I am new to flutter. how to pass a security key and id in headers and convert the string in the base64 encoded value and send the request to backend?
Related
I would like to do a REST resource that could be represented as:
PDF (binary for download);
JSON (with structured data);
PDF (base64 encode)
My expectation is to create a URL like this:
http://api.mybank.com/accounts/{accountId}/statement?fromDate=2019-11
The Accept header as 'application/json' will return the statement information.
The Accept header as 'application/pdf' will return the statement in a PDF binary file.
And PDF encoded as base64? How I define this?
Content-Transfer-Encoding is not an HTTP, but email header.
Transfer-Encoding is used only for compression.
I wanna create a Restful API using JWT with signature. The API only allows post method and there is request body in Json format. How do I add request Json body in JWT Signature?
https://localhost/Booking/Submit
JWT
.header {.alg="RS256"}
.payload { sender="ABC", recipient="XYZ", timestamp="010102020101010"}
.Signature {...}
Request Json body
{ "BookingId"=1, "BookingDate"="0404202001010", "BookedByName"="Mr. John", "BookedByContact"="12345678", "FacilitiyId"="10021"}
The JWT token is conventionally base64 encoded. This value is then added to your URL request as a header value for the “Authorization” key.
Your JSON payload is posted in the same URL request, except it makes up the body this time.
The Scenario:
I'm reading about JSON web tokens at this link (https://medium.com/vandium-software/5-easy-steps-to-understanding-json-web-tokens-jwt-1164c0adfcec). It outline how to create a JSON web token, you create a header and a payload, and then create a signature using the following pseudocode:
data = base64urlEncode( header ) + “.” + base64urlEncode( payload )
hashedData = hash( data, secret )
signature = base64urlEncode( hashedData )
My Question:
Why does the pseudocode use base64urlEncode when creating data and signature?
Scope Of What I Understand So Far:
Base64 allows you to express binary data using text characters from the Base64 set of 64 text characters. This is usually used when you have a set of data that you want to pass through some channel that might misinterpret some of the characters, but would not misinterpret Base64 characters, so you encode it using Base64 so that the data won't get misinterpreted. Base64 URL encoding, on the other hand, is analogous to Base64 encoding except that you use only a subset of the Base64 character set that does not include characters that have special meaning in URLs, so that if you use the Base64 URL encoded string in a URL, its meaning won't get misinterpreted.
Assuming my understanding there is correct, I'm trying to understand why base64urlEncode() is used in computing data and signature in the pseudocode above. Is the signature of a JSON web token going to be used somewhere in a URL? If so, why is data base64urlEncoded as well before hashing. Why not just encode the signature? Is there something about the hash function that would require its data parameter to be Base64 URL encoded?
When using the OAuth Implicit Grant, JWTs may be transferred as part of URL fragments.
That is just an example, but I guess in general it was presumed that JWTs might be passed through URLs, so base64urlEncodeing them makes sense.
The first line of the IETF JWT standard abstract even says:
JSON Web Token (JWT) is a compact, URL-safe means of representing claims to be transferred between two parties.
(Note that the OAuth Implicit Grant is no longer recommended to be used.)
Some JWT modules (e.g. pyjwt) throw an exception when decoding a JWT where the payload string encodes a list as opposed to a map/dict. I came across an api that sends such a JWT as a response to request and I need to decode it. I can use a custom method to decode the JWT, but I'm wondering if the api is going against the JWT protocol by encoding a list as the payload instead of encoding a dict with a key whose value is the list.
Below is service URL which return output in form of JSON.
http://localhost:8000/ByDept/ExmapleService?format=json
But I want to pass querystring parameter with this URL. Below is Service URL.
http://localhost:8000/ByDept/ExmapleService?abc=hello&format=json
here abc=hello is parameter which is pass through query string.
But using this url i am able to receive output in form of JSON.
So how we can pass parameter in form of query string and access response in json.?
The Content Negotiation section in the Routing docs shows different ways you can specify the response format, e.g:
/rockstars?format=json
/rockstars.json
In addition you can also specify a JSON response with the Accept Request Header, e.g:
Accept: application/json
Both of the above accept extra query params without changing the Response Type:
/rockstars?id=1&format=json
/rockstars.json?id=1
So I don't really understand what the question is.