Need help understanding this HTTP GET request - c#

I am trying the construct a HTTP GET web request that satisfies the following criteria
GET /v1/session
Host: developer.messenger.yahooapis.com
Authorization: < Standard OAuth credentials >
From what I know about get requests is that they are something like this :
https://someaddress.com/&parameterA=valA&parameterB=valB
where parameterA and parameterB are the parameters that are required.
Now I want to construct a similar address for the above mentioned criteria. How can I do that. I believe the address would be https://developer.messenger.yahooapis.com however I am not sure what the other requirements are for such a get request. I would appreciate it if someone could disect and specify the requirements of the above(Topmost) Get Request so that I may be able to construct a valid GET request URI.

https://developer.messenger.yahooapis.com
so your request url should be like
https://developer.messenger.yahooapis.com?parameterA=valA&parameterB=valB
you get your data in your $_GET array, just add print_r($_GET)

For a request, you need a URL like
https://developer.messenger.yahooapis.com
BUT that is only the hostname.
you need to specify a resource that you want to GET like /v1/session, so your URL is
https://developer.messenger.yahooapis.com/v1/session
If you want to pass some parameters you have to signal that the pointing part of the URL is finished. You do this with an ?. Now to add the parameters, you basically add name-value pairs, like var1=value. For multiple params use a & to seperate them. Slapping all together you get a
https://developer.messenger.yahooapis.com/v1/session?var1=value&var2=value
as URL. Now hand it to your HttpGet-method.
HttpGet will now build a request and later send it to https://developer.messenger.yahooapis.com the host/server who will return the resource to your client. To tell the host that you have the rights to access that resource, the request must contain the neccessary login informations, thats what oAuth is for. Those credentials have to be added in the request header before executing the get-request.

Related

Can you use custom HTTP request methods with http.client?

Is there a way to use HTTP request methods that are not implemented by System.Net.Http.HttpMethod?
I try to update files with a REST interface. The way it is implemented, I GET a list of files and their hashes. Then I check if any of these files have changed on my side and if so, I POST each file to the API, otherwise I skip it.
When I'm done, the endpoint expects an UPDATE request to know that I'm done sending files. But there is no UPDATE method in HttpMethod.
Is there a way to alter REQUEST_METHOD manually in a HttpRequestMessage or do they need to recode the endpoint?
Looking up System.Net.Http.HttpMethod only gives the following options: GET, PUT, POST, DELETE, HEAD, OPTIONS, TRACE, PATCH and CONNECT. There is no obvious way to add a custom method.
In the case where you need an HttpMethod that does not exist in the static properties of the class, you can just use the constructor which allows you to pass any string method:
var customHttpMethod = new HttpMethod("UPDATE");

Redirect with header parameters

Is it possible to set parameters in the header of an HttpResponse, then redirect?
I tried something like this:
Response.Headers.Add("test", "1234");
Response.Redirect(www.targetpage.com);
and then
var result = Request.Headers["test"];
My problem is that I don't find the parameter in my request result is always null and I cannot pass the the parameters in the url I need a solution with the header, thanks.
You are redirecting the client, so anything you sent to the client in the Response is probably flushed/discarded. If your intent is to control the redirect then you'd need to handle that in js on the client.
There are many ways to implement your own messaging:
How to send data from C# to JavaScript/AJAX webpage

How do I get RestSharp not to add oauth_callback parameters to the Authentication header

I'm trying to connect to a finicky API using RestSharp. The API uses OAuth1.0 and on the initial Request Token requires oauth_callback parameter ONLY in the query and not in the Authentication Header (I have confirmed this with Postman).
When I construct the request this way:
var Authenticator = OAuth1Authenticator.ForRequestToken(mc_apiKey, mc_appsecret);
Authenticator.ParameterHandling = OAuthParameterHandling.HttpAuthorizationHeader;
Authenticator.SignatureMethod = OAuthSignatureMethod.PlainText;
client.Authenticator = Authenticator;
var request = new RestRequest(RequestToken, Method.POST);
string AuthorizationCallBackURL = string.Format(LoopbackCallback);
request.AddParameter(_oauthCallback, AuthorizationCallBackURL, ParameterType.QueryStringWithoutEncode);
and look at the logs on the server I see the query string in the Http call,
http://192.168.0.187:8080/xxxx/ws/oauth/initiate?oauth_callback=http://192.168.0.187:8080/provider_emailer/callback.jsp
but it is also in the Authentication header:
Headers:
{Accept=[application/json, text/json, text/x-json, text/javascript, application/xml, text/xml],
accept-encoding=[gzip, deflate],
Authorization=[OAuth oauth_callback="http://192.168.0.187:8080/provider_emailer/callback.jsp",
oauth_consumer_key="XXXXXXXXXXXX",
oauth_nonce="cei09xm04qetk2ce",
oauth_signature="XXXXXXXXXXXXXXXX",
oauth_signature_method="PLAINTEXT",
oauth_timestamp="1591197088",
oauth_version="1.0"],
Content-Length=[0], Content-Type=[null],
cookie=[JSESSIONID=C8C8DB501382F7D1E52FE436600094C0],
host=[192.168.0.187:8080], user-agent=[RestSharp/106.11.4.0]}
This causes a "NotAcceptable" response. The same request done with Postman without the callback parameter in the Authentication header works.
Am I doing something wrong? Is there a way to only get the callback in the query string?
That's tricky. I looked at the code and we don't set the callback URL to the workflow object when you use the overload without this parameter. So, you're doing it conceptually correct.
However, we must collect all the parameters (default and request parameters) plus OAuth parameters to build the OAuth signature. We then use the parameters collection and extract all of them that have a name starting with oauth_ or xauth_ to the request headers (in case you use HttpAuthorizationHeader) and by doing so, we put your query parameter to the header.
Apparently, that's not ideal and it looks like a bug, so I can suggest opening an issue in RestSharp repository. Should not be hard to fix.

AWS Cloudfront returning Missing Key-Pair-Id query parameter or cookie value

I have the code that returns the Cloud Front Signed Cookie Values.
CookiesForCustomPolicy signedCookiesUrl = AmazonCloudFrontCookieSigner.GetCookiesForCustomPolicy("https://example.cloudfront.net/movies/nature.mp4", new StreamReader(File.OpenRead(Path.Combine(AppContext.BaseDirectory, "pk-2.pem"))),"APKEXAMPLEKEYID", DateTime.Now.AddDays(10), DateTime.Now, null);
I use the returned values to request the object, however returns the
<Error>
<Code>MissingKey</Code>
<Message>
Missing Key-Pair-Id query parameter or cookie value
</Message>
</Error>.
I test this through the PostMan tool putting the headers and direct request through Chrome browser and still getting the same error.
I have use the correct Cloudfront Key Pair and correct resource URL. My objects are private and cloudfront have access to it. Is there any thing else that i need to work on to get this working?
Add Header Key Pair
These aren't raw headers, they're cookies. Although I don't use postman, it sounds like this is your issue:
Based on what you've said, you wouldn't add them like this:
[CloudFront-Key-Pair-Id, APKEXAMPLEQQ]
Instead it should look more like this:
[Cookie, CloudFront-Key-Pair-Id=APKEXAMPLEQQ]
Here is the example for Signed URL in C#.
http://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/CreateSignatureInCSharp.html
When you return the signed keys, you can return with query string parameter or Cookies.
You can return cookies to API Gateway in two ways, Do with ANY Integration and return the headers as it is.
If you do any other method, you need to return json data and map json data to headers in API Gateway.
http://docs.aws.amazon.com/apigateway/latest/developerguide/request-response-data-mappings.html#mapping-response-parameters
Hope it helps.
When we use PUBLIC_KEY and PRIVATE_KEY then we get Key-Pair-Id missing. We should use Access Key Id instead of PUBLIC_KEY then it will work perfectly.

Getting the HTTP Referrer in ASP.NET

I'm looking for a quick, easy and reliable way of getting the browser's HTTP Referrer in ASP.Net (C#). I know the HTTP Referrer itself is unreliable, but I do want a reliable way of getting the referrer if it is present.
You could use the UrlReferrer property of the current request:
Request.UrlReferrer
This will read the Referer HTTP header from the request which may or may not be supplied by the client (user agent).
Request.Headers["Referer"]
Explanation
The Request.UrlReferrer property will throw a System.UriFormatException if the referer HTTP header is malformed (which can happen since it is not usually under your control).
Therefore, the Request.UrlReferrer property is not 100% reliable - it may contain data that cannot be parsed into a Uri class. To ensure the value is always readable, use Request.Headers["Referer"] instead.
As for using Request.ServerVariables as others here have suggested, per MSDN:
Request.ServerVariables Collection
The ServerVariables collection retrieves the values of predetermined environment variables and request header information.
Request.Headers Property
Gets a collection of HTTP headers.
Request.Headers is a better choice than Request.ServerVariables, since Request.ServerVariables contains all of the environment variables as well as the headers, where Request.Headers is a much shorter list that only contains the headers.
So the most reliable solution is to use the Request.Headers collection to read the value directly. Do heed Microsoft's warnings about HTML encoding the value if you are going to display it on a form, though.
Use the Request.UrlReferrer property.
Underneath the scenes it is just checking the ServerVariables("HTTP_REFERER") property.
Like this: HttpRequest.UrlReferrer Property
Uri myReferrer = Request.UrlReferrer;
string actual = myReferrer.ToString();
I'm using .Net Core 2 mvc,
this one work for me ( to get the previews page) :
HttpContext.Request.Headers["Referer"];
Since Google takes you to this post when searching for C# Web API Referrer here's the deal: Web API uses a different type of Request from normal MVC Request called HttpRequestMessage which does not include UrlReferrer. Since a normal Web API request does not include this information, if you really need it, you must have your clients go out of their way to include it. Although you could make this be part of your API Object, a better way is to use Headers.
First, you can extend HttpRequestMessage to provide a UrlReferrer() method:
public static string UrlReferrer(this HttpRequestMessage request)
{
return request.Headers.Referrer == null ? "unknown" : request.Headers.Referrer.AbsoluteUri;
}
Then your clients need to set the Referrer Header to their API Request:
// Microsoft.AspNet.WebApi.Client
client.DefaultRequestHeaders.Referrer = new Uri(url);
And now the Web API Request includes the referrer data which you can access like this from your Web API:
Request.UrlReferrer();
string referrer = HttpContext.Current.Request.UrlReferrer.ToString();
Sometime you must to give all the link like this
System.Web.HttpContext.Current.Request.UrlReferrer.ToString();
(in option when "Current" not founded)
Using .NET Core or .NET 5 I would recommend this:
httpContext.Request.Headers.TryGetValue("Referer", out var refererHeader)
Belonging to other reply, I have added condition clause for getting null.
string ComingUrl = "";
if (Request.UrlReferrer != null)
{
ComingUrl = System.Web.HttpContext.Current.Request.UrlReferrer.ToString();
}
else
{
ComingUrl = "Direct"; // Your code
}

Categories