I am working on Square Payment gateway integration in ASp.Net. I want to request card_nonce using information stored in database. Can I directly request for card_nonce without using SqPaymentForm?
I tried to send request using Restsharp request but getting error in response. Below is my code and response from Square Up.
RequestCode:
RestSharp.RestClient ClientNonce = new RestSharp.RestClient("https://connect.squareup.com");
RestSharp.RestRequest RequestNonce = new RestSharp.RestRequest("v2/card_nonce", RestSharp.Method.POST);
RequestNonce.RequestFormat = RestSharp.DataFormat.Json;
RequestNonce.AddHeader("Accept", "application/json");
string jsonBodyNone = "{\"client_id\":\""+sandboxId+"\",\"card_data\":{\"billing_postal_code\":\"73001\",\"cvv\":\"564\",\"exp_month\":\"1\",\"exp_year\":\"2021\",\"number\":\"4532759734545858\"},\"website_url\":\"http://localhost:24584/\"}";
RequestNonce.AddParameter("application/json", jsonBodyNone, RestSharp.ParameterType.RequestBody);
RestSharp.IRestResponse responseNonce = ClientNonce.Execute(RequestNonce);
System.Net.HttpStatusCode getresponseNonce = responseNonce.StatusCode;
ResponseFromSquare:
{"errors":[{"category":"INVALID_REQUEST_ERROR","code":"BAD_REQUEST","detail":"Your request could not be processed"}]}
Square has designed the API such that merchant sites do not store, process or transmit cardholder data. As a result,it is not possible to generate a card nonce without using SqPaymentForm.
Related
I am able to successfully send requests to a sandbox via postman, given by a provider following their specs (see images below)
Successful request (see below)
In order to do that, aside from the respective headers and parameters (see image 2) I have to add a ssl/Tls certificate (.pfx) given that the server requires a 2 way handshake so it needs SSl client certificate:
Authorization (see below).
Headers (see below)
Body (see below)
Now, I am trying to do ir programatically using dotnet core 6, but I keep running into the same problem:
And here is my code:
public static string GetAccessToken(IConfiguration _config)
{
string UserName = Environment.GetEnvironmentVariable("USER_NAME");
string Password = Environment.GetEnvironmentVariable("PASSWORD");
var client = new RestClient("https://connect2.xyz.com/auth/token");
var request = new RestRequest();
X509Certificate2 FullChainCertificate = new X509Certificate2("Path/to/Cert/cert.pfx", "test");
client.Options.ClientCertificates = new X509CertificateCollection() { FullChainCertificate };
client.Options.Proxy = new WebProxy("connect2.xyz.com");
var restrequest = new RestRequest();
restrequest.Method = Method.Get;
restrequest.AddHeader("Accept", "*/*");
restrequest.AddHeader("Cache-Control", "no-cache");
restrequest.AddHeader("Content-Type", "application/x-www-form-urlencoded");
restrequest.AddHeader("Authorization", "Basic " + Convert.ToBase64String(Encoding.Default.GetBytes($"{UserName}:{Password}")));
restrequest.AddParameter("grant_type", "client_credentials");
RestResponse response = client.Execute(restrequest);
AccessTokenPointClickCare accessToken = JsonConvert.DeserializeObject<AccessTokenPointClickCare>(response.Content);
string strToken = accessToken.access_token;
return strToken;
}
Now, as the error seems to show, it has to do with the certificates (apparently), but I don't know if something in the code is wrong, or if I'm missing something, etc...
It is worth noting that this code did run in someone else's pc with the same set-up, but of course with that person's own pfx, but for the rest, it is essentially the same, and not to mention that it does work on my postman.
Finally, as the title on this question, the only thing I can think it might also be affecting the request is the host. If I reference the postman, there is a field where I have to place the host name of the server https://connect2.xyz.com/auth/token
So made it work by changing to a new Windows 10. Researching in other Stackoverflow threads found the answer: .NET CORE 5 '''HandshakeFailure'" when making HTTPS request
So I conclude it has to do with the cyphers
Suppose I have a client that continually requests streams from a service, and I want automate testing it. So, as part of the test, I create a service that returns a stream. The following code snippet constructs the response and returns it:
HttpResponseMessage response = Request.CreateResponse(HttpStatusCode.OK);
response.Content = new StreamContent(fstream);
response.Content.Headers.ContentType = mediaType;
return response;
This works for the success case where the client calls the API and gets a response in a timely manner. But I also want to simulate some timeout failures.
If I want to simulate timeouts before any part of the response is returned, i can simply add a Thread.Sleep() before return response.
My question is: how can I simulate the timeout case where the service has already started return response? I would like to simulate the service timing out after the response headers have been sent, but before the entirety of fstream is sent.
Maybe try something like this?
var response = HttpContext.Current.Response;
response.Buffer = false;
response.AddHeader("SomeHeader","SomeValue");
response.Write("Some body text.");
System.Threading.Thread.Sleep(WEB_SERVER_TIMEOUT_VALUE + 1);
I'm trying to send emails through mailgun email service. I'm using angular 2. This is what my service looks like:
sendEmail(fromName, fromEmail, message) {
var headers = new Headers();
var recieverMail = "abc#123.se";//service#csc.kth.se"
var subject = "error report submitted by interactive screen"
headers.append("Authorization", "Basic "+btoa("MY_API_KEY"));
headers.append("content-type", "application/x-www-form-urlencoded");
var url = "https://api.mailgun.net/v3/mymailgun.mailgun.org/messages";
var data = "from="+fromName+"&to=" +recieverMail+"&subject="+subject+"&text="+message;
return this.http.post(url,data, {headers: headers});
}
I got two different programs that is using this service and they both passes the service strings but the service only fails for one of them.
Applcation 1 recieves an error message saying that the "from" parameter is missing and it is because the mail data is not interpreted as url-encoded for some reason. It is just interpreted as plain text!
Application 2 successfully sends messages with the same service and input. As you can see, this time the mail data is interpreted as url-encoded and the mailgun API recognizes the mail parameters.
Any suggestions on what might be causing this problem for application 1?
(I know that the data is not 100% identical from the screenshot but the problem that i want to illustrate is that they interpret the mail data differently)
Environment: ASP.Net MVC 4 using C#
I need to get image by using GET request to a URL /inbound/faxes/{id}/image
I used the code below
HttpWebRequest request = (HttpWebRequest)WebRequest.Create("/inbound/faxes/238991717/image");
HttpWebResponse response = (HttpWebResponse)request.GetResponse();
System.IO.StreamReader stream = new StreamReader(response.GetResponseStream());
but it flags "URL not valid"
I used the complete URL www.interfax.net/inbound/faxes/{id}/image
but the result is same
I want to follow this article to receive faxes
Accepting incoming fax notifications by callback
Can anyone help me to get fax...?
Try like this:
using (var client = new WebClient())
{
byte[] imageData = client.DownloadData("http://www.interfax.net/inbound/faxes/{id}/image");
}
Notice how the url is prefixed with the protocol (HTTP in this case). Also make sure you have replaced the {id} part of the url with the actual id of the image you are trying to retrieve.
I am having to re-write an existing REST API using .NET (originally written with Ruby). From the client's perspective, it has to work exactly the same way as the old API - i.e. the client code mustn't need to change. The current API requires Basic Authentication. So to call the old API, the following works perfectly:-
var wc = new System.Net.WebClient();
var myCache = new CredentialCache();
myCache.Add(new Uri(url), "Basic", new NetworkCredential("XXX", "XXX"));
wc.Credentials = myCache;
var returnBytes = wc.DownloadData("http://xxxx");
(I have had to ommit the real URL / username / password etc for security reasons).
Now I am writing the new API using ASP.Net Web API with MVC4. I have a weird problem and cannot find anybody else with exactly the same problem. In order to support Basic Authentication, I have followed the guidelines here:
http://sixgun.wordpress.com/2012/02/29/asp-net-web-api-basic-authentication/
One thing, I put the code to "hook in the handler" in the Global.asax.cs file in the Application_Start() event (that wasn't explained so I guessed).
Anyway, if I call my API (which I have deployed in IIS) using the above code, the Authorization header is always null, and the above fails with 401 Unauthorized. However, if I manually set the header using this code, it works fine - i.e. the Authorization header now exists and I am able to Authenticate the user.
private void SetBasicAuthHeader(WebClient request, String userName, String userPassword)
{
string authInfo = userName + ":" + userPassword;
authInfo = Convert.ToBase64String(Encoding.Default.GetBytes(authInfo));
request.Headers["Authorization"] = "Basic " + authInfo;
}
.......
var wc = new System.Net.WebClient();
SetBasicAuthHeader(request, "XXXX", "XXXX");
var returnBytes = wc.DownloadData("http://xxxx");
Although that works, it's no good to me because existing users of the existing API are not going to be manually setting the header.
Reading up on how Basic Authentication works, the initial request is meant to be anonymous, then the client is returned 401, then the client is meant to try again. However if I put a break point in my code, it will never hit the code again in Antony's example. I was expecting my breakpoint to be hit twice.
Any ideas how I can get this to work?
You're expecting the right behavior. System.Net.WebClient does not automatically include the Authorization headers upon initial request. It only sends them when properly challenged by a response, which to my knowledge is a 401 status code and a proper WWW-Authenticate header. See here and here for further info.
I'm assuming your basic authentication handler is not returning the WWW-Authenticate header and as such WebClient never even attempts to send the credentials on a second request. You should be able to watch this in Fiddler or a similar tool.
If your handler did something like this, you should witness the WebClient approach working:
//if is not authenticated or Authorization header is null
return base.SendAsync(request, cancellationToken).ContinueWith(task =>
{
var response = task.Result;
response.StatusCode = HttpStatusCode.Unauthorized;
response.Headers.Add("WWW-Authenticate", "Basic realm=\"www.whatever.com\"");
return response;
});
//else (is authenticated)
return base.SendAsync(request, cancellationToken);
As you noticed, if you include the Authorization headers on every request (like you did in your alternative approach) then your handler already works as is. So it may be sufficient - it just isn't for WebClient and other clients that operate in the same way.