I am trying to create a Webex team using the following process. But not working. I had created JWT token and exchanged it for access token which I had passed in to the Authorization header in the API call. But I keep getting the error message that I mentioned below. And another fact is I can execute the same API with GET method which returns the number of teams I had.I had followed steps in the webex developer site. But I can't create the team.
Request URL:
https://api.ciscospark.com/v1/teams
Request Method:
POST
The following is the header that I passed to the API
Accept:
application/json
Content-Type:
application/json
Authorization:
Bearer eyJhbGciOiJSUzI1NiJ9.eyJtYWNoaW5lX3R5cGUiOiJhcHB1c2VyIiwiY2x1c3RlciI6IlBGODQiLCJwcml2YXRlIjoiZXlKamRIa2lPaUpLVjFRaUxDSmxibU1pT2lKQk1USTRRMEpETFVoVE1qVTJJaXdpWVd4bklqb2laR2x5SW4wLi4zRnp6Mkh4c2k0TnI4Z24yMk03cm1BLjhtUnRIYUhOWXBkQ2ZydUR1d0s0MnJNMlhZTEZvNHJKN0NTTkJSQ21kZFRnNTdzUzZ1cUVxcjZFakQ0Yk1JOUY5NFluOWx6VGFWcnRHVkpLOGo2djNzX1VBaTJ2Rnk5TDl3Z05SaUlOczB3NU5yTkxLLUx3TDNQdGhiMzJEYzF2TlhGZkRtakFmSjlOZG1QeEdMQVYxWU9EVnhnNE5MbnpHNDczY24zaTJlbWlfdVBzbk9LRTZHYjEwMVBkekdCSVVQaGRwMkY4bVZhd3hzN2pxbUdzVmEtdXJaYXhpN243emZyaXBjUE5HZjNhSURWb011LVkzaXN0ak03U2s1Qno4TXcwNFZueXpGYWt4LWw0WHlfdUVJalpDeXNsNU56TGNTWkVHc2hJRnJsVHZmdzZZU1J4elV0cXJ2Y3hrX09GT01ZeFRsSDVvSXVsSXdXRWpVQ2o5RTBWZVJMNHB2Z3BQYTRkOE1zNHR6Tmh3cmNpRV9Hd0Fob0tmOE9oMEVQZTM4MmdaOW5wNFJvOWRVSnBnRGszR3NhYWx4ZmJubFRmMmt6RWVjQlJCa0NnSEJXRjhUZXNpdWZWV2djWktZX0E1dXh0aTlMSTB0Umk5X3ZsNjJuTy1uMlh5dm1VZlQxUUxLNmthamJwU01renRUOHdLRkxxLVdTVk54TUJlMWRid094Ni1nN0c3bldLZ1J5ZEpEVEdrazMtRW9wbVRURnZhTEk2dkp6S3NGTzlGRUFJVld1ZFd2RWlWWjVXdVN3dS5yS3RJTzZ6aVpFVE1XV3ZhOEVZaElnIiwicmVmZXJlbmNlX2lkIjoiODlkNjdlZDUtOTU5My00YjBjLWI0MGEtMGFjOTE0OTZlZjZkIiwiaXNzIjoiaHR0cHM6XC9cL2lkYnJva2VyLndlYmV4LmNvbVwvaWRiIiwidG9rZW5fdHlwZSI6IkJlYXJlciIsImNsaWVudF9pZCI6IkMzMTE3NzIzYTBhNGM5ODVhOGJkNmRkYTc2Zjc3NjZjNTEzMjRiNmY0MWJmNGZlZjFjMmM4Mjc4NGExZjI5NzVjIiwidXNlcl90eXBlIjoibWFjaGluZSIsInRva2VuX2lkIjoiQWFaM3IwWkRabU1XWXhaVEF0T0dGbU15MDBOR05oTFdKa09EY3RZVFZrTmpjM056STBNamhoTkRkaU9XVXlNbU10TkdOaiIsInVzZXJfbW9kaWZ5X3RpbWVzdGFtcCI6IjIwMTkwNTI3MDQxNzQ4LjEwMloiLCJyZWFsbSI6IjM5ZWQ0NDRmLTU2NGUtNDFlNC05N2VkLWI4MWFmNzM0ZWVkMCIsImNpc191dWlkIjoiNjJkZWU2NjktNDE5OC00N2YzLWE2ODgtNzA4YWQxM2VjNDc3IiwiZXhwaXJ5X3RpbWUiOjE1NTg5NTIyNzA0NTB9.VNUms24YsiwNbU_KN0Y7v1osAilq1MMiIQn6DRnyNitJAgeTLuyrwiYM0JIaox-dQxQKBp897uAj9vksg0ik2-j2MddcRmx4gsVF787uw7VpCIiZNNME346__xddvmmttna7IErBTz84hqZsnvSlmKLpus4lQs_k9I8ZHTsuPJ9FRXPry6ZAmPjDk1uWGGWFXyOSgH-VkDj9hY9Fy_6r7MKIn0YV21dxIKaZVZ6DMo1NSJM68I-90Vv-QbQY3gBeH25ZXDNDDBJg6-woMF2QPk_N8zrL8G1WPRXxGAA_lqGr_qGq65CfOwuqGikpLsRtjhWU4sYDX3xrK918W08CFw
This is the parameter I passed to the API
name=hearingteam
This is the server response
{"message":"The request could not be understood by the server due to malformed syntax.","errors":[{"description":"The request could not be understood by the server due to malformed syntax."}],"trackingId":"ROUTER_5CEB64F0-FC8D-01BB-05C2-7AA62A6905C2"}
The API requires parameters to be passed in JSON format.
Eg : JSON.stringyfy({"name":"hearingteam"});
Related
I have a minimal API .NET 7 installed on an external web server and use JWT for authentication. For testing I created a few endpoints (with authentication and also without) so I can test the web API via Postman. I start Postman from my private machine and access the web address of the API to test everything.
Now everything works as expected. I can log in via Postman, then I get JWT and if I enter JWT in Postman, then I can also access protected endpoint and get the data from the Web API.
Now I have created a desktop application in MAUI .NET 7 and I want to use this web API. Also here the access to unprotected endpoint works as well as logging in with receiving the JWT. Only the last part of the whole thing does not work anymore and that is access to a protected endpoint with the delivery of JWT for which I constantly get the message 401 Unauthorized. If I then put the same JWT into Postman, then the request goes through Posstman and I get the data from Web API!
I have been looking for a solution and have tried all possible code examples from the internet. For example:
var requestMessage = new HttpRequestMessage
{
Method = HttpMethod.Get,
RequestUri = new Uri("http://api.mywebsite.com:64591/secret")
};
requestMessage.Headers.Authorization = new AuthenticationHeaderValue("Bearer", Token.token);
var response = await _httpClient.SendAsync(requestMessage);
or
_httpClient.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("bearer", Token.token);
var RawData = await _httpClient.GetStringAsync("http://api.mywebsite.com:64591/secret2");
In some places I read that there were problems with the change to .NET 6. The solution was new NuGet packages, but since I'm already on .NET 7, I installed the latest versions.
There was also a post suggesting that in the web API you set issuer and audience to false. I did that as well, but to no success.
ValidateIssuer = false,
ValidateAudience = false,
Does anyone have a working code for MAUI native app that consumes minimal API?
EDIT
Following Heretic Monkey's suggestion, I installed Wireshark software and analyzed Network Transfer.
Here is what I found:
the token I receive from Web Api after authentication, I also send in the same form when requesting to an Authorized Endpoint (so received and sent token from client are identical). My conclusion here is that the token is correct.
When the request with the JWT is sent from the client to the server (Web Api), I then get the error message 401. In the log I see below information with the reason Bearer error="invalid_token":
Hypertext Transfer Protocol
HTTP/1.1 401 Unauthorized\r\n
[Expert Info (Chat/Sequence): HTTP/1.1 401 Unauthorized\r\n]
[HTTP/1.1 401 Unauthorized\r\n]
[Severity level: Chat]
[Group: Sequence]
Response Version: HTTP/1.1
Status Code: 401
[Status Code Description: Unauthorized]
Response Phrase: Unauthorized
Transfer Encoding: chunked\r\n
Server: Microsoft-IIS/10.0\r\n
WWW-Authenticate: Bearer error="invalid_token"\r\n
X-Powered-By: ASP.NET\r\n
Date: Sun, 18 Dec 2022 09:07:00 GMT\r\n
\r\n
[HTTP response 1/1]
[Time since request: 0.047969000 seconds]
[Request in frame: 790]
[Request URI: http://api.myserver.com:64591/secret2]
HTTP chunked response
End of chunked encoding
Chunk size: 0 octets
\r\n
File Data: 0 bytes
There are only two error reasons I could think of:
I still have a bug in my minimal API (Web Api) and that is regarding the JWT I get from the client and somehow still need to convert/crimp the JWT maybe!? By the fact that I may use JWT in exactly the form that is sent to client, then it may be that it is wrong and that is why this error message "invalid_token" comes.
the second cause could be NET 7, so an error that occurs not because my code is wrong but because it is implemented incorrectly in NET 7 (is of course not probable but not impossible).
Maybe someone has a suggestion how I can fix this error?
If this doesn't work (i.e. a request to Web Api with JWT authentication), then Web Api is unusable in NET 7 and I really can't imagine that.
So I truly assume that the bug is in my implementation (either server/minimal Api or client MAUI NET 7).
Thanks
The problem was already kind of strange, because even the many tutorials and posts in the form as they are given in Internet will not work. But if you copy generated token out (e.g. from debug mode) and use it in Postman, then everything will work nicely and this is something that confuses you a lot. Fortunately, there are still people who have incredible mind and can detect such inconsistencies. I wouldn't have seen this in 1000 years either :)
See: https://learn.microsoft.com/en-us/answers/questions/1133200/401-unauthorized-consuming-web-api-with-jwt-authen.html
In my case I noticed that
response.Content.ReadAsStringAsync().Result
in .NET MAUI will return "+token+", I have trimmed the quotation mark (") , and it worked with me
using HttpResponseMessage response = await client.PostAsJsonAsync("Login", loginData);
response.EnsureSuccessStatusCode();
string token = response.Content.ReadAsStringAsync().Result;
I am trying to generate the objects of an API OData Service in my application.
This service is a vendoring app by ERP SAP (version 2.0). The authorization header property is a Basic credential.
After I add the header and click the button to generate, the server returns an error 401 (not authorized), but the credentials are ok.
In the Postman the request returns the metadata correctly.
Analyzing the request with a sniffer http was verified that the wizard sends two requests. The first request returns a status 200 (OK), but the second request returns the status 401 and throws the error in the wizard.
How can I configure the wizard to stop sending two requests or simply add the header property with the credentials in the second request?
I'm developing a web application to to fetch data from 'https://api.ebay.com/sell/analytics/v1/traffic_report'
I've a ebay developer account with
ClientId: MyClientId
ClientSecret: MyClientSecret
AppId: MyAppId
To achive this, I need a OAuth token
To get OAuth Token I do the following steps.
I browse the url bellow
https://signin.ebay.com/authorize?client_id=MyClientId&redirect_uri=RuName&response_type=code&state=analytics&scope=https%3A%2F%2Fapi.ebay.com%2Foauth%2Fapi_scope%2Fsell.analytics.readonly
It goes to
https://signin.ebay.com/ws/eBayISAPI.dll?VAppJanessa&reqinput=reqinput - auto generate
after sign in it redirects to 'Grant application access to MySiteDisplayName' page.
After I Agree it redirects to 'https://my_site.com/?state=analytics&code=code'
I've preapared a post request after collecting the code
I've executed the post request using POSTMAN like bellow
Post URL: 'https://api.ebay.com/identity/v1/oauth2/token'
Headers:
cache-control: no-cache
Content-Type: application/x-www-form-urlencoded
Authorization: Basic Base64 value of 'MyClientId:MyClientSecret'
Body:
grant_type: authorization_code
redirect_uri: RuName
code: code returned from previous request
After post request I've got the result
{
"error": "invalid_grant",
"error_description": "the provided authorization grant code is invalid or was issued to another client"
}
Please tell me what is missing or wrong.
Looks like clientId and appId you are sending don't match each other, probably one is a production one and another being a developer one. Happened with me once.
If there are multiple apps being registered, each with its own appId under the same clientId, many times the client Secret Gets missed. Try checking the correct combination of all three.
I'm trying to use openID connect to authenticate against google using the code flow.
I'm sending an auth request to google like
GET https://accounts.google.com/o/oauth2/v2/auth? client_id=***.apps.googleusercontent.com&
redirect_uri=https%3a%2f%2flocalhost%3a44321%2fAccount%2fConfirmLogin&
response_mode=form_post&
response_type=code&
scope=openid+email+profile&
state=STUFF
nonce=A_NONCE
and I get back a GET response
GET https://localhost:44321/Account/ConfirmLogin?state=STUFF&
code=Some letters&
authuser=0&
hd=my app domain&
session_state=HEX&
prompt=none
According to the spec : http://openid.net/specs/openid-connect-core-1_0.html#AuthResponse
When using the Authorization Code Flow, the Authorization Response MUST return the parameters defined in Section 4.1.2 of OAuth 2.0 [RFC6749] by adding them as query parameters to the redirect_uri specified in the Authorization Request using the application/x-www-form-urlencoded format, unless a different Response Mode was specified.
From my reading of the spec this means google should return a POST to my server not a GET?
Support for the form_post response mode as defined in http://openid.net/specs/oauth-v2-form-post-response-mode-1_0.html is optional and it is not supported by Google. Hence the parameter is ignored.
I am trying to access my account in microsoft health api. I have followed the steps in order to access access token. What I am wandering is what is the final steps in order to get information of my account? I have several parameters defined, I have a redirect URI an access token, secret code, user id, scope. How can I use them in order to get access to my account data?
How can authenticate my account using the access token I received in previous steps, in order to get access to the API?
In the document there is the following example for a valid GET request:
GET /v1/me/Profile HTTP/1.1
Authorization: bearer EwCoAvF0BAAUkWhN6f8bO0+=
What request should I have to perform. I am not sure that I understand the example. I am trying to do:
http://myurl.com/v1/me/Profile HTTP/1.1
Authorization: bearer "access token"
However I am receiving a message
page not found
.
Microsoft Health API
Is accessed via JSON Get requests, depending on the information you would do something like this
var url = "http://baseapiurl/v1/me/Activities";
using (var webClient = new System.Net.WebClient()) {
var json = webClient.DownloadString(url);
// This will give a response that can be parsed using a JSON library
}
Microsoft Health API