I'm trying to connect my asp.net REST api to salesforce. I'm succesfully going through authentification, but when I start to send POST requests, I'm getting an error
{"errorCode":"INVALID_SESSION_ID","message":"Session expired or invalid"}
Here is my POST request:
//SFServerUrl = "https://na17.salesforce.com/services/";
//url = "data/v28.0/sobjects/Account";
ASCIIEncoding ascii = new ASCIIEncoding();
byte[] postBytes = ascii.GetBytes(postBody);
HttpWebRequest request = WebRequest.Create(Globals.SFServerUrl + url) as HttpWebRequest;
request.Method = "POST";
request.ContentType = "application/json";
request.ContentLength = postBytes.Length;
Stream postStream = request.GetRequestStream();
postStream.Write(postBytes, 0, postBytes.Length);
HttpCookie cookie = HttpContext.Current.Request.Cookies[Globals.SFCookie];
var ticket = FormsAuthentication.Decrypt(cookie.Value);
string authToken = ticket.UserData;
request.Headers.Add("Authorization", "Bearer " + authToken);
postStream.Close();
HttpWebResponse response = request.GetResponse() as HttpWebResponse;
StringBuilder sb = new StringBuilder();
byte[] buf = new byte[8192];
Stream resStream = response.GetResponseStream();
string tempString = null;
int count = 0;
do
{
count = resStream.Read(buf, 0, buf.Length);
if (count != 0)
{
tempString = Encoding.ASCII.GetString(buf, 0, count);
sb.Append(tempString);
}
}
while (count > 0);
return new Tuple<bool, string>(true, sb.ToString());
When I'm trying to send GET request - I recieve 200 response.
Also, I've tried to send a POST Request with the same token from Simple Rest Client and it get's 200 response. I tried to change my "Authorization : Bearer" Header to "Authorization : Oauth", but nothing changed. I also tried to catch this error, get refresh token and send a request again with refreshed token, but nothing changed. Please, help me with this.
Using workbench I was able to POST the following JSON to /services/data/v29.0/sobjects/Account and create a new Account.
{
"Name" : "Express Logistics and Transport"
}
Raw Response
HTTP/1.1 201 Created
Date: Sun, 07 Sep 2014 21:32:06 GMT
Set-Cookie: BrowserId=_HC-bzpTQABC1237vFu2hA;Path=/;Domain=.salesforce.com;Expires=Thu, 06-Nov-2014 21:32:06 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Sforce-Limit-Info: api-usage=209/15000
Location: /services/data/v29.0/sobjects/Account/0010000000000001AAA
Content-Type: application/json;charset=UTF-8
Content-Encoding: gzip
Transfer-Encoding: chunked
{
"id" : "0010000000000001AAA",
"success" : true,
"errors" : [ ]
}
Things to check:
Your URL. It appears to be missing the leading /services
Is SFServerUrl the same Salesforce pod/server that the Session Id was issued to? If the Session Id came from another pod then it would be invalid on na17.
How did you create the Session Id? If you used OAuth, what scopes did you request?
Is the Session Id coming out of the cookie valid?
Has something else using the same Session Id called logout and invalidated the session?
Incidentally, the Salesforce StackExchange site is a great place to ask Salesforce specific questions.
See also:
Using REST API Resources - Create a Record
The problem was that I added Headers after Content. When I switched these lines of code everything worked.
Related
I tried TFS 2015 REST API Authentication
However, it mentions request object (as I can't use javascript), not sure where is the request object or what type of it.
I am trying to pass query id and the code should execute the query and get result via API.
The solution works from my local, however, after publishing to server it does not seems working.
I also checked that the TFS is accessible from server using the credentials.
My code below:
private HttpClientHandler GetTfsCredentials()
{
HttpClientHandler handler2 = new HttpClientHandler { UseDefaultCredentials = true };
handler2.Credentials = new NetworkCredential("username", "password", "domain");
return handler2;
}
private async Task<object> GetQueryResults(string queryId)
{
string tfsApiUrl = ConfigurationManager.AppSettings["TfsApiUrl"];
string tfsProjectName = ConfigurationManager.AppSettings["TfsProjectName"];
string TfsProjectGuid = ConfigurationManager.AppSettings["TfsProjectGuid"];
//I tried both credentials and credentials2, but none of them working
string credentials = Convert.ToBase64String(System.Text.ASCIIEncoding.ASCII.GetBytes($"{""}:{"password"}"));
string credentials2 = Convert.ToBase64String(System.Text.Encoding.UTF8.GetBytes("domain\\username:password") );
if (!string.IsNullOrEmpty(tfsApiUrl) && !string.IsNullOrEmpty(tfsProjectName)
&& !string.IsNullOrEmpty(Id))
{
log.Info("GetQueryResults:: Config values found");
using (var client = new HttpClient(GetTfsCredentials()) { BaseAddress = new Uri(tfsApiUrl) })
{
client.DefaultRequestHeaders.Accept.Clear();
client.DefaultRequestHeaders.Accept.Add(new System.Net.Http.Headers.MediaTypeWithQualityHeaderValue("application/json"));
client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Basic", credentials2);
HttpResponseMessage response = client.GetAsync($"{tfsProjectName}/_apis/wit/wiql/{Id}").Result;
log.Info("GetQueryResults:: response.ReasonPhrase" + response.ReasonPhrase.ToString());
log.Info("GetQueryResults:: response" + response.ToString());
log.Info("GetQueryResults:: response.IsSuccessStatusCode" + response.IsSuccessStatusCode.ToString());
string workItemList = null;
if (response.IsSuccessStatusCode)
{
//do something
}
}
}
return null;
}
The error I received is:
2020-03-20 16:17:35,382 INFO GetQueryResults:: response.ReasonPhrase Unauthorized
2020-03-20 16:17:35,382 INFO GetQueryResults:: responseStatus Code: 401, ReasonPhrase: 'Unauthorized', Version: 1.1, Content: System.Net.Http.StreamContent, Headers:
{
X-TFS-ProcessId: 115b5bba-0bf4-45e2-a3b2-2913ccc93f09
ActivityId: bb21d947-99a3-44dc-bdb7-317d7af34934
X-TFS-Session: bb21d947-99a3-44dc-bdb7-317d7af34934
X-VSS-E2EID: bb21d947-99a3-44dc-bdb7-317d7af34934
X-FRAME-OPTIONS: SAMEORIGIN
X-TFS-SoapException: %3c%3fxml+version%3d%221.0%22+encoding%3d%22utf-8%22%3f%3e%3csoap%3aEnvelope+xmlns%3asoap%3d%22http%3a%2f%2fwww.w3.org%2f2003%2f05%2fsoap-envelope%22%3e%3csoap%3aBody%3e%3csoap%3aFault%3e%3csoap%3aCode%3e%3csoap%3aValue%3esoap%3aReceiver%3c%2fsoap%3aValue%3e%3csoap%3aSubcode%3e%3csoap%3aValue%3eUnauthorizedRequestException%3c%2fsoap%3aValue%3e%3c%2fsoap%3aSubcode%3e%3c%2fsoap%3aCode%3e%3csoap%3aReason%3e%3csoap%3aText+xml%3alang%3d%22en%22%3eTF400813%3a+The+user+%27CWOPA%5cSTCTCAPD006%24%27+is+not+authorized+to+access+this+resource.%3c%2fsoap%3aText%3e%3c%2fsoap%3aReason%3e%3c%2fsoap%3aFault%3e%3c%2fsoap%3aBody%3e%3c%2fsoap%3aEnvelope%3e
X-TFS-ServiceError: TF400813%3a+The+user+%27CWOPA%5cSTCTCAPD006%24%27+is+not+authorized+to+access+this+resource.
Server: Microsoft-IIS/8.5
WWW-Authenticate: Bearer
WWW-Authenticate: Negotiate
WWW-Authenticate: NTLM
X-Powered-By: ASP.NET
P3P: CP="CAO DSP COR ADMa DEV CONo TELo CUR PSA PSD TAI IVDo OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR LOC CNT"
Lfs-Authenticate: NTLM
X-Content-Type-Options: nosniff
Date: Fri, 20 Mar 2020 20:17:35 GMT
Content-Length: 82
Content-Type: text/plain; charset=utf-8
}
2020-03-20 16:17:35,382 INFO GetQueryResults:: response.IsSuccessStatusCode False
It looks like you are doing authentication in two different ways at once:
In the GetTfsCredentials-Method you set up Windows Authentication (NTLM or Kerberos)
By adding client.DefaultRequestHeaders.Authorization your try to set up Basic Authentication
Your TFS indicates (see WWW-Authenticate Header) that it supports Bearer, Negotiate and NTLM; but not Basic.
I would try:
Remove client.DefaultRequestHeaders.Authorization, credentials and credentials2. This should remove Basic-Authentication
Remove UseDefaultCredentials = true since you set explicit credentials the next line. UseDefaultCredentials tells HttpClientHandler to access TFS with the credentials of the running process, which is probably your account when executing locally and a service account when executing on the server.
Whithout this line, the specified NetworkCredential should be used to access TFS.
I have simple app that is trying to do a http web request to a server that requires SAML authentication. Authenticated users will get a http response header with a special token, which is what I need to ultimately get.
My app is .net based and does a pretty simple http web request. It does the request then parses the response header. I later traverse the header for the specific token I need:
...
try
{
WindowsIdentity identity = HttpContext.User.Identity as WindowsIdentity;
HttpWebRequest req = (HttpWebRequest)WebRequest.Create(url);
req.UseDefaultCredentials = true;
req.AllowAutoRedirect = true;
req.Timeout = 30000;
HttpWebResponse response = (HttpWebResponse)req.GetResponse();
if (response == null)
{
throw new Exception("No HTTP Response");
}
StringBuilder sb = new StringBuilder();
Byte[] buffer = new byte[8192];
Stream rStream = response.GetResponseStream();
int count = 1;
do
{
count = rStream.Read(buffer, 0, buffer.Length);
if (count != 0)
{
sb.Append(Encoding.UTF8.GetString(buffer, 0, count));
}
} while (count > 0);
...
The problem is that the server I'm requesting requires SAML authentication. It redirects to an ADFS server upon request. My app server currently uses kerberos authentication but I can enable it to do SAML as well. Both servers use the same IdP (ADFS) and are in the same enterprise.
My question is - since my app can also do SAML on the same IdP, is there anyway I could get the necessary claims to connect directly into the destination server?
I am trying to upload a file into OneDrive using its REST API. This is what I am trying to accomplish based on documentation available at OneDrive Rest API:
POST https://apis.live.net/v5.0/me/skydrive/files?access_token=ACCESS_TOKEN
Content-Type: multipart/form-data; boundary=A300x
--A300x
Content-Disposition: form-data; name="file"; filename="HelloWorld.txt"
Content-Type: application/octet-stream
Hello, World!
--A300x--
This is what I have:
Uri destination = new Uri(string.Format("https://apis.live.net/v5.0/{0}/files?", folder.ID));
BackgroundUploader uploader = new BackgroundUploader ();
uploader.SetRequestHeader("Authorization", "Bearer " + account.AccessToken);
uploader.SetRequestHeader("Content-Type", "multipart/form-data; boundary=\"foo_bar_baz\"");
List<BackgroundTransferContentPart> parts = new List<BackgroundTransferContentPart>();
BackgroundTransferContentPart metaDataPart = new BackgroundTransferContentPart();
metaDataPart.SetHeader("Content-Disposition", "form-data; name=\"file\";filename=\""+content.Name+"\"");
parts.Add(metaDataPart);
BackgroundTransferContentPart contentPart = new BackgroundTransferContentPart();
contentPart.SetHeader("Content-Type", content.ContentType);
// content is a StorageFile
contentPart.SetFile(content);
response.UploadOperation = await uploader.CreateUploadAsync(destination, parts, "form-data", "foo_bar_baz");
This line below causes an Access violation error and the Windows Store app crashes:
response.UploadOperation = await uploader.CreateUploadAsync(destination, parts, "form-data", "foo_bar_baz");
You are creating two BackgroundTransferContentPart and only adding the fist to your 'List'.
I think you only need one, something like this:
List<BackgroundTransferContentPart> parts = new List<BackgroundTransferContentPart>();
BackgroundTransferContentPart metaDataPart = new BackgroundTransferContentPart();
metaDataPart.SetHeader("Content-Disposition",
"form-data; name=\"file\";filename=\"" + content.Name + "\"");
metaDataPart.SetHeader("Content-Type", content.ContentType);
metaDataPart.SetFile(content);
parts.Add(metaDataPart);
UPDATE: Ok, the above code fixed the Access Violation issue. Why you are getting a 400 error is a mystery.
But another way to upload a file to OneDrive is using the PUT method:
Uri putUri = new Uri(string.Format("https://apis.live.net/v5.0/{0}/files/{1}",
"folder.a4fb14adbccd1917.A4FB14ADBCCD1917!32089",
content.Name));
BackgroundUploader uploader = new BackgroundUploader();
uploader.SetRequestHeader("Authorization", "Bearer " + accessToken);
uploader.Method = "PUT";
UploadOperation putOperation = uploader.CreateUpload(putUri, content);
await putOperation.StartAsync();
Have you tried PUT?
I have a hard time using lua socket generic POST. I'm trying to POST to a web along with a body. But the body output i got is 1. Here's my code
local http = require "socket.http"
local ltn12 = require "ltn12"
local util = require "util"
local reqbody = "anid=&protocol=1&guid=dfe49e55b63f2cf93eb9aabe44b6d9dc5286bbbedfcbf1c75b95f7a4f7439029&d_type=phone&os_version=6.1&ate=1&asid=079ABF64-A23A-4E3B-9000-19A4A608CCBE&affiliate=&modin=7c78d075f379db2f40c9f68df857cb87&os=ios&d_id=107b2734fdb7898251f62d229168484a9d14f7fb654d02d957b30c9f22bb094c&d_code=1E5D02FF-63F3-43A0-A2BF-80E63E00F76C&pn_device_id=&name_hint=iPhone%20Simulator&d_sig=dfe49e55b63f2cf93eb9aabe44b6d9dc5286bbbedfcbf1c75b95f7a4f7439029&hdid=62624a01f8715f2b838224a4a285746d&tracker=&appid=536381662&odin=1da61c680b672c4e114df45cd5f8f0aa9b088338&model=iPhone%20Simulator&ver=15&campaign=&imei=&store_type=apple&"
local respbody = {}
local body, code, headers, status = http.request {
method = "POST",
url = "https://freshdeck.idle-gaming.com/api/guest_session/",
source = ltn12.source.string(reqbody),
headers =
{
["Accept"] = "*/*",
["Accept-Encoding"] = "gzip, deflate",
["Accept-Language"] = "en-us",
["Content-Type"] = "application/x-www-form-urlencoded",
["content-length"] = string.len(reqbody)
},
sink = ltn12.sink.table(respbody)
}
LOGINFO('body:' .. tostring(body))
LOGINFO('code:' .. tostring(code))
LOGINFO('headers:' .. util.tableToString(headers))
LOGINFO('status:' .. tostring(status))
and below is the output
body:1
code:200
headers: "set-cookie": "config_version=887; expires=Sat, 29-Jun-2013 19:07:09 GMT; Max-Age=86400; Path=/"
"date": "Fri, 28 Jun 2013 19:07:09 GMT"
"ed-config-version": "887"
"content-encoding": "gzip"
"cache-control": "private, no-cache, no-store, must-revalidate"
"connection": "Close"
"vary": "Cookie"
"content-length": "52"
"pragma": "no-cache"
"content-type": "application/json; charset=utf-8"
"server": "nginx/1.2.7"
status:HTTP/1.1 200 OK
I don't know why the body returns 1, any ideas?
Thank you in advance for your help.
http.request has two forms, The simple form downloads a URL using the GET or POST method and is based on strings.
http.request(url [, body])
The generic form performs any HTTP method and is LTN12 based.
http.request{
url = string,
[sink = LTN12 sink,]
[method = string,]
[headers = header-table,]
[source = LTN12 source],
[step = LTN12 pump step,]
[proxy = string,]
[redirect = boolean,]
[create = function]
}
You are using the generic form, and according to the document, the first return value is supposed to be 1.
In case of failure, the function returns nil followed by an error message. If successful, the simple form returns the response body as a string, followed by the response status code, the response headers and the response status line. The generic function returns the same information, except the first return value is just the number 1 (the body goes to the sink).
For our website, we do a lot of automated tests. So, recently I've just written a method using Facebook Graph API that create a wall post on feed. This method works when I test it live using real facebook accounts. However, when I use facebook test users (with permission set to "publish_stream"), then I get 403 forbidden.
Are "test users" not allowed to make wall post? or is there something that I am not doing right?
This is my test code written in groovy
void testPostMessageOnWall() {
def appAccessToken = facebookService.getAppAccessToken()
assertNotNull appAccessToken
def testUser1 = facebookService.createTestAccount("Ryoko UserOne", appAccessToken)
assertNotNull testUser1
def testUser2 = facebookService.createTestAccount("Ryoko UserTwo", appAccessToken)
assertNotNull testUser2
def response = facebookService.connectTwoTestAccount(testUser1.id, testUser1.access_token, testUser2.id, testUser2.access_token)
assertTrue response
println testUser1
println testUser2
def postResponse = facebookService.postMessageOnWall([accessToken:testUser1.access_token,
from:testUser1.id,
to:testUser2.id,
message:"Join ryoko.it. It's nice there!",
link:"http://ryoko.it",
name:"name of website",
caption:"ryoko.it",
description:"description",
picture:"http://ryoko.it/images/ryoko.png"
])
println postResponse
assertNotNull postResponse
facebookService.deleteTestAccount(testUser1.id, testUser1.access_token)
facebookService.deleteTestAccount(testUser2.id, testUser2.access_token)
}
This test makes two test users/accounts and make them friends of each other, then testUser1 post something in testUser2's wall. It fails in line: assertNotNull postResponse.
This is the header of the response:
Date: Thu, 01 Sep 2011 18:39:10 GMT
WWW-Authenticate: OAuth "Facebook Platform" "insufficient_scope" "(#200) The user hasn't authorized the application to perform this action"
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
X-Cnection: close
X-FB-Rev: 433230
Content-Length: 146
Pragma: no-cache
X-FB-Server: 10.64.212.43
Content-Type: text/javascript; charset=UTF-8
Cache-Control: no-store
Expires: Sat, 01 Jan 2000 00:00:00 GMT
data:
{
"error": {
"type": "OAuthException",
"message": "(#200) The user hasn't authorized the application to perform this action"
}
}
The user is created as such:
def createTestAccount(fullname, appAccessToken) {
def accessToken = appAccessToken
def urlString = "${GRAPH_API_URL}/${APP_ID}/accounts/test-users?installed=true"
def encodedFullname = URLEncoder.encode(fullname, "UTF-8")
urlString += "&name=${encodedFullname}"
urlString += "&permission=create_note,email,offline_access,photo_upload,publish_stream,read_friendlists,share_item,status_update,video_upload"
urlString += "&method=post"
urlString += "&access_token=${accessToken}"
def url = new URL(urlString)
def connection = url.openConnection()
def userDetails
if (connection.responseCode == 200) {
userDetails = JSON.parse(connection.content.text)
}
else {
println "[FACEBOOK]\tResponse code ${connection.responseCode}: ${connection.responseMessage} [${urlString}]"
}
userDetails
}
and the post message goes like this:
def postMessageOnWall(params) {
assert params.accessToken
assert params.from
assert params.to
def content = "access_token=${postEncode(params.accessToken)}"
if (params.message) content += "&message=${postEncode(params.message)}"
if (params.link) content += "&link=${postEncode(params.link)}"
if (params.name) content += "&name=${postEncode(params.name)}"
if (params.caption) content += "&caption=${postEncode(params.caption)}"
if (params.description) content += "&description=${postEncode(params.description)}"
if (params.picture) content += "&picture=${postEncode(params.picture)}"
if (params.from) content += "&from=${postEncode(params.from)}"
if (params.to) content += "&to=${postEncode(params.to)}"
def urlString = "${GRAPH_API_URL}/${params.to}/feed"
def url = new URL(urlString)
def connection = url.openConnection()
connection.doOutput = true
connection.setRequestMethod("POST")
connection.setRequestProperty("Content-Type", "application/x-www-form-urlencoded")
connection.setRequestProperty("Content-Length", "${content.size()}")
println content
def writer = new OutputStreamWriter(connection.outputStream)
writer.write(content)
writer.flush()
writer.close()
connection.connect()
def response
if (connection.responseCode == 200) {
response = JSON.parse(connection.content.text)
}
else {
println "[FACEBOOK]\tResponse code ${connection.responseCode}: ${connection.responseMessage} [${urlString}]"
}
println "response: ${response}"
response
}
Even though it works using real facebook accounts (by filling in the id and access token manually), this still bothers me. I'm genuinely curious about you think the problem might be.
In your createTestAccount(), the query parameter 'permission' should be 'permissions' (in plural form).