Bearer " + token to avoid the above error?

Here's an example token (I changed one character just to be sure no one can use it):

token = "zgzMa4kOwPmVxbQ3tp0unIp4JIXv1Hzh7fzRs3JmQbTnPVFeXX7oF2pJH+3gL4KYEfXFIuiL7IKHOJRUdxe0HXnU0yN+Gn9cZUyU/eovZVyG4kVTqu47hyDnNkq0C1gShWhBtWcvI8uKjzHjGMJP8Ot2Gjhbw3/l6YfQe3q3PBQ+6wLsSV7gHBm406PukLdql7schTpvrqLi8h308G7OIVrTJB2oXgqfIVGGDYbQNuw6iGamxJUqOZ8Fv8PeRapG92iT8B1p1sW5LFq5Vpu6N2pFgkhoSilmW0aZ+aq03R9V8FYFsZ30/jrNqSxllf3WFELkVYlJlGNOvudzIzJwANcfcl4UzvDYpduN33lOarpIK3a17tRlsjIimtgiLhyxEYlUnVLiuwI5l1+9tkJ0HjC3asEL6kWj+ysW5gx36YWyb8tbhOz5I5wFkqGkcjZNJjUQ12Ou4+DVG/tCwhCHwJOR+x8imWbZqTcDwNRMKyQkn1CXSY463Ycxf3XE6boRBkK2OtAQ/m4Q276i26HhRGjuMFfDW1fzCrrXy23zERVAkAo9t100MQuG4LYrgoVi/JHHvlwCIoz+tGIgiaHeuLUSTR/PGs5RLwaXaMkRXixdeWNw5qOODbq9fsFHe0zBCweEkN8CK5Uxa3+FXv3OtlJUDZ8Pytum96pRkgDPvib1n2sDmtV0DgHc1q2zJqfitAcfS3lmIYPx7RcGBHJV/jn1Ojp6mcN9tu0C8S7u/Mk4gqV+dwkdLIICRGe3u2ASbsX6j16Nrbv+XHy9sxQRVh0eWpvLppM0ICBlSxrZ6qr/d6pYqn505fB6gICX0D+326pFZF/fgcyLnfGjCaHv9v5qMv0LTNooGYZ5BguM4IZGOCts4h+/zm3wGCchBczi3BWh/AXw+fNro1TOAkGDdzshZs6GyBoo52vziYR319E/pep9qDs0talrh1OJGnOOquBhnqY9ej2kzQdDtf3sBxQjSXn3JEIlAcszSCQbPDwwrr5sPDMWuhHsgbuU1+CIGOPEKiL0zi57fne5zTjAvMBov8/FWmCULZ+dEGRiBfdqK4OJMyZn8Kpcq+oN2JYSOBcE+c/6Y3XrOjW/8D1U+Hvb2sYhWk/f1hYh2AHDO2dwlbCoRtPipQ==212FD3x19z9sWBHDJACbC00B75E"

Note that I can set the header with webwrite and successfully use the RESTful service that way, but unfortunately the response when using webwrite is empty and I need the info that gets returned from the non-webwrite approach described above.

Thanks,

Paul S

댓글 수: 3
이전 댓글 1개 표시이전 댓글 1개 숨기기

Ken 2024년 2월 12일

Paul,

I have been spending the day searching for anything on JSON formats for endpoint conditional study orders. I use conditional studies all the time in TOS and must use them as well when using TDA endpoints.

This is because when an order is placed, I want to exit based on studies; either standard or my own custom studies resident on the TDA server. I cannot count on my home PC to exit trades based on studies. I'm sure you know why: power failures, internet service interruptions, PC failures, . . . I don't mind losing entry opportunities when bad things happen, but I sure don't want to be in a trade when bad things happen locally! We are all counting on TDA to have servers that are well maintained with lots of back-up power, redundant processing, virus protection, etc. That forces exit orders to be processed and placed on TDA's servers after entry orders. I want to do more than simple stop loss, trailing stop, or time stop orders.

Have you uncovered the formats for conditional orders based on studies for endpoint orders?

Ken

Paul Shoemaker 2024년 2월 12일

I will admit to doing this level of exit condition checking locally on my PC. There are a few reasons for this:

I have not discovered robust endpoints for making use of custom conditions and/or studies
While there is always the chance of a local machine failure (e.g. power, internet, hardware, etc), my software sends me emails on a regular basis so I'll know if it's down if I don't receive communications from it, and none of my trades/trading is so crucial as to threaten my account in a meaningful way should things go offline for a couple hours. Most of my positions are held on the order of multiple days to several weeks.

Ken 2024년 2월 13일

I suspected this.

The real advantage to robo-trading is entering a position on unexpected moves at all times of the day or night.

It seems necessary to engineer trades that have server exits that can be cancelled/changed by an endpoint preemption.

There are many shock moves . . . and this just might be the way to harvest them!

Happy trading!

댓글을 달려면 로그인하십시오.

이 질문에 답변하려면 로그인하십시오.

Answer 1

Paul Shoemaker 2019년 8월 24일

5
링크

이 답변에 대한 바로 가기 링크

https://kr.mathworks.com/matlabcentral/answers/477389-ways-to-finesse-http-headerfield-constraints#answer_388914

MATLAB Online에서 열기

Hey folks,

I think I may have fixed the issue. The trick seems to be creating a GenericHeader object, which does not validate supplied values. Then assign the GenericHeader field to the RequestMessage Header.

Here's how it looks:

URL = 'https://api.tdameritrade.com/v1/accounts/1234567890/orders';
r = matlab.net.http.RequestMessage;
r.Method = 'Post';
genericHeader = matlab.net.http.field.GenericField('Authorization',"Bearer " + token); % This bypasses Matlab value validation
r.Header = genericHeader; % Assign to RequestMessage. Fortunately, the RequestMessage class accepts generic header objects
r.Body(1).Data = order; % trade/order to POST
response = r.send(URL); % Works like a charm and output contains the info I need.

I hope this helps someone else out there.

Paul S

댓글 수: 24
이전 댓글 22개 표시이전 댓글 22개 숨기기

Paul Shoemaker 2024년 2월 6일

MATLAB Online에서 열기

example.mat

Kenneth,

Happy to help!

TDA has several examples for various order types in the API developer guide. Examples here.

I'm attaching an example .mat file that contains a very simple order to buy three shares of Apple Inc. ("Buy 3 APPL"). The variable contained in the .mat file is called "orderExample."

Then, you can submit this order like so:

r = matlab.net.http.RequestMessage; % Create generic request object and populate below
URL = ['https://api.tdameritrade.com/v1/accounts/' ACCOUNT '/orders']; % Account is your TDA trading account number (char format)
r.Method = 'Post';
header = matlab.net.http.field.GenericField('Authorization',['Bearer ' ACCESS_TOKEN]); % must use generic header to bypass validation
r.Header = header; % Assign header to RequestMessage
r.Body(1).Data = orderExample; % Insert order into Data field (Matlab structure format)
response = r.send(URL); % Submit order. ****IMPORTANT**** This is REAL, not paper money, so only execute when ready to affect real-world brokerage transaction

Ken 2024년 2월 10일

MATLAB Online에서 열기

Hi Paul,

Yeah! It works at long last!

order.orderStrategyType = 'SINGLE';

order.duration = 'DAY';

order.orderType = 'LIMIT';

order.price = 100;

order.orderLegCollection.instruction = 'BUY';

order.orderLegCollection.quantity = 1;

order.orderLegCollection.instrument.symbol = 'SPY';

order.orderLegCollection.instrument.assetType = 'EQUITY';

order.orderLegCollection = {order.orderLegCollection};

order.session = 'NORMAL';

URL=['https://api.tdameritrade.com/v1/accounts/' accountNum '/orders'];

r = matlab.net.http.RequestMessage;

r.Method = 'Post';

header = matlab.net.http.field.GenericField('Authorization',['Bearer ' accessToken]);

r.Header = header;

r.Body(1).Data = order;

response = r.send(URL)

Thanks so much for your help! I hope that this thread helps others who have also been banging their head against the wall. Do you have any suggestions for how I can get more enlightened on EndPoint communications using Matlab? Up 'til now I was just doing system calls to cURL and not getting very far.

Best regards and enjoy the super bowl. I'll be watching while writing code to talk to the mother ship!

Ken

Ken 2024년 2월 11일

For now I have a push button for UPDATE ACCESS TOKEN and another for UPDATE REFRESH TOKEN. Later I'll put them in a timer job so I won't think about tokens ever again. I now can see account status, view prices, place orders, and cancel orders. My next challenge will be conditional orders, OTO orders, OCO orders . . .

Then it's onward and upward to robotic trading! My computer becomes the screen zombie instead of me!

Your help was pivotal to this effort. I am grateful for your help.

Paul Shoemaker 2024년 2월 12일

Awesome! Really glad I could help. I've been using TDA API for about 10yrs now and have really enjoyed and made use of it in a major way for me. Hopefully, you have a similar experience.

댓글을 달려면 로그인하십시오.

Ways to finesse HTTP HeaderField constraints?

댓글 수: 3
이전 댓글 1개 표시이전 댓글 1개 숨기기

채택된 답변

댓글 수: 24
이전 댓글 22개 표시이전 댓글 22개 숨기기

추가 답변 (0개)

참고 항목

카테고리

태그

Community Treasure Hunt

Ways to finesse HTTP HeaderField constraints?

댓글 수: 3 이전 댓글 1개 표시이전 댓글 1개 숨기기

채택된 답변

댓글 수: 24 이전 댓글 22개 표시이전 댓글 22개 숨기기

추가 답변 (0개)

참고 항목

카테고리

태그

Community Treasure Hunt

댓글 수: 3
이전 댓글 1개 표시이전 댓글 1개 숨기기

댓글 수: 24
이전 댓글 22개 표시이전 댓글 22개 숨기기