I am new to .net-core and docker. The problem I am going to explain here is a bit tricky, but if you have any type of questions please do ask me and I will explain it more clearly.
So, I have a docker container running on my localhost for whatsapp business api, as explained in Whatsapp Business Api Documentation.
I have already downloaded Postman Collection of Whatsapp Business Api from Whatsapp Business Postman Collection.
Everything seems to be working perfectly fine. But now I want to call these pre-built apis with .net-core and get the responses. As I couldn't find anything good, or also as a newbie it's difficult for me to understand. So for some knowledge I would like to know How can I call them and get the effective response. For example, take an example of a post request for admin login
API:
{{URL}}/v1/users/login
Authorization -> (Basic Auth)
username: admin
password: ****
RESPONSE:
{
"users": [
{
"token": "eyJhbGciOiAiSFMyNTYiLCAidHlwIjogIkpXVCJ9.eyJ1c2VyIjoiYWRtaW4iLCJpYXQiOjE1NTk5MTE1NTUsImV4cCI6MTU2MDUxNjM1NSwid2E6cmFuZCI6LTQxMzgyNDE0MjYwMDI5NjA1OTl9.PYAhEilXX3GDhRo0O-M0V0aXWfL5THJkG65LfIesxh4",
"expires_after": "2019-06-14 12:45:55+00:00"
}
],
"meta": {
"version": "v2.23.4",
"api_status": "stable"
}
}
the images for more explanation can be seen below in the request and response links.
The Login Authentication UI Image.
The Login Authentication Postman Image.
The Login Authentication Response New Password UI Image.
The Login Authentication Response Postman Image.
Now with this token I can create more users by other api calls.
How can I call an api like this and get the response with token and use that token for more functionalities or api calls with .netcore.
Thank you.
Your question is very broad, but in general, you want to create a service class where you inject a typed HttpClient instance (see: https://learn.microsoft.com/en-us/aspnet/core/fundamentals/http-requests?view=aspnetcore-2.2#typed-clients).
The token can be stored on a private field or property in that service class. Then, just create a private method like GetTokenAsync in the service class, where you will either get the value from the field, or if it's null, then call the API to get it. All your other methods will then call GetTokenAsync to get the token they need, and make their own calls. Finally, inject the service class where you need it.
Related
I need to configure Keycloak to get a JWT token as in this blog post, but I have to do it with cUrl. They create a client and then update it setting access type to confidential, Direct Grant Flow to direct grant, and Browser Flow to browser. The PUT request from the web UI that does this has some uuids that they seem to have pulled out of nowhere. Here is the relevant part of the payload:
"authenticationFlowBindingOverrides":{"browser":"6d77c4c7-15cf-4474-9b9f-7439dbc83b83","direct_grant":"5cb10cdb-9902-4f7f-b9da-68f887c49a75"}
The docs for the ClientRepresentation are no help. They show all fields are optional, which doesn't make sense, and the authenticationFlowBindingOverrides is a Map, but the link in their docs for the Map is dead.
Does anyone know where they get the uuids for browser and direct_grant from?
There is also nothing in the PUT payload that sets the Access Type to confidential.
If anyone has a cUrl implementation of the UI steps in the blog post that would be greatly appreciated.
The PUT request from the web UI that does this has some uuids that
they seem to pull out of nowhere.
Those uuids are generated by keycloak to get them you need to call the endpoint:
GET KEYCLOAK_HOST/auth/admin/realms/<YOUR_REALM>/authentication/flows
From the JSON response you need to parser it and get the field id of both the alias: "browser" and the alias: "direct grant".
After that call the endpoint:
PUT KEYCLOAK_HOST/auth/admin/realms/<YOUR_REALM>/clients/<YOUR_CLIENT_ID>
with the following payload:
'{"publicClient":false,"clientAuthenticatorType":"client-secret","authenticationFlowBindingOverrides":{"direct_grant":"<DIRECT_GRANT_ID>","browser":"<BROWSER_ID>"}}'
There is also nothing in the PUT payload that sets the Access Type to
confidential.
You need to set the field publicClient to false.
Lets say we have SPA written in Angular 2 and have REST API using Spring Boot.
Both of them deployed in different servers. And now I have to protect this API via Facebook's OAuth2, but I don't know which grant type suits to my problem.
I don't want to be an auth server, I don't want facebook to be my resource server, instead my own REST API is supposed to be a resource server.
From FB I just want username or email or some identifier.
If I understood correctly I have to use implicit grant flow, because it's not a web application, correct me please, if I'm wrong.
Does "authorization code" grant also could be a choice ?
I really read almost all the threads related to oauth, spring security..
But I didn't find any info related to exactly SPA and REST API for separate servers.
Any link/resource related to above problem is appreciated.
Thanks in advance and sorry if I did something wrong, it's my very first post here.
You need to implement Implicit Grant flow https://oauth2.thephpleague.com/authorization-server/implicit-grant/
you need HTTPS for safety.
example:
OAuth Server: https://myoauthserver.com
restapi: https://myrestapi.com
client: https://myclient.com
send a get request to oauthserver "authorize" url with params
response_type = token (sometimes 'code')
redirect_uri = myclient.com or myclient.com/something (the one u assign while making an oauth client )
client id = dfuvhiurehvher (whatever id)
some providers require additional parameters like "scope".
when you send a request if everything works. you will be redirected to your client with the token in the url.
your request:
GET: https://myoauthserver.com/oauth/authorize?response_type=token&redirect_uri=https://myclient.com&client_id=yourClientIdHere
if successful you'll be redirected to
https://myclient.com?token=yourTokenValueIsHere
you can now use javascript to retrieve and store token value maybe to localStorage and attach it when sending requests to restapi (https://myrestapi.com)
heres an example request from auth0.com
$.ajax({
cache: false,
url: "http://localhost:7001/api/appointments",
headers: { "Authorization": "Bearer " + ATTACH_YOUR_TOKEN_VALUE_HERE }
});
for more details check this
https://auth0.com/docs/api-auth/tutorials/implicit-grant
I'm trying to use the Firebase REST API by creating an anonymous user by calling:
https://www.googleapis.com/identitytoolkit/v3/relyingparty/signupNewUser?key=[API_KEY].
No problem there, response (modified it abit for secrecy):
{
"kind": "identitytoolkit#SignupNewUserResponse",
"idToken": "eyJhbGciOiJSUzI1NiIsImtpZCI6IjM0NTBiMGJhOWUzMTcyMmUwOTBlZDIxMzViY2RiN2MxNzdhMzJmMjcifQ.eyJpc3MiOiJodHRwczovL3NlY3VyZXRva2VuLmdvb2dsZS5jb20vZmlzaGluYy1hcHAiLCJwcm92aWRlcl9pZCI6ImFub255bW91cyIsImL1ZCI6ImZpc2hpbmMtYXBwIiwiYXV0aF90aW1lIjoxNTAzMDQ1NjY4LCJ1c2VyX2lkIjoiQ2hKRUJ3Vk5HeVA0NmtEQzA3d1VKMUJ3Y3Q3MyIsInN1YiI6IkNoSkVCd1ZOR3lQNDZrRENwN3dVSjFCd2N0NzMiLCJpYXQiOjE1MDMwNDU2NjgsImV4cCI6MTUwMzA0OTI2OCwiZmlyZWJhc2UiOnsiaWRlbnRpdGllcyI6e30sInNpZ25faW5fcHJvdmlkZXIiOiJhbm9ueW1vdXMifX0.jdMuPVGvMT6qZoxynpGMqURqg9zrVbPl1kXxmbHoglGgi9u1HHwQft5hhKIS3QbS87-rr5BcEitCu5seHcDlWl3rzEx87fctHmY4z-vDqUUKIqjKHfB0q04SbzBKVUvuUg9O-ACWMDLWFZ54U4ALK7kFdlBti3600kqw_4-UGURa2jIPpOse9f8HIz_qGaO_5kptjO6v4drLhY6PPH_h1kO4p1DITWt6pfdn_E_tAqXZgsCK3iKhu4bYUc2DgiUfR7q3dfzravQyz2nrpDN6S3Z_NdzxiKRuyasPr7kpeqxGaAPCYX84P_GL6r-EEFCcVeouRukRvloRpoezOSkeRg",
"refreshToken": "APRrRCIqIUK5BiJIjpIt-ZtSdvn6ybONtTccCPOzIWAxg9qsClqdR82vqYmb0TMS1xngpCvlbIzgTSDTycvSoSYgua1r-6RlAt83Z2jXKTAnGalAHQLsC_gpUeF7js9PWl8O8PP5KF64coel22pgysd39QwC2Z2yf6zJj7xoozF0eaLjmkyvzqs",
"expiresIn": "3600",
"localId": "ChJEBwVNGyP46kDC07wUJ1Bwct73"
}
I was under the impression that I've now got an "authed"/logged in user. And that I can read data from the Realtime DB by using the idToken (provided that the only rules are that the user is authed).
But this doesn't seems to be the case (receive "Unauthorized request.") , or am I missing something. After googling it seems that I need a custom backend to "convert" the idToken into an access token. Is that correct?
Uhhh. It seems the documentation is a bit confusing, which says:
Supported by all request types. Authenticates this request to allow
access to data protected by Firebase Realtime Database Rules. See the
REST authentication documentation for details.
curl
'https://[PROJECT_ID].firebaseio/users/jack/name.json?access_token=CREDENTIAL'
But using the access_token parameter is wrong (in my case at least), in which I needed to use "auth" instead.
So this will work:
curl 'https://[PROJECT_ID].firebaseio/users/jack/name.json?auth=myIdTokenHere'
I am trying to integrate the OneNote API as part of a new application. Is it possible to use Google Chrome's POSTMAN REST Client to test the API? The OneNote API appears to be standard REST, so there should be no reason why not.
To login, I followed the documentation and did a GET request in POSTMAN to
https://login.live.com/oauth20_authorize.srf?client_id=myClientIdIsHere&scope=wl.signin&response_type=token&redirect_uri=dontKnowWhatToPutHere
Broken down, that is:
https://login.live.com/oauth20_authorize.srf
client_id=myClientIdIsHere
scope=wl.signin
response_type=token
redirect_uri=dontKnowWhatToPutHere
I tried the following based off advice from this blog: http://blogs.msdn.com/b/onenotedev/archive/2014/07/23/how-to-authenticate-with-microsoft-account-in-a-chrome-extension.aspx
https://login.live.com/oauth20_authorize.srf?client_id=myClientIdIsHere&scope=wl.signin&response_type=token&redirect_uri=https://login.live.com/oauth20_desktop.srf
When I do a GET request to this, I get HTML back, but it does not show up in the preview mode.
Am I on the right track?
The code that you are trying to execute is just the initial part of the oAuth login process.
As you have mentioned the below peice
redirect_uri=dontKnowWhatToPutHere
redirect_uri is the URL of your application. Once the authentication is success, the server will redirect the navigation to provided URL and you can proceed further from here. Just keep in mind that the URL given is as same as the one you have provided while creating the azure app. If they do not match, the server is going to simply throw an exception.
Please change the JSON to
https://login.live.com/oauth20_authorize.srf
client_id=myClientIdIsHere
scope=wl.signin
response_type=token
redirect_uri=http://localhost:8008/login
Replace http://localhost:8008/login with your application login route.
https://github.com/merle-/silhouette-rest-seed
I am trying to use this as I don't want to use the scala.html template files, and this seemed to do exactly what I wanted. I can CURL to create a user and get a token, but I don't know what to do with the redirects when trying to authenticate with a social provider, such as Facebook. There don't seem to be any instructions, either. Any help would be appreciated.
The readme gets you to the point where you have signed up a user and with the credentials POST retrieved the X-Auth-Token.
After a little debugging you will submit a POST request to the auth/link route to associate the user with the returned X-Auth-Token with a social provider as in:
http :9000/auth/link/facebook 'accessToken=xxxxx' X-Auth-Token:tokenfromearlier
Note the syntax of httpie is specific and must use = for json and : for headers. You obtain accessToken from here: https://developers.facebook.com/tools/access_token/
This will return the following JSON:
{
"message": "link with social completed!",
"status": "ok"
}
Not yet sure how to accomplish the next step which is to invoke the
/auth/signin/facebook POST route as this requires the ID of the provider and I am still figuring out the fb graph access approach.