Passing Multiple Get Parameters to WebApi

Question

I am working on a asp.net core 2.2 application. I want to pass two parameters(token and refresh token) to the asp.net core 2.2 web api to retrieve new token. When I am passing the values, i am getting an error

An unhandled exception occurred while processing the request. AggregateException: One or more errors occurred. (Response status code does not indicate success: 404 (Not Found).) System.Threading.Tasks.Task.Wait(int millisecondsTimeout, CancellationToken cancellationToken) HttpRequestException: Response status code does not indicate success: 404 (Not Found).

Is this right way to pass multiple parameters and route it?

requestUrl is build as below:

string requestUrl = string.Format(Token_RefreshUserToken + "/{0}"+"/{1}", token,refreshToken);

requestUrl value is(web api controller name is 'Token'):

"Token/Refresh/eyJhbGciOiJIQrI1NiIsInR5cCI6IkpXVCJ9.eyJlbWFpbCI6InJlZnJhbmNpc0BzdXlhdpdGkuY54tIiwiZXhwIojxNTYwMzMyOTk7hCJpc3MiOiJodHRwOi8vd3d3LnNlY3WeaXR5Lm9yZyIsImF1ZCI3rdh0dHA6Ly93d3cuc2VjdXJpdHkub3JnIn0.2Iw0VS_OgMjfpgt5V27mjCuLLqzlZBgRMpYgCTEHRP88E/IDwRYkf9idsVrBhBJJ5ymS+8RrZuSBSl+wywuKCs+Bw="

Client:

Task<TokenModel> userToken = _commonHelper.RecreateUserToken(tokenModel.TokenVal, tokenModel.RefreshToken);
userToken.Wait();

public async Task<TokenModel> RecreateUserToken(string token, string refreshToken)
    {          
         string url = string.Format(WebApiConstants.Token_RefreshUserToken + "/{0}"+"/{1}", token,refreshToken);
         var statusResponse = await _ApiHelper.GetAsync(url);
         tokenData = await statusResponse.Content.ReadAsAsync<TokenModel>();
return tokenData;
     }

Web Api method :

[HttpGet]
[Route("Refresh/{token}/{refreshToken}")]
public async Task<TokenValue> Refresh(string token, string refreshToken){   //logic     }

Why not pass token in request headers and get it in api controller using `HttpContext.Request.Headers[]`?It is not recommended to show token in url. — Ryan, Jun 13 '19 at 03:20
Yes,I have passed the token in the request header.But still I m getting the same error. The refresh token which I am trying to send has characters such as '/' , '+' etc. I think that is why I am getting '404 (Not Found)' error. Can I pass this as as part of header ? — Reshma, Jun 13 '19 at 06:33

score 1 · Answer 1 · answered Jun 13 '19 at 09:56

It seems that request containing double escape sequence caused the problem.In development mode, try to run the web api project with Kestrel instead of IIS express.

ASP.NET Core application could be hosted on variety of web servers (IIS, Kestrel, Nginx, Apache, ...). All these web servers know nothing about request filtering (and particularly enabling of double escape) which is a native IIS feature. It's a hosting concern and ASP.NET Core application should not deal with it directly. If URL like http://youserver.com/Home/Phone/+12345 will reach ASP.NET Core pipeline, plus sign will not be treated in any special way and will get to string model as + character.

When you host your application on IIS, web.config is still in use, so you could configure <requestFiltering allowDoubleEscaping="true"/> as for usual ASP.NET application.

<system.webServer>
<security>
  <requestFiltering allowDoubleEscaping="true" />
</security>

If you want to host application in another Web server, you should check how it handle special characters. Kestrel will just pass such URLs as is, so you don't need to take any specific actions if hosted on Kestrel.

Refer to here

Passing Multiple Get Parameters to WebApi

1 Answers1