I'm working with my first api here and I'm trying to get through the Oauth authorization so i can start working with the api. When trying to get the short life access key with the following code surveymonkey is telling me I have an invalid uri. The api key and username are replaced with dummies
string url = "https://api.surveymonkey.net/oauth/authorize";
string api_key = "api_key=sdwertyujgfv3f24qqa4kfyd";
string client_id = "client_id=XXX";
string redirect_uri="redirect_uri=http://localhost";
url = url + "?" + redirect_uri +"&" + client_id + "&" + api_key;
System.Diagnostics.Process.Start(url);
What is the uri and how do i use is in this situation.
You can not bitly a localhost link. You could try with 127.0.0.1 instead just to get it to work. But ultimately once the app is deployed it's hostname will not be localhost so it will work if that was the only obstacle.
Related
I am trying to setup reset tokens using custom blazor page.
The token generation works just fine, using
var code = await _userManager.GeneratePasswordResetTokenAsync(user);
It generated the following code
CfDJ8HVZ73lJc0lGiTBiTdeoRRd//Zc1LM0Q4P+8t7DLaBzwlQ2DuvY2HQ5CWE/E8b3VdlZZYIelpwwrCFz579CeCcQTf+YIPli7KpPTuUpMcTHDs5pAw3XifV7x+5Y/Q6WAPdixXuHE8We9QQRxl7Hnba2vjoJ5fCZ9FMHKpkOq3mxDhgYi/gba2Vse3/R87ztVrisEguYvYQ8h5f2MAVMiCB+H0TakjKjpj2ANAD9wQ2H8
Sending it through the mail requires encoding as can bee seen at this link , giving me
var callbackUrl = _globals.AppUrl
+ "/user/reset/"
+ System.Web.HttpUtility.UrlEncode(code);
Now the mail send successfully, and the URL is successfully encoded.
However, when opening the page, I get an 404.11 error
The request filtering module is configured to deny a request that contains a double escape sequence.
Page declaration:
#page "/user/reset/{Code}"
Example URL:
https://localhost:44303/user/reset/CfDJ8HVZ73lJc0lGiTBiTdeoRRfumtSdRgb46HPXLklW0j42IyjqN8rv%2fapJG158YfIrR7dVRNRF2YxJydegd2CMlvm93FTcjkuBwnVPC3N9AtSigiy8VOqeW1nNrRth73urJ23D0V6M2c%2fzE1%2bTuFs8KbB%2fnCG5CE3UnFXG5HleeA%2fwtlyzLgbP4Zrbi5XZ4Q0w4%2b1j83J%2fXvQUqg%2fO5raSkmcO3cb1TGnDWz%2fwqxW%2fbNOe
Question
Does ASP Core Identity include characters which cannot be sent by email by default? (I'd assume the '+' character). And can we exclude then from generation? Or is there another way to manipulate the URL preventing this error. I prefer to keep double escape character filter ON, as it increases security
Edit
When encoding the entire url as follows:
var callbackUrl = _globals.AppUrl
+ "/user/reset/"
+ code;
callbackUrl = HtmlEncoder.Default.Encode(callbackUrl);
A 404 error occurs, because the code contains a '/', which does not fit my routing
var callbackUrl =
_globals.AppUrl
+ "/user/reset/"
+ code;
**callbackUrl = HtmlEncoder.Default.Encode(callbackUrl);**
**Update for this**
var callbackUrl = _globals.AppUrl
+ "/user/reset/"
+ code;
**callbackUrl = {callbackUrl};**
I am unable to get the querystring parameter from url in asp.net
url is:here
My code is
string code = Request.QueryString["code"];
string clientid = Request.QueryString["client_id"];
i am getting code parameter but client_id is null. wt i am doing wrong here.
you are use like,
string code = Request.QueryString["response_type"];
string clientid = Request.QueryString["client_id"];
you are mistake in string code = Request.QueryString["response_type"];
check with this please.
The redirection url is not proper encoded hence during redirection from google the query string parameter after first & in redirect_uri will be ignored (redirect_uri should not contain & as it is you have to keep it in encoded form %26).
The initial url is (contain 'client_id'):
https://accounts.google.com/o/oauth2/auth?scope=profile%20email&state=%2Fprofile&redirect_uri=http://localhost:14772/WebForm2.aspx&response_type=code&client_id=41866849709-lobbqne5v4asm7dn2fu1v8lubm6pc7e7.apps.googleusercontent.com&approval_prompt=force
But after redirected by google its not have Client_Id.
http://localhost:14772/WebForm2.aspx?state=/profile&code=4/gh9Yl3D5Nn220V3nU8d8E5vzC4SmEP6JncnGa6MrgSs#
The issue is redirect_uri content is not encoded correctly. Please configur correctly. It should look like:
http%3A%2F%2Flocalhost%3A14772%2FWebForm2.aspx%26response_type%3Dcode%26client_id%3D41866849709-lobbqne5v4asm7dn2fu1v8lubm6pc7e7.apps.googleusercontent.com%26approval_prompt%3Dforce
I have a domain using cloudfront in AWS.
+ test1.cloudfront.com(distribution) google.com(origin)
on browser, i type
"test1.cloudfront.com"
On my controller,i declare
var url = HttpContext.Current.Request.Url.Host;
//result: url = "google.com"; //origin url
How to get cloudfront url instead of origin url? pls help me!
Upon creation of an Amazon CloudFront distribution, a unique Domain Name will be assigned:
Use that Domain Name to access your service via CloudFront.
I have code to create/update jobs on Jenkins without credentials enabled.
const string FORMAT = "http://{0}:{1}/createItem?name={2}";
var path =
string.Format(
FORMAT,
this.config.JenkinsServer,
this.config.JenkinsPort,
buildName);
this.http.UploadString(
path,
definition,
new Header(HttpRequestHeader.ContentType, "text/xml"));
Now, I want to move one step forward by enable credentials and specify username/password when creating a new job. I found an article about Authenticating scripted clients on Jenkins but there is no code example in C# and couldn't figure it out how to do it.
How to create/update jobs on Jenkins with credentials enabled?
[UPDATE]
Specify username and password on the url like in this link also doesn't work.
You can authenticate to Jenkins using a user based AUTHTOKEN.
Get the token by going to you user configuration page.
http://{JENKINS.HOST}/user/{YOUR.USERNAME}/configure
Then click the 'Show API Token' button, and it will display a GUID as an AuthToken, which you can then use with something like the following.
string password = "5agbe1d6f774634169e9ba4625559bc83f"; // AKA the Jenkins AuthToken
string userName = "YOUR.USERNAME"; // AKA your Jenkins userID
var webClient = new System.Net.WebClient();
// Create a basic auth token from a username and password seperated by a colon then base 64encoded
string basicAuthToken = Convert.ToBase64String(Encoding.Default.GetBytes(userName + ":" + password));
webClient.Headers["Authorization"] = "Basic " + basicAuthToken;
return client.UploadString(path, definition, headers);
I'm making a call to facebook's api to get an oauth token. The process seems to work but the call back url is returned like this
http://localhost:52574/FacebookApi/AuthorizeCallback#access_token=CODE&expires_in=6953
I would expect the #access_token parameter to be returned as a standard query string parameter not a hash. Can anyone see what I'm doing wrong? Here is the code I'm using to generate the call back uri.
public static Uri GetAuthorizationUri(string appId, string appSecret, string callBackUrl)
{
return new Uri("https://www.facebook.com/dialog/oauth?" +
"client_id=" + appId +
"&redirect_uri=" + callBackUrl +
"&scope=publish_actions,publish_stream,create_event" +
"&response_type=token" );
}
I'm pretty sure that in that login flow it's expected to be a fragment to prevent leaking the access token to third party sites - it's also documented as such in the documentation for the response_type parameter:
token. Response data is included as a URL fragment and contains an access token. Desktop apps must use this setting for response_type. This is most useful when the client will be handling the token.
Changing &response_type=code correctly returns a code that can then be exchanged for a token.