I've been searching for hours and couldn't find any solution to this problem.
I'm developing a UWP App and I have a WebView that goes to a website (where the user authenticates) and I should be able to get the access_token after he logs in.
Is there a way to get the response header from the page?
Or do I have to do everything manually (create the HttpClient, send the POST with the login info, and get the header response that way?)
First and foremost, the latest guidance is that authentication should not be done inside a web view, the modern approach is to open external browser window, where the user authenticates and is then redirected back to the app using a custom URI scheme. See a detailed post on this here on SO.
Now, the unfortunate answer is that WebView does not offer a built-in way to access the HTTP response and its headers. This has been requested (see for example this blog post by Martin Suchan), but was not implemented so far. If you have control over the web page, then you could store the authentication info in cookies, which are accessible. Not even injecting custom JavaScript can help here, because getting the HTTP headers is possible if you initiate an AJAX request in JS, but you can't get headers for a page that is already loaded.
As mentioned in comments above, the better solution would be to code the login manually using HttpClient or see if the service support a proper OAuth2/OpenID Connect flow in which case you could use a library like IdentityModel.OidcClient2 which can handle most of the heavy lifting for you.
You can also use the built-in WebAuthenticationBroker, see docs here.
Related
Here is the problem I have.
We have a server-side Blazor web application in which we want to register new users. The users come to us from another web site. When the users subscribe to our application through this web site a POST request is sent, and the user is redirected to a page of our Blazor application. The problem is we have no clue how to then get the form data contained in the POST. We can see it using the tools in the browser, but we can't use it in my code.
We have tried creating a controller with an HTTP endpoint, but the method we have set up does not get called. My colleague and I are at a loss with what to do or what resource would be helpful and comprehensive in showing us how to set this up. Instead we keep finding little bits of information that don't lead us to a successful implementation.
Any help would be amazing.
Okay, it would be a very general question, I won't share any source code because It needs a theoretical explanation.
I am loading a web page in my browser be it chrome or firefox and the page is loading fine. the thing that is not working and made me curious is, When I get the source of that specific page using HttpWebRequest or HttpClient or any library such as RestSharp, My Requests to that page got blocked and instead of getting the actual HTML I get back an error page.
So, I wanted to ask what is this happening? When I load it in browser it works fine, but when I switch back to the HttpClient it gets blocked(At least that is what I think). Please share your experiences and also let me know how can I do this in my Web Applications to detect from where the request is coming? Any help would be appreciated.
PS: It even fails on Postman.
Here is the error:
The requested URL was rejected. Please consult with your
administrator.
I read the OneNote Api Documentation https://dev.onenote.com/docs
But I don´t understand how to make a request to the OneNote API with c# web application in order to get all the pages in my OneNote.
I already got the Application Id, Application Secret Id and Redirect URL, but i don´t know where do I have to use them, because I have never done and http request and the documentation only provide the following: https://www.onenote.com/api/v1.0/me/notes/pages, so I don´t know how to send the id´s, redirect url and Authorization: Bearer.
Could you provide me the specific code to get a successful connection to OneNote API using Application Id, Application Secret Id and Redirect URL.
And the code structure to make a http request in order to get all the pages, notebooks, etc
I would appreciate if you could help me with this.
I would recommend using Microsoft Graph instead of the standalone OneNote API. Microsoft Graph includes support for OneNote. There is also an SDK for .NET available. There are also code samples for ASP.NET, UWP and Xamarin.
Before you can use the Graph API (or most any REST API for that matter), you will need to obtain an authorization token (i.e. the bearer token you referred to in your question). There are libraries available for simplifying this process. Behind the scenes, these libraries are executing an OAUTH 2.0 flow. You can read about what is going on under the covers here.
I believe the link they have on the OneNote Dev page is broken. The team has put together a public repository that contains a bunch of sample code in a myriad of languages including C#.
This is the main repo
Web API (ASP.NET Core) Repo
I believe the easiest way to understand these concepts is to look at sample code that does authentication. I recommend this sample:
https://github.com/OneNoteDev/MsGraph_OneNoteApiSampleAspNetCore
Btw - the demo is here: https://onenoteapisamplegraph.azurewebsites.net
Thank you everyone I have Checked all the links that you provided me and they were very useful, I did a connection to Microsoft Graph with the authorization token and I got access to my OneNote pages.
Thank you for your help.
I am building a metro application where I will be trying to grab information from a person from their LinkedIn profile such as work history and education. I have done research on how to build the requests, and have been trying to convert the Twitter oauth example for metro apps provided by msdn here, which uses webauthenticationbroker.
I have been trying to implement the changes as suggested by this post pertaining to callbackurl errors. I am confused at what the callbackurl actually is for my application if, when the authorization process is over, I would like them to return to my application.
Has anyone performed authorization with linkedin in metro apps? If so, would you mind educating me what the callbackurl would be for my application and if there are any web resources that I have not listed that would assist me?
[Couldn't view the forums link, since it appears to be down at the time of writing]
The call back URL is a URL you define, when the navigation happens inside the WebAuthentication popup UI to that URL, it detects that and completes the promise it returned. This is the point where you now have the information you need to save off the tokens etc.
The Facebook approach is probably a better sample, since the twitter one is much more focused on signing the query rather than the flow for oAuth.
So, in short, the URL is any URL you define. The remote server will redirect to that URL when things complete, and allow you to extract the information in the value passed to your completed promise handler.
I have a .NET desktop application (not web) with a WebBrowser control.
I cannot find any information on how, or if it is even possible, to obtain the HTTP status code when a document is navigated to inside this control. Does anyone know if this is possible or how?
The purpose is to detect codes other than 200 and perform actions accordingly within the application.
A web page is not made up from a single HTTP GET request. The stackoverflow.com front page for example requires 16 requests. Stuff like javascript code, images, page visit counters, coming from different web sites as well. Some of it retrieve from cache instead of downloaded.
WebBrowser (aka Internet Explorer) doesn't support enumerating these individual requests. You'd have to use the HttpWebRequest class, but that of course doesn't make a web page.