CODEWITHSUNDEEP
c#jsonauthenticationasp.net-web-apihttp-headers
nest
nest

Reputation: 1395

ASP.NET post JSON data to HTTP API with an authentication header

I have C# code to send JSON data to a web API but I keep getting a 401 (Unauthorized) response. The code below should correctly make a POST request according to this function, am I right? I have also tried small variations with the same result.

This is the code that makes the request:

public async Task Create()
{
    using (var client = new HttpClient())
    {
        client.BaseAddress = new Uri("https://zrh.cloudsigma.com/api/2.0/");
        var testVM = new CS_VM("test");
        var auth = string.Format("{0}:{1}", "[email protected]", "password");
        var encoded = Convert.ToBase64String(Encoding.ASCII.GetBytes(auth));
        client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Basic", encoded);

        HttpResponseMessage response = await client.PostAsJsonAsync("servers", testVM);
        if (response.IsSuccessStatusCode)
        {
            var a = "ok";
        }
        else
        {
            var a = "fail";
        }
    }
}

and this is the class that is sent as JSON:

public class CS_VM
{
    public CS_VM(string type)
    {
        if ("test" == type)
        {
            cpu = 1000;
            mem = 536870912;
            name = "testServer";
            vcn_password = "testserver";
        }
    }
    public string name { get; set; }
    public int cpu { get; set; }
    public int cores { get; set; }
    public int mem { get; set; }
    public string status { get; set; }
    public Owner owner { get; set; }
    public Uri resource_uri { get; set; }
    public string uuid { get; set; }
    public string vcn_password { get; set; }
}

Request headers:

Authorization: Basic bWFpbEBtYWlsLmNvbTpwYXNzd29yZA==

And the response headers:

Transfer-Encoding: chunked
Connection: keep-alive
Vary: Cookie
X-REQUEST-ID: 2584e232-5bb2-48c0-a307-67e6c03258c0
Date: Sun, 19 Jul 2015 21:39:21 GMT
Server: cloudflare-nginx
WWW-Authenticate: Digest nonce="1437341961.55:6967:0fd0a6b2dcde8f45a5ae288c3b73ee12", realm="users", algorithm="MD5",opaque="b228739d1711b0ff025703aea82ee2a208faaaa7", qop="auth", stale="false", Basic Realm="users"
CF-RAY: 2089941a6935168e-ARN

Upvotes: 4

Views: 4053

Answers (1)

ntohl
ntohl

Reputation: 2125

From WWW-Authenticate: Digest nonce="1437341... it's seems so, that is a digest authentication. You should build a new authorization header from the response You got. Use the methods, that You linked about the web API, and use the Digest Access Authentication part. the nonce, realm, qop variables are given in the first 401 response.

Upvotes: 1

Related Questions