I am trying to make a reques to API Gateway with the AWS SDK for .NET but I have no idea how to do that. The documentation is very lacking and there are no examples posted online of it.
This is as far as I've gotten so far:
const String awsAccessKeyId = "43789hf872hy832h"; // Get access key from a secure store
const String awsSecretAccessKey = "4738fbdhskjfy932hjk"; // Get secret key from a secure store
var client = new AmazonAPIGatewayClient(awsAccessKeyId, awsSecretAccessKey,RegionEndpoint.USEast1);
But I don't know how to make a get request to one of my APIs.
Does anyone have any experience dealing with this?
The AmazonApiGatewayClient isn't meant for invoking your API's, but rather a client for managing your ApiGateway resources. If you would like to invoke your endpoints, you should be using an HTTP client for this.
Here is one you can use from within C#, but you can also use your browser, or a tool like Postman or Fiddler.
Related
I'm currently expanding the logging part of my ASP.NET Web API application but I'm having trouble identifying what encryption scheme is being used. As this logging is done through a DelegatingHandler I only have access to the HttpRequestMessage and HttpResponseMessage given to me through the middleware chain.
How do I Identify the https encryption type (SSL 3.0, TLS 1.0, TLS 1.3 etc..) used in a ASP.NET Web API DelegatingHandler?
I'm not sure if you're asking about whether the request is https or just http. If that's what you're looking for you just need httpRequestMessage.RequestUri.Scheme.
However it sounds like you're looking for more information about the certificate itself. Information about the SSL certificate isn't really a property of the individual request and can't be accessed from HttpRequestMessage or HttpResponseMessage as far as I'm aware. It's more a property of the application and machine configuration.
If you wanted to get information about the SSL certificate you could do something like this:
var store = new X509Store(StoreLocation.LocalMachine);
var certificateCollection = store.Certificates.Find(X509FindType.FindByThumbprint, "thumbprint", true);
var certificate = certificateCollection[0];
var version = certificate.Version;
var signatureAlgorithm = certificate.SignatureAlgorithm;
Obviously that's just one way to do it and there's more error handling you would want to do. The general idea is you probably have access to the certificate thumbprint used by the application through the app.config. If you use that you can look up the certificate information from X509Store as I did above. Then you'll have access to all kinds of properties.
Hope that helps!
I have a Spring Boot application, that is using Spring Security with OAuth 2.0. Currently, it is operating against an Authentication Server based on Spring Example code. However, running our own Auth Server has always been a short-term target to facilitate development, not a long-term goal. We have been using the authorization_code grant type and would like to continue using that, irrespective of the Auth Server implementation.
I am attempting to make changes to use OAuth 2.0 Endpoints in Azure Active Directory, to behave as our Authentication Server. So far, I have a successful call to the /authorize endpoint. But the call to get the /token fails with an invalid request error. I can see the requests going out.
It appears that parameters that Azure states as mandatory are not being populated in the POST request. Looking at the Azure doco, it expects the client_id to be defined in the body of the message posted to the endpoint, and that is not added, by default, by Spring.
Can anyone point me in the right direction for how I can add fields to the Form Map that is used when constructing the Access Token request? I can see where the AccessTokenRequest object is being setup in OAuth2ClientConfiguration....
#Bean
#Scope(value = "request", proxyMode = ScopedProxyMode.INTERFACES)
protected AccessTokenRequest accessTokenRequest(#Value("#{request.parameterMap}")
Map<String, String[]> parameters, #Value("#{request.getAttribute('currentUri')}")
String currentUri) {
DefaultAccessTokenRequest request = new DefaultAccessTokenRequest(parameters);
request.setCurrentUri(currentUri);
return request;
}
Should I be trying to define the map in a request.parameterMap spring property? If so, I'm not too sure how that works.
Or should I be using one of the interfaces defined in the AuthorizationServerConfigurerAdapter class?
I have the information to include when sending the AccessTokenRequest, I just don't know the best way to configure Spring to include it? Thanks for any help.
Actually, I found this out. I needed to change the client authentication scheme. Simply adding the following to my application properties added the client_id to the form....
security.oauth2.client.clientAuthenticationScheme=form
If you're using yaml, then yaml-ize it. Thank you Spring!
I have been searching for quite sometime on this topic without finding the silver bullet. We have an intranet solution in ASP.NET where we simply want to show some files from our Sharepoint Online in Office 365.
There are a number of hits when you search for it on Google but nothing seems to be the "simple" way to go. I'm not a Sharepoint developer, but have a good understanding of the concepts as I manage our company's Office 365 and Sharepoint Online installations.
I have found current answers that tell me that REST services is the way to go, but here I need an OATH token to access them, and this is where my Sharepoint knowledge is limited. From what I have read the token can only be granted through an installed Sharepoint App, but I know for a fact that it can be done without it too.
I have purchased a synchronization tool that syncs our file share with a Sharepoint Document List and for this I don't need any tokens, I just type in my credentials and I don't have to install anything in Sharepoint.
So what am I seeking to get from this question?
Someone who knows Sharepoint well to steer me in the right direction and who maybe has a guide and knows that that method works. Maybe REST is the right way to go, but it just seems odd that my Sync software can do it without then.
If I do need to install a token granter in Sharepoint a little assistance in what to be aware of securitywise and how to approach it the best way.
Any help is greatly appreciated and thanks in advance! :)
Microsoft has two set of APIs that can access SharePoint Online:
SharePoint Client Object Model (CSOM):
With this one you can just use username and password to do authentication. follow the link you can find examples of how to access document list.
SharePoint REST API:
With this you need to use an OAuth token to do the authentication.
For you case, you should use the first one.
SharePoint Online also supports Claims-Based authentication mode. The general idea here is to obtain authentication cookies (apart from OAuth authentication flow where access token is issued) from the user credentials. Once the authentication cookie is obtained, you could perform authenticated SOAP (for example via CSOM API) or REST requests against SharePoint Online resources as demonstrated below.
Since you are developing ASP.NET web application,
SharePointOnlineCredentials class from SharePoint Online Client
Components SDK could be utilized which basically implements
claims-based authentication scheme. It could be installed via nuget
Example 1: request list items via CSOM API
using (var ctx = GetContext(webUri.ToString(), userName, password))
{
var list = ctx.Web.Lists.GetByTitle("Documents");
var items = list.GetItems(CamlQuery.CreateAllItemsQuery());
ctx.Load(items);
ctx.ExecuteQuery();
foreach (var item in items)
{
Console.WriteLine(item.FieldValues["FileRef"]);
}
}
where
private static ClientContext GetContext(string url,string username, string password)
{
var ctx = new ClientContext(url);
var securePassword = new SecureString();
foreach (char c in password) securePassword.AppendChar(c);
ctx.Credentials = new SharePointOnlineCredentials(username, securePassword);
return ctx;
}
Example 2: request list items via REST API
using (var client = new SPHttpClient(webUri, userName, password))
{
var listTitle = "Tasks";
var endpointUrl = string.Format("{0}/_api/web/lists/getbytitle('{1}')/items",webUri,listTitle);
var data = client.ExecuteJson(endpointUrl);
foreach (var item in data["value"])
{
Console.WriteLine(item["Title"]);
}
}
where
SPHttpClient.cs - implements HTTP client for SharePoint Online (SPHttpClient class)
SPHttpClientHandler.cs - implements HTTP handler for SharePoint Online
We have an existing user licensing server that is running via PHP. It allows for creation of users, checking if the provided username and password is valid, and updating a user.
We are creating a new ASP.Net website and want it to use this existing user PHP scripts/database to restrict access to portions of the ASP.Net website. Also there are web services that use the same login and password via basic authentication that we need to access as well from the ASP.Net server.
I am looking for a way for .Net to use the remote PHP scripts to validate login. And I need a way for the users login id and password to be available so I can use them to communicate with those existing web services from the ASP.Net server on their behalf.
Does anyone know how to go about getting this sort of thing done. Or any good tutorials or blogs?
Thanks!
It's possible to run PHP and ASP.NET on the same server, and even in the same web application. You can also create .NET code that runs before and/or after each PHP request (with an HttpModule).
PHP under IIS just has a separate HttpHandler that invokes the cgi-bin process.
If you want to call a PHP page from an ASP.NET page, one approach is to use Server.Execute() -- although web services would certainly be cleaner from an architectural perspective.
Beyond that, for the actual authentication/authorization part of your question, the approach depends on the specifics of your implementation. You can certainly do things like share cookies between PHP and .aspx.
unfortunatly they are different languages and php scripts cannot be used in an asp.net site. You would have to recreate your classes(scripts) but what you can do is use your existing database if its in mysql or any other. That's the best you would be able to do as far as I know.
If those PHP web services respect some industry standard such as SOAP for example, you can simply consume them by generating strongly typed client proxies. If not, well, then you still have the good old WebClient which allows you to send HTTP requests and read responses. It's as simple as:
using (var client = new WebClient())
{
var values = new NameValueCollection
{
{ "username", "john" },
{ "pwd", "secret" },
};
var result = client.UploadValues("http://foo.com/login.php", values);
// TODO: do something with the result returned by the PHP script
}
Have you tried using stored procedures instead of PHP scripts? That way you don't have to write multiple instances of the same code and it can be used in .NET and PHP.
I am new to web services. The last time I dealt with SOAP was when I created a bunch of wrapper classes that sent requests and received responses back per some response objects/classes I had created. So I had an object to send certain API requests and likewise a set of objects to hold the response back as an object so I could utilize that 3rd party API.
Then someone came to me and said why not just use the wsdl and a web service. Ok, so today I went and created a "Service Reference". I see that this is what's called a "Proxy Class". You just instantiate an instance of this and then walla you have access to all the methods from the wsdl.
But this leaves me with auth questions. Back when I created my own classes manually, I had a class which exposed properties that I would set then access for things like signature, username, password that got sent along with the Http request that were required by whatever 3rd party API I was using to make API calls.
But then with using a Service Reference, how then would I pass this information just like I had done in my custom classes? For instance I'm going to be working with the PayPal API. It requires you to send a signature and a few other pieces of information like username and password.
// Determins if API call needs to use a session based URI
string requestURI = UseAuthURI == true ? _requestURIAuthBased + aSessionID : _requestURI;
byte[] data = XmlUtil.DocumentToBytes(doc);
// Create the atual Request instance
HttpWebRequest request = CreateWebRequest(requestURI, data.Length);
So how do I pass username, password, signature, etc. when using web service references for each method call? Is it as simple as specifying it as a param to the method or do you use the .Credentials and .URL methods of your proxy class object? It seems to me Credentials means windows credentials but I could be wrong. Is it limited to that or can you use that to specify those required header values that PayPal expects with each method call/API request?
Using Web Service or Web Service Reference