Last post Jun 03, 2015 09:49 AM by MohitJ18
May 21, 2015 05:17 AM|MohitJ18|LINK
I am going through some problem in accessing WebApi. Secnario is on my side i need to access api's method 'GetDetails'(https://localhost/api/GetDetails) from my coding, but api is protected with HMAC authentication.
I have key and id which is required for authentication. How can i call to that api?
May 22, 2015 02:45 AM|Krunal Parekh|LINK
You could Implement a HTTPClient Custom Handler. HTTPClient allows you to create custom message handler which get created and added to the request message handlers chain, handler will allow you to write out custom logic. In this logic you need to build the
hash and set in the Authorization header before firing the request to the back-end API.
Please follow this tutorial which explains how to achieve this on both client and server side.
Secure ASP.NET Web API using API Key Authentication – HMAC Authentication
Hope this helps.
May 27, 2015 10:11 AM|MohitJ18|LINK
Thanks for the link you provided, it was really helpful, i tried the same example. It worked fine.
Now , i want to access real API whose key and id i have. I made same slight changes like as i want that method as GET so:
HttpResponseMessage response = await client.GetAsync(apiBaseAddress);
And in CustomDelegateHandler class in SendAsync() i have my key as:
when i try to convert to base64
var secretKeyByteArray = Convert.FromBase64String(APIKey);
it shows me error like: "The input is not a valid Base-64 string as it contains a non-base 64 character, more than two padding characters, or an illegal character among the padding characters. "
So kindly suggest me what should i do in this situation.
May 28, 2015 01:31 AM|Krunal Parekh|LINK
I don't think your api key is of base64string. It's pretty easy to recognize a Base64 string, as it will only be composed of characters
'A'..'Z', 'a'..'z', '0'..'9', '+', '/' and it is often padded at the end with up to three '=', to make the length a multiple of 4.
'A'..'Z', 'a'..'z', '0'..'9', '+', '/'
Ask the api provider or see their documentation on which encryption they used to generate the key and how to send it to server.
Jun 03, 2015 09:49 AM|MohitJ18|LINK
Thanks for the help.