I want to model the following HTTP Request in openAPI3:
POST /users HTTP/1.1
Host: 10.65.1.70:3000
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:70.0) Gecko/20100101 Firefox/70.0
Accept: */*
Accept-Language: de-AT,en-US;q=0.7,en;q=0.3
Accept-Encoding: gzip, deflate
Referer: http://10.65.1.70/sites/config-sites/user-config.html
Content-Type: application/json
Authorization: Bearer ...
Origin: http://10.65.1.70
Content-Length: 42
Connection: keep-alive
DNT: 1
{"name":"openAPITest","password":"noPassHere"}
I currently have this:
/users/:
post:
summary: adds user
parameters:
- name: name
required: true
in: header
schema:
type: string
- name: password
required: true
in: header
schema:
type: string
responses:
"201":
description: OK
"400":
description: Wrong Format
What I'm missing is a way to correctly pass the login information.
Here's how I did it in the end:
paths:
/login:
post:
summary: login credentials
requestBody:
required: true
content:
application/json:
schema:
type: string
example:
{"name":"openAPITest","password":"noPassHere"}
Note that openAPI automatically escapes the " " in the provided json
Related
I have added a custom login handler for Github:
const handleLoginGithub = (
params: LoginGithubParams,
errorCallback?: ErrCallbackType
) => {
axios
.get(authConfig.loginGithubEndpoint, { params })
.then(async (res) => {
/*window.localStorage.setItem(
authConfig.storageTokenKeyName,
res.data.accessToken
)*/
const returnUrl = router.query.returnUrl
setUser({ ...res.data })
await window.localStorage.setItem('userData', JSON.stringify(res.data))
//router.replace('/home')
})
.catch((err) => {
if (errorCallback) errorCallback(err)
})
}
There is no redirect from localhost to 127.0.0.1, but it will happen, do you know why?
This is the HTTP message that gos to our backend:
GENERAL:
Request URL: http://localhost:3000/api2/gh-auth-complete?code=f87f5157cbf035a73a50
Request Method: GET
Status Code: 200 OK
Remote Address: [::1]:3000
Referrer Policy: strict-origin-when-cross-origin
RESPONSE HEADER:
connection: close
content-length: 681
content-type: application/json; charset=utf-8
date: Sun, 09 Oct 2022 22:18:31 GMT
set-cookie: vapor-session=ReDSKZniIFtUqq0kThCkLbBe7vBoCpzpCUWqooA6xYQ=; Max-Age=31536000; Path=/; Secure; SameSite=Lax
Vary: Accept-Encoding
REQUEST HEADER:
Accept: application/json, text/plain, */*
Accept-Encoding: gzip, deflate, br
Accept-Language: en-GB,en-US;q=0.9,en;q=0.8
Connection: keep-alive
Host: localhost:3000
Referer: http://127.0.0.1:3000/
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "macOS"
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
The reason why I am asking is, that in dev environment cookie will not be stored if it happens.
I'm trying to scrape some data from a PowerBI dashboard but for some reason I'm not able to replicate an XHR request successfully. Here are the details of the original request taken from Chrome web inspector:
Request
Request URL: https://wabi-west-europe-api.analysis.windows.net/public/reports/querydata?synchronous=true
Request Method: POST
Status Code: 200 OK
Remote Address: 51.144.73.151:443
Referrer Policy: no-referrer-when-downgrade
Headers
Accept: application/json, text/plain, */*
Accept-Encoding: gzip, deflate, br
Accept-Language: it-IT,it;q=0.9,en-US;q=0.8,en;q=0.7,ar;q=0.6,fr;q=0.5,sl;q=0.4
ActivityId: b3b20ea3-8f93-1848-b4be-ebf1a5c0952f
Connection: keep-alive
Content-Length: 1176
Content-Type: application/json;charset=UTF-8
Host: wabi-west-europe-api.analysis.windows.net
Origin: https://app.powerbi.com
Referer: https://app.powerbi.com/view?r=eyJrIjoiM2MxY2RkMTQtOTA3Mi00MDIxLWE1NDktZjlmYTdlNDg0MTdkIiwidCI6IjhkZDFlNmI0LThkYWMtNDA4ZS04ZDhkLTY3NTNlOTgwMDUzMCIsImMiOjl9
RequestId: 70c90610-a020-7191-a0fe-91b74d0407b9
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.116 Safari/537.36
X-PowerBI-ResourceKey: 3c1cdd14-9072-4021-a549-f9fa7e48417d
Request body
{"version":"1.0.0","queries":[{"Query":{"Commands":[{"SemanticQueryDataShapeCommand":{"Query":{"Version":2,"From":[{"Name":"q","Entity":"LastRefresh","Type":0}],"Select":[{"Aggregation":{"Expression":{"Column":{"Expression":{"SourceRef":{"Source":"q"}},"Property":"Date Last Refreshed"}},"Function":3},"Name":"Min(Query1.Date Last Refreshed)"}]},"Binding":{"Primary":{"Groupings":[{"Projections":[0]}]},"DataReduction":{"DataVolume":3,"Primary":{"Top":{}}},"Version":1}}}]},"CacheKey":"{\"Commands\":[{\"SemanticQueryDataShapeCommand\":{\"Query\":{\"Version\":2,\"From\":[{\"Name\":\"q\",\"Entity\":\"LastRefresh\",\"Type\":0}],\"Select\":[{\"Aggregation\":{\"Expression\":{\"Column\":{\"Expression\":{\"SourceRef\":{\"Source\":\"q\"}},\"Property\":\"Date Last Refreshed\"}},\"Function\":3},\"Name\":\"Min(Query1.Date Last Refreshed)\"}]},\"Binding\":{\"Primary\":{\"Groupings\":[{\"Projections\":[0]}]},\"DataReduction\":{\"DataVolume\":3,\"Primary\":{\"Top\":{}}},\"Version\":1}}}]}","QueryId":"","ApplicationContext":{"DatasetId":"ec162a68-e319-4018-8364-d2a74d3ed429","Sources":[{"ReportId":"8ef2e9f7-0417-4e8f-bd02-f7a3ee0fedd2"}]}}],"cancelQueries":[],"modelId":3563760}
For my simulated request I use:
httr::POST("https://wabi-west-europe-api.analysis.windows.net/public/reports/querydata?synchronous=true", content_type_json(), add_headers(.headers = heads), body = payload) %>% content()
to perform the request. As headers I only used: 'X-PowerBI-ResourceKey', 'RequestId', 'ActivityId', 'Referer'. Payload is the json copied from the Request body. I get this response:
$error
$error$code
[1] "BadRequest"
$error$message
[1] "Bad Request"
$error$details
$error$details[[1]]
$error$details[[1]]$message
[1] "After parsing a value an unexpected character was encountered: C. Path 'queries[0].CacheKey', line 1, position 488."
$error$details[[1]]$target
[1] "request.queries[0].CacheKey"
$error$details[[2]]
$error$details[[2]]$message
[1] "'request' is a required parameter"
$error$details[[2]]$target
[1] "request"
I can't understand what I'm doing wrong.
UDPATE:
solved with a change of approach in Correct way to get response body of XHR requests generated by a page with RStudio Chromote
Here is my AJAX function:
function ajax(url, data) {
return new Promise((resolve, reject) => {
$.ajax({
url: "https://xxx",
data: data,
method: 'POST',
timeout: 50000,
cache: true,
ifModified: true,
crossDomain: true,
success: (data, textStatus, jqXHR) => {
if (data == '#fail#') reject(data);
else {resolve(data);}
},
error: (jqXHR, textStatus, errorThrown) => {
reject(errorThrown);
}
});
});
}
As observed in Chrome -> Network(F12), this is the response header from the server:
HTTP/1.1 200 OK
X-Powered-By: Express
Access-Control-Allow-Origin: *
Content-Type: text/html; charset=utf-8
Content-Length: 3
ETag: W/"3-R7zlx09Yn0hn29V+nKn4CA"
Date: Fri, 06 Apr 2018 11:39:41 GMT
Connection: keep-alive
The request header is always identical, even in subsequent calls:
POST /register HTTP/1.1
Host: xxx:60001
Connection: keep-alive
Content-Length: 0
Accept: */*
Origin: http://localhost:8000
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.181 Safari/537.36
Referer: http://localhost:8000/index.html
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Shouldn't Chrome, upon receiving an ETag header, cache the resource and set the 'If-None-Match' header on subsequent calls to the same URL? Shouldn't I obtain a status code of 304 instead of 200 as the returned content is the same?
The calls to the resources in other servers such as the Google Map server do return 304 sometimes though.
This confirms that caching is generally limited to GET request methods only:
However, common HTTP caches are typically limited to caching responses to GET and may decline other methods. The primary cache key consists of the request method and target URI (oftentimes only the URI is used as only GET requests are caching targets)
This is also confirmed in a post in StackOverflow here.
I have an asp.net web forms app where I'm trying to call ValidateRegistration1 method fro web api controller. It's doing fine in Firefox and Chrome but the object is null when I use IE. Content type and others seem almost the same. I couldn't find the problem.
Firefox POST in fiddler:
{Method: POST, RequestUri: 'http://localhost:5555/api/accounts/registervalidate1', Version: 1.1, Content: System.Web.Http.WebHost.HttpControllerHandler+LazyStreamContent, Headers:
{
Cache-Control: no-cache
Connection: keep-alive
Pragma: no-cache
Accept: */*
Accept-Encoding: gzip
Accept-Encoding: deflate
Accept-Language: en-US
Accept-Language: en; q=0.5
Cookie: __AntiXsrfToken=0871e412cceb47faa968c5563d19f8e1; ASP.NET_SessionId=glwlyn2mdihne0ev4uhc5fnv
Host: localhost:5555
Referer: http://localhost:5555/
User-Agent: Mozilla/5.0
User-Agent: (Windows NT 6.3; WOW64; rv:25.0)
User-Agent: Gecko/20100101
User-Agent: Firefox/25.0
X-Requested-With: XMLHttpRequest
Content-Length: 207
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
}}
IE POST in fiddler:
{Method: POST, RequestUri: 'http://localhost:5555/api/accounts/registervalidate1', Version: 1.1, Content: System.Web.Http.WebHost.HttpControllerHandler+LazyStreamContent, Headers:
{
Connection: Keep-Alive
Pragma: no-cache
Accept: */*
Accept-Encoding: gzip
Accept-Encoding: deflate
Accept-Language: en-US
Accept-Language: en; q=0.7
Accept-Language: tr; q=0.3
Cookie: __AntiXsrfToken=4772bed0c8e243f4a7893794ed176f47
Host: localhost:5555
Referer: http://localhost:5555/
User-Agent: Mozilla/5.0
User-Agent: (Windows NT 6.3; WOW64; Trident/7.0; rv:11.0)
User-Agent: like
User-Agent: Gecko
X-Requested-With: XMLHttpRequest
Content-Length: 0
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
}}
web api method
[Route("registervalidate1")]
//[ResponseType(typeof(Account))]
[HttpPost]
public HttpResponseMessage ValidateRegistrationStep1(HttpRequestMessage request,
[FromBody]AccountRegisterModel a)
{
HttpResponseMessage response = null;
List<string> errors = new List<string>();
bool isEmailFree = _accountService.EmailInUse(a.LoginEmail);
if (isEmailFree)
errors.Add("jj.");
if (errors.Count == 0)
response = request.CreateResponse(HttpStatusCode.OK);
else
response = request.CreateResponse<string[]>(HttpStatusCode.BadRequest, errors.ToArray());
return response;
}
I just ran into the same issue. The fix for me was to manually add the content type of "application/json" (contentType: 'application/json') to my jQuery ajax call. I'm sure you've found a solution to this by now but I'm posting this for others out there with the same problem.
I am using the following blob of jQuery to issue requests to a WCF Ajax enabled webservice
The site itself is hosted at localhost:80 and the WCF services at localhost:8080
$.ajax({
type: "POST",
url: String.format(Service, Method),
contentType: "application/json; charset=utf-8",
data: JSON.stringify(Data),
timeout: 6000,
dataType: "json",
success: function (e) { OnSuccess(e); },
error: function (e) { OnFailed(e); }
});
This works fine in IE but when I attempt to run this code in Chrome or Firefox (even after the user has been authenticated) I receive the error HTTP/1.1 401 Unauthorized. After running fiddler its clear why, as chrome is not sending the Cookie .ASPXFORMSAUTH that I have configured for forms authentication.
Specifically this is what the IE request looks like
POST /SchedulerService.svc/GetAllEventsByCurrentUser HTTP/1.1
Accept: application/json, text/javascript, */*; q=0.01
Content-Type: application/json; charset=utf-8
Referer: http://localhost/Calendar/Calendar.aspx
Accept-Language: en-AU
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; WOW64; Trident/6.0)
Connection: Keep-Alive
Content-Length: 0
DNT: 1
Host: localhost:8080
Pragma: no-cache
Cookie: ASP.NET_SessionId=dmz5jv3oxa0llsph0thh1443; .ASPXFORMSAUTH=5EA7CB8124C5077933A639062999A89D35D440C6AD1A038C83A42D34694C20886506721D3CCD899BDA7B705CEF3B3024368AD6AE4523DEBDC5891E8DDD478206A3C2EF852345F70812F01D30F8F1041C2113EA2836CC5353FEAF81FC3EBF4DB6921D6DB270DE5C4102321DDD4D3923082B890995195990088749A1815B6A0BE5
VS CHROME
POST /SchedulerService.svc/GetAllEventsByCurrentUser HTTP/1.1
Host: localhost:8080
Connection: keep-alive
Content-Length: 0
Accept: application/json, text/javascript, */*; q=0.01
Origin: http://localhost
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/27.0.1453.94 Safari/537.36
Content-Type: application/json; charset=utf-8
Referer: http://localhost/Calendar/Calendar.aspx
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-AU,en;q=0.8,en-US;q=0.6,en-GB;q=0.4
Could anyone provide any guidance on what might be going wrong? I realize I may need to provide more information but not sure what else is relevant.
EDIT: Well after trying many, many different ideas it seems to me that all my problems likely stem from a drastic difference in implementation of the same origin policy between IE, Chrome and Firefox. Will update when I have more...
As your asp.net and wcf applications seem to be hosted on different ports (80 and 8080), you may give a try to beforeSend to send credentials :
$.ajax({
type: "POST",
url: String.format(Service, Method),
contentType: "application/json; charset=utf-8",
data: JSON.stringify(Data),
timeout: 6000,
dataType: "json",
success: function (e) { OnSuccess(e); },
error: function (e) { OnFailed(e); },
beforeSend: function(xhr){
xhr.withCredentials = true;
}
});
see https://stackoverflow.com/a/2054370/1236044