I have written a WebApi project in VS2013. I have also written an MVC4 application to test it in VS2013 on the same machine.
I run the WebApi project in VS2013, it uses localhost:49494 as server:port I then run the test project in VS2013, it uses localhost:49319 as server:port.
I calling a route in my WebApi from my test project, I get a response of 401 (Unauthorized). I AM NOT using the Authorize attribute on my WebApi functions. I do not send WWW-Authenticate header from my test project either.
Why would I get this? I just don't understand it. When I run the URL for the WebApi call in the browser, I get the desired result.
This is the HTML calling the MVC4 action:
<!DOCTYPE html>
<html>
<head>
<title>Webinar Registration Test </title>
</head>
<body>
<div class="document">
<form name="LoginForm" action="/Home/WBLogin" method="post">
<input type="submit" value="Login" />
</form>
</div>
</body>
</html>
This is the MVC4 Action method that calls the WebApi:
public ActionResult WBLogin()
{
string uri = "http://localhost:49494/api/Webinar/WBLogin";
AuthModel auth = new AuthModel();
HttpWebRequest request = (HttpWebRequest)HttpWebRequest.Create(uri);
request.Accept = "application/json";
request.Method = "GET";
try
{
var response = request.GetResponse();
//the following lines duplicate the response stream so we can read it for
//deserialization and also re-read it and write it out.
using (MemoryStream ms = new MemoryStream())
{
var stream = response.GetResponseStream();
stream.CopyTo(ms);
ms.Position = 0;
stream.Close();
DataContractJsonSerializer ser = new DataContractJsonSerializer(typeof(ResponseDirectLogin));
var deserialized = (ResponseDirectLogin)ser.ReadObject(ms);
auth.OauthToken = deserialized.AccessToken;
auth.OrganizerKey = deserialized.OrganizerKey;
}
}
catch (WebException e)
{
if (e.Response != null) {
using (var sr = new StreamReader(e.Response.GetResponseStream()))
ViewBag.Error = sr.ReadToEnd();
}
else
{
ViewBag.Error = String.Concat("Message: ", e.Message, " Status: ", e.Status);
}
}
Registrant User = new Registrant();
User.OauthToken = auth.OauthToken;
User.OrganizerKey = auth.OrganizerKey;
User.WebinarKey = "9999999999999999999";
return RedirectToAction("WBRegister", "Home", User);
}
This is the WebApi method:
public class WebinarController : ApiController
{
[HttpGet, Route("api/Webinar/WBLogin")]
public IHttpActionResult WBLogin()
{
// The Login Model contains the Login credentials for our GTW account
LoginModel lg = new LoginModel();
// first we need to create the uri for the web request
string uri = String.Format("https://api.citrixonline.com/oauth/access_token?grant_type=password&user_id={0}&password={1}&client_id={2}",
lg.UserId, lg.Password, lg.APIKey);
// then the request to login is created and sent. From the response
// we need to store at least the access token and the organizer key
// to use for further calls
HttpWebRequest request = (HttpWebRequest)HttpWebRequest.Create(uri);
request.Accept = "application/json";
request.ContentType = "application/json";
try
{
var response = request.GetResponse();
//the following lines duplicate the response stream so we can read it for
//deserialization and also re-read it and write it out.
using (MemoryStream ms = new MemoryStream())
{
var stream = response.GetResponseStream();
stream.CopyTo(ms);
ms.Position = 0;
stream.Close();
DataContractJsonSerializer ser = new DataContractJsonSerializer(typeof(ResponseDirectLogin));
var deserialized = (ResponseDirectLogin)ser.ReadObject(ms);
LoginResponse lr = new LoginResponse();
lr.OauthToken = deserialized.AccessToken;
lr.OrganizerKey = deserialized.OrganizerKey;
string json_result = JsonConvert.SerializeObject(lr);
return Ok(json_result);
}
}
catch (WebException e)
{
using (var sr = new StreamReader(e.Response.GetResponseStream()))
{
LoginErrorResponse ler = new LoginErrorResponse();
ler.Message = sr.ReadToEnd();
string json_result = JsonConvert.SerializeObject(ler);
return BadRequest(json_result);
}
}
}
// other methods here...
}
