Processing Post Request from Slack - c#

I've setup an asp.net MVC web application to capture post request. I've set breakpoints to see what info is coming through. When an interactive button is clicked, my breakpoint is hit but the object has no details. It simply says {Object} when i hover over value. When I use Postman and send a raw JSON body, it displays the JSON. May I ask how am i suppose to process the slack object that is sent?
public void Post(object value)
{
// breakpoint here
}

For interactive messages Slack send a standard POST request with a single form-data encoded parameter called payload in the body. This parameter contains the data of the actual request as JSON string.
You can simulate this with Postman by using the following parameters:
Request type: POST
Header: Content-Type: application/x-www-form-urlencoded
Body: form-data, with key=payload and value = JSON string.
So the body is not fully JSON as you assumed, but contains a form parameter with a JSON encoded string. If you change your app accordingly, it will work.
In c# you can access the content of the payload parameter with Request["payload"] (see this answer or details).
Then you still need to decode the JSON string into an object of course. An easy approach is to use JavaScriptSerializer.Deserialize. (see this answer for details and alternative approaches).

Related

Why is postman sending form data in an HTTP GET?

I received a Postman json collection from an API vendor that works perfectly, but has something mystifying to me: The request is in a GET format, yet there is an x-www-form-urlencoded body.
URL: https://login.microsoftonline.com/d1e<secret>9563/oauth2/token
And when I look at the postman-generated c# code, the mystery continues:
var client = new RestClient("https://login.microsoftonline.com/d1e...d3/oauth2/token");
client.Timeout = -1;
var request = new RestRequest(Method.GET);
request.AddHeader("Content-Type", "application/x-www-form-urlencoded");
request.AddParameter("grant_type", "client_credentials");
request.AddParameter("client_id", "c06bb...79");
request.AddParameter("client_secret", "7~u...D");
request.AddParameter("resource", "https://vault.azure.net");
IRestResponse response = client.Execute(request);
Console.WriteLine(response.Content);
Note the AddParameter constructions for a GET call. To me, this must be a slight-of-hand for merely adding those values to the querystring. But when I look at the postman console I see:
In the postman console I would have expected to see those params appended to the url as a querystring, and then everything would have made sense. But you can see that it's a bonafide Request Body.
When I make GET calls in my c# code I like to use the simple yet solid WebClient object to call the DownloadString() method. But this method is only for GETs and there's no way to send a form-post style body, understandably.
Is postman truly sending a GET with all those values being appended to the url as a querystring? And should I do the same in my DownloadString() call? Or is there something else going on here? Should I instead, in my c#, be calling the UploadString() method and sending a form post BODY as a GET??
Http protocol supports adding a body to a request, but the WebClient class you use doesn't. Presumably because it isn't considered the norm.
I'm sure there's good reasons for Microsoft using it in the OAuth flow though. Those guys normally do things right!
HTTP GET with request body
API is just an abstraction , you can send what ever you want to the API . It depends on the implementation , how the server handles these data.
Some services considers only what it requires and ignores other information
some services considers the entire requests and validates that it has only the allowed data. what should be allowed depends on the service
Postman is just a client that sends data to server , its upto you to decide what all information it should send . If you dont need any body then keep it as none. if you need some thing then add it.

Gathering and Filtering Necessary Post Data for a HTTP Post Requests

I hope you're all well. I am trying to use C# and the request.post command to autofill a login page. I've shown the snippet of code I'm dealing with below.
My main concern currently is the 'POST DATA GOES HERE' .I'm unsure how I can gather the post-data as well as what syntax / format i would need to put it in.
I've already tried using Fiddler and Charles Proxy (HTTP Debuggers) to find anything about PostData . I did find some things I needed : User-Agent / Success Keys but those currently aren't relevant.
//Send a Post request to the (URL, postdata, contenttype) - store the HTTP Response into Response
var Response = Request.Post(LOGIN_URL, "{post data goes here}", "content type goes here `application/java`");

PayU POST notification signature validation

I'm integrating PayU API service in my web (.NET MVC Core 2.1) application.
After client pays order, PayU sends notification confirmation as POST request to my api method.
Example of PayU confirmation notification.
In heareds notification placed MD5 signature.
OpenPayu-Signature:
sender=checkout;
signature=c33a38d89fb60f873c039fcec3a14743;
algorithm=MD5;
content=DOCUMENT
string incoming_signature = c33a38d89fb60f873c039fcec3a14743;
What I supposed to do to verify that notification:
Here is instruction to verify notification signature.
1.Combine the body of the incoming notification with the value of second_key(second key is avaliable in my account page in payu ):
string concatenated = JSONnotification + second_key;
2.Select an expected signature value by applying the hashing function (e.g. md5) in the received chain of characters:
string expected_signature = md5(concatenated)
3.Compare the strings: expected_signature and incoming_signature:
bool signature_is_correct = (expected_signature == incoming_signature);
Problem is checksums is not matching.
I Handle this notification in my controller method:
[HttpPost]
[AllowAnonymous]
[Route("notify")]
public IActionResult TransactionConfirm([FromBody] dynamic content)
content variable parsed as a object
and I accessing JsonBody string as content.ToString()
method.
Is it possible to hashes isn't matched because method content.ToString() can return not the same string like in request body?
Is there any ways to handle json as argument in .Net Core method? (I've already tried to placed JObject, but method ToString() also returned string that generated to hash isn't matching)
To compute a matching hash, you need to read the incoming request as is, without deserializing it. So yes, your generated JSON probably differs from the sent one (whitespace characters).
I'm not really familiar with ASP.NET Core, but in the old ASP.NET, you could read the request content using:
var json = new System.IO.StreamReader(Request.InputStream).ReadToEnd();

asp.net API post values received are null from postmaster

I'm writing a very basic asp .net api with a simple post method. The post parameters are returning null. I've tried various ways to get the method to return the object I passed in. I created a data transfer object and I've verified that the method is getting called. What else can I check ?
post master settings ----
url: /api/values
params: incidentID 4
params: incidentTitle 'this is some text'
Content-Type: application/json
// POST api/values
[Route("api/values")]
[HttpPost]
public HttpResponseMessage Post([FromBody]incidentDTO incid)
{
return Request.CreateResponse(incid);
}
I assume by postmaster you meant Postman.
If you are using Postman, use the following steps:
Under Header type Content-Type with a value of application/json
Select the raw tab and enter your data as follows:
{
"incidentId":4,
"incidentTitle":"this is some text"
}
Click on Send.
As the post data is being read from the body, there in no need to enter any values in URL params.

400 Bad request exception when send JSON string to server from client

Actually sending json string(Post) to server got 400 bad request exception,
below Url i got this exception
_http://---.---.--.---:---/SignUp/SignupUser/{JSON STRING}/{PASSWORD}
so the JSON string and password is given below
_http://---.---.--.---:----/SignUp/SignupUser/{"SessionId":"99c77c9b-043e-4611-a011-e774c614e887","PassWord":"234434343434","UserName":"john_mcclane","FirstName":"John","LastName":"mcclane","NickName":"Bruno","Gender":0,"DateTime":"2013-12-19T10:39:37","AddressLine1":"Paradigm Talent Agency NY","AddressLine2":"360 Park Ave South, 16th Floor","City":"New York","State":"New York","Country":"USA","Zip":"N.Y. 10010","EmailId":"Bruno_diehard#email.com","MobileNumber":"7189615565","AlternativeNumber":"9179615565","ProofType":"License","ProofNumber":"I1234562","IsDogAllowed":true,"IsDrinkersAllowed":true,"IsSmokersAllowed":true}/{234434343434}
please tell what i did wrong in it.
Note : I am trying this in the advance rest client google chrome.
You have created the POST request with two arguments (JSON object and password). The typical REST service post request can have only one argument. So, try with one argument by sending the password with the JSON object itself.

Categories