Develop Reference

Xamarin: Creating ADFS (Oauth2) client without azure

I am trying to authenticate my app using ADFS and oauth2. I found a lot of documentation to do this with an azure service (using ADAL). But there is no info about how to do it with a local server.
I tested all the info below with an angular app and the authentication works!
public class AuthenticationService
{
public static string clientId = "uri:tst-amdm-website.mycompany.be";
private static string commonAuthority = "https://claim.mycompany.be/";
public static Uri returnUri = new Uri("http://www.google.be");
const string graphResourceUri = "uri:tst-amdm-api.mycompany.be";
public async void GetAccessToken(IPlatformParameters platformParameters)
{
AuthenticationResult authResult = null;
JObject jResult = null;
//List<User> results = new List<User>();
try
{
AuthenticationContext authContext = new AuthenticationContext(commonAuthority);
if (authContext.TokenCache.ReadItems().Any())
authContext = new AuthenticationContext(authContext.TokenCache.ReadItems().First().Authority);
authResult = await authContext.AcquireTokenAsync(graphResourceUri, clientId, returnUri, platformParameters);
var test = authResult.AccessToken;
}
catch (Exception ee)
{
//results.Add(new User { error = ee.Message });
//return results;
}
}
}
This is the error I get, but in angular this url: https://claim.mycompany.be/ works perfectly.
'authority' Uri should have at least one segment in the path (i.e. https://<host>/<path>/...)

There's good references here but note that you need ADFS 4.0 to do this.
For ADFS 3.0. your choices are limited. Good overview here.

Web Api, TokenEndPointPath returns Http resource was not found in production

I have Web Api. It works good on my local computer but when I publish it on my server/hosting. Only Url to request OAuth Token returns "No HTTP resource was found that matches the request". All others controllers works fine.
Any ideas why it happens only in production?
My Startup.cs
using System;
using System.Web.Http;
using Microsoft.Owin;
using Microsoft.Owin.Security.OAuth;
using Owin;
[assembly: OwinStartup(typeof(Api.Startup))]
namespace Api
{
public class Startup
{
public void Configuration(IAppBuilder app)
{
var config = new HttpConfiguration();
ConfigureOAuth(app);
WebApiConfig.Register(config);
app.UseWebApi(config);
app.UseCors(Microsoft.Owin.Cors.CorsOptions.AllowAll);
app.UseWebApi(config);
}
public void ConfigureOAuth(IAppBuilder app)
{
var oAuthServerOptions = new OAuthAuthorizationServerOptions
{
AllowInsecureHttp = true,
TokenEndpointPath = new PathString("/api/v1/oauth/token"), //TODO: FROM WEB CONFIG
AccessTokenExpireTimeSpan = TimeSpan.FromDays(1), //TODO: FROM WEB CONFIG
Provider = new AuthorizationProvider()
};
app.UseOAuthAuthorizationServer(oAuthServerOptions);
app.UseOAuthBearerAuthentication(new OAuthBearerAuthenticationOptions());
}
}
}
Best Regards

Pass parameters to web page from Windows client

I have the following method in a controller in an MVC website:
[WebGet]
public void SaveInfo()
{
string make = Request.QueryString["Make"];
string model = Request.QueryString["Model"];
// Do stuff....
}
It works fine when I type the URL in the address bar, but what I need to do is call this from a Windows client. How do I do this in C#?
Thanks!

Use the WebClient class to make an HTTP request from the client. You'll need to add a reference to System.Web if your client project doesn't already have one.
using System.Net;
using System.Web;
static void SaveInfo(string make, string model)
{
using (WebClient webClient = new WebClient())
{
string response = webClient.DownloadString(
String.Format(
"http://yoursite/ControllerName/SaveInfo?make={0}&model={1}",
HttpUtility.UrlEncode(make),
HttpUtility.UrlEncode(model)
)
);
}
}

Getting HttpRequest extension method written for MVC to work in Web Api

I'm working with OAuth 2.0 for MVC, a .NET library for Oauth2. I'm building a Web Api project, however, and am hoping to get this library to work with Web Api.
The problem I'm running into is that the library uses two extension methods on the HttpRequestBase that it calls from the controller.
Here are the extension methods:
public static string GetToken(this HttpRequest request)
{
var wrapper = new HttpRequestWrapper(request);
return GetToken(wrapper);
}
public static string GetToken(this HttpRequestBase request)
{
if (request == null)
return String.Empty;
// Find Header
var headerText = request.Headers[OAuthConstants.AuthorzationHeader];
if (!String.IsNullOrEmpty(headerText))
{
var header = new AuthorizationHeader(headerText);
if (string.Equals(header.Scheme, "OAuth", StringComparison.OrdinalIgnoreCase))
return header.ParameterText.Trim();
}
// Find Clean Param
var token = request.Params[OAuthConstants.AuthorzationParam];
return !String.IsNullOrEmpty(token)
? token.Trim()
: String.Empty;
}
In the MVC project, they simply call Request.GetToken() from the controller. Of course, Web Api's request is an HttpRequestMessage. I'm afraid addressing the difference between HttpRequest and HttpRequest message is beyond my capabilities right now.
Can I convert this extension method to work with HttpRequestMessage or somehow make it work in Web Api??
Thanks!

All the properties you used to have are still available (assuming the OAuthConstants.AuthorzationParam is set on the query string?)
using System;
using System.Linq;
using System.Net.Http;
namespace YourApp
{
public static class Extensions
{
public static string GetToken(this HttpRequestMessage request)
{
if (request == null)
return String.Empty;
// Find Header
var headerText = request.Headers.GetValues(OAuthConstants.AuthorzationHeader).SingleOrDefault();
if (!String.IsNullOrEmpty(headerText))
{
//Brevity...
}
// Find Clean Param
var token = request.GetQueryNameValuePairs().SingleOrDefault(x => x.Key == OAuthConstants.AuthorzationParam).Value;
return !String.IsNullOrEmpty(token)
? token.Trim()
: String.Empty;
}
}
}
Controller
using System.Collections.Generic;
using System.Web.Http;
using YourApp;
namespace YourApp.Controllers
{
public class FoosController : ApiController
{
public IEnumerable<string> Get()
{
var token = Request.GetToken();
return null;
}
}
}

Getting the HttpActionExecutedContext Result values

I have created a filter which inherits the System.Web.Http.Filters.ActionFilterAttribute in the asp.net web api and would like to access some of the data inside the HttpActionExecutedContext result object.
At what stage/when does this object get populated? As I looked at it when overriding the OnActionExecuted method and its always null?
Any ideas?
Edit:
for example here in my custom filter:
public override OnActionExecuted(HttpActionExecutedContext context)
{
//context.Result.Content is always null
base.OnActionExecuted(context);
}

Use this function to get body of request in web api
private string GetBodyFromRequest(HttpActionExecutedContext context)
{
string data;
using (var stream = context.Request.Content.ReadAsStreamAsync().Result)
{
if (stream.CanSeek)
{
stream.Position = 0;
}
data = context.Request.Content.ReadAsStringAsync().Result;
}
return data;
}

Ended up using ReadAsStringAsync on the content result.
I was trying to access the property before the actual request had finished.

While the awarded answer referred to ReadAsStringAsync, the answer had no example. I followed the advice from gdp and derived a somewhat working example...
I created a single class called MessageInterceptor. I did nothing more than derive from ActionFilterAttribute and it immediately started to intercept webAPI method calls prior to the controller getting it, and after the controller finished. Here is my final class. This example uses the XML Serializer to get both the request and response into an XML string. This example finds the request and response as populated objects, this means deserialization has already occurred. Collecting the data from a populated model and serializing into an XML string is a representation of the request and response - not the actual post request and response sent back by IIS.
Code example - MessageInterceptor
using System.IO;
using System.Linq;
using System.Web.Http.Controllers;
using System.Web.Http.Filters;
using System.Xml.Serialization;
namespace webapi_test
{
public class MessageInterceptor : ActionFilterAttribute
{
public override void OnActionExecuting(HttpActionContext actionContext)
{
base.OnActionExecuting(actionContext);
var headers = actionContext.Request.Content.Headers.ToString();
var request = actionContext.ActionArguments.FirstOrDefault().Value;
var xml = SerializeXMLSerializer(request, "");
}
public override void OnActionExecuted(HttpActionExecutedContext actionExecutedContext)
{
base.OnActionExecuted(actionExecutedContext);
var headers = actionExecutedContext.Response.Content.Headers.ToString();
var response = actionExecutedContext.Response.Content.ReadAsStringAsync().Result;
var xml = SerializeXMLSerializer(response, "");
}
public static string SerializeXMLSerializer(object o, string nameSpace)
{
string serializedValue;
var writer = new StringWriter();
XmlSerializer serializer = new XmlSerializer(o.GetType(), nameSpace);
serializer.Serialize(writer, o);
serializedValue = writer.ToString();
return serializedValue;
}
}
}

Use below to read Response string:
public static string GetResponseContent(HttpResponseMessage Response)
{
string rawResponse = string.Empty;
try
{
using (var stream = new StreamReader(Response.Content.ReadAsStreamAsync().Result))
{
stream.BaseStream.Position = 0;
rawResponse = stream.ReadToEnd();
}
}
catch (Exception ex) { throw; }
return rawResponse;
}