We are using more than one Web Service( HTTPS call) to get data from server.
We are uploading a file to server in a Web Service and at same time we are making another Web Service call to get/send data to/from the same server.
But we are not getting response from 2nd Web service till first Web service (upload receipt) succeed or failed.
So our doubt is how Titanium send Web service call when more than one Web service send from the Titanium Application.
Is the web service call from the Titanium app queued (Sync)or is it called in parallel to other Web service (Async call)?
In our Titanium app we are creating a new HTTPClient object for each Web service call, using the following code to create a new HTTPClient object:
function runService(){
var xhr = Ti.Network.createHTTPClient();
xhr.onload = function() {
var r = this.responseText;
}
xhr.open("GET", URI);
xhr.send();
}
I think you need to pass true for async
xhr.open("GET", URI, true);
Related
I am using IdeneityServer4 and i have another Web Api controller in the identityserver4 api project and it is protected using identityserver 4 [Authorize(LocalApi.PolicyName)]. part of the authorization/authentication process, i need to call another web api (which does not exist in this identityserve4 api project) endpoint using IHttpClientFactory in .net core. i am getting 401 unauthorized error. if i call this different end point by passing a token it works but if i call it from the identityserver4 api it is not working. basically i am trying to do is
1. client (angular app) calls the identityserver4 api by passing credentials and get a token. (IT WoRKS)
2. client calls another end point (different web api controller) in identityserver4 api by passing token (IT WORKS).
in this end point i am trying to call another user notification api by passing the same token received and it is failing with 401. the notification api is also using the same identityserver4 for authorization.
3. if i just call the notification api separately by passing the token it works fine.
i do not see any examples calling another endpoint from identity server api. i see different web api controllers in the identity server 4 api
I am getting the token using following code in the web api controller method Identityserver 4 api and passing that token and required params to the SendUserInvitation method and its failing.
string bearerToken = null;
if (Request != null && Request.Headers.ContainsKey("Authorization"))
{
bearerToken = Request.Headers["Authorization"].FirstOrDefault().Replace("Bearer ", "");
}
======================================================================
public static async Task<bool> SendUserInvitation(string endpoint, string bearerToken, User userDetails, IHttpClientFactory _clientFactory)
{
var client = _clientFactory.CreateClient();
var request = new HttpRequestMessage(HttpMethod.Post, endpoint);
request.Headers.Add("Authorization", bearerToken);
var stringPayload = await Task.Run(() => JsonConvert.SerializeObject(userDetails));
var httpContent = new StringContent(stringPayload, Encoding.UTF8, "application/json");
request.Content = httpContent;
var response = await client.SendAsync(request, HttpCompletionOption.ResponseHeadersRead);
response.EnsureSuccessStatusCode();
var responseContent = await response.Content.ReadAsStringAsync();
return !string.IsNullOrEmpty(responseContent) ? true : false;
}
not sure why i am getting 401, the same token being passed to different endpoint but still getting 401.
I'm getting my knickers in a twist trying to understand how to call an API protected via IdentityServer4.
Basically, I have the following sites:
- an IdentityServer application,
- a web API and
- a client web application.
My setup is just like the IdentityServer samples here.
I define a Client which represents my client web application, and an APIResource which represents my Web Api.
From within my client web application I want to make an HTTP call to the WebAPI, but I want to appear as if I am the logged in user, so I want to make the 'email' scope available to the Web Api.
The way I'm doing from within the Web Application is to grab the 'access_token', and to pass it to the Web API:
var accessToken = await httpContextAccessor.HttpContext.Authentication.GetTokenAsync($"access_token");
var client = new HttpClient();
client.SetBearerToken(accessToken);
This allows me to call the Client, so the authorization step is working, but the User Claims on the Web Api do not have the appropriate scopes.
Am I doing something wrong?
The access_token can contain claim information in IdentityServer4. The required claims must be specified in the ApiResource definition.
Otherwise, you have to send a JWT id_token along with the request.
new ApiResource(ApiResourceNames.SomeApiAccess, "Access to some api.", new List<string>(){
new IdentityResources.OpenId().Name,
new IdentityResources.Profile().Name,
new IdentityResources.Email().Name
}),
You can add scopes in your web api like
app.UseIdentityServerAuthentication(new IdentityServerAuthenticationOptions
{
Authority = "https://demo.identityserver.io",
ApiName = "api1",
AllowedScopes = { "api1.read", "api1.write" }
});
How did you configure your web api? Post the code if it still doesn't work!
I have made web application GUI using AngularJS, Bootstrap, HTML, CSS.
Backend team are developing APIs in C Programing.
So how my routes in $http request (sending from factory) will communicate to C Programing API (Controller) to get data or to perform related operations.
Thanks!
You would just need the URI and the Async request would look like this:
$http.get('URI goes here').then(
function (response) {
//success
vm.data = response;
},
function (response) {
//fail
console.log("error");
}
);
I think you need to learn the concepts of Web API's. Basically the server (C written in your case?) responds to various HTTP requests (GET, POST, PUT, etc..). By defining a Web API you simply state that for some http request for a specific path - there's gonna be a meaningful response.
For example here's a Web API:
GET /api/users - list users
GET /api/users/{id} - get a specific user
POST /api/users/{id} - update specific user
To consume this endpoint (/api/users) you can use $resource or $http like so:
var UserFactory = $resource('/api/users/:id');
var userlist = UserFactory.query();
var user = UserFactory.get({id: 123});
user.$promise.then(function(){
user.balance = 100000000;
user.$save();
});
Basically in the background angular translates $resource calls to HTTP requests.
I have the following Code in AngularJs, but , how can I ensure that I am sending the authenticated app to communicate to back end?
resp.get
Update = function () {
//return $http.get(urlBase);
return $http({
method: 'GET',
url: urlBase + eventList,
});
};
e.g.:
I have a RESTFUL API in Drupal for showing a list of events. To get that list of events in my hybrid app (Angular+cordova), I will make a $hhtp call. During that call, I need to send a auth code. How to do it? And how can I be sure, its from iOS or Android or Desktop?
I am thinking of using - MD5 (angular md5) for this. But, what are the encode and decode method for it which will be supported by both AJS and Drupal at the backend.
I think, you need json web token authentication
https://github.com/easystreet3/angular-drupal
https://www.drupal.org/project/jwt
I'm setting up oauth2 with Salesforce connect using AngularJS. When I attempt the initial GET using $http I get CORS errors - Access-Control-Allow-Origin not allowed for my client. However, using the hack below in my controller function works.
Is there a better way to do this in AngularJs given that I don't have control over the server? My backend is Firebase so it would be great if I could do this through FIrebase like I can for Facebook :
$scope.auth = function () {
var authUrl = $scope.AUTHORIZATION_ENDPOINT +
"?response_type=token" +
"&client_id=" + $scope.CLIENT_ID +
"&redirect_uri=" + "https://www.xyz/";
window.location = authUrl ;
The cors issue happens when make asynchronous call to different server via browser.
So it doesn't appear if the call is made from another server. so you have to use a proxy server which in turn makes a call to your actual server.
You can try the below proxy server which is straightforward.
https://www.npmjs.com/package/cors-anywhere
or you can write your own proxy server which runs on the same domain as your client app and proxies your request to the secured server.