Using Token method GET Webapi Httpclient

Question

Using Token method GET Webapi Httpclient

Asked 9 years, 3 months ago

Viewed 3,759 times

4

My problem is this: I am consuming a Webapi with the method PostAsJsonAsync In this call I am receiving a Token for authentication in the ADMIN methods of an EAD platform that we are working on.

So far so good. When I call the ADMIN methods sending the Token returned in the login method, it is returning as "Unauthorized". Follows part of the code that is not working:

response = null;                     
vAuth_token = retorno.authentication_token;

client.DefaultRequestHeaders.Authorization = new System.Net.Http.Headers.AuthenticationHeaderValue("X-Auth-Token", vAuth_token);

response = await client.GetAsync("api/admin/users");
if (response.IsSuccessStatusCode)
{
  //HTTP GET
  try
  {
    Usuarios usuarios = await response.Content.ReadAsAsync<Usuarios>();
  }
  catch (Exception erro)
  {

  }
}

3 answers

4

Samuel is absolutely right. To give you more information, understand that:

client.DefaultRequestHeaders.Authorization

is equivalent to:

HTTP/1.1
Authorization: <tipo> <token>

The DefaultRequestHeaders is a collection of keys and values, equal to a Dictionary<TKey,TValue>. Thus, the following is exactly the same as the previous:

client.DefaultRequestHeaders.Add("Authorization", "<tipo> <token>");

If you wish something like that:

HTTP/1.1
X-Auth-Token: <qualquer coisa>

I would have to use the same @Samuelmcaravey said, that would be:

client.DefaultRequestHeaders.Add("X-Auth-Token", "<qualquer coisa>");

More information about HTTP headers (HTTP Headers) can be found in various sources on the internet, this Wikipedia article being one of them.

Thanks brazilianldsjaguar, but continues with the same problem. I do not know if I did not understand right. Where I was in trouble I switched to client.DefaultRequestHeaders.Add("X-Auth-Token", vAuth_token); . Is there anything else missing?

– Vitor Salotti

2015/08/11 at 18:56

Browser other questions tagged c# asp.net-web-api

You are not signed in. Login or sign up in order to post.

by Samuel McAravey • **156** points · Answer 1 · 2015-08-11T17:51:45+00:00

The problem is here:

client.DefaultRequestHeaders.Authorization = new System.Net.Http.Headers.AuthenticationHeaderValue("X-Auth-Token", vAuth_token);

What happens is that the HTTP header becomes something like this:

Authorization: X-Auth-Token <<seu token aqui>>

When you are building Authenticationheadervalue the first parameter is called Scheme. You see this used a lot for Bearer Authentication, but I think you want it to be just a normal header. To do this you can try something like this:

client.DefaultRequestHeaders.Add("X-Auth-Token", vAuth_token);

And then you’ll see a header so it should work:

X-Auth-Token: <<seu token>>

by Vitor Salotti • 53 points · Answer 2 · 2015-08-11T20:00:06+00:00

I needed to first call the login page with the Token to log in, and then call the ADMIN method.

Resolution:

if (retorno.valid == "true") {
response = null;
client = null;
vAuth_token = retorno.authentication_token;

client = new HttpClient(httpClientHandler);
client.BaseAddress = new Uri("http://xxxxxx.xxxxxx.xxx/");
client.DefaultRequestHeaders.Accept.Clear();
client.DefaultRequestHeaders.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
response = await client.PostAsJsonAsync("api/login?auth_token=" + vAuth_token, "");

response = null;
client = null;
client = new HttpClient(httpClientHandler);
client.BaseAddress = new Uri("http://xxxxxx.xxxxxx.xxx/");
client.DefaultRequestHeaders.Accept.Clear();
client.DefaultRequestHeaders.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
client.DefaultRequestHeaders.Add("X-Auth-Token", vAuth_token);
response = await client.GetAsync("api/admin/users");
if (response.IsSuccessStatusCode) {
    // HTTP GET
    try
    {
        //Usuarios usuarios = await response.Content.ReadAsAsync<Usuarios>();
        var data = response.Content.ReadAsStringAsync().Result;
    }
    catch (Exception erro)
    {

    }
}

Thank you !