I have some data that I need to get after redirecting my URL to yahoo auth for authentication and access token. I tried using Session and tempData, but both get cleared after redirection and callback to another ActionMethod. Tried using HttpCookie too but it doesn't retain the value either.
How do I store this value and get it after redirection to callback function? Whatever I tried, I get null value. It gets saved at first but gets erased after redirection.
public async Task<ActionResult> YahooAuth(int Id)
{
List<DataAccess.event_dates> yahooEvents = _iadminSettingsService.GetEventDatesByEventId(Id);
Session["yahooEventObj"] = yahooEvents;
TempData["yahoEvnts"] = yahooEvents;
System.Web.HttpCookie cookie = new System.Web.HttpCookie("eventID", Id.ToString());
Response.Cookies.Add(cookie);
var url = "https://api.login.yahoo.com/oauth2/request_auth?client_id=XXX&redirect_uri=https://b0552ca5.ngrok.io/Event/YahooCalendar&response_type=code&language=en-us";
return Redirect(url);
}
[HttpGet]
public async Task<ActionResult> YahooCalendar(string code)
{
List<DataAccess.event_dates> yahooEvents = (List<DataAccess.event_dates>)Session["yahooEventObj"];
List<DataAccess.event_dates> lst = (List<DataAccess.event_dates>)TempData["yahoEvnts"];
string Id = Request.Cookies["eventID"].ToString();
List<DataAccess.event_dates> yahooEvents = _iadminSettingsService.GetEventDatesByEventId(Convert.ToInt16(Id));
. . .
return Redirect("https://calendar.yahoo.com/");
}
In my opinion all method by Session, Tempdata and Cookies can work fine.
I check your code and found you are using ngrock for localhost redirection.
please make sure when you start your application if it's hosting with http://localhost:port and after redirection if it's with ngRock domain name then any of method not working
Session, Tempdata and Cookies store by domain name
please check with application starting with ngRock domain and check after redirection you get data or not?
May this help you.
Thanks
Related
I have a login page that allows the user to login. In the HandlieValidSubmit() event I check if username and password matches with the value stored in database.
If everything is fine I want to store some data into the usercookie before redirecting to another site. This is the html/blazor-Code:
<EditForm>
<!-- standard form-controls here -->
</EditForm>
#code {
private Models.LoginUser _loginUser = new Models.LoginUser();
private EditContext _editContext;
private void HandleValidSubmit()
{
if (UserApi.Login(_loginUser.Mail, _loginUser.Password, out string error, out Guid? guid))
{
NaviationManager.NavigateTo($"/manage/{guid}");
}
}
}
the Cookie is set from within the Login-Function and looks like this:
public DateTime SetCookie<T>(T data, TimeSpan expiration, bool httpOnly = true, bool secure = true)
{
DateTime expireDate = DateTime.Now.Add(expiration);
if (data == null) return DateTime.Now;
Type dataType = typeof(T);
var response = _httpContextAccessor.HttpContext.Response;
CookieOptions cookieOptions = new CookieOptions
{
HttpOnly = httpOnly,
Secure = secure,
Expires = expireDate
};
foreach (var property in dataType.GetProperties())
{
var storeInCookieAttribute = property.GetCustomAttribute<StoreInCookieAttribute>();
if (storeInCookieAttribute == null) continue;
response.Cookies.Append(BuildCookieKey(dataType.Name, property.Name), property.GetValue(data) as string, cookieOptions);
}
return expireDate;
}
IMHO this is the standard "how-to-write-cookies-in-netcore" - way.
When I try to write the cookie I receive the error:
"The response headers cannot be modified because the response has already started."
I understand what this error wants to tell me. Alas I do not really know how to prevent this. I expected that at this point the response should not have started at all.
Is there another event than HandleValidSubmit() I need to use instead? Or can I just clear the Response before writing the cookie without bad side effects?
Blazor Server App is websocket-based application, not HTTP-based one, so the HttpContext service is not available.
When you create a Blazor Server App with support for IdentityUI, you get in the default template a component ( AuthorizeView ) that enables login and logout. When you click on the "Login" button, you are being redirected to a Login page where you can enter your credentials. The Login page is actually a Razor Page, not part of the Blazor App, meaning that you are no longer in the realm of Blazor, and here in this new realm (The Razor Page), the HttpContext is available, you don't even have to use the HttpContextAccessor, as the HttpContext is provided as a property in the PageModel object. After the user has been logged in, cookies created, etc., he is redirected to Blazor.
This is how you can do it. Just emulate this procedure... Create a Razor Page, where you can do all that stuff. You may also pass a return url, so that you'll be redirected to a specific Component page instead of the the Index Component Page.
Note: HandleValidSubmit() is a method that is called if your forms component elements have passed validation. It has got nothing to do with the issue in question.
Note: To use the NavigationManger.NavigateTo method to navigate to external location (outside of the Blazor App realm), add a second boolean parameter with the value true.
Note: This may help you how to cope . There are also many answers related to the current subject and authentication with OpenID Connect, Okta, IdentityUI, etc. Just look for them if you are in need.
Note: Are you aware that you can store data in the local storage and session storage ?
Hope this helps...
I have ASP.NET MVC Project and I have some pages (let's call it Destination Page) that I can access from multiple pages. So I want to track which page redirects to Destination Page so I can return to it again.
I red about Request Filters .. Can I use it in my case?
Thanks in advance :)
Just pass a return URL in the query string. In other words instead of redirecting like:
return RedirectToAction("Destination");
Do:
return RedirectToAction("Destination", new { returnUrl = Request.RawUrl });
Of course, your "Destination" action needs to accept this as a param:
public ActionResult Destination(Foo otherParam, string returnUrl)
Then, when you're done with whatever you're doing in "Destination", redirect back via:
if (!String.IsNullOrWhiteSpace(returnUrl) && Url.IsLocalUrl(returnUrl))
{
return Redirect(returnUrl);
}
return RedirectToAction("Fallback");
The IsLocalUrl check is to prevent query string tampering, by ensuring that the return URL is actually local (i.e. relative) to your site.
You can get the refering page using Request.UrlReferrer
otherwise save the last url in a session-variable
like
Session["returnUrl"] = Request.RawUrl;
URL Referrer is only populated by an actual client-click (anchor tag, button).
Not when you manually put it in the URL (which is what my JavaScript is doing).
The solution i am doing to have to with is to create a cookie on the whatever.aspx page, and read that cookie from the JavaScript before i redirect again.
Im developing an android app that should login/register and read some data from database.
I have WebApi login controller.
and this is my problem
[HttpPost]
public HttpResponseMessage Post(Login model)
{
if (WebSecurity.Login(model.UserName, model.Password))
{
int userid = WebSecurity.CurrentUserId;// <- this value is = -1
string name = WebSecurity.CurrentUserName;// <- this value is = ""
some query where i need the user id(userid);
}
else
...
}
Why after successful login i still have -1 as a value?
I've noticed that even in the mvc project the same thing happens, but after the successful login the user is redirected to another page where the data is listed (when that controller is executed the current user id is already updated).
WebSecurity.Login sets a cookie. That cookie must be re-read by the framework before the user is authenticated, which means that another web request must occur.
In other words, you must redirect to another page, or another web request must come in before the request will be authenticated.
I am using Access Control service (ACS). I fetched all identity providers (ip) which i set for my application using the following code :
public ActionResult IdentityProviders(string serviceNamespace, string appId)
{
string idpsJsonEndpoint = string.Format(Global.IdentityProviderJsonEndpoint, serviceNamespace, appId);
var client = new WebClient();
var data = client.DownloadData(idpsJsonEndpoint);
return Content(Encoding.UTF8.GetString(data), "application/json");
}
When user click over the signin link the above code called using ajax and get the ips and display them in jquery-ui dialog. And when user click any one of the ips for login the browser redirect to the selected ip login page. After successful login the control return to my control which i set as a returnUrl. Upto this every thing is works fine.
Now what i am trying to do is to pass some values to identity provider (ip) login page and want to get back those values at my returnUrl controller. For this i searched and came to know that there is a query string parameter known as wctx which we can set and get the value at return url. But i dont know how to do this. Can anybody please guid me how can i achieve this?
It is relatively (pretty) easy.
Your URL for listing IdPs looks something like this:
https://[your_namespace].accesscontrol.windows.net:443/v2/metadata/IdentityProviders.js?protocol=wsfederation&realm=[your_realm]&reply_to=[configured_return_url_for_your_rp]&context=&request_id=&version=1.0&callback=
This is the most complete request for list of Identity Providers. Your may miss some variables (such as context, or reply_to), but what I show is the complete request.
So now you have two options:
inclide your own reply_to parameter. It must be withing the configured realm. So if your realm is https://www.mygreatapp.com/, your default return URL would probably be something like https://www.mygreatapp.com/returnUrl/ (if your controller to handle ACS response is returnUrlController. Now, you can safely change the reply_to to be https://www.mygreatapp.com/returnUrl/?foo=bar, just make sure you URL Encode the query string.
Use the context parameter. It is safer to use and I would suggest using it. Now your URL for fetching list of IdPs will be something like:
https://[your_namespace].accesscontrol.windows.net:443/v2/metadata/IdentityProviders.js?protocol=wsfederation&realm=[your_realm]&reply_to=[configured_return_url_for_your_rp]&context=[your_custom_string_value_which_you_may_even_encrypt]&request_id=&version=1.0&callback=
Note the now there is context value present in the request for IdP list ([your_custom_string_value_which_you_may_even_encrypt]). In your returnUrl handler controller, you can check for it with code similar (or equal) to the following:
if (ControllerContext.HttpContext.Request.Form["wresult"] != null)
{
// This is a response from the ACS - you can further inspect the message if you will
SignInResponseMessage message =
WSFederationMessage.CreateFromNameValueCollection(
WSFederationMessage.GetBaseUrl(ControllerContext.HttpContext.Request.Url),
ControllerContext.HttpContext.Request.Form)
as SignInResponseMessage;
if (!string.IsNullOrWhiteSpace(message.Context))
{
// do whatever you want with the context value
}
}
You may want to perform any/more additional checks while handling the SignInResponse from ACS.
I am trying to integrate paypal sandbox with my asp.net application ! I have integrated module and i have redirected to paypal sandbox site ! You can login to sandbox and make payment ! Paypal focus redirects to my return URL ! Now the problem is I don't know what paypal sandbox returns with 'return URL' and even I am new with sandbox so I don't know how to manage the redirected data ! Kindly Inform me ! Thank you !
I have tried to download demos ! But in demos most of uses their own dll ! They are not providing class definition so I am little bit confused !
At first, check the paypal docs which fields are returned. As Mr. Disappointment guessed, the data will probably be returned as form data in a HTTP POST request.
You can check the request and the data with fiddler.
To access form data within an ASP.NET app, you simply use the Request object:
var field = Request["fieldName"];
Log into your sandbox account, then click on Documentation --> Sample Code then click the Integration Wizard link to generate all the sample code that you need.
The return URL will have two URL Params:
token,
payerId
I am using MVC so my Controller Method signature looks like this:
public ActionResult PaypalOrderConfirmation(string token, string payerId)
but you could just use e.g. Request.QueryString("token"); //Is that right it's been a while...
Then you need to "Commit the payment"
NVPCodec nvpCodec = new NVPCodec();
string returnMessage;
bool success = PayPal.CommitPayment(someTotal, token, payerId, out nvpCodec, out returnMessage);
//----------------------------------------------------------------------------//
public static bool CommitPayment(decimal finalPaymentAmount, string token, string payerId, out NVPCodec nvpCodec, out string returnMessage)
{
nvpCodec = new NVPCodec();
returnMessage = "";
bool success = new NVPAPICaller().ConfirmPayment(finalPaymentAmount.ToString(), token, payerId, ref nvpCodec, ref returnMessage);
return success;
}
I will go have another look on paypal for the download code and add it to this post if I find it.