Maybe I am trying to do something stupid but...
I am attempting to build a ServiceStack OAuth Provide for Azure AD. The redirect URI is passed through by the SS Authentication but I am not sure what to do when the initiating request is a POST rather than a GET. The final redirect is always a GET and I cannot work out how to preserve the initial form data.
Amy I trying to do something reasonable? Any clues on where I should look to preserve my sanity?
You can't redirect to a POST reliably, one solution is to return HTML that auto submits a FORM POST:
var sb = new StringBuilder();
sb.Append("<html>");
sb.AppendFormat(#"<body onload='document.forms[""form""].submit()'>");
sb.AppendFormat("<form name='form' action='{0}' method='post'>",postbackUrl);
sb.AppendFormat("<input type='hidden' name='id' value='{0}'>", id);
// Other params go here
sb.Append("</form>");
sb.Append("</body>");
sb.Append("</html>");
return sb.ToString();
Related
what is the proper way to redirect to a different page in Hybris?I have been the following approach quite a lot:
link
But some people emphasized that it is better to redirect using a separate method and using redirect:
What is the correct way?
Let me first tell you basic difference between request Redirect Vs Forward.
Redirect: Server sends a header (in response) back to the browser/client, which contain redirect URL, then browser initiates a new request to redirect URL.
When can we use Redirect?
Usually, when data is posted to the server, we should redirect to get method(URL) to prevent data resubmission on browser refreshed(F5).
return "redirect:/redirectToGeturl";
Forward: Within the server, control can be forwarded to target resource(URL). Which is done by container internally so browser/client is not aware of it.
When can we use forward?
Sometimes, we want to show different page/resource in response without changing original URL, then we forward request to other controller internally.
return "forward:/404";
What is the proper way to redirect to a different page in Hybris?
public static final String REDIRECT_PREFIX = "redirect:";
public static final String FORWARD_PREFIX = "forward:";
This class level constants are defined in AbstractController. You can use that by extending your controller to AbstractPageController or AbstractController.
return REDIRECT_PREFIX + "/redirecturl";
return FORWARD_PREFIX + "/404";
< a href="< c:url value="/path" />">link< /a >
This is the correct way to declare a link on client/browser side, which sends GET request to /path once the user clicks it.
Find detail post here
Right now, in gmail appscript we don't have any option to add a password type field.
Gmail Card Service for add-on has a very good ability to show any thing in it. We can integrate with any app which has basic REST api. We need authentication for that which commonly need password type field.
Any work around to show password type field?
As of now, there is no support for password field in Gmail add-on.
But we can build a hack for it. I hope password is needed only in registration forms. So, we can build a registration form using HTML and that can be served through authorization action.
CardService.newAuthorizationAction().setAuthorizationUrl(loginUrl)
Here, host registration HTML in a web server and pass this URL as "loginUrl" in the above snippet. We have to supply AuthorizationAction for the signup/register button. So, when the user clicks on this button, a new popup page is launched, the user will give the username, password, etc... onsubmit, we can encode all the form data and pass it to the parent Gmail add-on by redirecting it to a script redirection URL which you can generate an add-on. Once the redirection to the script URL comes, there will be a callback in our add-on code from there you can get the form fields which were encoded from registration HTML page.
function generateNewStateToken(callbackName, payload) {
return ScriptApp.newStateToken()
.withMethod(callbackName)
.withArgument("payload", JSON.stringify(payload))
.withTimeout(3600)
.createToken();
}
function getRedirectURI() {
return "https://script.google.com/macros/d/" + ScriptApp.getScriptId() + "/usercallback";
}
var state = generateNewStateToken("registerCallback", {"signup": true});
var reg_url = <reg_url> + "?redirect_uri=" + getRedirectURI() + "&state=" + state;
function registerCallback(cbResp) {
// to access payload which passed in state token: cbResp.parameter.payload;
// in the html serialize all the form fields or data which you want to pass to plugin as query params like: <redirect_uri>?form_data=<encoded_data>&state=<state>
//Note: here the registration HTML page should parse the URL to get the state & redirect_uri from URL.
// to access form_data: cbResp.parameter.form_data
}
I hope this will help you. This is how we are doing the signup/signin flow now.
Looks like you are authorizing a non google service . Please refer to Authorizing custom google services .
Hi in one of my response i am getting this xml
<root><err>0</err><errDesc></errDesc><state>3</state><p1>{C4739B96-E12A-429B-9A03-0B5B5F814D3C}</p1><p2>{1C33A258-D50E-4D44-8309-83665FC6073E}</p2><p5>1</p5><p6>QdjXQJy0SVnamdLJqMMHz/Cxtu8Dbw21q5caSX9uwoBlZDvBfHJx1R7QfknQ+f564YfmnEyRnJ1TJ5DF+ZOK2g==</p6><p7></p7><p8>{00000000-0000-0000-0000-000000000000}</p8><p9>0</p9><returnmessage></returnmessage></root>
I need to extract id between p6 tags and pass it as a cookie in subsequent request as CPSession.
How to achieve this in C# Web Performance Testing.
Any help would be hugely appreciated.
I am trying to write a web test request plugin and in its prerequest method i am trying to write a method to achieve this with following code
CookieContainer gaCookies = new CookieContainer(); Uri target = new Uri("http://susday4446.corp.ncr.com:8091/core/ui/uiBrowser.aspx");
> gaCookies.Add(new Cookie("CPSession", "QdjXQJy0SVnamdLJqMMHz/Cxtu8Dbw21q5caSX9uwoBlZDvBfHJx1R7QfknQ+f564YfmnEyRnJ1TJ5DF+ZOK2g==");
> { Domain = target.Host }
But this is not able to add cookie in this request.
Right now all i am trying to do is passing CPSession as a cookie its value i have hardcoded.
I am trying to download files from a website with username/password. You need to pay for a registered account in order to download files - which we have done. I am attempting to pass in the username/password and download a file as follows:
if (docUrl != null)
{
if (!string.IsNullOrEmpty(username) && !string.IsNullOrEmpty(password))
this.WebClientInstance.Credentials = new NetworkCredential(username, password);
fileData = this.WebClientInstance.DownloadData(docUrl);
this.WebClientInstance.Dispose();
isDataDownloaded = true;
}
WebClientInstance is a System.Net.WebClient. I debugged and verified that it is hitting the line to set credentials. Instead of downloading the PDF, I end up with an HTML page that prompts me to log in to get access to the file. I have verified that the username/password is correct. I use the same credentials to scrape the website with WatiN.
Is there something else that I'm supposed to be doing here?
UPDATE
Okay, I've done some sniffing around and found some useful info on this issue. I still haven't gotten it to work, but I think I'm closer. First, you need to create a cookie aware WebClient that extends the WebClient class, as follows:
public class CookiesAwareWebClient : WebClient
{
public CookieContainer CookieContainer { get; private set; }
public CookiesAwareWebClient()
{
this.CookieContainer = new CookieContainer();
}
protected override WebRequest GetWebRequest(Uri address)
{
var webRequest = base.GetWebRequest(address);
if (webRequest is HttpWebRequest)
(webRequest as HttpWebRequest).CookieContainer = this.CookieContainer;
return webRequest;
}
}
Next is to use the WebClient.UploadValues() method to upload the login info to the target website. The full process of authenticating and downloading the target resource is as follows:
using (var webClient = new CookiesAwareWebClient())
{
var postData = new NameValueCollection()
{
{ "userId", username },
{ "password", password }
};
webClient.UploadValues(docUrl, postData);
fileData = webClient.DownloadData(docUrl);
}
I was wrong about the site using forms auth. It is a JSP website and uses a JSESSIONID. I have verified that I am getting a cookie back with what appears to be a valid 32-byte JSESSIONID value.
However, when I call WebClient.DownloadData() it is still only returning the redirected login page. I've tried to fix this by setting the AllowAutoRedirect property on the HttpWebRequest to false, but then it returns 0 bytes.
Is there something else that I need to do so it won't redirect and will take me to the resource once I have authenticated?
(Answered in a question edit. Converted to a community wiki answer. See Question with no answers, but issue solved in the comments (or extended in chat) )
The OP wrote:
Solved. So the problem was between my ears. I was passing in the URL for the secure resource to the .UploadValues() method, knowing that it would redirect to the login page. However, I really needed to pass in the URL from the login form (where it goes upon submitting) - not the login page itself. Once I did that, it worked correctly. I think I'm going to go find a career in food service now.
LINKS
There were already a few questions posted on SO that addressed this issue. I just didn't know what I was looking for at first so I didn't see those... Anywhere here are a couple good resources that I came across when working on this issue:
how to maintaine cookies in between two Url's in asp.net
Trying to get authentication cookie(s) using HttpWebRequest
I have spent few hours on signing in to web site by using jsoup. But it always gives same login page. To clarify the issue I tried with facebook site. It also gives same result.
Below I mentioned my code
String url ="http://www.facebook.com/";
Document doc;
doc = Jsoup.connect(url)
.data("email","abc#gmail.com","pass","xyz")
.userAgent("Mozilla").post();
System.out.println(doc);
can anybody point me where I made a mistake and how can i fix this issue?
In data portion "email" and "pass" are input field id of facebook login page.
Thank you.
Try this:
String url ="http://www.facebook.com/";
Document doc;
doc = Jsoup.connect(url)
.data("email","abc#gmail.com")
.data("pass","xyz")
.userAgent("Mozilla")
.post();
Anyway, Jsoup is not bad at all, you only need how to use it properly, but also you need to keep in mind that Facebook is expecting a lot more parameters to make a successfull login via POST emulating a web page navigation.
By example:
charset_test
default_persistent
lgnjs
lgnrnd
locale
lsd
pass
persistent
timezone
If you need to authenticate and get proper data I suggest that you must give a try to a Facebook SDK for Android:
https://github.com/facebook/facebook-android-sdk/