-2

I have a web api with controller methods that use rest http(post/get calls). Clients consume this API with normal httpclient calls and I pass an http response back.

My use case is I have a legacy method that needs to make a call to another server. This method currently uses WCF and contract binding but I don't want to use WCF in this API project.

Is there a way that I can still call these methods using just WEB API or do I have to mix architectures (Web api with WCF)?

Here is the normal method call

  1. First I initialize the proxy

             var proxy = GetAccountProxy();

   public static AcountClient     GetAccountProxy()
 {
   var client = new AccountClient();
   client.ClientCredentials.ClientCertificate.SetCertificate(...);
  return client;
 }

  2. I connect to a method on the other server through the proxy

    var accountInfo = proxy.GetAccountInfo(xmlAccount);

     public string AccountInfo(string sXml){
 AccountLookup val = new AccountLookup();
 val.Body = new AccountLookupRequestBody();
 val.Body.XML = sXML;
  AccountLookupResponse retVal = ((AccountLookupResponse)(this)).AccountLookup(val);
  return retVal;

    }

In my webconfig the endpoints look like this

<endpoint address="https://www.mylookup.com/AccountLookupWS/AccountLookupWS.svc/wshttp" binding="wsHttpBinding" bindingConfiguration="WSHttpBinding_IAccountLookupWS" contract="AccountLookupWS.IAccountLookupWS" name="WSHttpBinding_IAccountLookupWS1" />

So my question is can I just call this endpoint using a normal rest httpclient call and have the same result?

 Uri baseUrl = new Uri("https://www.mylookup.com/AccountLookupWS/AccountLookupWS.svc/wshttp");
            IRestClient client = new RestClient(baseUrl);
            IRestRequest request = new RestRequest("GetAccountInfo", Method.GET) 
            request.AddParameter("XmlAccount", sXml);

            IRestResponse<dynamic> response = client.Execute<dynamic>(request);

            if (response.IsSuccessful)
            {
                response.Data.Write();
            }
            else
            {
                Console.WriteLine(response.ErrorMessage);
            }

            Console.WriteLine();
Terrance Jackson
  • 606
  • 3
  • 13
  • 40
  • 1
    `GetPerson` should return `IPerson` or another public interface. And to make `Person` innacessible you can make it nested private class of the wrapper. – Sinatr Oct 01 '20 at 14:37
  • Ok cool> i didnt think of a nested class can you make this an answer ill give you credit – Terrance Jackson Oct 01 '20 at 14:39
  • The caller will always have the possibility to modify the instance of the private class provided by you using reflection, even if all types are private – Ehssan Oct 01 '20 at 14:48
  • Does this answer your question? [Is there a way to restrict access to a public method to only a specific class in C#?](https://stackoverflow.com/questions/2629981/is-there-a-way-to-restrict-access-to-a-public-method-to-only-a-specific-class-in) – Sinatr Oct 01 '20 at 14:48
  • @Ehssan, we don't take reflection into account when we build architecture. If someone uses reflection he may accidently shoot himself, but it's not our guilt then. – Sinatr Oct 01 '20 at 14:52
  • @Sinatr of course, but he is speaking about security. So I just wanted to point out that there is no security when reflection is enabled. Also, passing out an interface with a corresponding immutable (record) implementation class is as "safe" as possible – Ehssan Oct 01 '20 at 14:54
  • Security wise - nothing "original" should be sent out (no references to anything). Means using POCOs everywhere. – Sinatr Oct 01 '20 at 14:59

1 Answers1

0

It depends on your WCF server bindings. You see, HTTP/s protocol implementation is just possible module of WCF, a part, just like any other protocol out there - it is just called binding. Different bindings means same bindings should be on client side, otherwise they don't understand each other.

For example if server tells:

  • use gzip on my data which I send over wire
  • then I xor my data with 666 if first bit is set true
  • then use SSL to protect it
  • then send it over TCP

Then client should do the same thing in reverse. This is WCF and it's flexibility for you which opened hell gates for researchers and developers.

As I said, if your server supports HTTP bindings, without extra stuff - you are good. Use http client or billion other HTTP classes. If not - port your server protocol bindings to NET Core and use them.

eocron
  • 6,885
  • 1
  • 21
  • 50