CODEWITHSUNDEEP
c#djangodjango-rest-frameworkgunicornwsgi
Sieryuu
Sieryuu

Reputation: 1531

Authorization Headers is missing using c# client

I am developing a RESTFUL API using django-rest-framework. And for Authorization I choose to use Token Authorization (not JWT). Below is what I tried:

Using POSTMAN (Works)

headers: 
Authorization: Token 329367424fd30a876ccff05dbc5a18d86fe7158c

Using C# Client (no working)

HttpClient client = new HttpClient();
client.DefaultRequestHeaders.Add("Authorization", "Token 329367424fd30a876ccff05dbc5a18d86fe7158c");
await client.GetAsync(<url>)

// Authentication credentials were not provided.

After I debug and override TokenAuthentication function, I realize that Authorization headers is being removed if requested from C# Client.

EDIT:

Actually I have tried using Javascript and it works also, I think the problem is C# HttpClient.

I tried

HttpClient client = new HttpClient();
client.DefaultRequestHeaders.Add("Authorization3", $"token {token}");
client.DefaultRequestHeaders.Add("Authorization", $"token {token}");

and I debug Authorization function in python, and I found out only Authorization3 was send to the server and Authorization wasn't

enter image description here

Upvotes: 0

Views: 4440

Answers (3)

Quikler
Quikler

Reputation: 121

If anyone looking for the same problem with Token (in my case JWT) not being set inside HttpClient header during the testing of my API. I noticed in my ASP.NET Core API in Program.cs I have app.UseHttpsRedirection() call which will redirect all HTTP requests to HTTPS. So if you're testing your API you have one of the following options:

  • Call ONLY HTTPS endpoints in testing (to prevent redirect from HTTP to HTTPS) changing the base address to HTTPS: webAppFactory.ClientOptions.BaseAddress = new Uri("https://localhost")
  • Remove app.UseHttpsRedirection() call from API if you want to just use HTTP (In tests also use HTTP then).
  • Make app.UseHttpsRedirection() call only if application is not in Development mode.

Upvotes: 0

Sieryuu
Sieryuu

Reputation: 1531

The reason Authorization header was missing is because of redirection. I am sorry for not posting my Uri string because I never though that is the problem.

My Uri string is http://localhost:3000/module?query=123. After calling GetAsync the Uri string become http://localhost:3000/module/?query=123 (extra slash after module). So the library detect it is a redirection.

So my quick fix is just modified the url to http://localhost:3000/module/?query=123

For those who want know whether it was cause by redirection or not can checkout this Link

Upvotes: 6

Sajjad Toomari
Sajjad Toomari

Reputation: 26

Use HttpClient like below :

            using (var client = new HttpClient())
            {
                var request = new HttpRequestMessage();
                request.RequestUri = new Uri("url");
                request.Method = HttpMethod.Get;
                //request.Content = new StringContent("body", Encoding.UTF8, "application/json");               
                request.Headers.TryAddWithoutValidation("Authorization", "Token 329367424fd30a876ccff05dbc5a18d86fe7158c");
                var getResponse = await client.SendAsync(request);
                using (HttpContent content = getResponse.Content)
                {
                    var result = await content.ReadAsStringAsync();
                }
            }

Upvotes: 1

Related Questions