What is the benefit or use of adding a client certificate to the HttpWebRequest ?
To be more specific,
Request.ClientCertificates.Add(someCertificate); // what is it's use ?
where Request is the HttpWebRequest object.
https://msdn.microsoft.com/en-us/library/system.net.httpwebrequest(v=vs.110).aspx
please read the remarks section especially on this page.
hope this page is helpful
Related
I'm new to oauth2, but I have tried my best to learn it.
this should be just a simple first step into getting token.
so the situation is like this.
I have succeeded trying it with postman web, but postman desktop always failed (callback timeout or Esockettimeout).
what I did was only filling in the type oauth2, granttype = client_credentials, client id = client_id and client secret = client_secret.
I dont know why, I have tried to view the console and making sure all parameter is the same. I have tried to disable my firewall and antivirus, and disable proxy and ssl on postman desktop's setting but still the same.
so I tried with powershell and iwr. using this :
iwr 'https://thesite.com/token?grant_type=client_credentials' -Headers #{ 'Authorization' = 'Basic OAuthE='} -Method "POST"
of course "thesite.com" should be my site, and "OAuthE=" was the authorization base64 from clientid:clientsecret.
this was successful in getting token.
I did it just to prove that my router and firewall setup is ok that the request and the token should be able to pass through.
so I tried to translate this to .net with newest restsharp (108.0.3).
Dim client As RestClient
client = New RestClient("https://thesite.com/token")
client.Authenticator = New HttpBasicAuthenticator("clientid", "clientsecret")
Dim Request = New RestRequest(Method.POST)
Request.AddHeader("content-type", "application/x-www-form-urlencoded")
Request.AddParameter("grant_type", "client_credentials")
Dim response = client.Execute(Request)
MsgBox(response.Content)
with this, response.content always empty, and response.statuscode always 0.
I have tried many other ways like putting the client id and client secret in request.addheader or request.addparameter. I even tried the executeasync, like :
client.ExecuteAsync(Request, Sub(response)
Console.Write(response.Content)
End Sub)
but I'm not familiar with async, and have trouble getting it to not error. I want to get the response.content to a global variable to be use later, but I couldnt get it to not error, so the only way I can get it to run successfully only with console.write above, but it still return empty.
all the example or questions/answered about this seems to be simple only like that. But why mine always return empty ?
please help.
oh and please give me the answer and example in vb.net. All the other samples that I saw using c#, and I'm afraid that my trouble was because I translate it to vb.net wrong. And if can, I dont want to use async, only if it's really2 needed.
thx very much
ok.
this is just for future reference if somebody encounter the same problem
so I have tried all things that I found (even tried the certificate and protocol of tls12, etc), and almost gave up.
when at last, I tried to change the addparameter for grant-type to :
Request.AddQueryParameter("grant_type", "client_credentials", True)
at last I got the token after a week trying
Thank you for the nice work you put into this amazing library.
I have an issue with my request adapter but only with the MultipartFormData.
I want to be able to update the body of the request but when the request gets in the adapter, I'm getting a nil httpBody. I only get this behaviour on Multipart, not on classic POST requests.
I'm trying to sign the request with an oauth2 token (async), but the particularity of this API is that the token is sent in the body and not in the headers.
There's a body as the metrics in the response say (Request Body Transfer Bytes) 231306
I'm using Alamofire 5.0.0
This is most likely due to multipart forms using UploadRequests (and therefore URLSessionUploadTasks) which do not include the body data as part of the URLRequest for performance reasons. If you update your question with what you're trying to do to the body, perhaps I can provide an alternate solution. If nothing else, you could manually create multipart uploads by using MultipartFormData.encode() directly and adding the Data to a URLRequest, but that's not recommended for large uploads.
could anyone tell me how to add request headers for subscription keys in SOAP request.
I am using NuSOAP toolkit for making SOAP calls. Setting keys for authorisation SOAP calls seems difficult for me. Unless I pass the subscription keys in request headers, I didn't get an access.
I tried:
$this->nusoap_client->setHeaders("<soapHeader xmlns='http://test.com/'>
<Ocp-Apim-Subscription-Key>***mykey***</Ocp-Apim-Subscription-Key>
</soapHeader>");
but it adding keys to the soap header instead of request header.
Then I tried :
header("Ocp-Apim-Subscription-Key: ***mykey***");
but still no hope, its added to the response header now.
I am using $this->nusoap_client->call() for making SOAP call, and the response getting is
{ "statusCode": 401, "message": "Access denied due to missing subscription key. Make sure to include subscription key when making requests to an API." }
thanks in advance.
Well, I found a solution myself. Don't know if it is the right way or not! Anyway I would like to post my solution here, it may find useful to someone.
I solved this issue by modifying the nusoap library class file. Modified function soap_transport_http to set headers as:
$this->setHeader('Ocp-Apim-Subscription-Key', '***myKey***');
May be it is not the right way to modify headers in SOAP request, but it works for me. Please put your answer if you find better solution.
I have a really weird situation (may be its for me only). I developed a RESTful API. By default it returns the result as JSON/XML/TEXT as per the Content Type sent by the client in headers.
Now client is saying that he wants to set the response as default as XML only. What I mean here is that client will not send any content type in headers and it will by default send the request as XML.
When I access this API from browser, it return it as XML but when client's app requests it, it returns JSON result by default. They are getting the result as XML by putting the content type in headers but they don't want to do it and want to have XML result by default.
I hope I am clear on it. If not please let me know.
Any help would be appreciated. Thanks
[Change]
I am interested in knowing if there is some way I can modify the request headers when I receive request on server.
It is in MVC3, C#.
You can't change the request headers, just query them.
I guess you return your result as a simple string in your controllers, isn't it?
And, you are switching between results depending on the contenttype you read from request, don't you?
What is the contenttype the client call come with?
UPDATE:
Look at this page:
http://aleembawany.com/2009/03/27/aspnet-mvc-create-easy-rest-api-with-json-and-xml/
It's a solution for a previous version of MVC, but it will give you an idea about the solution you need:
Adjust the action result depending on the request contenttype
I find the answer and posting here. I just removed the other return types except the xml type like below:
void ConfigureApi(HttpConfiguration config)
{
// Remove the JSON formatter
config.Formatters.Remove(config.Formatters.JsonFormatter);
// or
// Remove the XML formatter
config.Formatters.Remove(config.Formatters.XmlFormatter);
}
For more details, please follow below link
http://www.asp.net/web-api/overview/formats-and-model-binding/json-and-xml-serialization
Thanks
I'm trying to get my access token for my application, using this URL:
https://datamarket.accesscontrol.windows.net/v2/OAuth2-13?grant_type=client_credentials&client_id=//CLIENT ID//&client_secret=//CLIENT SECRET//=&scope=http://api.microsofttranslator.com
Obviously I replace //CLIENT ID// and //CLIENT SECRET// with my applications information.
I tried encoding the tokens with HtmlEncode in my application but got a 400 error. So I tried the request in my browser and this is the JSON response I got:
{
"error":"invalid_request",
"error_description":"ACS90007: Request method not allowed. \r\nTrace ID: 2144c829-f3fa-4ed8-80e6-40841e6a3f69\r\nTimestamp: 2012-06-27 01:11:27Z"
}
I don't know what I'm doing wrong, any help?
I believe when you are making the WebRequest call your parameter is set to use GET and this will cause error ACS90007. When making the WebRequest call please use POST along with application/x-www-form-urlencoded set Content-Type.
If you still have problem post your WebRquest code snippet and i will take a look.
It would be better if you can provide the code for AdmAuthentication. For now, please make sure you have correctly translated the code on http://msdn.microsoft.com/en-us/library/hh454950 to VB. Please also try to use Fiddler to monitor the request to ensure it is sending a POST request.
Best Regards,
Ming Xu.
Making my own client secret helped my cause