Although the HTTP spec says that headers are case insensitive; Paypal, with their new adaptive payments API require their headers to be case-sensitive.
Using the paypal adaptive payments extension for ActiveMerchant (http://github.com/lamp/paypal_adaptive_gateway) it seems that although the headers are set in all caps, they are sent in mixed case.
Here is the code that sends the HTTP request:
headers = {
"X-PAYPAL-REQUEST-DATA-FORMAT" => "XML",
"X-PAYPAL-RESPONSE-DATA-FORMAT" => "JSON",
"X-PAYPAL-SECURITY-USERID" => @config[:login],
"X-PAYPAL-SECURITY-PASSWORD" => @config[:password],
"X-PAYPAL-SECURITY-SIGNATURE" => @config[:signature],
"X-PAYPAL-APPLICATION-ID" => @config[:appid]
}
build_url action
request = Net::HTTP::Post.new(@url.path)
request.body = @xml
headers.each_pair { |k,v| request[k] = v }
request.content_type = 'text/xml'
proxy = Net::HTTP::Proxy("127.0.0.1", "60723")
server = proxy.new(@url.host, 443)
server.use_ssl = true
server.start { |http| http.request(request) }.body
(i added the proxy line so i could see what was going on with Charles - http://www.charlesproxy.com/)
When I look at the request headers in charles, this is what i see:
X-Paypal-Application-Id ...
X-Paypal-Security-Password...
X-Paypal-Security-Signature ...
X-Paypal-Security-Userid ...
X-Paypal-Request-Data-Format XML
X-Paypal-Response-Data-Format JSON
Accept */*
Content-Type text/xml
Content-Length 522
Host svcs.sandbox.paypal.com
I verified that it is not Charles doing the case conversion by running a similar request using curl. In that test the case was preserved.
The RFC does specify that header keys are case-insensitive, so unfortunately you seem to have hit an annoying requirement with the PayPal API.
Net::HTTP is what is changing the case, although I'm surprised they're not all getting downcased:
# File net/http.rb, line 1160
def []=(key, val)
unless val
@header.delete key.downcase
return val
end
@header[key.downcase] = [val]
end
"Sets the header field corresponding to the case-insensitive key."
As the above is a simple class it could be monkey-patched. I will think further for a nicer solution.
Use following code to force case sensitive headers.
class CaseSensitivePost < Net::HTTP::Post
def initialize_http_header(headers)
@header = {}
headers.each{|k,v| @header[k.to_s] = [v] }
end
def [](name)
@header[name.to_s]
end
def []=(name, val)
if val
@header[name.to_s] = [val]
else
@header.delete(name.to_s)
end
end
def capitalize(name)
name
end
end
Usage example:
post = CaseSensitivePost.new(url, {myCasedHeader: '1'})
post.body = body
http = Net::HTTP.new(host, port)
http.request(post)
I got several issues with the code proposed by @kaplan-ilya because the Net::HTTP library tries to detect the post content-type, and the I ended up with 2 content-type and other fields repeated with different cases.
So the code below should ensure than once a particular case has been choosen, it will stick to the same.
class Post < Net::HTTP::Post
def initialize_http_header(headers)
@header = {}
headers.each { |k, v| @header[k.to_s] = [v] }
end
def [](name)
_k, val = header_insensitive_match name
val
end
def []=(name, val)
key, _val = header_insensitive_match name
key = name if key.nil?
if val
@header[key] = [val]
else
@header.delete(key)
end
end
def capitalize(name)
name
end
def header_insensitive_match(name)
@header.find { |key, _value| key.match Regexp.new(name.to_s, Regexp::IGNORECASE) }
end
end