I'm trying to start an azure runbook from a MVC app.
var cert = new X509Certificate2(Convert.FromBase64String(ConfigurationManager.AppSettings["CertBase64String"]));
var creds = new CertificateCloudCredentials(ConfigurationManager.AppSettings["SubscriptionId"], cert);
AutomationManagementClient automationManagementClient = new AutomationManagementClient(creds);
var content = automationManagementClient.Runbooks.GetAsync(<Resource group name>, ConfigurationManager.AppSettings["AutomationAccount"], <Runbook name>)
I get this error:
AuthenticationFailed: Authentication failed. The 'Authorization' header is missing.
I got this code from MSDN but I can't seem to make it work.
(The certificate is the one downloaded from here ).
I tried using TokenCloudCredentials from a Console app and that seems to work fine but I'm not sure if I can use those in the MVC app.
Any ideas how I should use AutomationManagementClient with certificate credentials? Or how to use TokenCloudCredentials in the web app?
The Automation SDK you are attempting to use uses Azure Resource Manager APIs, which do not support management certificate-based authentication. You will need to authenticate via TokenCloudCredentials. The documentation that shows management certificate support is incorrect and we will update it shortly.
Related
I keep on getting the exception:
"Invalid API identifier specified".
I have double checked the keys on my AWS console and even generated a new API just to be sure for testing purposes but I keep on getting this. Below is my code.
I am able to get the account details correctly, but that's about it.
For any other call like GetModelAsync, GetResourceAsync, GetRestAPIAsync etc. , I keep on getting this exception even after entering the correct keys and ids.
Would love some guidance if someone has faced a similar issue before, documentation seems limited. AWS has dedicated Gateway API SDKs for Java, JS etc. but support seems to be limited for dot net as of now.
https://docs.aws.amazon.com/apigateway/latest/developerguide/how-to-generate-sdk.html
I am using dot net core 3.1.0. Below is my code:
// making the credentials object using the proper access and secret key.
var awsCredentials = new BasicAWSCredentials(accessKey, secretKey);
// getting a client object using the credentials
var apiClient = new AmazonAPIGatewayClient(awsCredentials);
var accountRequest = new Amazon.APIGateway.Model.GetAccountRequest();
var account = await apiClient.GetAccountAsync(accountRequest);
I have been using Dropbox via the Sharpbox toolkit for a while. It's based on oAuth1, so I have a database full of oAuth1 access tokens for my users.
I'd like to convert to the new Dropbox API, which is based on oAuth2. I see that there is a "token_from_oauth1" endpoint in Dropbox's v1 spec (reference here), but I'm not figuring out how to successfully connect to this endpoint to upgrade a user's existing token. (I'm using C#/.NET).
Can anybody point me to some sample code that shows how to create a properly authenticated call to perform this operation? I think the problem is in trying to correctly authenticate/sign the request. (All of my existing dropbox calls are done by the Sharpbox library, so I can't see how it does the authentication).
Thanks!
You can get this using a simple rest client (Like RestSharp) and doing a call like this
I'm currently doing this in a xamarin app, i use the xamarin dropbox core api to login, and get the oauth_token, oauth_consumer_key and the oauth_signature. If you managed the oauth1 flow with c# is then easy to get the oauth2 token.
var rclient = new RestSharp.RestClient("https://api.dropboxapi.com/1/");
var rrequest = new RestSharp.RestRequest("oauth2/token_from_oauth1", Method.POST);
rrequest.AddHeader("Authorization", "OAuth oauth_version=\"1.0\", oauth_signature_method=\"PLAINTEXT\"");
rrequest.AddParameter("oauth_consumer_key", store.GetConsumerKey());
rrequest.AddParameter("oauth_token", store.GetAccessToken());
rrequest.AddParameter("oauth_signature", String.Concat(App.DropboxAppSecret, "&", store.GetAccessTokenSecret()));
var rresponse = rclient.Execute(rrequest);
string content = rresponse.Content;
There's a library for Twitter oAuth 1.0 (see http://www.voiceoftech.com/swhitley/?p=681) that actually makes it easy to make oAuth 1.0 authenticated calls. So the code below seems to work pretty well for me:
oAuthTwitter oat = new oAuthTwitter();
oat.Token = <oauth 1.0 token>;
oat.TokenSecret = <oauth 1.0 secret>;
oat.ConsumerKey = <application key>;
oat.ConsumerSecret = <application secret>;
string resultJSON = oat.oAuthWebRequest(oAuthTwitter.Method.POST, "https://api.dropboxapi.com/1/oauth2/token_from_oauth1", null);
I installed package azure management library 2, and try to call
var certificate = this.GetStoreCertificate();
Microsoft.WindowsAzure.CertificateCloudCredentials credentials = new Microsoft.WindowsAzure.CertificateCloudCredentials("504fb4ef-3a48-4545-b7fc-b1b6cf821f48", certificate);
var storageClient = CloudContext.Clients.CreateStorageManagementClient(credentials);
But this gives me a compile error with CreateStorageManagementClient function is not available.
What else should I install to create a storage account? I found this MSDN article which explains how to create a storage account, but it doesn't use any library at all and just do a http post to a Microsoft web service. I am wondering there must be some api that I can use?
The msdn link
I have a C# application using version 2.0.1.0 of the Rally Rest API for .NET. The application will successfully query Rally for data, but when I try to create an object, an error is returned indicating invalid key. This issue started today and is occurring for multiple users of the application.
I use the following line of code to authenticate.
myRestApi = new RallyRestApi(Rally_username, Rally_password, Rally_URL, "v2.0", myProxy);
I have read some help online indicating the need for a security token, however this note makes me feel like that is not needed: "Note: When using any of the Rally REST Toolkits or the App SDK this will be automatically handled. "
I have tried updating to version 3.0 (Beta), but this does not resolve the problem.
There are reports that using ApiKey instead of basic authentication with username/password resolves the invalid key error.
Rally .NET toolkit supports ApiKey authentication.
The constructor for v2.0.1:
restApi = new RallyRestApi("_abc123","https://rally1.rallydev.com","v2.0");
The constructor for v3.0.1:
restApi.Authenticate("_abc123", "https://rally1.rallydev.com", allowSSO: false);
I was getting the same error and noticed it was not recognizing my username and password that I had stored in the <appSettings> section of Web.config.
For some reason it would not allow them to be read so I decided to store the credentials elsewhere, in Properties => Settings of my app and it has worked ever since.
Here's a code snippet of how the Rally API initialization looks like for me:
RallyRestApi restApi = new RallyRestApi(webServiceVersion: "v2.0");
string user = Properties.Settings.Default.username;
string pass = Properties.Settings.Default.password;
string rallyURL = Properties.Settings.Default.rallyURL;
restApi.Authenticate(user, pass, rallyURL, proxy: null, allowSSO: false);
Hope it helps!
I'm trying to create web page that access the (business) private calendar of the company and insert events if the time slot is available. Still I'm facing an authentication problem.
The API manual states that I should use an API key and Oauth2LeggedAuthenticator, so I did all this and the request that is fired is quite okey (it has a oauth token and such) But still the response is an exception with Invalid Credentials; Easy to say is that my credentials are wrong, still clientID, clientSecret and API Key are valid; I doubt the 2 last params of the 2legged authenticater, is this correct?
var provider = new NativeApplicationClient(GoogleAuthenticationServer.Description);
provider.ClientIdentifier = ClientCredentials.ClientID;
provider.ClientSecret = ClientCredentials.ClientSecret;
var authenticator =
new OAuth2LeggedAuthenticator(ClientCredentials.ClientID, ClientCredentials.ClientSecret, "myworkusername", "workdomain.com");
Google.Apis.Calendar.v3.CalendarService service = new Google.Apis.Calendar.v3.CalendarService(authenticator);
service.Key = ClientCredentials.ApiKey;
var result = service.CalendarList.List().Fetch();
Assert.IsTrue(result.Items.Count > 0);
NB: At the time of writing you can only used 2-legged authentication with Google Apps for Business/Eduction, this won't work on personal accounts as there's no way to get an OAuth 1.0 key/secret pair, you will have to use online authentication at least once (but you can use the out-of-browser option so you don't have to create a dedicated page).
Your code is correct apart from you don't need the first three lines relating to the NativeApplicationClient. This is most likely failing because you haven't properly set the OAuth keys, this causes 401s.
The other thing that causes 401s is using "matt#example.com" instead of "matt" as the username, the username is without including your domain.
To setup OAuth follow the instructions in this article from Google.
The most important parts to note are "Allow access to all APIs" must be unchecked and you have to individually grant access to all the APIs. If this hasn't been done you will get a 401 Invalid Credentials error. You then also need to turn those services on in the api console. If the api console step hasn't been done you will get a different error of 403 Daily Limit Exceeded.
This will cause you problems if you were previously relying on the "Allow access to all APIs" to use various services, you will have to grant them all individually as far as I understand it to use the v3 APIs. This seems to have been confirmed by google (4th reply by Nicolas Garnier) and is supposedly a bug, but that is an old post so it looks as if it's here to stay.
For reference once this has been done, this code will work, which in essence is the same as yours:
var auth = new OAuth2LeggedAuthenticator(domainName, consumerSecret, usernameWithoutDomain, domainName); //domainName is presently used as the OAuth ConsumerKey for Google's 2legged OAuth
var service = new CalendarService(auth);
service.Key = serviceKey;
var results = service.CalendarList.List().Fetch();
Console.WriteLine(results.Items.Count);
So in summary:
In Google Apps "Manage this Domain" > "Advanced Tools"
Using "Manage OAuth domain key" enable key, generate secret, uncheck "Allow access to all APIs".
Using "Manage third party OAuth Client access" enable the APIs you want access to using your domain as "Client Name" and the APIs you want to access e.g. "http://www.google.com/calendar/feeds/" for the calendar.
Then finally create a project in the API console, use the APIKey as the serviceKey in the above example and turn on the APIs you need to access.
I am answering this as I kept hitting this question when I was trying to find out why my code was constantly returning 401s. Hope this helps someone as the Google instructions are awful and scattered all over the place at the moment.