asp.net-web-api,claims-based-identity,claims,bearer-token , Retrieve information from Bearer Token


Retrieve information from Bearer Token

Question:

Tag: asp.net-web-api,claims-based-identity,claims,bearer-token

I have an MVC website that is calling a WebAPI in another project. The WebAPI uses OWIN and implements OAuth security. I will be using a Bearer Token to communicate between the MVC and WebAPI applications. My website requires the user to be in AD, which I am checking in the GrantResourceOwnerCredentials method. If the user is authenticated, I would like to retrieve some information about them on the database and then pass that to the client for display on the website. I put this information in the ClaimsIdentity as a new Claim.

This seems to be adding correctly to the ClaimsIdentity on the WebAPI. However, I cannot figure out how to retrieve this information on the MVC website. When I pull the ClaimsIdentity on the website, the only Claim present is the Username, which it retrieved from the login form.

Is it not possible to pass information this way?


Answer:

Access tokens are not meant to be consumed by the requester. Add a Web API endpoint that echoes back the claims to the client as a workaround.


Related:


Identity Framework create a new password for a user (without a password)


c#,asp.net-web-api,asp.net-identity
So, I have this site where users can only be created by administrators. I set up my Web API method like this: /// <summary> /// Creates a user (with password) /// </summary> /// <param name="model">The bound user model</param> /// <returns></returns> [HttpPost] [Route("")] public async Task<IHttpActionResult> CreateUser(UserBindingModel model) { // If...

No 'Access-Control-Allow-Origin' header on one site, but not on another


c#,jquery,ajax,asp.net-web-api,cors
We have a system made up of a website, written in ASP.NET/MVC, and a webservices site, written in ASP.NET/WEBAPI. The user loads pages from the website, which make AJAX calls into the webservices site, using JQuery. We're building this with VS2013, and deploying it with MS's Web Deploy, run from...

struct table inside struct - ASP.NET - allegro webAPI


c#,asp.net,asp.net-web-api,struct
I stopped in one point. I'm writing a small ASP.NET application with WebAPI from polish site allegro.pl (it's similiar to ebay.com) This API have a method which returns me some data: (...) 3. searchArray | SearchResponseType[] Struct table, where are the information about offers that matches the question (...) Inside...

how to post objects from angular to a webapi controller


javascript,c#,angularjs,asp.net-web-api,http-post
I am creating a pdf using pdfsharp. I need to pass the chart legend data(name,color) to the pdfsharp controller. I am using a angular $http post, a ajax post would be fine as well. the error I am getting is Request...

Losing HttpContext with async await in ASP.NET Identity GetRolesAsync


c#,asp.net-web-api,async-await,asp.net-identity
This is more of an async/await question than ASP.NET Identity. I am using Asp.Net Identity, and have a custom UserStore, with a customized GetRolesAsync method. The UserManager is called from a WebApi controller. public class MyWebApiController { private MyUserManager manager = new MyUserManager(new MyUserStore()); [HttpGet] public async Task<bool> MyWebApiMethod(int x)...

Web Api 2 or Generic Handler to serve images?


c#,asp.net,asp.net-web-api
I want to create an image handler, but i am torn between using Web API 2 or just a normal Generic Handler (ashx) I have implemented both in the past, but which one is the most correct one. I found an old SO post LINK but is it still really...

query multi-level entity with filter at the lowest level


c#,asp.net,asp.net-web-api,linq-to-entities
So I have 3 entity classes: public partial class Event { public Event() { Recurrences = new HashSet<Recurrence>(); } public int Id { get; set; } public ICollection<Recurrence> Recurrences { get; set; } } public partial class Recurrence { public Recurrence() { AspNetUsers = new HashSet<AspNetUser>(); } public int Id...

httpwebrequest GET retry when connection is lost


c#,asp.net-web-api
My application uses a httpwebrequest to GET certain information from my WebAPI. What I'm trying to do is retry the request if the connection is lost or if there is no connection at all. public static string httpsGET(string passedweburi, string BCO) { string content = ""; //GET method HttpWebRequest HttpRequest...

WebApi Put how to tell not specified properties from specified properties set to null?


c#,.net,json,asp.net-web-api
Here is the scenario. There is an web api put call to change an object in sql server database. We want only to change the fields on the database object if they were explicitly specified on webapi call json. For example: { "Name":"newName", "Colour":null } That should change the Name...

Route parameter with slash ā€œ/ā€ in URL


asp.net-web-api,routing,asp.net-web-api2,asp.net-web-api-routing,attributerouting
I know you can apply a wildcard in the route attribute to allow / such as date input for example: [Route("orders/{*orderdate}")] The problem with wildcard is only applicable to the last paramter in URI. How do I solve the issue if want to have the following URI: [Route("orders/{orderdate}/customers")] ? EDIT:...

Web API AuthorizeAttribute does not return custom response


c#,asp.net-web-api,asp.net-mvc-5
How can I make IsAuthorized return my custom object while function returns false? In my WebAPI project I have a class like; public class CustomAuthorizeAttribute : AuthorizeAttribute { protected override bool IsAuthorized(System.Web.Http.Controllers.HttpActionContext actionContext) { StandardWebAPIResponse invalidUserResponse = new StandardWebAPIResponse() { code = (int) Constants.ErrorCodes.InvalidCredentials, data = "InvalidCredentials.", StatusCode = HttpStatusCode.Unauthorized...

AngularJS binding not occurring on page until a user action


angularjs,asp.net-web-api,angularjs-ng-repeat,azure-mobile-services
I've got my first angular app which displays some data from a list via ng-repeat. The controller for the view sets a few variables to scope - some directly in the function and another from an API call. The data from the in function load is showing up in that...

Validate access token for WEB API protected by Azure AD


azure,asp.net-web-api,azure-active-directory
I'm playing with Azure AD authentication and authorization scenarios and not all clear for me. Currently I'm looking at SinglePageApp-WebAPI-AngularJS-DotNet sample project. And one thing that I can't understand. On the client side we get access token using implicit grant flow - that is clear. Then we send request to...

Database error in web api


c#,sql,linq,asp.net-web-api,odata
I am trying to create an odata endpoint for a table valued function in sql database. I get the exception: The specified type member is not supported in LINQ to Entities. Only initializers, entity members, and entity navigation properties are supported. I am sure with my code and unable to...

Where should I store WebAPI controllers inside ASP.NET-MVC 5 project?


asp.net-mvc,asp.net-web-api,odata
I have completed an ASP.NET-MVC5 application(website) where I have lot of MVC controllers: I would like to extent the functionality of my application by exposing WEB API with OData. For instance I would like to create another controller for Person model class, but this time it should be Web API...

Access the web project's folder from the WebAPI project


c#,asp.net-mvc,asp.net-web-api
My Asp.Net MVC project's folder structure is as shown above.Could you tell me how to access the web project's event-images folder from the webapi project ? I have implemented where I can access the webapi's event-images folder as shown below. Now I need to access web project's event-imagesfolder.How can...

Web API and MVC in the same project with Session States


c#,asp.net-mvc,asp.net-web-api,session-state
I'm been working around an ASP .Net MVC application that is going take log in requests from different sites with different configurations (so I cannot use the FormsAuthentication SSO way). The way I decided to resolve this was by creating temporal login request tokens, so each token could be used...

Retrieve information from Bearer Token


asp.net-web-api,claims-based-identity,claims,bearer-token
I have an MVC website that is calling a WebAPI in another project. The WebAPI uses OWIN and implements OAuth security. I will be using a Bearer Token to communicate between the MVC and WebAPI applications. My website requires the user to be in AD, which I am checking in...

Enforce ordering of OData items even when $top is used


linq,entity-framework,asp.net-web-api,odata,iqueryable
I have a DbSet<Items> collection. The primary key is a Guid. I don't want to order by this primary key. I want to order by an editable decimal property named "Order". The code I have is very simple, and it works great until the user puts a "$top" parameter into...

Null parameter on web api post method


c#,asp.net,asp.net-web-api
I have a very simple web api controller: public class CarrinhoController : ApiController { [HttpPost] public string Adiciona([FromBody] string conteudo) { return "<status>sucesso</status"; } } Now I'm running the server and trying to test this method via curl like this: curl --data "teste" http://localhost:52603/api/carrinho The request is arriving in my...

.NET web API calls are getting intercepted by angular js UI Router, returning HTML instead of calling API


javascript,angularjs,asp.net-web-api
I have an angularjs app, that sits on top of an MVC5 app and an WEB API backend. I am using UI Router for the Angular js routing and for now, have removed ALL $urlRouterProvider.when and $urlRouterProvider.otherwise calls, but still when I try to do a $http:get... it is returning...

Exclude underlying objects when storing data using EF6


asp.net,entity-framework,asp.net-web-api
I have a class Ticket which has some properties. Three of these (View, Task and Key) properties are navigation properties. Those properties already exist in database even before a ticket has been stored. In my application I load those properties from the database first and then create a Ticket object....

Paging in .NET Web API


c#,.net,asp.net-web-api,odata,paging
I have to do paging for an odata endpoint built using Entity Framework . I know I can do it using private ODataQuerySettings settings = new ODataQuerySettings(); settings.PageSize = myPageSize; // I keep this value in web.config of solution and options.ApplyTo(IQueryable, settings); But I am constrained not to use ApplyTo...

Web api with mvc 6 get element based on string


c#,asp.net-mvc,asp.net-web-api,asp.net-5,asp.net-mvc-6
I am creating a web api using mvc 6. now i am trying to get a element from my db. the key in this table is a string (email adress). i do not have acces to this database so i cant change the key of this table. Now when creating...

MVC 5 OWIN login with claims and AntiforgeryToken. Do I miss a ClaimsIdentity provider?


asp.net-mvc,asp.net-mvc-4,razor,asp.net-mvc-5,claims-based-identity
I'm trying to learn Claims for MVC 5 OWIN login. I try'ed to keep it as simple as possible. I started with the MVC template and inserted my claims code (see below). I get an error when I use the @Html.AntiForgeryToken() helper in the View. Error: A claim of type...

Web Api and where should I contorol Request Header data


asp.net-web-api,asp.net-web-api2
In Asp.net Web Api, I want to control, request "access token" key is (which is in request header) valid or not. But I cound't decide where should I implement this kind of control. ActionFilter or controller constructor etc. etc.

Manually validate Model in Web api controller


asp.net,asp.net-mvc,asp.net-web-api
I have a class called 'User' and a property 'Name' public class User { [Required] public string Name { get; set; } } And api controller method is public IHttpActionResult PostUser() { User u = new User(); u.Name = null; if (!ModelState.IsValid) return BadRequest(ModelState); return Ok(u); } How do i...

Javascript Date to C# Sortable (ā€œsā€) Format


javascript,c#,jquery,asp.net-web-api
I am trying to pass DateTime as string to my Web API service and parsing it to sortable datetime in c#. Please find the code below: public static DateTime? ToDateTime(this string dateTime) { if (string.IsNullOrEmpty(dateTime)) { return null; } return DateTime.ParseExact(dateTime, Constant.DateFormat, CultureInfo.InvariantCulture); } Client side code: var d =...

Passing complex array from Controller to View ASP.NET MVC


c#,asp.net,asp.net-mvc,asp.net-web-api
I have a model in my ASP.NET MVC application: public class SearchArrayModel { public long ID { get; set; } public string Name { get; set; } public struct AttribStruct { public string AttribName { get; set; } public string[] AttribValues { get; set; } } public AttribStruct[] AttribStructTable {...

Unit testing ASP.NET Web API 2 Controller which returns custom result


c#,.net,unit-testing,asp.net-web-api,asp.net-web-api2
I have a Web API 2 controller which has an action method like this: public async Task<IHttpActionResult> Foo(int id) { var foo = await _repository.GetFooAsync(id); return foo == null ? (IHttpActionResult)NotFound() : new CssResult(foo.Css); } Where CssResult is defined as: public class CssResult : IHttpActionResult { private readonly string _content;...

solution architecture for an OData / Web API based .Net project


c#,asp.net,asp.net-web-api,odata
so far in my office i have developed a number of small and medium sized .Net web based applications where i used to architect them something like this - Web layer (.Net Web APIs) Controllers, filters Services (contains business logic) IServices Repository (gets data from database using entity framework /...

Can't access any of Linq methods


linq,asp.net-web-api
I'm writing a simple ApiController for getting product stocks, but I'm having a strange issue. I get the data from a method that returns a System.Linq.IQueryable (In a library), but I can't apply any of the Linq methods, like Count or ToList(). The import directive is present and doesn't report...

Web API translating input into random int


c#,post,asp.net-web-api,json.net
not sure whether the subject is the best description for this problem but I am getting an unusual problem where I have a single Web API operation and a single field on a request and for some odd reason the value gets manipulated. Depending on the input this gets converted...

How to setup Request.Header in FakeHttpContext for Unit Testing


c#,unit-testing,asp.net-web-api,httpcontext
I have a FakeHttpContext I have been trying to modify to include some headers for testing purposes public static HttpContext FakeHttpContext() { var httpRequest = new HttpRequest("", "http://stackoverflow/", ""); var stringWriter = new StringWriter(); var httpResponse = new HttpResponse(stringWriter); var httpContext = new HttpContext(httpRequest, httpResponse); var sessionContainer = new HttpSessionStateContainer("id",...

How can I handle exceptions in Web API 1.0 at my BaseAPIController


.net,asp.net-web-api
I am currently using Web API 1.0 and .NET 4.0 I need a function that can take care of the noise of catching and handling exceptions in my Base API so that I dont need to write that in every RESTful operation. public int Get(WelcomeTeamNotes note) { try { return...

Web API Basic Auth inside an MVC app with Identity Auth


c#,authentication,asp.net-web-api,asp.net-mvc-5
So I have a C# MVC app using Identity for its authentication. I now have a need to expose a few things via Web API to some of my clients. Instead of building a separate app, project, deployment... I've simply added an API Controller to my existing project. To keep...

Web API Parameter Path Too Long


javascript,c#,angularjs,asp.net-web-api
I'm making this call to a Web API method: var url = rootWebApiUrl + '/api/services/files/' + $scope.selectedServer.Name + "/" + encodeURIComponent(fullPath) + '/'; $http.get(url) // rest of $http.get here... Because the fullPath variable is long, I get a path too long error on the PhysicalPath property in a framework method...

Asp.net Web API Routing by action name fix


asp.net-mvc,rest,asp.net-web-api,asp.net-routing
I found this article at asp.net Learn website. I use this article to help me to create an API method to search in the database by email and not id. However, if you take a look at the article, you will be able to help me fix my problem as...

WebAPI Converting JSON in to Strongly typed .net Object


c#,asp.net,json,asp.net-web-api
What I'm trying to do is send some JSON to a .net webserver the JSON looks like this. var mydata = { "filters": { "game": -1, "mediatype": -1, "location": -1, "contributor": -1 }, "tags": [1,2,3,4], "search": "", "startindex": 6, "fetchcount": 12 } From what I've been reading, Web API will...

Share Authentication between MVC applications through WIF


c#,asp.net,asp.net-mvc,wif,claims-based-identity
I have two website i.e. A and B, where A and B both have their user store separately. If user is authenticated user of A, it should be able to access all authorized pages of B and visa versa. Can someone help me how i can do this using Windows...

Method not found in Web API 2


c#,rest,asp.net-web-api
Im trying to figure out how to use Web API. I have gone through some tutorials and now Im trying to set up my web service. I have a really hard time trying to figure out why it cant find my methods. To me it just seems like random (the...

DataTables Warning: Requested unknown parameter 'pCodigo' for row 0


asp.net-web-api,datatables
I'm trying to populate a table on a button click, getting the data from an ASP.NET ApiController. I've tried with almost all solutions posted in SO to other similar issues but always get that error. Hope someone sees the problem. The html markup: <input type="button" ID="btnSearch" name="btnSearch" class="btn btn-success" value="Buscar"...

how to update multiple data in entityframework through async web api


entity-framework,asp.net-web-api,async-await,web-api,asp.net-web-api2
I am using web api 2, and entity framework 6. I have created an async web api, which updates all the records at once. I am also using Autofac for dependency injection. My service interface is as follows : Task<Approval> TakeAction(int id, bool isApprove) void TakeAction(bool isApprove) These are my...

Is it nessesarry to send credentials on every single request to MVC Web Api?


authentication,asp.net-web-api,web-api
I am about to create my first restfull web service where i chose MVC WEB API to be the "provider". After reading about authentication i am a little confused. My requirements is that on call to any url of webservice i want client to be authenticated, except sign in url....

Bearer token in MVC controller to access Web API


asp.net-web-api,oauth,oauth-2.0,bearer-token
I have two projects: MVC, Web Api In the Web API project I am using bearer token authentication. This token expires after 24 hours. In my MVC project I'd like to call the Web api project via MVC controller (server to server). What's the best way to: Get a token...

What's the best way to map objects into ember model from REST Web API?


json,rest,ember.js,asp.net-web-api,ember-data
The topic of this post is: my solution is too slow for a large query return. I have a Web Api serving REST results like below from a call to localhost:9090/api/invetories?id=1: [ { "inventory_id": "1", "film_id": "1", "store_id": "1", "last_update": "2/15/2006 5:09:17 AM" }, { "inventory_id": "2", "film_id": "1", "store_id":...

How to have SimpleInjector resolve viewmodel dependencies?


asp.net-mvc,asp.net-web-api,dependency-injection,simple-injector
I'm trying to use SimpleInjector 2.7.3 (IoC container) within an Asp.Net MVC + Web API application. I've had a couple of problems trying to set it up for both MVC and Web API on the same project until I found this link: http://methoddev.com/blg/let-s-talk-software/310/simple-injector-in-asp-net-mvc-webapi After following the link's example, here's what...

Simple Injector Dependency Resolution Error


c#,.net,asp.net-web-api,dependency-injection,simple-injector
I am following onion architecture and using simple injector in the DependencyResolution Project. Here is my architecture: 1-Core - Domain Classes - Repository Interfaces - Service Interfaces 2-Infrastructure - Data - Dependency Resolution - Repository Interfaces Implementation - Service Interfaces Implementation 3-WebApi - Web Api Project 4-WebClient - My AngularJs...

OnAuthorization Method of AuthorizationFilterAttribute will execute every time when request arrives?


c#,asp.net-web-api
I am writing Web API ( v2.2 ) for accessing another REST API. Reason is that I want restrict some functional and provide more friendly data. In short I am writing wrapper for some REST API. I am providing authentication/authorization via my Implementation of AuthorizationFilterAttribute. Here is snippet of code:...

Cannot read property 'client' of undefined using SignalR


asp.net-web-api,signalr,signalr-hub
I've been working all day on this with no luck. I have also tried (almost) every single SO question, but I didn't get it to work... I'm running web api with very simple SignalR push message and separately simple front end to show this push message. In my case the...