WebApi POST body not binding with FromBody - asp.net-apicontroller

I've defined my ApiController's method like so:
public HttpResponseMessage Post([FromBody] string json)
The method is being called, but json is always null. I can see via Fiddler that what I'm passing is what I expect (hostname obviously edited out). What am I missing here?
POST http://somehost.com/api/somemethod HTTP/1.1
User-Agent: Fiddler
Host: somehost.com
Content-Length: 54
Content-Type: application/json
{"site":"home","region":"region","flags":"flags"}

Related

Spring REST Controller is not responding to Angular request

I have an app to create server certificate requests, just as if one were using java keytool or something. I'm trying to return the created certificate request and the key in a zip file, but for the life of me, I can't get my REST controller to respond to the http request. CORRECTION: The controller responds, but the code within the method is never executed.
The server does receive the request, because my CORS filter is executed. But I have a debug set in the controller method, and it's never triggered. Is the signature of the method correct? I need another set of eyes, please?
Here is my controller code:
#RequestMapping(method = RequestMethod.POST, value = "/generateCert/")
public ResponseEntity<InputStreamResource> generateCert(#RequestBody CertInfo certInfo) {
System.out.println("Received request to generate CSR...");
byte[] responseBytes = commonDataService.generateCsr(certInfo);
InputStreamResource resource = new InputStreamResource(new ByteArrayInputStream(responseBytes));
System.out.println("Generated CSR with length of " + responseBytes.length);
return ResponseEntity.ok()
.header(HttpHeaders.CONTENT_DISPOSITION, "attachment;filename=certificate.zip")
.contentType(MediaType.parseMediaType("application/zip"))
.contentLength(responseBytes.length)
.body(resource);
}
And here is the Angular request:
generateCertificate(reqBody: GenerateCert) {
let headers = new Headers();
headers.append('Content-Type', 'application/json');
this.http.post(this.urlGenerateCert, JSON.stringify(reqBody), {headers: headers}).subscribe(
(data) => {
let dataType = data.type;
let binaryData = [];
binaryData.push(data);
this.certBlob = new Blob(binaryData);
});
return this.certBlob;
}
And finally, the request and response headers I copied from the Network Panel:
Response
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type, Authorization, Accept, X-Requested-With, remember-me
Access-Control-Allow-Methods: POST, GET, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 3600
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Content-Length: 0
Date: Thu, 27 Dec 2018 22:48:00 GMT
Expires: 0
Location: http://localhost:8102/login
Pragma: no-cache
Set-Cookie: JSESSIONID=EDACE17328628D579670AD0FB53A6F35; Path=/; HttpOnly
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
Request
Accept: application/json, text/plain, */*
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Connection: keep-alive
Content-Length: 205
Content-Type: application/json
Host: localhost:8102
Origin: http://localhost:4200
Referer: http://localhost:4200/generateCerts
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/71.0.3578.80 Safari/537.36
I really struggled with getting CORS working, so maybe that's interfering with the request? I hate to post all that code unless absolutely necessary. Anybody got any ideas?
Listing of request/response headers lack information on URL, method and most important response status code.
Seeing Location: http://localhost:8102/login among response headers I can guess that it could be 401 Unauthorized or anything else that redirects to the login page. Hence, if there is an auth filter in the filter chain, it may be a culprit.
The following request headers
Host: localhost:8102
Origin: http://localhost:4200
suggests that you are doing CORS and the CORS filter may be involved indeed and fulfill response before the request gets routed to the controller. I suggest setting a breakpoint into the CORS filter (and into others if any) and debug it to the point where the response is returned.
define a proxy.conf.json
{
"/login*": {
"target":"http://localhost:8080",
"secure":false,
"logLevel":"debug"
}
}
now in your package.json
"scripts": {
"start":"ng serve --proxy-config proxy.config.json"
}
I think there is issue while getting connection in both webapp.please try .
When Angular encounters this statement
this.http.post(url,body).subscribe(data => # some code
);
It comes back immediately to run rest of the code while service continues to execute. Just like Future in Java.
Here if you
return this.cert;
You will not get the value that may eventually get populated by the this.http service. Since the page has already rendered and the code executed. You can verify this by including this within and outside the Observable.
console.log(“Inside/outside observable” + new Date().toLocalTimeString());
Thanks to everyone who contributed. I discovered the error was due to the headers of my controller method. After changing them, the method was invoked properly. This is what worked:
#RequestMapping(method = RequestMethod.POST, path = "/generateCert",
produces = {MediaType.APPLICATION_OCTET_STREAM_VALUE}, consumes = {MediaType.APPLICATION_JSON_VALUE})
public ResponseEntity<byte[]> generateCert(#RequestBody CertInfo certInfo) {
byte[] responseBytes = commonDataService.generateCsr(certInfo);
return ResponseEntity.ok()
.header(HttpHeaders.CONTENT_TYPE, MediaType.APPLICATION_OCTET_STREAM_VALUE)
.contentLength(responseBytes.length)
.body(responseBytes);
}

How to add a "Authorization=Bearer" header with Indy in Delphi?

I'm trying to do a POST request using an access_token, and it works fine using POSTMAN, but when I try to do the same request on Delphi, I can't find a way to add the "Authorization=Bearer eyxxxxxx..." to the Request header, as POSTMAN does.
POSTMAN Request (working well):
POST /somepath HTTP/1.1
Host: someurl.com.br
Authorization: Bearer eyJhbGciOiJSUzI1NiJ9.....
Content-Type: application/json
(body content ommited)
Indy Request generated by Delphi, captured by HTTP Analyzer (always returning 401 Forbidden error, because the absence of "Authorization=Bearer" part):
POST /somepath HTTP/1.1
Host: someurl.com.br
Content-Type: application/json
(body content ommited)
I've tried to add the header using the code below, but the header part with the "Authorization=Bearer eyxxxxxx..." isn't generated on Request, returning the 401 Forbidden error.
FIdHTTP.Request.CustomHeaders.FoldLines := False;
FIdHTTP.Request.CustomHeaders.Add('Authorization=Bearer ' + txtToken.Text);
Just found the problem. I added the wrong separator between the "Authorization" and "Bearer" words.
Wrong:
FIdHTTP.Request.CustomHeaders.FoldLines := False;
FIdHTTP.Request.CustomHeaders.Add('Authorization=Bearer ' + txtToken.Text);
Correct:
FIdHTTP.Request.CustomHeaders.FoldLines := False;
FIdHTTP.Request.CustomHeaders.Add('Authorization:Bearer ' + txtToken.Text);
After replacing the '=' by ':', I received the expected response, like the one received by POSTMAN.

asp.net OWIN save the JSON post data

I have the setup a test command line app using self hosting OWIN.
I have one test controller and this works as expected to deliver a static home page plus two values in JSON format on a get request.
I'm using the JsonFormatter to format all results.
I would like to read JSON data into it from a post request.
I can send an accepted message response but the data is always null when read.
// POST api/values
[HttpPost]
public HttpResponseMessage Post([FromBody]string myString)
{
Console.WriteLine("Terry Tibbs");
Console.WriteLine(myString);
return new HttpResponseMessage(System.Net.HttpStatusCode.Accepted);
}
I'm using Postman in Chrome to post data as below but myString is always blank.
POST /api/values HTTP/1.1
Host: localhost:8080
Content-Type: application/json
Cache-Control: no-cache
Postman-Token: a966fa36-010d-3e2b-ad66-2f82dcb155ed
{
"myString": "This is new"
}
Read Parameter Binding in ASP.NET Web API
Using [FromBody]
To force Web API to read a simple type from the request body, add the
[FromBody] attribute to the parameter:
public HttpResponseMessage Post([FromBody] string myString) { ... }
In this example, Web API will use a media-type formatter to read the
value of myString from the request body. Here is an example client
request.
POST api/values HTTP/1.1
User-Agent: Fiddler
Host: localhost:8080
Content-Type: application/json
Content-Length: 13
"This is new"
When a parameter has [FromBody], Web API uses the Content-Type header
to select a formatter. In this example, the content type is
"application/json" and the request body is a raw JSON string (not a
JSON object).

Bootstrap BlueImp file upload Java Controller Resolved

I have added BlueImp Jquery multiple fileupload to my project.
The server side of the download uses PHP, but I want to use a Java Controller.
I've changed Blueimp's main.js to send the files to my controller - 'saveImages'. This part works and now it is sent to my Java controller.
$(function () {
'use strict';
// Initialize the jQuery File Upload widget:
$('#fileupload').fileupload({
// Uncomment the following to send cross-domain cookies:
//xhrFields: {withCredentials: true},
url: 'saveImages'
});
When selecting/uploading an image,
The headers show:
Connection close
Content-Length 5717
Content-Type text/html;charset=utf-8
Date Wed, 26 Mar 2014 19:43:42 GMT
Server Apache-Coyote/1.1
Request Headers
Accept application/json, text/javascript, */*; q=0.01
Accept-Encoding gzip, deflate
Accept-Language en-US,en;q=0.5
Content-Length 94000
Content-Type multipart/form-data; boundary=--------------------------
The Post Information shows:
-----------------------------1873186311532063957277019191
Content-Disposition: form-data;
name="files[]";
filename="1.jpg"
Content-Type: image/jpeg
ÿØÿà�JFIF��`�`��ÿá�Exif��II*����������ÿÛ�C�ÿÛ�CÿÀ���"�ÿÄ����������������� ÿÄ�����������������ÿÄ�����������������ÿÄ�����������������ÿÚ���?�¿ÿÙ
-----------------------------1873186311532063957277019191--
This is the response from a PHP server - but I need to know how to do it with Java
{"files":[{"url":"http://jquery-file-upload.appspot.com/AMIfv97t6a-7QLgNXnhcK10mnbBojaAwHAL2oei6ySkhR_DKk6k5kDrS_tVhlAxFnCkYncEBM3IyeZ6n_oKXItO9dhoxcizw15pPtlA3-i53vc02Oh62RSqEdbK4QLvPwsFGdBOBmCjoNu8TOfl6m0eu1-Tquspryi48UOPXNe4eRfyrEJmBlJM/1.jpg",
"thumbnailUrl":"http://lh4.ggpht.com/b5ABUz-uqTUynXXNvHSlYcAj3nRnlYVIEAhcSZKWXHcwI_jaDZCaNDuNK-gPjeiIMy9nUIAiwS5l1o3IttA5MikPJOEXkQjFCg=s80",
"name":"1.jpg",
"type":"image/jpeg",
"size":309,
"deleteUrl":"http://jquery-file-upload.appspot.com/AMIfv97t6a-7QLgNXnhcK10mnbBojaAwHAL2oei6ySkhR_DKk6k5kDrS_tVhlAxFnCkYncEBM3IyeZ6n_oKXItO9dhoxcizw15pPtlA3-i53vc02Oh62RSqEdbK4QLvPwsFGdBOBmCjoNu8TOfl6m0eu1-Tquspryi48UOPXNe4eRfyrEJmBlJM/1.jpg?delete=true",
"deleteType":"DELETE"}]}
JSON
POST http://jquery-file-upload.appspot.com/
200 OK
2.06s
POST http://jquery-file-upload.appspot.com/
200 OK
1.18s
HeadersPostResponseJSON
Sort by key
files
[Object { url="http://jquery-file-uplo...PXNe4eRfyrEJmBlJM/1.jpg", thumbnailUrl="http://lh4.ggpht.com/b5...IttA5MikPJOEXkQjFCg=s80", name="1.jpg", more...}]
0
Object { url="http://jquery-file-uplo...PXNe4eRfyrEJmBlJM/1.jpg", thumbnailUrl="http://lh4.ggpht.com/b5...IttA5MikPJOEXkQjFCg=s80", name="1.jpg", more...}
url
"http://jquery-file-upload.appspot.com/AMIfv97t6a-7QLgNXnhcK10mnbBojaAwHAL2oei6ySkhR_DKk6k5kDrS_tVhlAxFnCkYncEBM3IyeZ6n_oKXItO9dhoxcizw15pPtlA3-i53vc02Oh62RSqEdbK4QLvPwsFGdBOBmCjoNu8TOfl6m0eu1-Tquspryi48UOPXNe4eRfyrEJmBlJM/1.jpg"
thumbnailUrl
"http://lh4.ggpht.com/b5ABUz-uqTUynXXNvHSlYcAj3nRnlYVIEAhcSZKWXHcwI_jaDZCaNDuNK-gPjeiIMy9nUIAiwS5l1o3IttA5MikPJOEXkQjFCg=s80"
name
"1.jpg"
type
"image/jpeg"
size
309
deleteUrl
"http://jquery-file-upload.appspot.com/AMIfv97t6a-7QLgNXnhcK10mnbBojaAwHAL2oei6ySkhR_DKk6k5kDrS_tVhlAxFnCkYncEBM3IyeZ6n_oKXItO9dhoxcizw15pPtlA3-i53vc02Oh62RSqEdbK4QLvPwsFGdBOBmCjoNu8TOfl6m0eu1-Tquspryi48UOPXNe4eRfyrEJmBlJM/1.jpg?delete=true"
deleteType
"DELETE"
RESOLVED
#RequestMapping(value = "saveImages", method = RequestMethod.POST, headers = "Accept=application/json")
public String saveImages(HttpServletRequest request,
HttpServletResponse response,
#RequestPart("files") MultipartFile files, #RequestBody String x)
throws Exception {
ByteArrayInputStream in = new ByteArrayInputStream(files.getBytes());
BufferedImage img = ImageIO.read(in);
ByteArrayOutputStream buffer = new ByteArrayOutputStream();
........
I resolved this myself and have updated the Controller to reflect it. I hope it helps others. If my answer isn't the most efficient, I would appreciate any comments. Thanks.
My environment:
Java 1.6
Spring 4.0.2.RELEASE,
Twitter Bootstrap v3.1.1
Maven 2.4.1

How to get JSON back from HTTP POST Request (to another domain)

I'm trying to use the API on a website, here's the part of the manual:
Authenticated Sessions (taken from here)
To create an authenticated session, you need to request an authToken from the '/auth' API resource.
URL: http://stage.amee.com/auth (this is not my domain)
Method: POST
Request format: application/x-www-form-urlencoded
Response format: application/xml, application/json
Response code: 200 OK
Response body: Details of the authenticated user, including API
version.
Extra data: "authToken" cookie and header, containing the
authentication token that should be
used for subsequent calls.
Parameters: username / password
Example
Request
POST /auth HTTP/1.1
Accept: application/xml
Content-Type: application/x-www-form-urlencoded
username=my_username&password=my_password
Response
HTTP/1.1 200 OK
Set-Cookie: authToken=1KVARbypAjxLGViZ0Cg+UskZEHmqVkhx/Pm...;
authToken: 1KVARbypAjxLGViZ0Cg+UskZEHmqVkhx/PmEvzkPGp...==
Content-Type: application/xml; charset=UTF-8
QUESTION:
How do I get that to work?
I tried jQuery, but it seems to have problem with XSS. Actual code snippet would be greatly appreciated.
p.s.
All I was looking for was WebClient class in C#
You need to put application/json in your Accept header, this tells the server you want it to respond in that format - not xml.
I am using rails to extract the same authentication token cookie from stage.amee.com/auth as mentioned above. it took a bit of experimentation before I created and customised the correct request object that returned a 200 OK, with the authtoken as a cookie. i haven't found an effective method of reading the request object or I would post exactly what it looks like. here is my ruby code from the app's controller
#define parameters
uri=URI.parse('http://stage.amee.com')
#path = '/auth'
#login_details = 'username=your_username&password=your_password'
#headers = {'Content-Type' => 'application/x-www-form-urlencoded', 'Accept' => 'application/json'}
#create request object
req = Net::HTTP.new(uri.host, uri.port)
#send the request using post, defining the path, body and headers
resp, data = req.post(#path, #login_details, #headers)
#print response details to console
puts "response code = " << resp.code
puts "response inspect = " << resp.inspect
resp.each do |key, val|
puts "response header key : " + key + " = " + val
end
puts "data: " + data

Resources