Getting results via WSDL - C# - c#

I'm trying to add this Header class to my SOAP request but can't see how. The Header class was given to me as part of the implementation but there's no instructions on how to use it and I'm a bit stuck - I've not used WSDL and web services before. I'm sure the answer must be blindingly easy but I just can't see it.
Header Requirements
<soapenv:Header>
<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<wsse:UsernameToken wsu:Id="UsernameToken-19" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<wsse:Username>##USERNAME##</wsse:Username>
<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">##PASSWORD##</wsse:Password>
</wsse:UsernameToken>
</wsse:Security>
</soapenv:Header>
Header class
using System;
using System.Collections.Generic;
using System.Linq;
using System.ServiceModel.Channels;
using System.Web;
using System.Xml;
using System.Xml.Serialization;
namespace Consuming
{
public class SecurityHeader : MessageHeader
{
private readonly UsernameToken _usernameToken;
public SecurityHeader(string id, string username, string password)
{
_usernameToken = new UsernameToken(id, username, password);
}
public override string Name
{
get { return "Security"; }
}
public override string Namespace
{
get { return "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"; }
}
protected override void OnWriteHeaderContents(XmlDictionaryWriter writer, MessageVersion messageVersion)
{
XmlSerializer serializer = new XmlSerializer(typeof(UsernameToken));
serializer.Serialize(writer, _usernameToken);
}
}
[XmlRoot(Namespace = "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd")]
public class UsernameToken
{
public UsernameToken()
{
}
public UsernameToken(string id, string username, string password)
{
Id = id;
Username = username;
Password = new Password() { Value = password };
}
[XmlAttribute(Namespace = "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd")]
public string Id { get; set; }
[XmlElement]
public string Username { get; set; }
[XmlElement]
public Password Password { get; set; }
}
public class Password
{
public Password()
{
Type = "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText";
}
[XmlAttribute]
public string Type { get; set; }
[XmlText]
public string Value { get; set; }
}
}
Code
var mySoapHeader = new SecurityHeader("ID","Username","password");
var client = new GroupWebServiceClient(); // Created from Add Web Reference
client.?????? = mySoapHeader;// I can't see how to add the Header to the request
var response = new groupNameListV1();
response = client.getAllDescendants("6335");//This needs the header - omitting gives "An error was discovered processing the <wsse:Security> header"
EDIT
I figured it out in the end, turns out it was pretty easy - Adding the solution in case anyone else finds it useful
using (new OperationContextScope(client.InnerChannel))
{
OperationContext.Current.OutgoingMessageHeaders.Add(
new SecurityHeader("ID", "USER", "PWD"));
var response = new groupNameListV1();
response = client.getAllDescendants("cng_so_6553");
//other code
}

Generally you need to add behavior extension.
Create a class that implements IClientMessageInspector. In the BeforeSendRequest method, add your custom header to the outgoing message. It might look something like this:
public object BeforeSendRequest(ref System.ServiceModel.Channels.Message request, System.ServiceModel.IClientChannel channel)
{
HttpRequestMessageProperty httpRequestMessage;
object httpRequestMessageObject;
if (request.Properties.TryGetValue(HttpRequestMessageProperty.Name, out httpRequestMessageObject))
{
httpRequestMessage = httpRequestMessageObject as HttpRequestMessageProperty;
if (string.IsNullOrEmpty(httpRequestMessage.Headers[USER_AGENT_HTTP_HEADER]))
{
httpRequestMessage.Headers[USER_AGENT_HTTP_HEADER] = this.m_userAgent;
}
}
else
{
httpRequestMessage = new HttpRequestMessageProperty();
httpRequestMessage.Headers.Add(USER_AGENT_HTTP_HEADER, this.m_userAgent);
request.Properties.Add(HttpRequestMessageProperty.Name, httpRequestMessage);
}
return null;
}
Then create an endpoint behavior that applies the message inspector to the client runtime. You can apply the behavior via an attribute or via configuration using a behavior extension element.
Here is a example of how to add an HTTP user-agent header to all request messages. I used this in a few of my clients.
Is this what you had in mind?

Related

Azure Log Analytics Workspace Request Forbidden

I am trying to send logs from my application to an Azure Log Analytics Workspace, in order to do that I develop the following code based on what I found in https://learn.microsoft.com/en-us/azure/azure-monitor/logs/data-collector-api
using maintenance.messaging;
using System;
using System.Collections.Generic;
using System.Security.Cryptography;
using System.Text;
using System.Threading.Tasks;
namespace maintenance.dataaccessobjects
{
public class LogAnalyticsWorkspaceDAO
{
private static LogAnalyticsWorkspaceDAO _Instance { get; set; }
private String WorkspaceId { get; set; } = AzureKeyVaultDAO.Instance.GetSecret("WorkspaceId"); //Get WorkspaceId from KeyVault
private String SharedKey { get; set; } = AzureKeyVaultDAO.Instance.GetSecret("SharedKey"); //Get SharedKey from KeyVault
private String ApiVersion { get; set; } = AzureKeyVaultDAO.Instance.GetSecret("LAWApiVersion"); //Get API Version from KeyVault 2016-04-01
private String LogType { get; set; } = AzureKeyVaultDAO.Instance.GetSecret("LogType"); //Get LogType from KeyVault ApplicationLog
private LogAnalyticsWorkspaceDAO()
{
}
public static LogAnalyticsWorkspaceDAO Instance
{
get
{
if (_Instance == null)
{
_Instance = new LogAnalyticsWorkspaceDAO();
}
return _Instance;
}
}
private string GetSignature(String Method, Int32 ContentLength, String ContentType, DateTime Date, String Resource)
{
string Message = $"{Method}\n{ContentLength}\n{ContentType}\nx-ms-date:{Date}\n{Resource}";
byte[] Bytes = Encoding.UTF8.GetBytes(Message);
HMACSHA256 Encryptor = new HMACSHA256(Convert.FromBase64String(SharedKey));
return $"SharedKey {WorkspaceId}:{Convert.ToBase64String(Encryptor.ComputeHash(Bytes))}";
}
public async Task<String> Post(String Message)
{
DateTime Date = DateTime.UtcNow;
Dictionary<String, String> Headers = new Dictionary<String, String>();
MessageSender MessageSender = new MessageSender(new Uri($"https://{WorkspaceId}.ods.opinsights.azure.com/api/logs?api-version={ApiVersion}"));
Headers.Add("Method", "POST");
Headers.Add("Log-Type", LogType);
Headers.Add("x-ms-date", Date.ToString("r"));
Headers.Add("Authorization", GetSignature("POST", Message.Length, "application/json", Date, "/api/logs"));
return await MessageSender.Post(MessageSender.Message(Headers, Message));
}
}
}
using System;
using System.Collections.Generic;
using System.Net.Http;
using System.Text;
using System.Threading.Tasks;
namespace maintenance.messaging
{
public class MessageSender : IDisposable
{
private readonly HttpClient Client;
private Uri Url { get; set; }
public MessageSender(Uri Url)
{
this.Client = new HttpClient();
this.Url = Url;
}
public HttpRequestMessage Message(Dictionary<String, String> Headers, String Message)
{
HttpRequestMessage Request = new HttpRequestMessage(HttpMethod.Post, this.Url);
Request.Content = new StringContent(Message, Encoding.UTF8, "application/json");
foreach (KeyValuePair<String, String> Header in Headers)
{
Request.Headers.Add(Header.Key, Header.Value);
}
return Request;
}
public async Task<String> Post(HttpRequestMessage Request)
{
HttpResponseMessage Response = await Client.SendAsync(Request);
Response.EnsureSuccessStatusCode();
return await Response.Content.ReadAsStringAsync();
}
public void Dispose()
{
Client?.Dispose();
}
}
}
However I always fall under a 403 Forbiden, I guess the error should be in the Authorization header (Signature generation)
Do you know what I am missing? I tried looking for other signature generations but didn't find anything new
I may be wrong, but as far as I can see SharedKey is not Base64 encoded, so I just try with
HMACSHA256 Encryptor = new HMACSHA256(Encoding.UTF8.GetBytes(SharedKey));
But get the same error 403 Forbidden
However I always fall under a 403 Forbiden, I guess the error should
be in the Authorization header (Signature generation) Do you know what
I am missing? I tried looking for other signature generations but
didn't find anything new.
Yes you are correct #delucaezequiel, This error is caused due to InvalidAuthorization ,Make sure that you have added the correct value of workspace ID and connection key which are valid.
For the encoded part to configure in code please Refer this SO THREAD as suggested by #GreenRock.
For more information please refer this Blog.

WCF Webinvoke POST giving (400) Bad Request for specific server

Good morning/evening,
I am new to WCF and have created a sample application. The problem is I am passing a json string as a request but getting 400:Bad request error. The details of my sample is given below:
ISampleService.cs:
using System;
using System.Collections.Generic;
using System.IO;
using System.Linq;
using System.Runtime.Serialization;
using System.Runtime.Serialization.Json;
using System.ServiceModel;
using System.ServiceModel.Web;
using System.Text;
namespace SampleWCF
{
[ServiceContract]
public interface ISampleService
{
[OperationContract]
[WebInvoke(UriTemplate = "/folder_entries/{mFileID_param}/shares?notify=true", Method = "POST", RequestFormat = WebMessageFormat.Json, ResponseFormat = WebMessageFormat.Json)]
string AddShareToFileNotify(string mFileID_param, string rqst_param);
}
}
#region TestSample
[DataContract]
public class TestSample
{
public TestSample() { }
[DataMember(Name = "recipient")]
public Recipient Recipient { get; set; }
[DataMember(Name = "role")]
public String Role { get; set; }
[DataMember(Name = "access")]
public TestAccess access{ get; set; }
[DataMember(Name = "can_share")]
public bool CanShare { get; set; }
[DataMember(Name = "days_to_expire")]
public int DaysToExpire { get; set; }
}
#region TestAccess
[DataContract]
public class TestAccess
{
#region Attributes
[DataMember(Name = "role")]
public String Role { get; set; }
[DataMember(Name = "rights")]
public AccessRights AccessRights { get; set; }
#endregion
#region Constructor
public TestAccess () { }
#endregion
}
#endregion
#region rights
[DataContract]
public class AccessRights
{
public AccessRights() { }
[DataMember(Name = "testinternal")]
public Boolean Internal { get; set; }
[DataMember(Name = "testexternal")]
public Boolean External { get; set; }
[DataMember(Name = "public")]
public Boolean Public { get; set; }
[DataMember(Name = "max_role")]
public String Max_Role { get; set; }
[DataMember(Name = "grant")]
public Boolean Grant { get; set; }
}
#endregion
#region Recipient
[DataContract]
public class Recipient
{
public Recipient() { }
[DataMember(Name = "id")]
public string ID { get; set; }
[DataMember(Name = "type")]
public string Type { get; set; }
}
#endregion
#endregion
SampleService.svc.cs
using System;
using System.Collections.Generic;
using System.Linq;
using System.Runtime.Serialization;
using System.ServiceModel;
using System.Text;
using System.ServiceModel.Web;
using System.ServiceModel.Security;
using System.Net;
using System.IO;
using System.Threading;
using System.Security.Cryptography.X509Certificates;
using System.Net.Security;
namespace SampleWCF
{
public class SampleService : ISampleService
{
private ISampleService client = null;
private WebChannelFactory<ISampleService> cf = null;
private Uri uri = null;
private WebHttpSecurityMode mode = WebHttpSecurityMode.Transport;
public const string CERTIFICATE_TRUST_STORE_NAME = "Trust";
//Method to Validate if the server certificate is valid or not
private static bool ValidateServerCertificate(object sender,
X509Certificate certificate,
X509Chain chain,
SslPolicyErrors sslPolicyErrors)
{
bool result = false;
X509Store store = null;
try
{
// If the certificate is valid signed certificate, return true.
if (SslPolicyErrors.None == sslPolicyErrors)
{
return true;
}
// If there are errors in the certificate chain, look in the certificate store to check
// if the user has already trusted the certificate or not.
if ((0 != (sslPolicyErrors & SslPolicyErrors.RemoteCertificateChainErrors)) ||
(0 != (sslPolicyErrors & SslPolicyErrors.RemoteCertificateNameMismatch)))
{
store = new X509Store(CERTIFICATE_TRUST_STORE_NAME, StoreLocation.CurrentUser);
store.Open(OpenFlags.ReadOnly);
result = store.Certificates.Contains(certificate);
}
}
catch (Exception ex)
{
Console.WriteLine("Could not validate certificate!");
result = false;
}
finally
{
if (store != null)
store.Close();
}
return result;
}
public ISampleService initClient(string servername,
string protocol,
string username,
string password)
{
uri = new Uri(protocol + "://" + servername + ":" + #"/rest");
WebHttpBinding binding = new WebHttpBinding();
binding.ReaderQuotas.MaxStringContentLength = int.MaxValue;
binding.MaxReceivedMessageSize = int.MaxValue;
binding.ReceiveTimeout = TimeSpan.FromMinutes(10.0);
binding.SendTimeout = TimeSpan.FromMinutes(10.0);
System.Net.ServicePointManager.DefaultConnectionLimit = 200;
binding.Security.Mode = mode;
binding.Security.Transport.ClientCredentialType = HttpClientCredentialType.Basic;
cf = new WebChannelFactory<ISampleService>(binding, uri);
cf.Credentials.UserName.UserName = username;
cf.Credentials.UserName.Password = password;
client = cf.CreateChannel();
System.Net.ServicePointManager.ServerCertificateValidationCallback = ValidateServerCertificate;
System.Net.ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12 | SecurityProtocolType.Tls11 | SecurityProtocolType.Tls;
Thread.Sleep(500);
return client;
}
public string AddShareToFileNotify(string mFileID_param, string rqst_param)
{
using (new OperationContextScope((IContextChannel)client))
{
string rsp = null;
try
{
rsp = client.AddShareToFileNotify(mFileID_param, rqst_param);
}
catch (Exception ce)
{
Console.WriteLine("Exception found!{0}",ce);
return rsp;
}
return rsp;
}
}
}
}
Main Calling function:
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Threading.Tasks;
namespace TriggerMain
{
class Program
{
static void Main(string[] args)
{
string mFileID = "xxxxxx";
string rqst = "{"
+"\"access\":{"
+"\"role\":\"VIEWER\","
+"\"sharing\":{"
+"\"external\":false,"
+"\"grant\":false,"
+"\"internal\":false,"
+"\"max_role\":null,"
+"\"public\":false"
+"}"
+"},"
+"\"can_share\": false,"
+"\"days_to_expire\": 30,"
+"\"recipient\": {"
+"\"id\": <yyyyyy>,"
+"\"type\": \"user\""
+"},"
+"\"role\": \"VIEWER\""
+"}";
string rsp = null;
SampleWCF.SampleService sample = new SampleWCF.SampleService();
sample.initClient("<URL1.xxx.com>", "https", "<Username>", "<Password>");
rsp = sample.AddShareToFileNotify(mFileID, rqst);
Console.ReadLine();
}
}
}
While running the application I am getting the following error:
Exception found!System.ServiceModel.ProtocolException: The remote server returned an unexpected response: (400) Bad Request. ---> System.Net.WebException: The remote server returned an error: (400) Bad Request.
at System.Net.HttpWebRequest.GetResponse()
at System.ServiceModel.Channels.HttpChannelFactory`1.HttpRequestChannel.HttpChannelRequest.WaitForReply(TimeSpan timeout)
--- End of inner exception stack trace ---
Server stack trace:
at System.ServiceModel.Channels.HttpChannelUtilities.ValidateRequestReplyResponse(HttpWebRequest request, HttpWebResponse response, HttpChannelFactory`1 factory, WebException responseException, ChannelBinding channelBinding)
at System.ServiceModel.Channels.HttpChannelFactory`1.HttpRequestChannel.HttpChannelRequest.WaitForReply(TimeSpan timeout)
at System.ServiceModel.Channels.RequestChannel.Request(Message message, TimeSpan timeout)
at System.ServiceModel.Dispatcher.RequestChannelBinder.Request(Message message, TimeSpan timeout)
at System.ServiceModel.Channels.ServiceChannel.Call(String action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[] outs, TimeSpan timeout)
at System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage methodCall, ProxyOperationRuntime operation)
at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage message)
Exception rethrown at [0]:
at System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage reqMsg, IMessage retMsg)
at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData& msgData, Int32 type)
at SampleWCF.ISampleService.AddShareToFileNotify(String mFileID_param, String rqst_param)
at SampleWCF.SampleService.AddShareToFileNotify(String mFileID_param, String rqst_param) in c:\Users\SBasu\Documents\Visual Studio 2013\Projects\SampleWCF\SampleWCF\SampleService.svc.cs:line 103
What I have tried : I have changed the timeout for send and receive, the content type is application/json. The request is throwing error for only this server. I have another server in which I have tried and the POST is passing in the server. Both the servers have the same configuration. When I run Fiddler for the erroneous server the POST call succeeds. Sending the exact same request from POSTMAN to the erroneous server gives success (200 OK) status and I am getting proper response in both of these cases.
Note: WEBGET, WEBInvoke DELETE are working fine for the server. Only WEBInvoke POST is not working for the specific server. Can anybody help me regarding this? Thanks in advance.
This part of the payload doesn't look right to me. I changed 1 line, see below.
The only addition was to add quotation marks around the recipient.id value
string rqst = "{"
+"\"access\":{"
+"\"role\":\"VIEWER\","
+"\"sharing\":{"
+"\"external\":false,"
+"\"grant\":false,"
+"\"internal\":false,"
+"\"max_role\":null,"
+"\"public\":false"
+"}"
+"},"
+"\"can_share\": false,"
+"\"days_to_expire\": 30,"
+"\"recipient\": {"
+"\"id\": \"<yyyyyy>\"," // this line I think was wrong. added quotes around the value
+"\"type\": \"user\""
+"},"
+"\"role\": \"VIEWER\""
+"}";
Why do you call the WCF Restful service by using a proxy (channel factory)? If indeed, we should use the service base address instead of the POST URL. In addition, the service contract should be the same as the server.
uri = new Uri(protocol + "://" + servername + ":" + #"/rest") // where is the service port number? also, is the format right?
This code snippet should use a service base address to send a request by a proxy.
In fact, we usually send a request by POSTMan/fiddler while calling the WCF service created by Webhttpbinding. Moreover, we should use the Uri decorated by URITemplate attribute.
Feel free to let me know if the problem still exists.

How to add ws-security header in .net core?

I'm trying to make a call to a webservice and want to manually add the ws-security headers into the request because .net core 2.2 currently does not support ws-security.
I have created my custom security header class:
public class SoapSecurityHeader : MessageHeader
{
private readonly string _password, _username;
public SoapSecurityHeader(string id, string username, string password)
{
_password = password;
_username = username;
}
public override bool MustUnderstand => true;
public override string Name
{
get { return "Security"; }
}
public override string Namespace
{
get { return "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"; }
}
protected override void OnWriteStartHeader(XmlDictionaryWriter writer, MessageVersion messageVersion)
{
writer.WriteStartElement("wsse", Name, Namespace);
writer.WriteAttributeString("s", "mustUnderstand", "http://schemas.xmlsoap.org/soap/envelope/", "1");
writer.WriteXmlnsAttribute("wsse", Namespace);
}
protected override void OnWriteHeaderContents(XmlDictionaryWriter writer, MessageVersion messageVersion)
{
writer.WriteStartElement("wsse", "UsernameToken", Namespace);
writer.WriteAttributeString("wsu", "Id", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd", "UsernameToken-32");
// Username
writer.WriteStartElement("wsse", "Username", Namespace);
writer.WriteValue(_username);
writer.WriteEndElement();
// Password
writer.WriteStartElement("wsse", "Password", Namespace);
writer.WriteAttributeString("Type", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText");
writer.WriteValue(_password);
writer.WriteEndElement();
writer.WriteEndElement();
}
}
And this is my method calling the SOAP service:
public ActionResult<Ted_Result> Get(DateTime dateFrom, DateTime dateTo, int? pageFrom, int? pageTo)
{
BasicHttpBinding basicHttpBinding = new BasicHttpBinding(BasicHttpSecurityMode.Transport);
basicHttpBinding.Security.Transport.ClientCredentialType = HttpClientCredentialType.None;
EndpointAddress endpointAddress = new EndpointAddress(new Uri("https://localhost/SomeService.svc"));
ChannelFactory<IConnectPublicService> factory = new ChannelFactory<IConnectPublicService>(basicHttpBinding, endpointAddress);
GetContractNoticesResponseMessage result = null;
// Bypass SSL/TLS secure channel validation
#if DEBUG
factory.Credentials.ServiceCertificate.SslCertificateAuthentication = new X509ServiceCertificateAuthentication
{
CertificateValidationMode = X509CertificateValidationMode.None,
RevocationMode = X509RevocationMode.NoCheck
};
#endif
// Debugging inspector
factory.Endpoint.EndpointBehaviors.Add(new InspectorBehavior());
IConnectPublicService serviceProxy = factory.CreateChannel();
((ICommunicationObject)serviceProxy).Open();
var opContext = new OperationContext((IClientChannel)serviceProxy);
var soapSecurityHeader = new SoapSecurityHeader("UsernameToken-32", "sampleUsername", "samplePassword123");
// Adding the security header
opContext.OutgoingMessageHeaders.Add(soapSecurityHeader);
var prevOpContext = OperationContext.Current; // Optional if there's no way this might already be set
OperationContext.Current = opContext;
var info = new ExternalIntegrationRequestMessageInfo
{
UserCode = "1000249",
CompanyCode = "200000040"
};
var request = new GetContractNoticesRequestMessage
{
Info = info,
DateFrom = dateFrom,
DateTo = dateTo,
PageFrom = pageFrom,
PageTo = pageTo
};
result = serviceProxy.GetContractNoticesAsync(request).ConfigureAwait(false).GetAwaiter().GetResult();
return Ok(result);
}
If I put a breakpoint inside the inspector at BeforeSendRequest I can see that the security header is added to the request:
<wsse:Security s:mustUnderstand="1" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<wsse:UsernameToken wsu:Id="UsernameToken-32" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<wsse:Username>sampleUsername</wsse:Username>
<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">samplePassword123</wsse:Password>
</wsse:UsernameToken>
</wsse:Security>
And putting a breakpoint inside the inspector at AfterReceiveReply, I get the CORRECT result, but I still get an exception.
The result:
<...>
<s:Header>
<...>
<o:Security s:mustUnderstand="1" xmlns:o="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<u:Timestamp u:Id="_0">
<u:Created>2019-01-11T19:42:53.606Z</u:Created>
<u:Expires>2019-01-11T19:47:53.606Z</u:Expires>
</u:Timestamp>
</o:Security>
</s:Header>
<s:Body>
<GetContractNoticesResponseMessage>
<ContractNotices>....</ContractNotices>
</GetContractNoticesResponseMessage>
</s:Body>
The exception:
An unhandled exception occurred while processing the request.
ProtocolException: The header 'Security' from the namespace 'http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd' was not understood by the recipient of this message, causing the message to not be processed. This error typically indicates that the sender of this message has enabled a communication protocol that the receiver cannot process. Please ensure that the configuration of the client's binding is consistent with the service's binding.
Why do I still get an exception after calling the webservice successfully?
For .net core 2.2 you need to pass Security header manually. You'll need to-do some workarounds - WCF isn't fully implemented yet in .Net Core (has been stated by project contributors). Assuming the requirements aren't too complex, you should be able to get something going without too much headache.
public class SecurityHeader : MessageHeader
{
public UsernameToken UsernameToken { get; set; }
public override string Name => "Security";
public override string Namespace => "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";
public override bool MustUnderstand => true;
protected override void OnWriteHeaderContents(XmlDictionaryWriter writer, MessageVersion messageVersion)
{
XmlSerializer serializer = new XmlSerializer(typeof(UsernameToken));
serializer.Serialize(writer, this.UsernameToken);
}
}
[XmlRoot(Namespace = "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd")]
public class UsernameToken
{
[XmlAttribute(Namespace = "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd")]
public string Id { get; set; }
[XmlElement]
public string Username { get; set; }
}
Add below code in BeforeSendRequest method
public object BeforeSendRequest(ref Message request, IClientChannel channel)
{
var soapSecurityHeader = new SecurityHeader()
{
UsernameToken = new UsernameToken()
{
Username = "User Name"
}
};
request.Headers.Add(soapSecurityHeader);
}
I did some digging and in the AfterReceiveReply you could do this:
public void AfterReceiveReply(ref Message reply, object correlationState)
{
var security = reply.Headers.Where(w => w.Namespace == "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd").First();
reply.Headers.UnderstoodHeaders.Add(security);
}
I suppose that in this step you could also check the value of the timestamp, if DateTime.UtcNow is in range and act upon that...?

Web API global error handling add custom header in response

I was wondering if it was possible to set some custom header values whenever an internal server error has occurred? I am currently doing:
public class FooExceptionHandler : ExceptionHandler
{
public override void Handle(ExceptionHandlerContext context)
{
// context.Result already contains my custom header values
context.Result = new InternalServerErrorResult(context.Request);
}
}
Here I also want to set some header values but though it appears in the request the response does not contain it.
Is there a way of doing this?
There is a sample code for your reference, my ApiExceptionHandler is your
FooExceptionHandler
public class ApiExceptionHandler : ExceptionHandler
{
public override void Handle(ExceptionHandlerContext context)
{
var response = new Response<string>
{
Code = StatusCode.Exception,
Message = $#"{context.Exception.Message},{context.Exception.StackTrace}"
};
context.Result = new CustomeErrorResult
{
Request = context.ExceptionContext.Request,
Content = JsonConvert.SerializeObject(response),
};
}
}
internal class CustomeErrorResult : IHttpActionResult
{
public HttpRequestMessage Request { get; set; }
public string Content { get; set; }
public Task<HttpResponseMessage> ExecuteAsync(CancellationToken cancellationToken)
{
var response =
new HttpResponseMessage(HttpStatusCode.InternalServerError)
{
Content = new StringContent(Content),
RequestMessage = Request
};
response.Headers.Add("Access-Control-Allow-Origin", "*");
response.Headers.Add("Access-Control-Allow-Headers", "*");
return Task.FromResult(response);
}
}
It should be possible by creating your own exception filter.
namespace MyApplication.Filters
{
using System;
using System.Net;
using System.Net.Http;
using System.Web.Http.Filters;
public class CustomHeadersFilterAttribute : ExceptionFilterAttribute
{
public override void OnException(HttpActionExecutedContext context)
{
context.Response.Content.Headers.Add("X-CustomHeader", "whatever...");
}
}
}
http://www.asp.net/web-api/overview/error-handling/exception-handling

No matching contract between WCF Service and QuickBooks Web Connector

I am trying to write a small SOAP server, which connects to the QuickBooks Web Connector, but I have some trouble to find the correct contracts. I always get following error:
Web Connector
Method x cannot be processed at the receiver, due to a ContractFilter
mismatch at the EndpointDispatcher. This may be because of either a
contract mismatch (mismatched Actions between sender and receiver) or
a binding/security mismatch between the sender and the receiver.
Check that sender and receiver have the same contract and the same
binding (including security requirements, e.g. Message, Transport,
None).
I created an empty ASP .NET Web Application and added a WCF Service. You will find here a snippet of the authenticate method:
WCF Service interface
[ServiceContract]
public interface IQuickBooks
{
[OperationContract]
AuthenticateResponse authenticate(Authenticate authenticateSoapIn);
}
WCF Service implementation
public class QuickBooks : IQuickBooks
{
public AuthenticateResponse authenticate(Authenticate authenticateSoapIn)
{
return new AuthenticateResponse
{
AuthenticateResult = new[] { "1", "none" }
};
}
}
Request
[DataContract(Name = "authenticate")]
public class Authenticate
{
[DataMember(Name = "strUserName", IsRequired = true)]
public string Username { get; set; }
[DataMember(Name = "strPassword", IsRequired = true)]
public string Password { get; set; }
}
Response
[DataContract(Name = "authenticateResponse")]
public class AuthenticateResponse
{
[DataMember(Name = "authenticateResult", IsRequired = true)]
public string[] AuthenticateResult { get; set; }
}
Here you can find the WSDL from QuickBooks and my WSDL output. Notice that I only implemented the authenticate method for testing. I guess the mismatching wsdl:types cause the error. In the original WSDL from QuickBooks the authenticate type has two primitive types for username and password.
How could I implement a WCF Service with QuickBooks Web Connector? What did I wrong?
Additional information
StackTrace
The message with Action 'http://developer.intuit.com/authenticate' cannot be processed at the receiver, due to a ContractFilter mismatch at the EndpointDispatcher. This may be because of either a contract mismatch (mismatched Actions between sender and receiver) or a binding/security mismatch between the sender and the receiver. Check that sender and receiver have the same contract and the same binding (including security requirements, e.g. Message, Transport, None).
More info:
StackTrace = at System.Web.Services.Protocols.SoapHttpClientProtocol.ReadResponse(SoapClientMessage message, WebResponse response, Stream responseStream, Boolean asyncCall)
at System.Web.Services.Protocols.SoapHttpClientProtocol.Invoke(String methodName, Object[] parameters)
at QBWebConnector.localhost.WCWebServiceDoc.authenticate(String strUserName, String strPassword)
at QBWebConnector.localhost.WCWebService.authenticate(String strUserName, String strPassword)
at QBWebConnector.SOAPWebService.authenticate(String UserName, String Password)
at QBWebConnector.WebService.do_authenticate(String& ticket, String& companyFileName)
This answer describes how to connect a WCF Service with the QuickBooks Web Connecter (e. g. authenticate method). I am not totally sure if it is the best implementation, but it works and I would like to help other people with similar problems. Enchantments and additional suggestions are always welcome.
Create an empty ASP .NET Web Application
Add a WCF Service
Define the service contract
Implement the service behavior
Define the necessary data types
Create the service contract
[ServiceContract(Namespace = QuickBooks.URL, Name = "QuickBooks")]
public interface IQuickBooks
{
[OperationContract(Action = QuickBooks.URL + "authenticate")]
AuthenticateResponse authenticate(Authenticate authenticateSoapIn);
}
Create the service behavior
[ServiceBehavior(Namespace = QuickBooks.URL)]
public class QuickBooks : IQuickBooks
{
public const string URL = "http://developer.intuit.com/";
public AuthenticateResponse authenticate(Authenticate authenticateSoapIn)
{
// Check if authenticateSoapIn is valid
var authenticateResponse = new AuthenticateResponse();
authenticateResponse.AuthenticateResult.Add(System.Guid.NewGuid().ToString());
authenticateResponse.AuthenticateResult.Add(string.Empty);
return authenticateResponse;
}
}
Implement the request and response types
Request
[DataContract(Name = "authenticate")]
[MessageContract(WrapperName = "authenticate", IsWrapped = true)]
public class Authenticate
{
[DataMember(Name = "strUserName", IsRequired = true)]
[MessageBodyMember(Name = "strUserName", Order = 1)]
public string Username { get; set; }
[DataMember(Name = "strPassword", IsRequired = true)]
[MessageBodyMember(Name = "strPassword", Order = 2)]
public string Password { get; set; }
public Authenticate()
{
}
public Authenticate(string username, string password)
{
this.Username = username;
this.Password = password;
}
}
Response
[DataContract(Name = "authenticateResponse")]
[MessageContract(WrapperName = "authenticateResponse", IsWrapped = true)]
public class AuthenticateResponse
{
[DataMember(Name = "authenticateResult", IsRequired = true)]
[MessageBodyMember(Name = "authenticateResult", Order = 1)]
public ArrayOfString AuthenticateResult { get; set; }
public AuthenticateResponse()
{
this.AuthenticateResult = new ArrayOfString();
}
public AuthenticateResponse(ArrayOfString authenticateResult)
{
this.AuthenticateResult = authenticateResult;
}
}
ArrayOfString used in authenticateResponse
[CollectionDataContractAttribute(Name = "ArrayOfString", Namespace = QuickBooks.URL, ItemName = "string")]
public class ArrayOfString : List<string>
{
}
This scheme complies to the SOAP contract and allows the data exchange.

Categories

Resources