I am new to Basecamp and I am trying to get started with the API.
I am using the bcx-api.
In my basecamp account I have just 3 projects.
But, when I query the API for "List of Projects" I get 52 results and I cannot work out why!
Here is the documentation for "Projects":
https://github.com/basecamp/bcx-api/blob/master/sections/projects.md
And based on that I have written my function as follows:
public static List<Model.Project> GetListOfProjects(string username, string password, string accountid)
{
WebClient client = BuildWebClient(username, password);
string json = client.DownloadString(#"https://basecamp.com/" + accountid + "/api/v1/projects.json");
List<Model.Project> results = JsonConvert.DeserializeObject<List<Model.Project>>(json);
return results;
}
The URL looks right to me?
https://basecamp.com/1234567/api/v1/projects.json
I just cannot work out why it's returning 52 results and not 3?
It appears to be including discussions for some reason.
Can anyone see what I am doing wrong?
Thanks
UPDATE:
I just visited the url above in a web browser and logged in using my username/password and it returns just 3 results!!! - which is correct. UH?
Trev
The answer is that both are correct. Your user has access to 3 projects in that account, so making the request using your credentials should return just 3 projects. Making the request with the account owner credentials will show all the projects on the account (52).
Related
Recently found some weird case when trying to use mgt people picker to search my tenancy Azure AD user with below tag.
<mgt-people-picker type="any" transitive-search="true"></mgt-people-picker>
Following is summary of info used:
a) Single tenant, does not allowed personal Microsoft account.
b) All API permission requires are granted in application and in app registration.
"User.Read",
"User.ReadBasic.All",
"People.Read",
"People.Read.All",
"Contacts.Read",
"Directory.Read.All",
"User.Read.All",
"Member.Read.Hidden",
"Domain.Read.All",
"User.ReadWrite.All",
"APIConnectors.Read.All"
c) admin consent is given.
d) I'm using api/proxy to connect.
Somehow, I only can found some of the users, some of the users was not found. From mgt people picker UI, i just enter three to four character or full email address to search it but the return result is not correct. And i found that when it return incorrect result it have error on retrieving photo values. Sample error as below
I have tried to use Graph Explorer to test it. Apparently, it is also cannot return the correct result match. But only using following query test, it is able to return the correct user to me. but when using mgt people picker, it cannot. Any advise are much appreciated. I'm just guessing it is something related to Azure AD user profile settings or it is something related to my application configuration or something else. Hope can some clues for me to resolve this issue. For your information, I have all admin rights to access all resources in my organization Azure environment. If there is information that I have missing, please do let me know, I will edit the post to include it.
https://graph.microsoft.com/v1.0/users/<email address>
Test result by using Graph Explorer as reference, which only return partial only (majority not return):
In order to fix this issue that /me/people endpoint does not able to show relevant search result. I have did following code changes in my api/proxy to intercepting the process before sending the request to MS Graph as below. This maybe is a workaround to make it works. In future, if there is better option, I will make a change on it.
Hope this can help someone who faced the same issue as I'm.
var url = $"{GetBaseUrlWithoutVersion(_graphClient)}/{all}{qs.ToUriComponent()}";
if(url.StartsWith("https://graph.microsoft.com/v1.0/me/people?$search="))
{
string url2 = #"https://graph.microsoft.com/v1.0/users?$count=true&$filter=startsWith(displayname,%27{0}%27) or startsWith(userPrincipalName,%27{1}%27)";
Uri searchUri = new Uri(url);
string paramSearch = HttpUtility.ParseQueryString(searchUri.Query).Get("$search").Replace('"', ' ').Trim();
//we do not want to search for any email address, just for custom search only
if(!string.IsNullOrEmpty(paramSearch) && !paramSearch.Contains("#xxx"))
{
url = string.Format(url2, paramSearch, paramSearch);
}
}
Good evening ppl at Microsoft!
I have an Mobile App Service at Microsoft Azure Located at South Central US named CeneamApp.
My backend is configured in a way so that my user can access only the data they capture, by making use of stable user ids.
so I had followed Adrian Hall book to create an a user id (https://adrianhall.github.io/develop-mobile-apps-with-csharp-and-azure/chapter2/authorization/)with the following format sid:{identifier}as described here: (https://github.com/Azure/azure-mobile-apps-net-server/wiki/Understanding-User-Ids).
now all my userid had been changed and my user cant access their previous data capture by them, because somehow the provider or issuer or whatever is going on, doesnt let me retrieve a user id as described by the github project team wiki (in the previous link). so instead i receive a new userid but seem to be a random number:
I'm adding screenshot of the essential part of my code at my backend project which i debugged so i could understand whats going on and my dummy database where you can see an stable_id save on it and the new suppose stable_ids the next two rows.
Debugged code retrieving apparently a new userid from FACEBOOK could you confirm about this change? because I havent been able to understand this change.
Dummy Database with the lost userid and the new ones from other accounts database screenshot
if anyone has information about this odd behavior i would appreciate to enlight me, because this line of code:
principal.Claims.FirstOrDefault(c => c.Type == ClaimTypes.NameIdentifier)?.Value;
used to give me a user id with this format: "sid:{identifier}", now the format is a the screenshot shows.
Same situation here. About to go live and suddenly this. Interesting that only one Mobile App based in the UK datacenter is affected. Other 2 apps which are in production and plus another Web App are still fine.
The full solution can only be provided by Azure team. But I have a workaround and and idea:
1. Workaround.
In the base controller I read and parse the token from the header. The sid is in the subject of the token. The code is simple:
string _userSid;
public string UserSid
{
get
{
if (_userSid == null)
{
KeyValuePair<string, IEnumerable<string>> auth_header = Request.Headers.FirstOrDefault(h => h.Key.Equals("x-zumo-auth", StringComparison.InvariantCultureIgnoreCase));
string token = auth_header.Value.FirstOrDefault();
if (!string.IsNullOrEmpty(token))
{
var jwtToken = new JwtSecurityToken(token);
if (jwtToken != null)
{
_userSid = jwtToken.Subject;
}
}
}
return _userSid;
}
}
I use it instead of getting this from ClaimPrinciple as per manual. I checked the Mobile App Server code does a very similar thing.
2. Idea.
Azure Mobile Apps have this parameter:
MobileAppsManagement_EXTENSION_VERSION it is recommended to set to latest. I think if we downgraded it to previous version it would work until Microsoft finds and solves the problem. The only issue is that I do not know and could not find the version number. May be someone knows and can post here?
I am attempting to discover which extension properties I have available to my application. I originally followed this guide to get the extension attributes:
https://azure.microsoft.com/en-us/documentation/articles/active-directory-b2c-devquickstarts-graph-dotnet/#use-custom-attributes
But that just returns the following JSON:
{
"odata.metadata": "https://graph.windows.net/screenmediatestb2c.onmicrosoft.com/$metadata#directoryObjects/Microsoft.DirectoryServices.ExtensionProperty",
"value": []
}
I have also attempted to do this with regular HTTP requests using Postman, but with the exact same result. I can authenticate and load applications, users, groups etc. But it doesn't return any of my custom attributes, of which I have 2.
The endpoint I am using is:
https://graph.windows.net/[tenant]/applications/[application object ID]/extensionProperties?api-version=1.6
Does anyone have any idea what I am doing wrong?
I just noticed a disclaimer at the bottom of this page https://azure.microsoft.com/en-us/documentation/articles/active-directory-b2c-reference-custom-attr/. Looks like this might be our problem.
There is a known limitation of custom attributes. It is only created
the first time it is used in any policy, and not when you add it to
the list of User attributes.
There is a bug in the accompanying GitHub repo for the tutorial at:
https://azure.microsoft.com/en-us/documentation/articles/active-directory-b2c-devquickstarts-graph-dotnet/#use-custom-attributes
Un-bust your balls by changing Program.GetB2CExtensionApplication(...) to:
private static void GetB2CExtensionApplication(string[] args)
{
object formatted = JsonConvert.DeserializeObject(client.
GetApplications("$filter=startswith(displayName, 'b2c-extensions-app')").Result);
Console.ForegroundColor = ConsoleColor.White;
Console.WriteLine(JsonConvert.SerializeObject(formatted, Formatting.Indented));
}
Instead of checking if the displayName equals 'b2c-extensions-app' it checks if it starts with 'b2c-extensions-app'. They have changed the name of the application in later versions of Azure AD B2C.
When you use the returned ID to get your extensions you will see that the Custom Attribute Name is prefixed with a Guid, and that's why we're been having trouble accessing it:
Eg. extension_10ecdccd92c446829a399e68ed758978_MyCustomAttribute
The correct GET URL for the Get-B2C-Application should be:
GET https://graph.windows.net/{Tenant}/applications?api-version=1.6&$filter=startswith(displayName,'b2c-extensions-app')
And the GET URL for the Extensions Properties (Custom Atttributes) should be:
GET https://graph.windows.net/{Tenant}/applications/{ObjectID}/extensionProperties?api-version=1.6
It's possible to get the attributes via LINQ:
string selectClause = "GivenName,Surname,Id,Mail"
+ ",extension_{ExtensionPropertyPrefixGUID}_myAttribute1"
+ ",extension_{ExtensionPropertyPrefixGUID}_myAttribute2";
var result = await _graphClient.Users
.Request()
.Select(selectClause)
.GetAsync();
The extension attributes will then be accessible via the AdditionalData
foreach (User user in result.CurrentPage)
{
string attribute1Value = (string)user.AdditionalData["extension_{ExtensionPropertyPrefixGUID}_myAttribute1";
}
I am trying to download files from a website with username/password. You need to pay for a registered account in order to download files - which we have done. I am attempting to pass in the username/password and download a file as follows:
if (docUrl != null)
{
if (!string.IsNullOrEmpty(username) && !string.IsNullOrEmpty(password))
this.WebClientInstance.Credentials = new NetworkCredential(username, password);
fileData = this.WebClientInstance.DownloadData(docUrl);
this.WebClientInstance.Dispose();
isDataDownloaded = true;
}
WebClientInstance is a System.Net.WebClient. I debugged and verified that it is hitting the line to set credentials. Instead of downloading the PDF, I end up with an HTML page that prompts me to log in to get access to the file. I have verified that the username/password is correct. I use the same credentials to scrape the website with WatiN.
Is there something else that I'm supposed to be doing here?
UPDATE
Okay, I've done some sniffing around and found some useful info on this issue. I still haven't gotten it to work, but I think I'm closer. First, you need to create a cookie aware WebClient that extends the WebClient class, as follows:
public class CookiesAwareWebClient : WebClient
{
public CookieContainer CookieContainer { get; private set; }
public CookiesAwareWebClient()
{
this.CookieContainer = new CookieContainer();
}
protected override WebRequest GetWebRequest(Uri address)
{
var webRequest = base.GetWebRequest(address);
if (webRequest is HttpWebRequest)
(webRequest as HttpWebRequest).CookieContainer = this.CookieContainer;
return webRequest;
}
}
Next is to use the WebClient.UploadValues() method to upload the login info to the target website. The full process of authenticating and downloading the target resource is as follows:
using (var webClient = new CookiesAwareWebClient())
{
var postData = new NameValueCollection()
{
{ "userId", username },
{ "password", password }
};
webClient.UploadValues(docUrl, postData);
fileData = webClient.DownloadData(docUrl);
}
I was wrong about the site using forms auth. It is a JSP website and uses a JSESSIONID. I have verified that I am getting a cookie back with what appears to be a valid 32-byte JSESSIONID value.
However, when I call WebClient.DownloadData() it is still only returning the redirected login page. I've tried to fix this by setting the AllowAutoRedirect property on the HttpWebRequest to false, but then it returns 0 bytes.
Is there something else that I need to do so it won't redirect and will take me to the resource once I have authenticated?
(Answered in a question edit. Converted to a community wiki answer. See Question with no answers, but issue solved in the comments (or extended in chat) )
The OP wrote:
Solved. So the problem was between my ears. I was passing in the URL for the secure resource to the .UploadValues() method, knowing that it would redirect to the login page. However, I really needed to pass in the URL from the login form (where it goes upon submitting) - not the login page itself. Once I did that, it worked correctly. I think I'm going to go find a career in food service now.
LINKS
There were already a few questions posted on SO that addressed this issue. I just didn't know what I was looking for at first so I didn't see those... Anywhere here are a couple good resources that I came across when working on this issue:
how to maintaine cookies in between two Url's in asp.net
Trying to get authentication cookie(s) using HttpWebRequest
I'm Trying to login with dotNetOpenId to GMail accounts. It works but I'm not able to retrieve any claims. I know I could retrieve email addresses or user names as well, but no claims are being returned only the ClaimedIdentifier is available. Anyone know how to retrieve this data from Gmail accounts? If you could please provide me an example of ClaimsRequest configuration I would be grateful.
Thanks
// Either you're creating this already or you can get to it in
// the LoggingIn event of the control you're using.
IAuthenticationRequest request;
// Add the AX request that says Email address is required.
var fetch = new FetchRequest();
fetch.Attributes.Add(
new AttributeRequest(WellKnownAttributes.Contact.Email, true));
request.AddExtension(fetch);
Google then authenticates the user and returns the email address, which you can get with:
var fetch = openid.Response.GetExtension<FetchResponse>();
if (fetch != null)
{
IList<string> emailAddresses = fetch.GetAttribute(
WellKnownAttributes.Contact.Email).Values;
string email = emailAddresses.Count > 0 ? emailAddresses[0] : null;
}
You can see my blog post on the subject for a bit more information. The important thing to note here is that Google will only tell you the user's email address if you mark it as required (as I have done in the above snippet). But this also means that if the user does not want to share his email address, he cannot log in at all. Sorry, that's the way Google set it up. Other Providers that people use have different behaviors, unfortunately.