0

I am currently working on a OAuth2 implementation. However I am stuck on an Error 401. It seems like there is something wrong with my post request that is supposed to retrieve the access token from the Company the User logged in to. This is my code: 

internal void RequestAccessToken(string code)
{
    string requestBody = "grant_type="+ WebUtility.UrlEncode(GRANTTYPE)+ "&code=" + WebUtility.UrlEncode(code)+"&redirect_uri="+ WebUtility.UrlEncode(REDIRECT_URI);
    WebClient client = new WebClient();
    client.Headers.Add("Authorization",HeaderBase64Encode(CLIENT_ID, SECRETKEY));
    var response = client.UploadString("https://thewebsiteiamcallingto.com/some/api", requestBody);
    var responseString = client.OpenRead("https://thewebsiteiamcallingto.com/some/api");
}

My Questions are:

  1. Is there anything wrong with the way I try to make the POST request ?
  2. Is there a way to retrieve the whole string that is posted to the URI using UploadString?

P.S. I have seen this post regarding the POST creation. However I find the async part to be too complicated for my case.

Thewickedislick
  • 305
  • 1
  • 4
  • 14
  • what does HeaderBase64Encode do? – João Paulo Amorim Mar 28 '19 at 16:27
  • It encodes two strings into one string in Base64 format. Thats a header needed for the API authorization. – Thewickedislick Mar 28 '19 at 17:25
  • 1
    yeah but as the code is, you are putting a header "Authorization" , "stringbase64", I Think you should do something like this client.Headers.Add("Authorization", "Bearer " + HeaderBase64Encode(CLIENT_ID, SECRETKEY)); – João Paulo Amorim Mar 28 '19 at 17:36
  • I will try that. Sorry for the slick question but I cannot share more than I did. Thanks a lot though! – Thewickedislick Mar 28 '19 at 18:29
  • 1
    ok, but i think that should solve your problem, see what type of authorization you are doing and put it along with the base64 token u made, like "bearer " + HeaderBase64Encode(CLIENT_ID, SECRETKEY) or "Basic " + HeaderBase64Encode(CLIENT_ID, SECRETKEY) – João Paulo Amorim Mar 28 '19 at 18:37

1 Answers1

1

Since we dont know the api documentation, I would suggest you to make a postman request and view the actual request sent and response received, and secondly make a request using your method and capture using a utility like wireshark and compare the difference.

Roy
  • 196
  • 1
  • 10