The pageToken I receive on the first call, always causes HTTP 400 on my second call.
Message
Page token is invalid. Retry call without the page token.
Status
INVALID_ARGUMENT
When using the exact same pageToken in the "Try this API" of the documentation, it works.
https://developers.google.com/people/api/rest/v1/people/listDirectoryPeople?hl=zh-tw
Why does it fail?
The pageToken parameter must be URL-encoded, for C# this would be:
HttpUtility.UrlEncode(nextPageToken)
If you want to test with Postman, use an online version, like the "Try it yourself" of the w3school article on the matter:
https://www.w3schools.com/tags/ref_urlencode.ASP
Related
I am trying to get a webhook setup with Xero working locally. I am using ngrok to allow xero to call my localhost. To get the webhook working I must correctly return the "intent to receive"
It seems to be working fine in that I can debug it and follow it through. However when I try to return 200 for success (hashes match) or 401 unauthorized (hashes don't match) the receiving Xero still doesn't accept it. All it says is: "Response contained a body"
According to the Xero webhook docs my endpoint must ensure:
It uses HTTPS
It responds within 5 seconds with a 200 O.K status code
There is no body in the response
There are no cookies in the response headers
If the signature is invalid a 401 Unauthorised status code is returned
I have tried returning the code in various ways:
public IHttpActionResult WebHooks()
{
//if hash check fails I tried these
return Unauthorized();
return Request.CreateResponse((int)HttpStatusCode.Unauthorized);
return StatusCode(HttpStatusCode.Unauthorized);
//if hash check matched I tried the following
return Ok();
return Request.CreateResponse((int)HttpStatusCode.OK);
return StatusCode(HttpStatusCode.OK);
}
In seething desperation I also tried
public int WebHooks()
{
//if hash check matches
return 200;
//if hash check fails
return 401;
}
Thank you in advance for your help. I spent too long searching for an existing answer, but I couldn't find any. What am I doing wrong? As far as I can see my webapi should work.
Figured it out. This is what I did to get it working:
if (hashedPayload != xeroSignature)
{
ControllerContext.HttpContext.Response.Clear();
ControllerContext.HttpContext.Response.StatusCode = (int)HttpStatusCode.Unauthorized;
ControllerContext.HttpContext.Response.End();
return Content(string.Empty);
}
ControllerContext.HttpContext.Response.Clear();
ControllerContext.HttpContext.Response.StatusCode = (int)HttpStatusCode.OK;
return Content(string.Empty);
Nothing I tried worked and my swear-jar overfloweth. I noticed through ngrok that the "intent to receive" would return a 302 (as opposed to 401) and then would redirect to Account/Login.
This led me down a rabbit hole to where I discovered the answer
To quote:
If you are adding asp.net WebApi inside asp.net MVC web site you
probably want to respond unauthorized to some requests. But then
ASP.NET infrastructure come into play and when you try to set response
status code to HttpStatusCode.Unauthorized you will get 302 redirect
to login page.
That was exactly the behaviour I saw. When I tried the webhook in a new webapi project with only one method - it worked. However I want to get it working in my MVC site. I added what this post suggested and it now works perfectly for me.
Many thanks to #Jacob Alley
I've confirmed that I have permissions to perform the request.
According to amazon's Cloud Search Dev Troubleshooting Guide the error I'm experiencing is likely due to the .net sdk using the wrong api version. I don't see a way to specify the api version explicitely.
I want to avoid having to manually create the http request.
I want to make the request through the SDK.
I've tried all the available versions of the SDK and all of them give me this error.
I've also tried specifying the request properties in various combinations. Nothing works.
Can anybody give me direction as to how I can resolve this issue?
Expected behavior: return info for all index fields
Actual behavior:
error -
"Result Message:
Amazon.Runtime.AmazonUnmarshallingException : Error unmarshalling response back from AWS. Response Body: {
"message": "Request forbidden by administrative rules",
"__type": "CloudSearchException"
}"
----> System.Xml.XmlException : Data at the root level is invalid. Line 1, position 1.
Code sample:
var _configClient = new AmazonCloudSearchClient(
WebConfigurationManager.AppSettings["CloudSearchAccessKey"],
WebConfigurationManager.AppSettings["CloudSearchSecretKey"],
new AmazonCloudSearchConfig
{
RegionEndpoint = RegionEndpoint.USWest2,
ServiceURL = WebConfigurationManager.AppSettings["CloudSearchUrl"]
});
await _configClient.DescribeIndexFieldsAsync(new DescribeIndexFieldsRequest())
CloudSearch is returning json, which you can see in your response body, and the SDK is trying to unmarshal that into xml. When you make a query directly, you can add &format=xml to get xml results. There should be an analogous option in the SDK.
First off, I'm using static html and javascript and C# Web API.
So I have a link that calls an oauth2 server, on my html file, say index.html
Now is it ok to set the callback page to index.html
It seems to work, and it gets sent to index.html?code=125f0...
Is this ok to do or do I need a seperate callback page. Is code, the token?
Now how should I consume this?The javascript doesn't seem to get hit on the call back.
Edit, actually, the javascript seems to get hit on the call, back but I'm not getting anything undefined from:
$(function () {
var params = {},
queryString = location.hash.substring(1),
regex = /(^&=]+)=([^&*])/g,
m;
while (m = regex.exec(queryString)) {
params[decodeURIComponent(m[1])] = decodeURIComponent(m[2]);
}
if (params.error) {
if (params.error == "access_denied") {
sAccessToken = "access_denied";
//alert(sAccessToken);
}
} else {
sAccessToken = params.code;
alert(sAccessToken);
}
});
Also, can my callback page be a C# web api call? And send the token that way. I'm guessing no, cus then you'd never know what user agent is sending it, and couldn't communicate back unless you somehow passed a id and used signalR? It seems better to get it in javascript and send the token to web api. But then can web api make calls to the resource if it has the token?
sorry, I'm still learning
OAuth2 has various "profiles". The "Authorization Code Grant" flow (what you are using) requires a server side component that exchanges the code for token.
Single Page Applications, typically use the implicit flow. See here for a quick description: https://docs.auth0.com/protocols#5 (ignore references to "Auth0", the underlying protocol is the same regardless of the implementation).
See here for a more thorough description of both flows: What is the difference between the 2 workflows? When to use Authorization Code flow?
Sorry, it was sorta of strange question and bad wording. But what I ended up doing is making an HTML callback page which takes in the code. I popup the OAuth2 server page in a window then it calls my callback page. Then my callback page will close the window and pass the code back to my parent page.
Actually sending json string(Post) to server got 400 bad request exception,
below Url i got this exception
_http://---.---.--.---:---/SignUp/SignupUser/{JSON STRING}/{PASSWORD}
so the JSON string and password is given below
_http://---.---.--.---:----/SignUp/SignupUser/{"SessionId":"99c77c9b-043e-4611-a011-e774c614e887","PassWord":"234434343434","UserName":"john_mcclane","FirstName":"John","LastName":"mcclane","NickName":"Bruno","Gender":0,"DateTime":"2013-12-19T10:39:37","AddressLine1":"Paradigm Talent Agency NY","AddressLine2":"360 Park Ave South, 16th Floor","City":"New York","State":"New York","Country":"USA","Zip":"N.Y. 10010","EmailId":"Bruno_diehard#email.com","MobileNumber":"7189615565","AlternativeNumber":"9179615565","ProofType":"License","ProofNumber":"I1234562","IsDogAllowed":true,"IsDrinkersAllowed":true,"IsSmokersAllowed":true}/{234434343434}
please tell what i did wrong in it.
Note : I am trying this in the advance rest client google chrome.
You have created the POST request with two arguments (JSON object and password). The typical REST service post request can have only one argument. So, try with one argument by sending the password with the JSON object itself.
I am using the Add method of System.Net.CookieContainer. It has worked well over the years but suddenly I am getting:
Exception calling "Add" with "2" argument(s): "The
'Value'='321,386,%2F%3Fa%3D1,http%3A%2F%2Fwww.xxxx.com%2Fpremium%2Fmoney'
part of the cookie is invalid."
I was adding a cookie returned from a web page. The raw header from the web page is:
...
_chartbeat_uuniq=1;
_chartbeat5=321,386,%2F%3Fa%3D1,http%3A%2F%2Fwww.xxx.com%2Fpremium%2Fmoney;
gs_p_GSN-375009-Z=0;
...
What is wrong with the cookie value? Is it the comma?
You should encode the cookie value. The best way is by using UrlEncode. Check this out.
HttpServerUtility.UrlEncode