I'm new to C# coding,
I need to fetch data through the SSIS package using a script component task from api which has many filter api URL inside it.
The main login URL is similar to http://URL:portname/user/signin.
By using the loginid and password, I need to generate the token and then I need to pass the token in the filter api header whose url is similar to http://URL:portname/division.
Related
I'm developing an .NET Web API and using JWT tokens to secure it. In my research of the best way to implement it, i decided to use the jwt claims to also limit the access to content, depending on specific claims present on the token. I can now manually verify if for example, a userId matches with the userId of a record's userId and return it if it's a match, but this is very tedious and not quickly adds up the amount of code just to do the same task...
Is there a way to implement something like an action filter to apply the claims to every request and return only the records that match the information in the token?
Thanks everyone in advance
See this implementation on this project.
https://github.com/cuongle/WebApi.Jwt/blob/master/WebApi.Jwt/Filters/JwtAuthenticationAttribute.cs
It's a simple scenario.
JWT contains a user's id or some claims.
You have a WEB API endpoint like ("GetCurrentUserData()") decorated with your custom ActionFilterAttribute.
Within that method you will call a helper function that will read the current request user claims and return them in a simple form (like user id).
See: Get claims from a WebAPI Controller - JWT Token,
Then within the method you can query/filter your returned data based on the Id/Claims of the current user of the request.
I'm working on a task which is as the following :
User Management Project
You are required to create a .Net Core 2.2 Web API with MongoDB
The project loads list of users on project load from external source and stores them in the DB in "Users" collection.
Source: https://jsonplaceholder.typicode.com/users
You need to provide the ability to Add new user to the same collection, update and delete by Id.
You need to provide the ability to search Users by the following filters on the same function (POST Method).
- Search By name
- Search By username
- Search By address.zipcode
- search By company.name
You can have multiple search filters at the same time.
Search response returns list of users matching the filter criteria.
All API Methods should be authenticated using username and password in the request header.
Expose the Web API using swagger.
i want to load the data from external api and store it at once into the MongoDB any know how i can do this ?
thank you in advance
I am working on a project in which i need to create shortened url. I am using google url shortener. Is there any way to retrieve all the urls created using the google account or using the api key
You should use this.
GET https://www.googleapis.com/urlshortener/v1/url/history
In the headers, set Authorization header to Bearer <authtoken>
Make sure you have a valid OAuth Token. Retrieving the Shortened URL History List of a user requires an access token.
You could generate one here for testing it out
I have two websites. One website is responsible to create a user using identity framework like:
UserManager.CreateAsync(user, password);
And then I'm generating email confirmation token like:
var code = await UserManager.GenerateEmailConfirmationTokenAsync(user.Id);
This is how I'm creating Confirmation link:
$"{OtherWebsiteBaseUrlHere}/Account/ConfirmEmail?userId={user.Id}&code={code}";
When I open this link, my other website is unable to validate this token and says Invalid token.
My other website is also using identity framework and pointing to the same database where my first database is pointing. My question is that...Is it possible to generate validation token from one website and validate it from other website? As per my knowledge, it uses security stamp to validate tokens. If this is true, it should validate token from other website as well because the database is same. Any help is appreciated. Thanks
As database is same, while validation token is generated, along with the timestamp let it get stored in the table(May be from first website which may be hosted in webserver where database is present)
From second website (which may be hosted in different webserver or same webserver like first), while validating, let the token be validated against the table data. i.e. same database means same table, same set of data all are possible. Hence synchronous value can be validated.
Hope that helps!!!
I'm working on an AWS project. We want to be able to issue STS temporary security credentials, with limited permissions, in order to access AWS services. We're working in .Net Core with C#.
We're using STS AssumeRoleAsync(), which is the .Net SDK's method for using the AWS AssumeRole action, to generate these credentials. The response from the call to AssumeRoleAsync() is an AssumeRoleResponse object, which is comprised in part of an AssumeRoleUser object and a Credentials object. One of the properties of AssumedRoleUser is AssumedRoleId, which is in the form of role-id:role-session-name.
We have a Lambda function which handles calling AssumeRoleAsync and returning the generated credentials in the form of a JSON object. That Lambda function is called via an API Gateway method.
All of this is working fine. The above was just to set the scene.
The next thing we want to be able to do is to use the STS temporary credentials to make other calls into AWS services. When that happens, we want be able to use GetCallerIdentity() to retrieve the AssumedRoleId for the person to whom the credentials were issued. In particular, the role-session-name is of interest to us.
So to try to accomplish this, I created another Lambda function behind another API Gateway method. I set this API Gateway method to use AWS_IAM authorization in its Method Request configuration. In its Integration Request, I configured it to Invoke with caller credentials. The Lambda function simply accepts the incoming request and calls GetCallerIdentity() and returns the result. I used the credentials returned from the previous AssumeRoleAsync() call in the request's authorization header.
Based on the information found in the docs for GetCallerIdentity and in the Principal Table to which that page refers, I expect to receive the following items in response from the GetCallerIdentity() call:
Account
Arn
UserId (this is the important bit for this discussion)
The UserId should be in the form of role-id:caller-specified-role-name, exactly the same form in which the AssumedRoleId from the call to AssumeRoleAsync was returned. That would allow me to get the caller-specified-role-name and do what we need to do with it.
But that isn't what is returned in the UserId property of the response from GetCallerIdentity().
Instead, all that the UserId property contains is the role-id — it completely omits the essential caller-specified-role-name.
Has anyone else seen this behavior? Am I overlooking something simple? Could this be a bug in the response from GetCallerIdentity?
I'm using the following Amazon SDK components and versions to make these various calls:
Amazon.Lambda.Core/1.0.0
Amazon.Lambda.Serialization.Json/1.1.0
AWSSDK.Core/3.3.14
AWSSDK.Lambda/3.3.6.2
AWSSDK.SecurityToken/3.3.1.9
Thanks for any help you can suggest!
Derek