I've asked this on the AWS Forums but getting plenty of views but no comments, I wonder if anyone here can shed any light on it?
Hi,
I've been trying to write a simple c# console application to call the topsites service for two days now and still get issues with the signature generation.
I've tested using a java sample in the gallery and can successfully query using my accesskeyid and secret. I've then used my C# code to prove I can generate the same signature and my code will do so, however when I then craft a request and issue it against the api every single one returns a 403 status - signaturedoesnotmatch - please can someone help me find out what the issue is? I'm tearing my hair out with this.
C# Code:
using System;
using System.Collections.Generic;
using System.Configuration;
using System.Diagnostics;
using System.Linq;
using System.Net.Http;
using System.Security.Cryptography;
using System.Text;
using System.Threading.Tasks;
using System.Web;
namespace ConsoleApplication1
{
class Program
{
private static string baseUrl = ConfigurationManager.AppSettings["baseUrl"];
private static string accessKeyId = ConfigurationManager.AppSettings["accessKeyId"];
private static string accessKey = ConfigurationManager.AppSettings["accessKey"];
private static string serviceVersion = ConfigurationManager.AppSettings["serviceVersion"];
static void Main(string[] args)
{
HttpClient client = new HttpClient();
string requestParameters = "AWSAccessKeyId=" + accessKeyId + "&Action=TopSites&Count=10&CountryCode=&ResponseGroup=Country&SignatureMethod=HmacSHA256&SignatureVersion=2&Start=1001&Timestamp=" + Amazon.Util.AWSSDKUtils.FormattedCurrentTimestampISO8601;
var signature = generateSignature(requestParameters);
var url = "http://" + baseUrl + "?" + requestParameters + "&Signature=" + signature;
HttpResponseMessage message = client.GetAsync(url).Result;
Console.ReadKey();
}
private static string generateSignature(string queryParameters)
{
string stringToSign = "GET\n" + baseUrl + "\n/\n" + queryParameters;
var bytesToSign = Encoding.UTF8.GetBytes(stringToSign);
var secretKeyBytes = Encoding.UTF8.GetBytes(accessKey);
var hmacSha256 = new HMACSHA256(secretKeyBytes);
var hashBytes = hmacSha256.ComputeHash(bytesToSign);
var signature = System.Net.WebUtility.UrlEncode(Convert.ToBase64String(hmacSha256.Hash));
Trace.Write("String to sign:{0}", signature);
return signature;
}
}
}
Request generated (from Fiddler):
GET http://ats.amazonaws.com/?AWSAccessKeyId=REMOVED&Action=TopSites&Count=10&CountryCode=&ResponseGroup=Country&SignatureMethod=HmacSHA256&SignatureVersion=2&Start=1001&Timestamp=2014-11-20T16:57:52.422Z&Signature=vdKOQYRmoJJL3ecY9GAzmGKHAXevoli6rGcEotGFaNY%3D HTTP/1.1
Host: ats.amazonaws.com
Connection: Keep-Alive
Response:
HTTP/1.1 403 Forbidden
Server: Apache-Coyote/1.1
Transfer-Encoding: chunked
Date: Thu, 20 Nov 2014 16:57:52 GMT
16d
SignatureDoesNotMatchThe request signature we calculated does not match the signature you provided. Check your AWS Secret Access Key and signing method. Consult the service documentation for details.84291dc8-a35e-7dc3-7cc1-56fe20b5b236
0
Based on Darrel's comment and extensive comparisons between requests from the Java app and my sample app I've been able to correctly query the services using a number of requests including the sample one above. It would appear to have been a problem whereby the request string which is signed had an erroneous space character in front of the hostname, for added resiliency I am using the Amazon AWS SDK for .Net to perform the Url Encoding against their requirements to ensure the encoding is correct.
Here's the working sample code:
using System;
using System.Configuration;
using System.Diagnostics;
using System.Net.Http;
using System.Security.Cryptography;
using System.Text;
namespace ConsoleApplication1
{
class Program
{
private static string baseUrl = ConfigurationManager.AppSettings["AlexaServiceUrl"];
private static string accessKeyId = ConfigurationManager.AppSettings["AlexaAccessKeyId"];
private static string accessKey = ConfigurationManager.AppSettings["AlexaAccessKey"];
private static string serviceVersion = ConfigurationManager.AppSettings["AlexaServiceVersion"];
static void Main(string[] args)
{
HttpClient client = new HttpClient();
string requestParameters = "AWSAccessKeyId=" + accessKeyId + "&Action=TopSites&Count=10&CountryCode=&ResponseGroup=Country&SignatureMethod=HmacSHA256&SignatureVersion=2&Start=1001&Timestamp=" + Amazon.Util.AWSSDKUtils.UrlEncode(Amazon.Util.AWSSDKUtils.FormattedCurrentTimestampISO8601, false);
var signature = generateSignature(requestParameters);
var url = "http://" + baseUrl + "/?" + requestParameters + "&Signature=" + signature;
HttpResponseMessage message = client.GetAsync(url).Result;
Console.ReadKey();
}
private static string generateSignature(string queryParameters)
{
string stringToSign = String.Format("GET{0}{1}{2}/{3}{4}", "\n", baseUrl, "\n", "\n", queryParameters);
var bytesToSign = Encoding.UTF8.GetBytes(stringToSign);
var secretKeyBytes = Encoding.UTF8.GetBytes(accessKey);
var hmacSha256 = new HMACSHA256(secretKeyBytes);
var hashBytes = hmacSha256.ComputeHash(bytesToSign);
var signature = Amazon.Util.AWSSDKUtils.UrlEncode(Convert.ToBase64String(hmacSha256.Hash), false);
Trace.Write("String to sign:{0}", signature);
return signature;
}
}
}
Hope this helps someone else too.
Related
I have been trying to connect to the Opayo 'Reporting & Admin API' and use the command 'getTransactionDetail' (https://developer-eu.elavon.com/docs/opayo-reporting-api/reporting-commands/gettransactiondetail), but keep getting back error 0010, which indicates that the API Cannot validate the signature value. We have been able to login with our Vendor/Username/Password combination, validating that they are all correct.
The code we are using when sending a POST to the API is below - with certain elements blocked out for security purposes.
using System;
using System.Collections.Specialized;
using System.Security.Cryptography;
using System.Text;
using System.Net;
public partial class test : System.Web.UI.Page
{
protected void Page_Load(object sender, EventArgs e)
{
string signature = "<command>getTransactionDetail</command><vendor>[Vendor]</vendor><user>[User]</user><vendortxcode>[VendorTXCode]</vendortxcode><password>[Password]</password>";
using (MD5 md5 = MD5.Create())
{
byte[] inputBytes = Encoding.Unicode.GetBytes(signature);
byte[] hashBytes = md5.ComputeHash(inputBytes);
StringBuilder sb = new StringBuilder();
for (int i = 0; i < hashBytes.Length; i++)
{
sb.Append(hashBytes[i].ToString("X2"));
}
signature = sb.ToString();
}
string xmlToPost = "<vspaccess><command>getTransactionDetail</command><vendor>[Vendor]</vendor><user>[User]</user><vendortxcode>[VendorTXCode]</vendortxcode><signature>" + signature + "</signature></vspaccess>";
using (WebClient client = new WebClient())
{
client.BaseAddress = "https://test.sagepay.com";
client.Headers.Add("Content-Type", "application/x-www-form-urlencoded");
client.Encoding = Encoding.UTF8;
var content = new NameValueCollection()
{
{ "XML", xmlToPost }
};
string response = Encoding.UTF8.GetString(client.UploadValues("/access/access.htm", content));
}
}
}
Any help in resolving this issue would be appreciated!
Turns out due to the fact we were using Forms integration for our initial payment, we had to instead use the following API documentation: https://developer-eu.elavon.com/docs/opayo/spec/api-reference
More specifically this part related to repeats: https://developer-eu.elavon.com/docs/opayo/spec/api-reference#operation/createTransaction
Note the code examples on the right hand side!
In case it helps others looking for Opayo Admin and Reporting API help:
I had the same issue, so I created a NuGet package for the API-client code here: https://github.com/joeratzer/opayo-admin-and-reporting-api-client.
You can find the NuGet package here:
https://www.nuget.org/packages/Joe.Opayo.Admin.Api.Client/1.1.0
The client app allows code like this:
var client = new OpayoAdminApiClient();
var isTest = true;
var request = new OpayoApiRequest(ApiCommandType.GetTransactionDetail, "password", isTest, "user-name", "vendor-name");
var commandSpecificXml = "<vendortxcode>01Jan2010Transaction12345</vendortxcode>";
return await client.ProcessApiCommandAsync<TransactionDetail>(request, commandSpecificXml);
I've put together some my solution, and I'm finally able to get a response from Zephyr, but it is giving me a 404 response, when I know that it is available. Is anyone else trying to use ZAPI to report test data?
The secret and access key comes from the Jira page that Zephyr adds. The project key comes from Jira. Here is my code and the response it gives me:
using Microsoft.VisualStudio.TestTools.UnitTesting;
using System;
using System.Linq;
using System.Threading.Tasks;
using System.Net.Http;
using System.Net.Http.Headers;
using Microsoft.IdentityModel.Tokens;
using System.IdentityModel.Tokens.Jwt;
using System.Security.Claims;
using Jira.SDK.Domain;
using JWT;
namespace WebPortalUITests.Controllers
{
[TestClass]
public class Reporting
{
static string User = "My.User.Name";
static string Password = "My.Password";
static string jiraBaseUrl = "https://mycompany.atlassian.net/";
static string zephyrBaseUrl = "https://prod-api.zephyr4jiracloud.com/connect";
static string Secret = "P1oihENe5PLUS_THE_REST_OF_MY_SECRET";
static string AccessKey = "amlyYTox_PLUS_THE_REST_OF_MY_KEY";
public async Task<bool> CycleExists(string Name)
{
//connect to Jira to get project and version IDs using the Jira.SDK library
Jira.SDK.Jira jira = new Jira.SDK.Jira();
jira.Connect(jiraBaseUrl, User, Password);
Project webPortal = jira.GetProject("WP");
long id = webPortal.ID;
long version = webPortal.ProjectVersions.Last<ProjectVersion>().ID;
//format the Zephyr request and use it to generate a JWT
string request = "/connect/public/rest/api/1.0/cycles/search?versionId=" + version + "&projectId=" + id;
string finalAPI = zephyrBaseUrl + request;
string token = JsonWebToken.Encode(finalAPI, Secret, JwtHashAlgorithm.HS256);
//put the JWT and the accesskeys in the header and request the info
using (var httpClient = new HttpClient { BaseAddress = new Uri(zephyrBaseUrl)})
{
httpClient.DefaultRequestHeaders.Accept.Clear();
httpClient.DefaultRequestHeaders.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
httpClient.DefaultRequestHeaders.TryAddWithoutValidation("authorization", "JWT "+token);
httpClient.DefaultRequestHeaders.TryAddWithoutValidation("zapiaccesskey", AccessKey);
using (var response = httpClient.GetAsync(string.Format(request)).Result)
{
string responseData = await response.Content.ReadAsStringAsync();
}
return true;
}
}
}
}
response {StatusCode: 404, ReasonPhrase: 'Not Found', Version: 1.1, Content: System.Net.Http.StreamContent, Headers:
{
Connection: keep-alive
Date: Thu, 26 Jan 2017 20:34:01 GMT
Server: Apache-Coyote/1.1
Content-Length: 0
}} System.Net.Http.HttpResponseMessage
I am trying to consume RESTful service with as simple as possible C# utility. Response is given as XML and I just want to put it into string and later "pretty print it" and save it on disk. For now I am trying just to get proper response. Service is third party and it works OK, tested it many times in browser and java client. In C# utility authorization went OK and as far as I can tell I see in debugger in response object that
StatusCode OK System.Net.HttpStatusCode
and
StatusDescription "OK" string
but looks like response itself is empty? String Xml which has to hold response as String is empty (not null but empty). What do I do wrong?
Here is complete code:
using System;
using System.Collections.Generic;
using System.Text;
using System.Web;
using System.IO;
using System.Net;
using System.Xml;
namespace ConsoleApplication3
{
class Program
{
public static void SetBasicAuthHeader(WebRequest request, String userName, String userPassword)
{
string authInfo = userName + ":" + userPassword;
authInfo = Convert.ToBase64String(Encoding.Default.GetBytes(authInfo));
request.Headers["Authorization"] = "Basic " + authInfo;
}
static void Main(string[] args)
{
HttpWebRequest request = null;
HttpWebResponse response = null;
String Xml;
// Create the web request
request = WebRequest.Create("https://some.web.services.com?id='1234'¶m1='1'¶m2='2'") as HttpWebRequest;
SetBasicAuthHeader(request, "userName", "userPassword");
// Get response
response = request.GetResponse() as HttpWebResponse;
// Get the response stream
StreamReader reader = new StreamReader(response.GetResponseStream());
Xml = reader.ReadToEnd();
// Console xml output
Console.WriteLine(Xml); //see if we get the xml response
}
}
}
I've seen some weird behavior with manually using Authorization header; try this:
using System.Net; // contains HttpRequestHeader enum
public static void SetBasicAuthHeader(WebRequest request, String userName, String userPassword)
{
string authInfo = userName + ":" + userPassword;
authInfo = Convert.ToBase64String(Encoding.ASCII.GetBytes(authInfo));
string authHeader = string.Format("Basic {0}", authInfo);
request.Headers[HttpRequestHeader.Authorization] = authHeader;
}
I would recommend using HttpClient what you are trying to do, your code should be something like this:
static void Main(...)
{
var token = Convert.ToBase64String(Encoding.ASCII.GetBytes($"{user}:{pwd}"));
using(var client = new HttpClient())
{
client.DefaultHeaders.Authorization = new AuthenticationHeaderValue("Basic", token);
// here you could also use await right after GetAsync but since a Console application I use this instead
var response = client.GetAsync(url).GetAwaiter().GetResult();
// again the await could help here
var xml = response.Content.ReadAsStringAsync().GetAwaiter().GetResult();
Console.WriteLine(xml);
}
}
you could also have also gotten a Stream instead of a string by calling: response.Content.ReadAsStreamAsync().GetAwaiter().GetResult(); and from there use it as you want, if you want to read in chunks or buffering to optimize.
Hope this helps. Also take a look at this it could be useful as it contains several extensions to convert between popular formats used in REST, although I don't know for sure if it could help you here as well with xml.
Is there a way to send a notification with UWP app through NotificationHub? In many tutorials they send notifications with a C# console application using Microsoft.Azure.NotificationHubs Nuget package. I cannot install this package in a UWP app.
Can i specifically send a notification to a tagged device that i register with RegisterNativeAsync?
Per my experience, I think the simple way for sending notification in a UWP app is to using Notification Hub REST APIs via HttpClient, without the issues for platform compatibility.
Please refer to the document Notification Hubs REST APIs.
You can try to refer to the doc Using REST APIs from a Backend to make your UWP app as a backend to send messages. For example, Send a WNS Native Notification.
Hope it helps.
I finally found the solution. The code is like #Kyle but i had to add
request.Headers.Add("X-WNS-Type", "wns/toast");
in order to send a push notification
More details
Here's a working code that sends a notification from a UWP through an Azure Notification Hub (However, it uses GCM instead of WNS, see how to change the code in the approved answer). It obviously needs a few changes like your hub's name, see the comments in the code for more info.
using System;
using System.Collections.Generic;
using System.IO;
using System.Linq;
using System.Net.Http;
using System.Runtime.InteropServices.WindowsRuntime;
using System.Text;
using Windows.Foundation;
using Windows.Foundation.Collections;
using Windows.Security.Cryptography;
using Windows.Security.Cryptography.Core;
using Windows.Storage.Streams;
using Windows.UI.Xaml;
using Windows.UI.Xaml.Controls;
using Windows.UI.Xaml.Controls.Primitives;
using Windows.UI.Xaml.Data;
using Windows.UI.Xaml.Input;
using Windows.UI.Xaml.Media;
using Windows.UI.Xaml.Navigation;
namespace SendNotification
{
public sealed partial class MainPage : Page
{
public MainPage()
{
this.InitializeComponent();
this.sendNotification();
}
string Endpoint = "";
string SasKeyName = "";
string SasKeyValue = "";
public void ConnectionStringUtility(string connectionString)
{
//Parse Connectionstring
char[] separator = { ';' };
string[] parts = connectionString.Split(separator);
for (int i = 0; i < parts.Length; i++)
{
if (parts[i].StartsWith("Endpoint"))
Endpoint = "https" + parts[i].Substring(11);
if (parts[i].StartsWith("SharedAccessKeyName"))
SasKeyName = parts[i].Substring(20);
if (parts[i].StartsWith("SharedAccessKey"))
SasKeyValue = parts[i].Substring(16);
}
}
public string getSaSToken(string uri, int minUntilExpire)
{
string targetUri = Uri.EscapeDataString(uri.ToLower()).ToLower();
// Add an expiration in seconds to it.
long expiresOnDate = DateTime.Now.Ticks / TimeSpan.TicksPerMillisecond;
expiresOnDate += minUntilExpire * 60 * 1000;
long expires_seconds = expiresOnDate / 1000;
String toSign = targetUri + "\n" + expires_seconds;
// Generate a HMAC-SHA256 hash or the uri and expiration using your secret key.
MacAlgorithmProvider macAlgorithmProvider = MacAlgorithmProvider.OpenAlgorithm(MacAlgorithmNames.HmacSha256);
BinaryStringEncoding encoding = BinaryStringEncoding.Utf8;
var messageBuffer = CryptographicBuffer.ConvertStringToBinary(toSign, encoding);
IBuffer keyBuffer = CryptographicBuffer.ConvertStringToBinary(SasKeyValue, encoding);
CryptographicKey hmacKey = macAlgorithmProvider.CreateKey(keyBuffer);
IBuffer signedMessage = CryptographicEngine.Sign(hmacKey, messageBuffer);
string signature = Uri.EscapeDataString(CryptographicBuffer.EncodeToBase64String(signedMessage));
return "SharedAccessSignature sr=" + targetUri + "&sig=" + signature + "&se=" + expires_seconds + "&skn=" + SasKeyName;
}
public async void sendNotification()
{
ConnectionStringUtility("YOURHubFullAccess"); //insert your HubFullAccess here (a string that can be copied from the Azure Portal by clicking Access Policies on the Settings blade for your notification hub)
//replace YOURHUBNAME with whatever you named your notification hub in azure
var uri = Endpoint + "YOURHUBNAME" + "/messages/?api-version=2015-01";
string json = "{\"data\":{\"message\":\"" + "Hello World!" + "\"}}";
//send an HTTP POST request
using (var httpClient = new HttpClient())
{
var request = new HttpRequestMessage(HttpMethod.Post, uri);
request.Content = new StringContent(json);
request.Headers.Add("Authorization", getSaSToken(uri, 1000));
request.Headers.Add("ServiceBusNotification-Format", "gcm");
var response = await httpClient.SendAsync(request);
await response.Content.ReadAsStringAsync();
}
}
}
}
Did you try WindowsAzure.Messaging.Managed? Just tried it with the W10 UWP.
https://azure.microsoft.com/en-us/documentation/articles/notification-hubs-windows-store-dotnet-get-started/
As the title suggests, I need to send a notification FROM a UWP app (written in C#) to my Azure's hub (and from there it's sent to an Android app that I've already created). I obviously use GCM in order to send push notification to my Android app.
After countless hours of searching I have yet to find a single tutorial that would somehow be of use, since most of them use a console application in order to send the notification, not a Universal Windows Platform app.
If anyone could please help me I'd be really thankful.
You can use the Notification Hub REST APIs to push a notification from anywhere (backend or device) over vanilla HTTP/HTTPS.
There is a sample (using a Java client) here: https://msdn.microsoft.com/en-us/library/azure/dn495628.aspx
And the API reference is here: https://msdn.microsoft.com/en-us/library/azure/dn495827.aspx
I'm gonna answer my own question here since a lot of people struggled with this like me. So here's a code that sends a notification from a Universal Windows Platform (UWP) through an Azure Notification Hub, to an Android app (using GCM).
Please note that MUST slightly change the code for it to work on your own notification hub (see the comments in the code for more details)
using System;
using System.Collections.Generic;
using System.IO;
using System.Linq;
using System.Net.Http;
using System.Runtime.InteropServices.WindowsRuntime;
using System.Text;
using Windows.Foundation;
using Windows.Foundation.Collections;
using Windows.Security.Cryptography;
using Windows.Security.Cryptography.Core;
using Windows.Storage.Streams;
using Windows.UI.Xaml;
using Windows.UI.Xaml.Controls;
using Windows.UI.Xaml.Controls.Primitives;
using Windows.UI.Xaml.Data;
using Windows.UI.Xaml.Input;
using Windows.UI.Xaml.Media;
using Windows.UI.Xaml.Navigation;
namespace SendNotification
{
public sealed partial class MainPage : Page
{
public MainPage()
{
this.InitializeComponent();
this.sendNotification();
}
string Endpoint = "";
string SasKeyName = "";
string SasKeyValue = "";
public void ConnectionStringUtility(string connectionString)
{
//Parse Connectionstring
char[] separator = { ';' };
string[] parts = connectionString.Split(separator);
for (int i = 0; i < parts.Length; i++)
{
if (parts[i].StartsWith("Endpoint"))
Endpoint = "https" + parts[i].Substring(11);
if (parts[i].StartsWith("SharedAccessKeyName"))
SasKeyName = parts[i].Substring(20);
if (parts[i].StartsWith("SharedAccessKey"))
SasKeyValue = parts[i].Substring(16);
}
}
public string getSaSToken(string uri, int minUntilExpire)
{
string targetUri = Uri.EscapeDataString(uri.ToLower()).ToLower();
// Add an expiration in seconds to it.
long expiresOnDate = DateTime.Now.Ticks / TimeSpan.TicksPerMillisecond;
expiresOnDate += minUntilExpire * 60 * 1000;
long expires_seconds = expiresOnDate / 1000;
String toSign = targetUri + "\n" + expires_seconds;
// Generate a HMAC-SHA256 hash or the uri and expiration using your secret key.
MacAlgorithmProvider macAlgorithmProvider = MacAlgorithmProvider.OpenAlgorithm(MacAlgorithmNames.HmacSha256);
BinaryStringEncoding encoding = BinaryStringEncoding.Utf8;
var messageBuffer = CryptographicBuffer.ConvertStringToBinary(toSign, encoding);
IBuffer keyBuffer = CryptographicBuffer.ConvertStringToBinary(SasKeyValue, encoding);
CryptographicKey hmacKey = macAlgorithmProvider.CreateKey(keyBuffer);
IBuffer signedMessage = CryptographicEngine.Sign(hmacKey, messageBuffer);
string signature = Uri.EscapeDataString(CryptographicBuffer.EncodeToBase64String(signedMessage));
return "SharedAccessSignature sr=" + targetUri + "&sig=" + signature + "&se=" + expires_seconds + "&skn=" + SasKeyName;
}
public async void sendNotification()
{
//insert your HubFullAccess here (a string that can be copied from the Azure Portal by clicking Access Policies on the Settings blade for your notification hub)
ConnectionStringUtility("YOURHubFullAccess");
//replace YOURHUBNAME with whatever you named your notification hub in azure
var uri = Endpoint + "YOURHUBNAME" + "/messages/?api-version=2015-01";
string json = "{\"data\":{\"message\":\"" + "Hello World!" + "\"}}";
//send an HTTP POST request
using (var httpClient = new HttpClient())
{
var request = new HttpRequestMessage(HttpMethod.Post, uri);
request.Content = new StringContent(json);
request.Headers.Add("Authorization", getSaSToken(uri, 1000));
request.Headers.Add("ServiceBusNotification-Format", "gcm");
var response = await httpClient.SendAsync(request);
await response.Content.ReadAsStringAsync();
}
}
}
}