CODEWITHSUNDEEP
c#asp.net-coreasp.net-core-2.1
Shan Khan
Shan Khan

Reputation: 10339

Postman Generate Valid Token, C# Web Client Token from Newtonsoft JToken doesnt work

I'm trying to get the token from OAuth 2.0 Server and then pass to REST API with Authorization header. It gets the token from the server and upon API call, it says the Token is Invalid.

Using token generated from Postman, and calling rest API from postman by that token works fine. Even if I try to paste the token generated by C# Client in Postman, Postman Rest API informed token is invalid.

I'm using .NET Core 2.1 and generating token like this.

var values = new Dictionary<string, string> { 
    { "resource", baseUrl.Value.Replace("/commerce", "").Trim() },
    { "client_id", Startup.Configuration["clientId"] },
    { "grant_type", "client_credentials" },
    { "client_secret", Startup.Configuration["clientSecret"] }
};

var content = new FormUrlEncodedContent(values);
HttpClient client = new HttpClient();
var responseString = await client.PostAsync(tenantUrl.Value + "/oauth2/token", content);
string responseBody = await responseString.Content.ReadAsStringAsync();
JObject resJson = JObject.Parse(responseBody);
string token = resJson["access_token"].ToString();

Passing the Token to REST API by the following code.

When I insert token generated from POSTMAN, the REST API returns fine. There is some problem in C# Web Client Token Generation.

client = new HttpClient();
var tt = new StringContent(requestBody, Encoding.UTF8, "application/json");
client.DefaultRequestHeaders.Accept.Clear();
client.DefaultRequestHeaders.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
var ounHeader = request.Headers.Where(m => m.Key == "OUN").FirstOrDefault();
client.DefaultRequestHeaders.Add(ounHeader.Key, ounHeader.Value.First());

client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", token);

var rsActionResponse = await client.PostAsync(oDataRequest, tt);
responseBody = await rsActionResponse.Content.ReadAsStringAsync();
JObject rsActionResponseJSON = JObject.Parse(responseBody);

Token from Postman (Working) :

eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsIng1dCI6ImlCakwxUmNxemhpeTRmcHhJeGRacW9oTTJZayIsImtpZCI6ImlCakwxUmNxemhpeTRmcHhJeGRacW9oTTJZayJ9.eyJhdWQiOiJodHRwczovL3ZzaWZhc2hpb251cDgyNWM4Y2Y0OTQ3YzBkOTZmcmV0LmNsb3VkYXguZHluYW1pY3MuY29tLyIsImlzcyI6Imh0dHBzOi8vc3RzLndpbmRvd3MubmV0Lzc1NjY4ZjM2LTY1ZDMtNGQ5MC1hOTkwLTRiYjhlYzE2NzI4Zi8iLCJpYXQiOjE1MjU0MjUyMjUsIm5iZiI6MTUyNTQyNTIyNSwiZXhwIjoxNTI1NDI5MTI1LCJhaW8iOiJZMmRnWUZBNEUvTXRraStSZWZISHZZeHE1NktlQVFBPSIsImFwcGlkIjoiNDZmMTRlMTgtNDA5MS00ODRiLTk0NzYtNjM3ODc4NDE5MWQxIiwiYXBwaWRhY3IiOiIxIiwiaWRwIjoiaHR0cHM6Ly9zdHMud2luZG93cy5uZXQvNzU2NjhmMzYtNjVkMy00ZDkwLWE5OTAtNGJiOGVjMTY3MjhmLyIsIm9pZCI6ImJjODVmMGYzLTc5NjgtNDk4Ni1hMDMzLTViZTBjZDFiN2Y1NiIsInN1YiI6ImJjODVmMGYzLTc5NjgtNDk4Ni1hMDMzLTViZTBjZDFiN2Y1NiIsInRpZCI6Ijc1NjY4ZjM2LTY1ZDMtNGQ5MC1hOTkwLTRiYjhlYzE2NzI4ZiIsInV0aSI6InVnVkljaVNNaEV5YUhoaWpERFFHQUEiLCJ2ZXIiOiIxLjAifQ.fWJiUaOmPuRD21EcuGnUBWCNYl0TaUZ7OxIFQXHYmMvnivHiys5j9UjL3ZBRSZAVzrjrBS-v-0xyyzT_502NEkM0H77vnaxXFB2lrZz1GRcXr5oFSW4gfDTvPinByLr5LBglxZG6_PCP4oqChKQgigxR7xBjok1XXQOD2_h-gYZbmnDNexjzkxZAl4kqTCfSfoRJxUZxX1pgD5PRAAkx1eanc1jiJ4KQA6kvnSDL0PyGGmmQe36RrMKH5bclH3sMLO3wilgvLMp3ekKDj51P2emW9dhDx2BrblowpCcLGe3Q6PikuZrYOkx44WqJKAS6QovJwijxCEq9XKAzDEZbig

Token from C# Web Client (Not Working)

eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsIng1dCI6ImlCakwxUmNxemhpeTRmcHhJeGRacW9oTTJZayIsImtpZCI6ImlCakwxUmNxemhpeTRmcHhJeGRacW9oTTJZayJ9.eyJhdWQiOiJodHRwczovL3ZzaWZhc2hpb251cDgyNWM4Y2Y0OTQ3YzBkOTZmcmV0LmNsb3VkYXguZHluYW1pY3MuY29tIiwiaXNzIjoiaHR0cHM6Ly9zdHMud2luZG93cy5uZXQvNzU2NjhmMzYtNjVkMy00ZDkwLWE5OTAtNGJiOGVjMTY3MjhmLyIsImlhdCI6MTUyNTQyNTA2MiwibmJmIjoxNTI1NDI1MDYyLCJleHAiOjE1MjU0Mjg5NjIsImFpbyI6IlkyZGdZUGhvZjdKaHI5YU9xZjBxVmJyTTk0NitBZ0E9IiwiYXBwaWQiOiI0NmYxNGUxOC00MDkxLTQ4NGItOTQ3Ni02Mzc4Nzg0MTkxZDEiLCJhcHBpZGFjciI6IjEiLCJpZHAiOiJodHRwczovL3N0cy53aW5kb3dzLm5ldC83NTY2OGYzNi02NWQzLTRkOTAtYTk5MC00YmI4ZWMxNjcyOGYvIiwib2lkIjoiYmM4NWYwZjMtNzk2OC00OTg2LWEwMzMtNWJlMGNkMWI3ZjU2Iiwic3ViIjoiYmM4NWYwZjMtNzk2OC00OTg2LWEwMzMtNWJlMGNkMWI3ZjU2IiwidGlkIjoiNzU2NjhmMzYtNjVkMy00ZDkwLWE5OTAtNGJiOGVjMTY3MjhmIiwidXRpIjoidWh1T3dmaE41RS1uOTZWSXVWc0VBQSIsInZlciI6IjEuMCJ9.Bulbv3HZyufQevjMPI-OU5_0NCrtFXPU9PIxXHriWLg_Mj_uUtoFHVslUtNH4FTwMEq2lTheE87N5jDkTra3Z-aTOQhsj3sz-6wqA4HrDGpbPyHaGscFfHkitpUyzV4_HfLaVA4vWAHbwKEIqs1gaVp-81m3oMka0OmDh1Jjgg-Lvcr-TMOkdP1qsgSdcRmqVWwmjYTp7HSPS997poC54md_Bdx7hFRwEA7WNmCdSCLZ44izgFHb3ou47r3agXprERYDBo6Vi6ofSp4zAsvYdsxoFrM6LiOwWSKbqilYotgDKjUQpA7u41iwy6fjgV1wBerOJUBWCWN8w3Vs4cmhXA

Upvotes: 3

Views: 2856

Answers (1)

Shan Khan
Shan Khan

Reputation: 10339

Fixed:

  1. Token was received from Url : www.xyz.com
  2. URL was registered as www.xyz.com/
  3. Need to call www.xyz.com/ to get the valid token and pass to other API methods.

There is difference between www.xyz.com/ and www.xyz.com in OAuth registered.

Upvotes: 2

Related Questions