0

so able to do this manually using postman. Two steps involved , first do a Get with UserID/password. From the response get the csrf token attach the same in Another post method. No Authentication required in second call but just token with JSON payload returns the 200 response code.

Now tried these steps in C# and getting UnAuthorized error. Not sure if am attaching the token correct. below is the code.

var awdToken = await getAWDToken();
            if (awdToken != null)
            {
                awdAddUser = await AddAWDUser(awdToken, userDetails);
            }

private async Task<string> getAWDToken()
        {
            using (var client = new HttpClient())
            {
                string targetUri = string.Empty;
                string userId = string.Empty;
                string pass = string.Empty;

                Dictionary<string, string> _awdConfigs;
                _userSecurityWrok.CleintConfiguration.ClientAppConfigs.TryGetValue(string.Concat("AWD", "1"), out _awdConfigs);

                if (_awdConfigs != null)
                {
                    _awdConfigs.TryGetValue("AWDShortNameURL", out targetUri);
                    _awdConfigs.TryGetValue("UserName", out userId);
                    _awdConfigs.TryGetValue("Password", out pass);
                }
                client.BaseAddress = new Uri(targetUri);
                var byteArray = new UTF8Encoding().GetBytes(userId + ":" + pass);
                client.DefaultRequestHeaders.Accept.Clear();
                client.DefaultRequestHeaders.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
                client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Basic", Convert.ToBase64String(byteArray));
                client.DefaultRequestHeaders.ExpectContinue = false;
                var response = await client.GetAsync(targetUri).ConfigureAwait(false);
                IEnumerable<string> _tokens = response.Headers.GetValues("csrf_token");
                var token = _tokens.FirstOrDefault();
                var responseInfo = await response.Content.ReadAsStringAsync();

                return token;
            }

        }

private async Task<UpdateResult> AddAWDUser(string awdToken, UserDetail userDetails)
        {
            UpdateResult userAddresult = new UpdateResult() { Success = false, Errors = new List<string>(), Messages = new List<string>() };
            ClientDetails clientData = await _clientWork.GetClientDetails(userDetails.ClientId);

            var awdPayLoad = await prepareAWDPayload(userDetails);

            using (var handler = new HttpClientHandler { UseCookies = false })

            using (var client = new HttpClient(handler))
            {
                string targetUri = string.Empty;

                Dictionary<string, string> _awdConfigs;
                _userSecurityWrok.CleintConfiguration.ClientAppConfigs.TryGetValue(string.Concat("AWD", "1"), out _awdConfigs);

                if (_awdConfigs != null)
                {
                    _awdConfigs.TryGetValue("AWDShortNameURL", out targetUri);
                }
                client.BaseAddress = new Uri(targetUri);
                client.DefaultRequestHeaders.Accept.Clear();
                client.DefaultRequestHeaders.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
                client.DefaultRequestHeaders.Add("csrf_token", awdToken);
                client.DefaultRequestHeaders.Add("Cookie", "csrf_token=" + awdToken);
                client.DefaultRequestHeaders.ExpectContinue = false;
                var content = new StringContent(awdPayLoad, Encoding.UTF8, "application/json");
                var response = await client.PostAsync(targetUri, content).ConfigureAwait(false);
                var responseInfo = await response.Content.ReadAsStringAsync();

                if (response.StatusCode == HttpStatusCode.OK)
                {
                    userAddresult.Success = true;
                }
                else
                {
                    userAddresult.Success = false;
                    userAddresult.Errors = new List<string> { "AWD returned error as " + response.StatusCode.ToString() };

                }
            }

            return userAddresult;
        }

Need to get this working... any idea?

attaching postman dump

POST /devapp/awdServer/awd/services/v1/users/ HTTP/1.1
Host: awdwaldn.nonprod.awdprocess.net:8443
csrf_token: L1HmyGPvEC4GvrOqBioL0Q..
Content-Type: application/json
User-Agent: PostmanRuntime/7.20.1
Accept: */*
Cache-Control: no-cache
Postman-Token: 594c3d97-de46-4fc3-9c2d-1b5f74278e60,8be8e538-267f-4544-b33a-211b2d479b3b
Host: ***** //removed host details
Accept-Encoding: gzip, deflate
Content-Length: 325
Cookie: BIGipServerawdwaldn-nonprod-web-8443-dev-web=454308362.16671.0000; JSESSIONID=8hl6G3gImEf4S71c8CFIzfMd.JVM1
Connection: keep-alive
cache-control: no-cache

{
    "userId": "DST1234",
    "alias": "DST1234",
    "password": "TextAW1@",
    "firstName": "chi",
    "lastName": "chan",
    "workSelect": "1",
    "group": "WORK GROUP",
    "countryCode": 1,
    "earlyTime": "00:00:01",
    "lateTime": "23:59:59",
    "queue": "N",
    "status": "A",
    "workSelect": 1
}
The bug
  • 46
  • 4

1 Answers1

0

I found it. its the cookies. We need to read the cookies from first response and attach it to second one. Issue resolved. thanks for your help.

The bug
  • 46
  • 4