var client = new RestClient("https://seller.digikala.com/Account/Login");
var request = new RestRequest(Method.POST);
request.AddHeader("postman-token", "0e4d8dba-29da-0b26-1b43-1bf974e9b5de");
request.AddHeader("cache-control", "no-cache");
request.AddHeader("content-type", "application/x-www-form-urlencoded");
IRestResponse response = client.Execute(request);
I can send request successfully and login to site in postman, but I can't do it in VS. This is my code in VS:
var client = new RestClient("https://seller.digikala.com/Account/Login");
var request = new RestRequest(Method.POST);
request.AddParameter("IsPersistent", true, ParameterType.GetOrPost);
request.AddParameter("Password", "myPass", ParameterType.GetOrPost);
request.AddParameter("UserName", "myUsername", ParameterType.GetOrPost);
request.AddParameter("returnUrl", "/Account/Login", ParameterType.GetOrPost);
request.AddHeader("cache-control", "no-cache");
request.AddHeader("content-type", "application/x-www-form-urlencoded");
IRestResponse response = client.Execute(request);
but I get "unauthorized" message (401) in VS
you can use PostMan Auto C# Code generator
I believe your issue is that you're adding things that should be part of the body as parameters (based on the screenshot from PostMan showing these items as part of the body). This is untested but may work for you.
var client = new RestClient("https://seller.digikala.com/Account/Login");
var request = new RestRequest(Method.POST);
request.AddBody(new
{
IsPersistant = true,
Password = "myPass",
UserName = "myUsername",
returnUrl = "/Account/Login"
});
request.AddHeader("cache-control", "no-cache");
request.AddHeader("content-type", "application/x-www-form-urlencoded");
IRestResponse response = client.Execute(request);
You probably need to do a GET of the page first, then when making then POST reflect back all cookies received during the GET (if that RestClient of yours doesn't do that automatically).
Login pages typically add a cookie during GET and expect that cookie during POST to prevent XSRF (this involves including that same token as a form's hidden field, although the XSRF token is apparently not present in your Postman payload). It also wouldn't surprise me that some cookie-based sessionID filter is blocking you even before your request hits the login controller/middleware. In any case, doing the GET first and then reflecting the cookies in POST should work.
Related
Good morning, I'm retrieving an authorization token using RestSharp, but instead of returning a Token, it returns an html page:
var client = new RestClient("https://iam.efatura.cv/auth/realms/taxpayers/ protocol/openid- connect/auth"); var request = new RestRequest(Method.POST); request.AddHeader("grant_type", "authorization_code"); request.AddHeader("content-type", "application/x-www-form-urlencoded"); request.AddHeader("accept", "application/json"); request.AddParameter("application/x-www-form-urlencoded", "grant_type=client_credentials&client_id=adadasdasdasdasda& scope=openid&clientSecretasdadsdadasdasdasdasdasdasdasasd& redirect_uri=https://iam.efatura.cv/auth/realms/taxpayers", ParameterType.RequestBody); IRestResponse response = client.Execute(request); Token=response.Content;
I'm trying to get info from a REST endpoint that requires basic authentication.
Using postman I'm fine, getting the information I need from the call:
GET endpoint/api/workitems?ids=20449& api-version=2.0 HTTP/1.1
Host: xxx.xxx.xxx.50:8080
Authorization: Basic ABC==,Basic ZZZ cache-control: no-cache
Postman-Token: e6476d89-ec2b-439d-8821-88ef446a03a9
When I do the same with restsharp, I get an Unauthorized error:
var client = new RestClient("http://xxx.xxx.xxx.50:8080/endpoint/api/workitems?ids=20449& api-version=2.0");
var request = new RestRequest(Method.GET);
request.AddHeader("Postman-Token", "06ea7553-d35e-4743-a516-201d6e3b9084");
request.AddHeader("cache-control", "no-cache");
request.AddHeader("Authorization", "Basic ABC==,Basic ZZZ");
IRestResponse response = client.Execute(request);
Am I missing something?
Thanks
Eventually I found that the proper way to do the Basic Authentication with restsharp is the following.
It works:
var client = new RestClient("http://xxx.xxx.xxx.50:8080/endpoint/api/workitems?ids=20449& api-version=2.0");
client.Authenticator = new HttpBasicAuthenticator(username, decodedToken);
var request = new RestRequest(Method.GET);
request.AddHeader("Postman-Token", "06ea7553-d35e-4743-a516-201d6e3b9084");
request.AddHeader("cache-control", "no-cache");
IRestResponse response = client.Execute(request);
I am using RestSharp to make a GET api call. The api call is authenticated through HTTP Basic authentication by passing the authorization header.
The server redirects the api call with a status code 307. My client code does handle the redirects but the authorization header is not passed to this redirected api call. This is done for valid reasons as mentioned here. Hence I do get an unauthorized error.
How can I configure the RestClient to restore the authorization header?
var client = new RestClient("https://serverurl.com");
var request = new RestRequest(Method.GET);
request.AddHeader("Authorization", "Basic Z3JvdXAxOlByb2otMzI1");
request.AddHeader("Content-Type", "application/json");
request.AddHeader("Tenant-Id", "4892");
IRestResponse response = client.Execute(request);
Console.WriteLine(response.Content);
I added a check that resends the api request of receiving a 401 with the below code.
var client = new RestClient("https://serverurl.com");
var request = new RestRequest(Method.GET);
request.AddHeader("Authorization", "Basic Z3JvdXAxOlByb2otMzI1");
request.AddHeader("Content-Type", "application/json");
request.AddHeader("Tenant-Id", "4892");
IRestResponse response = client.Execute(request);
//Resend the request if we get 401
int numericStatusCode = (int)response.StatusCode;
if(numericStatusCode == 401) {
var redirectedClient = new RestClient(response.ResponseUri.ToString());
IRestResponse newResponse = redirectedClient.Execute(request);
Console.WriteLine(newResponse.ResponseStatus);
}
I'm trying to get data from uStream using their API and oAuth. I can get the auth token and that token does work in Rest API Client and I can get data. I however cannot get data in my project... I keep getting 401 unauth..
Code:
protected void Page_Load(object sender, EventArgs e)
{
var client = new RestClient("https://www.ustream.tv/oauth2/token");
var request = new RestRequest(Method.POST);
request.AddHeader("authorization", "Basic xxxxxxxxxxxxxxxxxx");
request.AddHeader("content-type", "application/x-www-form-urlencoded");
request.AddParameter("application/x-www-form-urlencoded", "client_secret=xxxxxxxxxxxxx&client_id=xxxxxxxxxxxx&grant_type=client_credentials&=", ParameterType.RequestBody);
IRestResponse response = client.Execute(request);
IRestResponse<TokenObject> response2 = (IRestResponse<TokenObject>)client.Execute<TokenObject>(request);
var tknName = response2.Data.access_token;
GetData(tknName);
}
public void GetData(string token)
{
var client = new RestClient("https://api.ustream.tv/channels/206844441.json");
var request = new RestRequest(Method.GET);
request.AddHeader("authorization", "Bearer" + token);
request.AddHeader("content-type", "application/x-www-form-urlencoded");
IRestResponse jsonResponse = client.Execute(request);
IRestResponse<Channel> json2Response2 = (IRestResponse<Channel>)client.Execute<Channel>(request);
var blah = json2Response2.Content;
}
The jsonResponse comes back 401... but I can use the token in API client like Insomnia and it will work... I can get data.
Any ideas on what I'm doing wrong?
Thanks!
Assuming token is not prefixed with a single space, then this line:
request.AddHeader("authorization", "Bearer" + token);
Should instead be (added a space after Bearer):
request.AddHeader("authorization", "Bearer " + token);
Additionally, the GET request for data does not require the Content-Type header to be added to the request; although including is unlikely to cause an error.
As João mentioned, the main problem will be the missing space character between the string "Bearer" and the token itself . After you fix this i'm pretty sure it will work.
Yes, Content-Type is superfluous for GET request, but it does not harm the success of your request.
In addition, you don't need to provide client secret twice. That's enough to provide it through the Authorization header or the client_secret property in the request body.
So, that's enough to provide the secret that way:
request.AddHeader("authorization", "Basic xxxxxxxxxxxxxxxxxx");
Ant in this case you shouldn't provide the secret again in the request body, here's the modified call, based on the original code:
request.AddParameter("application/x-www-form-urlencoded", "client_id=xxxxxxxxxxxx&grant_type=client_credentials&=", ParameterType.RequestBody);
There were actually two things I had wrong. First one pointed out by #João Angelo was the missing space between the string: Bearer & token.
Second and most frustrating was that authorization needed to be Authorization... with the capital A. Now it works... .Thanks for the help.
I'm trying to write a C# application that will call an api for Pacer.gov. First thing I need to do it get a cookie to pass with my request. I'm using Chrome's Postman app to try to generate a POST request. Can someone explain what I'm doing wrong?
The instructions I got from Pacer.gov to get the authentication token are
For credentials, you can POST username(loginid) and password(passwd) to the authentication service here https://pacer.login.uscourts.gov/cgi-bin/check-pacer-passwd.pl
This will issue you a PacerSession cookie.
Here are some ways I tried:
(I’m just showing ##### as the login and ***** as the password, but I used the actual login and password when I tried it)
Including username and password in the URL
var client = new RestClient("https://pacer.login.uscourts.gov/cgi-in/check-pacer-passwd.pl?loginid=#####&passwd=*****");
var request = new RestRequest(Method.POST);
request.AddHeader("postman-token", "a5bd0d9c-85f5-4ed6-6ad8-ac06e553f5db");
request.AddHeader("cache-control", "no-cache");
IRestResponse response = client.Execute(request);
o Received HTML page saying “Access to PACER requires a valid account id and password. “
Including username and password in the header
var client = new RestClient("https://pacer.login.uscourts.gov/cgi-bin/check-pacer-passwd.pl");
var request = new RestRequest(Method.POST);
request.AddHeader("postman-token", "add9dedf-10bf-eab4-428a-134c0e8a1783");
request.AddHeader("cache-control", "no-cache");
request.AddHeader("passwd", "*****");
request.AddHeader("loginid", "#####");
IRestResponse response = client.Execute(request);
o Received HTML page saying “Access to PACER requires a valid account id and password. “
Including username and password in the body as form data
var client = new RestClient("https://pacer.login.uscourts.gov/cgi-bin/check-pacer-passwd.pl");
var request = new RestRequest(Method.POST);
request.AddHeader("postman-token", "454a8ebd-b2b4-3db2-0c5c-c48e2964c671");
request.AddHeader("cache-control", "no-cache");
request.AddHeader("content-type", "multipart/form-data; boundary=---011000010111000001101001");
request.AddParameter("multipart/form-data; boundary=---011000010111000001101001", "-----011000010111000001101001\r\nContent-Disposition: form-data; name=\"loginid\"\r\n\r\n#####\r\n-----011000010111000001101001\r\nContent-Disposition: form-data; name=\"passwd\"\r\n\r\n*****\r\n-----011000010111000001101001--", ParameterType.RequestBody);
IRestResponse response = client.Execute(request);
o Received message “Could not get any response”
Typing URL into Chrome with the username and password
https://pacer.login.uscourts.gov/cgi-bin/check-pacer-passwd.pl?loginid=#####&passwd=*****
o Received error “This site can’t be reached”
UPDATE - 5-31-16
I've made several more attempts, but am still not getting the cookie back. I tried this code:
var client = new RestClient("https://pacer.login.uscourts.gov");
var request = new RestRequest("/cgi-bin/check-pacer-passwd.pl", Method.POST);
request.AddParameter("loginid", "#####");
request.AddParameter("passwd", "*****");
IRestResponse response = client.Execute(request);
When I look at the response, there is one cookie called JESSIONID which appears just to be a generic browser session ID, not the authentication code I'm expecting:
I'm not exactly sure what to expect from the response, but I know that a "NextGenCSO cookie" was mentioned in one of the e-mails from Pacer. If I login through the web browser and look at the cookies, I see a NextGenCSO cookie; I'm guessing I should be seeing something similar in the response from the API call:
UPDATE - 6-3-16
Thanks to help from #jonathon-reinhart, I was able to get the authentication cookie working with this code:
// Authentication
var client = new RestClient("https://pacer.login.uscourts.gov");
client.CookieContainer = new System.Net.CookieContainer();
var request = new RestRequest("/cgi-bin/check-pacer-passwd.pl", Method.POST);
request.AddParameter("loginid", "#####");
request.AddParameter("passwd", "*****");
IRestResponse response = client.Execute(request);
var PacerSession = "";
foreach (RestResponseCookie cookie in response.Cookies)
{
if (cookie.Name == "PacerSession")
{
PacerSession = cookie.Value;
}
}
You are not correctly POSTing as the directions indicate.
Putting this:
https://pacer.login.uscourts.gov/cgi-bin/check-pacer-passwd.pl?loginid=#####&passwd=*****
into the address bar is not a POST. That's a GET with query string parameters.
See the RestSharp homepage for an example on how to POST:
var request = new RestRequest("resource/{id}", Method.POST);
request.AddParameter("name", "value"); // adds to POST or URL querystring based on Method
You want to include loginid and passwd as data ("parameters" as RestSharp calls them), not has headers.
So you should be instead doing something like this:
var client = new RestClient("https://pacer.login.uscourts.gov");
var request = new RestRequest("/cgi-bin/check-pacer-passwd.pl", Method.POST);
request.AddParameter("loginid", "####");
request.AddParameter("passwd", "****");
IRestResponse response = client.Execute(request);