I'm trying to get some data from Spotify's API, but I receive some errors from compilator and I think it may happen because I didn't add parameter grant_type=client_credentials.
The question is how can I add this parameter into HttpWebRequest object?
var token = GetToken();
var request = HttpWebRequest.CreateHttp($"{BaseAddress}search?q=Batman&type=playlist&market=US&limit=10&offset=5&access_token={token}");
request.Method = WebRequestMethods.Http.Get;
request.Headers.Add(HttpRequestHeader.Authorization, "Basic " + token);
request.ContentType = "application/json";
request.Accept = "application/json";
When you get the Token is where you need to add this parameter, your GetToken method will be sending the Client Credentials Flow of the Client Id and Client Secret and it is there where the grant_type of client_credentials needs to be sent as a HttpWebRequest with the ContentType of application/x-www-form-urlencoded this is what the documentation refers to as a Request Body Parameter.
I've used HttpClient that allows FormUrlEncodedContent to do this but you should be able to send that information using HttpWebRequest the way you are doing it with a POST request but the GetToken code will need to be modified, that isn't shown in the question
Related
So I have a .net core API that's trying to use RestSharp(which I'm fairly new to) to call another API. This other API apparently requires Digest based authentication to access, so I went ahead and tried using the DigestAuthenticator class provided by RestSharp. However, the result was an error saying Header not found : Digest Realm. Image of error below.
RestSharp DigestAuthenticator Error
So, I'm assuming that I would need to add a header for digest auth in my request. But, how would I go about doing that?
Below is what I've done so far,
RestClient client = new RestClient();
RestRequest request = new RestRequest();
client.BaseUrl = new System.Uri("http://ip_address:port/otherApi");
client.Authenticator = new DigestAuthenticator("myusername", "mypassword");
request.Method = Method.POST;
//not sure how to add header for digest auth
//request.AddHeader("")
request.AddParameter("application/xml", xmlString, ParameterType.RequestBody);
client.RemoteCertificateValidationCallback = (sender, certificate, chain, sslPolicyErrors) => true;
IRestResponse response = client.Execute(request);
return Ok(response.Content);
I have read the documentation for OAuth on this website.
But I am still confused about the format in which the request url is supposed to be in.
Any help would be amazing.
You may use the following request url to generate the Access Token,
String URL = "https://outpost.mapmyindia.com/api/security/oauth/token?grant_type=client_credentials&client_id="+clientid+"&client_secret="+clientsecret;
And, add the following Headers in the POST Method,
("accept", "application/json")
("Content-Type", "application/x-www-form-urlencoded")
If you are using Volley Library to get the Access Token using the POST request,
you may pass the parameters as a HashMap as follows:
Map<String, String> params = new HashMap<String, String>();
params.put("accept", "application/json");
params.put("Content-Type", "application/x-www-form-urlencoded");
It looks like they use Spring. And it requires grant_type to be passed as application/x-www-form-urlencoded. And the credentials in a header:
{
'Authorization': `Basic ${base64Encode(clientId:clientSecret)}`,
}
Trying to build a service that will grab info on a JIRA ticket based on an ID passed to it.
I'm calling the API to take the ID passed to the service, tack it onto the URL for the API and get the JSON object.
Problem is, it appears one must be logged on or registered on JIRA in order to use the API.
So if I use the code below to make my request, I get a 404 error, as I do on any browser which I've not used to log onto Jira
public string Get(string id)
{
string html = string.Empty;
string url = #"https://company.atlassian.net/rest/api/latest/issue/" + id;
HttpWebRequest request = (HttpWebRequest)WebRequest.Create(url);
using (HttpWebResponse response = (HttpWebResponse)request.GetResponse())
using (Stream stream = response.GetResponseStream())
using (StreamReader reader = new StreamReader(stream))
{
html = reader.ReadToEnd();
}
return html;
}
I can add credentials to the request like so
request.Credentials = new NetworkCredential("vinnie#company.com","mypassword");
but I've no idea exactly what needs sending. I've tried the email address with which I'm set up in Jira but that doesn't work.
I have a suspicion that Jira adds a cookie to my browser which it uses to validate after the initial config - is that so? If so, what can I add/include on my web request to get it to run?
Am I just wildly off on the right way to access it? Or are there changes that can be made to the Jira side to allow requests?
You have to encode your credentials in Base64 format first and then these credentials can be put into your request as shown below:
string mergedCredentials = string.Format("{0}:{1}", m_Username, m_Password);
byte[] byteCredentials = UTF8Encoding.UTF8.GetBytes(mergedCredentials);
string base64Credentials = Convert.ToBase64String(byteCredentials);
request.Headers.Add("Authorization", "Basic " + base64Credentials);
Hope you're able to solve your problem by this approach!
I'm using the onelogin REST api to log a user in: https://developers.onelogin.com/api-docs/1/samples/login-user-via-api.
I have followed all the steps successfully to generate a session token with no issues.
The documentation then says to post the session token to this url: https://admin.us.onelogin.com/session_via_api_token
However, when do the post to that URL with the session token it simply re-directs me to the onelogin Sign On Page.
Here is the c# code for the post. I have a valid session token in variable: session_token:
string url = "https://admin.us.onelogin.com/session_via_api_token";
StringBuilder postData = new StringBuilder();
postData.Append("session_token=" + HttpUtility.UrlEncode(session_token) + "&");
postData.Append("auth_token=" + HttpUtility.UrlEncode(""));
//ETC for all Form Elements
// Now to Send Data.
StreamWriter writer = null;
request = (HttpWebRequest)WebRequest.Create(url);
request.Method = "POST";
request.ContentType = "application/x-www-form-urlencoded";
request.ContentLength = postData.ToString().Length;
try
{
writer = new StreamWriter(request.GetRequestStream());
writer.Write(postData.ToString());
}
finally
{
if (writer != null)
writer.Close();
}
This appears to be server side code so this will never be able to successfully get a session with the end-user's browser.
In order for this flow to work properly, you need to redirect the end-user's browser to the https://admin.us.onelogin.com/session_via_api_token URL with just the auth_token value as a POST parameter.
All the above code will do is allow your back end server to get a session cookie, which doesn't help your end-user establish a session at all.
More details can be found here: https://developers.onelogin.com/api-docs/1/samples/login-user-via-api
I am trying to authenticate RESTful service (sabre REST api) using RESTsharp library but i am not able to authenticate it. I am using my Client id and secret. Please tell me how to authenticate using oAuth 2.0 authenticator.
I have tried this code. ( sabre is using OAuth 2.0 authentication )
public ActionResult Index()
{
var client = new RestClient("https://api.test.sabre.com");
client.Authenticator = new HttpBasicAuthenticator("myclientid", "myclientsecret");
RestRequest request = new RestRequest("/v1/auth/token", Method.POST);
request.AddHeader("Authorization", "Basic " + client);
request.AddHeader("Content-Type", "application/x-www-form-urlencoded");
request.AddParameter("grant_type", "client_credentials");
IRestResponse response = client.Execute(request);
var content = response.Content;
ViewBag.R = content;
return View();
}
i got this result
{"error":"invalid_client","error_description":"Credentials are missing or the syntax is not correct"}
please tell what i am doing wrong.
Thanks
Snapshot of Fiddler Comparison of Running code (not with RestSharp) and code using RestSharp is shown
With RestSharp
Seems to me like you are adding the Authorization header twice. The documentation here says
The authenticator’s Authenticate method is the very first thing called
upon calling RestClient.Execute
Looking at the implementation of HttpBasicAuthenticator, the Authenticate method adds the appropriate header to the request.
So remove the following line from your example:
request.AddHeader("Authorization", "Basic " + client);
You need to first obtain access token from Sabre that you can later use while making rest api calls.
The access token POST request looks like this:
POST https://api.test.sabre.com/v2/auth/token
Authorization: Basic ZVc5MWNtTnNhV1Z1ZEdsazplVzkxY21Oc2FXVnVkSE5sWTNKbGRBPT0=
Content-Type: application/x-www-form-urlencoded
grant_type=client_credentials
where the value of Authorization after Basic is the Base64 encoded string based on your clientId and secret
Refer to Sabre Authentication on how this string is created
So, in order to get the access token you just need to send a POST request with required header and request parameters and you do not need to use the Authenticator