2

I'm doing a side project at work. I have very basic knowledge of HTTP calls so forgive me if I have noob questions.

I used Postman (https://www.getpostman.com) to create the JSON response serialization and the call headers and parameters. I am trying to log in and then call method getSIM. When I send the request through the Postman application, the call is successful. When I try the call using my C# app, only the loginRequestAPICall returns a response ("OK") but the getSIM call fails ('Permission denied').

Documentation for this API is available here: https://www.eseye.com/wp-content/uploads/8281-Tigrillo-API-User-Guide.pdf

I am assuming that the issue is something with a token but I don't have enough knowledge to solve this.

This is my code:

class Program
{
    static void Main(string[] args)
    {
        var client = new RestClient("https://siam.eseye.com/Japi/Tigrillo");
        if (loginRequestAPICall(client))
        {
            Console.WriteLine("Login successful");
            getSIM(client);
        }
        else
        {
            Console.WriteLine("Login unsuccessful");
        }

        Console.ReadLine();
    }

    public static bool loginRequestAPICall(RestClient client)
    {
        var request = new RestRequest("/login/", Method.POST);

        //loginRequest.AddHeader("postman-token", "4e67ed4c-4130-4067-9539-d5ed6b6ad761");
        request.AddHeader("cache-control", "no-cache");
        request.AddHeader("content-type", "application/json");
        request.AddParameter("application/json", "{\r\n\"username\" : \"XXXXXXXXX\" ,\r\n\"password\" : \"XXXXXXXXX\" ,\r\n\"portfolioID\" : \"XXXXXXXXXX\"\r\n}", ParameterType.RequestBody);

        IRestResponse<LoginStatus> response = client.Execute<LoginStatus>(request);
        Console.WriteLine(response.Data.status.status);
        if (response.Data.status.status == "OK")
        {
            return true;
        }
        else
            return false;
    }

    public static void getSIM(RestClient client)
    {
        var request = new RestRequest("/getSIMs/", Method.POST);
        //request.AddHeader("postman-token", "4e67ed4c-4130-4067-9539-d5ed6b6ad761");
        request.AddHeader("cache-control", "no-cache");
        request.AddHeader("content-type", "application/json");
        request.AddParameter("application/json", "{\r\n\"numRecs\" : 1\r\n}", ParameterType.RequestBody);

        IRestResponse<RootObject> response = client.Execute<RootObject>(request);

        Console.WriteLine("Found {0} devices", response.Data.totRecs);

    }
}
public class LoginStatus
{
    public Status status { get; set; }
    public string cookie { get; set; }
    public string permissions { get; set; }
    public string canActivate { get; set; }
}

public class Status
{
    public string errorCode { get; set; }
    public string errorMessage { get; set; }
    public string status { get; set; }
}

public class Sim
{
    public string MSISDN { get; set; }
    public string friendlyName { get; set; }
    public string MEID { get; set; }
    public string ICCID { get; set; }
    public string IMSI { get; set; }
    public int DataUsage { get; set; }
    public string ipAddress { get; set; }
    public string group { get; set; }
    public string status { get; set; }
    public string alert { get; set; }
    public string controls { get; set; }
    public string dataMSISDN { get; set; }
    public string localMSISDN { get; set; }
    public string mappedMSISDN { get; set; }
}

public class RootObject
{
    public int totRecs { get; set; }
    public List<Sim> sims { get; set; }
    public Status status { get; set; }
}

}

Ko Ga
  • 856
  • 15
  • 25
  • Look at the request response in Fiddler/WireShark and tell me the difference. I assume that PostMan passes an addition "authentication token" when doing the `getSIM` request. By the way, your code does not follow standard C# naming conventions. – Aron Mar 01 '17 at 08:27
  • add authentication (header) to getSIM request also. – Anil Mar 01 '17 at 08:27
  • Without more information, it is impossible to tell you exactly what the cause is. It could be that the login response contains a header token(or similar) that postman holds on to, so the call to getSIM is passed that, which indicates it's authenticated. You may need to do the same in the C#. Check the request-response flow to inspect the response, and then whether there are any headers you are missing in your C# from the 2nd request. – Jono Stewart Mar 01 '17 at 08:27
  • @Aron, can you please clarify where the naming convention does not follow the standard? As I said, I'm not a developer so I'm unsure. – Ko Ga Mar 01 '17 at 08:38
  • @AnilKumar - when I add: `request.AddParameter("application/json", "{\r\n\"username\" : \"XXXXXX\" ,\r\n\"password\" : \"XXXXXXX\" ,\r\n\"portfolioID\" : \"XXXXXX\"\r\n}", ParameterType.RequestBody);` to the `getSIM` call, I receive: `Invalid parameter - username` – Ko Ga Mar 01 '17 at 09:22

0 Answers0