Hi jeffshurtliff,
For security reasons, I would advise against trying to take the username and password as part of this endpoint. Any endpoint can be passed a REST V1 Session key (just add a request parameter named restapi.session_key=<thesessionkey>), so it's ideal to have the caller call /authentication/sessions/login endpoint and then pass the REST V1 Session key that gets returned with any endpoint that needs authentication.
So you'd first want to make a call like the following to the /authentication/sessions/login endpoint to get a REST V1 Session Key:
curl --location --request POST 'https://community.some.com/restapi/vc/authentication/sessions/login?restapi.response_format=json' \
--form 'user.login="yourlogin"' \
--form 'user.password="yourpassword"'
That should return a response like this:
{
"response": {
"status": "success",
"value": {
"type": "string",
"$": "XYSopedCuqLQT179LjNxyFgTSne5vdLUb1MMgxmcSGQ."
}
}
}
Then you would call your endpoint, passing the session key returned from the /authentication/sessions/login call to the endpoint:
curl --location --request POST 'https://community.some.com/plugins/custom/yourcustomername/yourcommuntiyname/messagepostingendpoint' \
--header 'Content-Type: application/json' \
--header 'Li-Api-Session-Key: XYSopedCuqLQT179LjNxyFgTSne5vdLUb1MMgxmcSGQ.'
Also, I would advise against adding the .admin(true) option at all, as this could give an attacker a way to flood your community with message posts.
I think you also have some spaces in between your builder method calls that might be causing an issue as well.
I would recommend using a function like this to do the message posts:
<#-------------------- Function: publishNewMessage -------------------->
<#-- This function publishes a new message and returns the API response -->
<#function publishNewMessage payload>
<#if user.anonymous>
<#return {
"status" : "error",
"message" : "You are not authorized to make this request",
"data": {
"type": "error_data",
"code": 224,
"developer_message": "",
"more_info": ""
}
} />
<#else>
<#local messagePostCall = restBuilder()
.method("POST")
.path("/messages")
.body(payload)
.admin(false) />
<#local response = messagePostCall.call() />
<#return response />
</#if>
</#function>
Here is a usage example, which includes a macro for rendering out an error response (assuming your endpoint is using application/json for its content type):
<#-------------------- Macro: errorResponse -------------------->
<#-- This macro returns a REST V2 style JSON response for errors -->
<#macro errorResponse error>
{
"status": "error",
"message": "${error.message}",
"data": {
"type": "error_data",
"code": ${error.data.code},
"developer_message": "${error.data.developer_message}",
"more_info": "${error.data.more_info}"
}
}
</#macro>
<#assign payload = {
"data": {
"type": "message",
"board": {
"id": "Otis"
},
"subject": "This is a product advisory",
"body": "This is the body of the message"
}
} />
<#assign response = publishNewMessage(payload) />
<#if response.status == "error">
<@errorResponse error=response />
<#else>
${apiv2.toJson(response)}
</#if>
I hope that helps!
-Doug