Tuesday, August 16, 2022

Consuming ASP.NET Web API REST Service In ASP.NET MVC Using HttpClient

 Steps to Consume Web API in MVC.


Step1: Install HTTP Client library from NuGet.

What is HttpClient?

HttpClient is base class which is responsible to send HTTP request and receive HTTP response resources i.e from REST services.

Step2:Install WebAPI.Client library from NuGet


Step3: Add Model and Controller class.

Step4: 

Our hosted Web API REST Service includes these two methods, as given below.


GetAllEmployees (GET )

GetEmployeeById (POST ) which takes id as input parameter

We are going to call GetAllEmployees method which returns the all employee details ,The hosted web api REST service base URL is http://192.168.95.1:5555/ and to call GetAllEmployees from hosted web API REST service, The URL should be Base url+api+apicontroller name +web api method name as following,


http://192.168.95.1:5555/api/Employee/GetAllEmployees

In the preceding url

http://localhost:56290 Is the base address of web API service, It can be different as per your server.

api It is the used to differentiate between Web API controller and MVC controller request .

Employee This is the Web API controller name.

GetAllEmployees This is the Web API method which returns the all employee list.


using ConsumingWebAapiRESTinMVC.Models;
using Newtonsoft.Json;
using System;
using System.Collections.Generic;
using System.Net.Http;
using System.Net.Http.Headers;
using System.Threading.Tasks;
using System.Web.Mvc;

namespace ConsumingWebAapiRESTinMVC.Controllers
{
    public class HomeController : Controller
    {
        //Hosted web API REST Service base url
        string Baseurl = "http://192.168.95.1:5555/";
        public async Task<ActionResult> Index()
        {
            List<Employee> EmpInfo = new List<Employee>();
            using (var client = new HttpClient())
            {
                //Passing service base url
                client.BaseAddress = new Uri(Baseurl);
                client.DefaultRequestHeaders.Clear();
                //Define request data format
                client.DefaultRequestHeaders.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
                //Sending request to find web api REST service resource GetAllEmployees using HttpClient
                HttpResponseMessage Res = await client.GetAsync("api/Employee/GetAllEmployees");
                //Checking the response is successful or not which is sent using HttpClient
                if (Res.IsSuccessStatusCode)
                {
                    //Storing the response details recieved from web api
                    var EmpResponse = Res.Content.ReadAsStringAsync().Result;
                    //Deserializing the response recieved from web api and storing into the Employee list
                    EmpInfo = JsonConvert.DeserializeObject<List<Employee>>(EmpResponse);
                }
                //returning the employee list to view
                return View(EmpInfo);
            }
        }
    }
}
C#


at No comments:

Thursday, July 21, 2022

Web API Securities JWT Token.

 What is JWT Token?

JWT stands for Jason Web Token.

Token-based security is commonly used in today’s security architecture. There are several token-based security techniques. JWT is one of the more popular techniques. JWT token is used to identify authorized users.

What is the JWT WEB TOKEN?

Open Standard: Means anywhere, anytime, and anyone can use JWT.

Secure data transfer between any two bodies, any two users, any two servers.

It is digitally signed: Information is verified and trusted.

There is no alteration of data.

Compact: because JWT can be sent via URL, post request & HTTP header.

Fast transmission makes JWT more usable.

Self Contained: because JWT itself holds user information.

It avoids querying the database more than once after a user is logged in and has been verified.


JWT is useful for:

Authentication

Secure data transfer

JWT Token Structure 

A JWT token contains a Header, a Payload, and a Signature. 







Header

Header contains the algorithms like RSA or HMACSHA256 and the information of the type of Token.

  1. {  
  2.    “alg” : ”” Algorithm like RSA or HMACSHA256  
  3.    “Type” : ”” Type of JWT Token  
  4. }  

Payload

Payload contains the information of rows, i.e., user credentials.

  1. {  
  2.    “loginname” : ”Gajendra”  
  3.    “password”:”123#”  
  4. }  
  • It contains claims.
  • Claims are user details or additional information

Signature

{ base64urlencoded (header) +”.”+ base64urlencoded (payload) +”.”+ secret }

  • Combine base64 encoded Header , base64 encoded Payload with secret
  • These provide more security.

  • A combination of all headers, payload and signatures converts into JWT TOKEN.

How Does JWT Work?

Step 1 :
 
Client logs in with his/her credentials.


Step 2:

Server generates a Jwt token at server side. 




 
Step 3 :                                                                                                                                                 
After token generation, the server returns a token in response.                                                       





Step 4:                                                                                                                               
Now, the client sends a copy of the token to validate the token. 


Step 5                                                                                                   
 
The server checks JWT token to see if it's valid or not.


Step 6 :                                                                                                                         
 After the token is validated, the server sends a status message to the client.





The server can trust the client because the JWT is signed, and there is no need to call the database to retrieve the information you already stored in the JWT.

To keep them secure, you should always store JWTs inside an httpOnly cookie. This is a special kind of cookie that’s only sent in HTTP requests to the server. It’s never accessible (both for reading or writing) from JavaScript running in the browser.

https://blog.logrocket.com/jwt-authentication-best-practices/





Steps to Implement JWT Authentication in Asp.net Core

  • Understanding JWT Authentication Workflow.
  • Create Asp.net Core Web API project
  • Install NuGet Package (JwtBearer)
  • Asp.net Core JWT appsetting.json configuration
  • Asp.net Core Startup.cs - configure services add JwtBearer
  • Create Models User, Tokens
  • Create JWTManagerRepository to Authenticate users and generate JSON Web Token.
  • Create UserController - Authenticate action method.

https://codepedia.info/jwt-authentication-in-aspnet-core-web-api-token




 


                                                 



















at No comments:
Subscribe to: Posts (Atom)

Web API Versioning.

 Implement the new feature without impacting the existing consumers we can solve this problem by API versioning. When the business has start...

  • Otput caching in MVC/API
     Caching is used to improve the performance in ASP.NET MVC. Caching is a technique which stores something in memory that is being used frequ...
  • Are API And Web Services Similar?
    An obvious question which popped-up in your mind is, So Web Service and API are same, right? My answer is, IT’S NOT. All web services are A...
  • What is WCF and Why We Use?
    WCF stands for  W indows Communication Foundation. It is basically used to create a distributed and interoperable Application. =========...