I’m developping an API which return PDF
(WsDocument
). To secure this API I developped second API which create oauth
access_token
(WsOauth
). I have no problem to create my access_token
. I have also no problem to get my token from my WsOauth
to my WsDocument
. But when I pass my access_token
in the header of my WsDocument
I have have this message:
access denied
I have already tried to pass my access_token
whith different syntax for the header. I really dont know what can I tried next.
Here the code to call my WsDocument :
[Route("api/test/{username}/{password}/{type}/{loc}/{docnumber}")]
[Route("ws/get_document")]
[HttpGet]
public HttpResponseMessage getDocument(string type, int docnumber, int loc, string username, string password)
{
HttpResponseMessage zresponse = null;
HttpResponseMessage ztokenresponse = checkAuthentification(username, password, loc);
var jsonresult = ztokenresponse.Content.ReadAsStringAsync().Result;
var deserializedjsonResult = JObject.Parse(jsonresult);
string ztoken = deserializedjsonResult["access_token"].ToString();
ServicePointManager.ServerCertificateValidationCallback += (sender, cert, chain, sslPolicyErrors) => true;
using (var client = new HttpClient())
{
if (ztoken != null)
{
client.DefaultRequestHeaders.Clear();
client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", ztoken);
client.BaseAddress = new Uri("https://localhost:44308/");
string requesturi = "ws/get_documentA4/" + username + "/" + password + "/" + type + "/" + loc + "/" + docnumber;
zresponse = client.GetAsync(requesturi).Result;
}
}
return zresponse;
}
Here the code called previously
[Authorize]
[Route("ws/get_documentA4/{username}/{password}/{type}/{loc}/{docnumber}")]
[Route("ws/get_documentA4")]
[HttpGet]
public HttpResponseMessage getDocumentA4(string type, int docnumber, int loc, string username, string password)
{
HttpResponseMessage zresponse = null;
DocumentA4Model zdocumentmodel = new DocumentA4Model();
IServiceDatabase zservice = WebApiConfig._allConnectedLocation.Find(x => x.Name == loc.ToString()).Database;
if (zservice != null)
{
zdocumentmodel = DocumentWSModel.getDocument(zservice, type, loc, docnumber);
}
if (File.Exists(DocumentWSModel.Doc_file_path))
{
zresponse = new HttpResponseMessage(HttpStatusCode.OK);
zresponse.Content = new StreamContent(new FileStream(DocumentWSModel.Doc_file_path, FileMode.Open, FileAccess.Read));
zresponse.Content.Headers.ContentDisposition = new ContentDispositionHeaderValue("attachment");
zresponse.Content.Headers.ContentDisposition.FileName = zdocumentmodel.Doc_file_name;
zresponse.Content.Headers.ContentType = new MediaTypeHeaderValue("application/pdf");
return zresponse;
}
return null;
}
When I call my function in my WsOauth
I have access to my ressource
. I suppose problems come from my header and how I pass my token to my WsDocument
.