.NET 5.0 vs Framework 4.8 HTTPRequest oAuth02.

megabug

Member
Joined
Feb 15, 2022
Messages
11
Programming Experience
10+
Hi everybody,

I'm working on an app written in .net Framework 4.8 with usage of an API that use OAuth02 to authenticate. And I'm not really familiar with web API in C#.
The sample code I received is based on .NET 5.0 and work perfectly. However, when I look at the compatibility of the commands used,
I saw it should be ok to use the same code. However, I received an error 400. I tried to use fiddler to see the differences in the message sent
and seem to be content length. I tried to adjust it and now I received an other message that seem to be related to async function.
I tried to reference the .net 5 code as a new DLL but it seem not possible du to the target framework of my app (Framework 4.8) So I need to understand what is the difference between .NET 5.0 and Framwork 4.8 call.
I supposed It should be something related to TLS security or something like that, but How to manage it with old framework.

Could someone help me to downgrade that code.

Thanks in advance

Here is .NET 5.0 code I received.
C#:
using System;
using System.Collections.Generic;
using System.Net.Http;
using System.Net.Http.Headers;
using System.Text;
using System.Text.Json;
using System.Threading.Tasks;
namespace TestMemento2
{
    class Program
    {
        private static readonly HttpClient client = new HttpClient();
        static async Task Main(string[] args)
        {

            string clientID = "abc";
            string clientSecret = "1234";
            string url = "url";

            var values = new List<KeyValuePair<string, string>>();
            values.Add(new KeyValuePair<string, string>("grant_type", "client_credentials"));
            var content = new FormUrlEncodedContent(values);

            string encodedAuth = Convert.ToBase64String(Encoding.Default.GetBytes(clientID + ":" + clientSecret));
            var requestMessage = new HttpRequestMessage(HttpMethod.Post, url);
            requestMessage.Headers.Authorization = new AuthenticationHeaderValue("Basic", encodedAuth);
            requestMessage.Content = content;
        
            //make the request
            var task = client.SendAsync(requestMessage);
            var response = task.Result;
            response.EnsureSuccessStatusCode();
            string responseBody = response.Content.ReadAsStringAsync().Result;
            Console.WriteLine(responseBody);
            Console.ReadLine();
        }

    }
}
 
Last edited:
That's the response content length.

Notice that the string "Error: invalid_client" is 23 octets.

What is the request content length? They should be the same from any framework.

Additionally, the request "content-type" should be form encoded URL text. What you are showing above is JSON text.

You do know that you can share part of the URL that you are trying to authenticate again and just blank out the your email, password, and client secret, right?
 
That's the response content length.

Notice that the string "Error: invalid_client" is 23 octets.

What is the request content length? They should be the same from any framework.

Additionally, the request "content-type" should be form encoded URL text. What you are showing above is JSON text.

You do know that you can share part of the URL that you are trying to authenticate again and just blank out the your email, password, and client secret, right?
All the required information was in previous post. The first post contain the code I using. second one was a try but nothing work with it. I don't think the url will be useful for giving an answer to the question. How can I correct the content-lenght ?
is this part of the header when the client send the information to the API or it is part of the message. I found how to calculate the size however I can't apply it to any property on the message or client before doing the sendasync method.
 
The URL will be helpful because that will tell us whose OAuth2 server you are calling. That will let us then read the documentation for their APIs to see what parameters they require to be passed in.

How can I correct the content-lenght ?
There is nothing to correct in the content-length of the server response to you. They are following the RFC's and giving you the length of the content that they sent to you. In the case above of 23, it's the length of the content "Error: invalid_client". It the case of length of 718, that's the length of the JSON response they sent to you that contains the token.

is this part of the header when the client send the information to the API or it is part of the message.
It is the part of the message. When you do your POST to send to the API, the Content-Length is computed for you by the HttpRequestMessage when you set it's Content property. When the API replies back, the Content-Length is their computed length of the message they sent back to you.

I found how to calculate the size however I can't apply it to any property on the message or client before doing the sendasync method.
There is no need for you to do this. As I said above, this is computed for you.
 
Finaly we found the problem, It seem that .NET 5 not using the same encoding for username and probably for password than framework 4.8.
 
Solution
Was it the use of Encoding.Default at line 24 from post 1 code? That has different behaviour with .Net (Core) and .Net Framework, which is explained in this page: Encoding.Default Property (System.Text)
 
Interesting... And likely the reason why I couldn't reproduce the problem is because I'd hacked my registry to make UTF8 my default code page while trying to make Console output support emojis.
 
Back
Top Bottom