I have an API that I tested in Postman. I want to use this API in a task within my own software. I can call the Access Token, CSRF token, and cookies, but when it comes to sending the content I want with this information, I get a forbidden error and I haven't been able to find a solution.
My GetAccessToken function:
Private Function GetAccessToken() As String Try Dim client As New HttpClient() Dim requestBody As New List(Of KeyValuePair(Of String, String)) From { New KeyValuePair(Of String, String)("grant_type", "client_credentials"), New KeyValuePair(Of String, String)("client_id", "myclientid"), New KeyValuePair(Of String, String)("client_secret", "myclientsecret"), New KeyValuePair(Of String, String)("scope", "*") } Dim request As New HttpRequestMessage(HttpMethod.Post, "myurl") request.Content = New StringContent(String.Join("&", requestBody.Select(Of String)(Function(a) a.Key & "=" & a.Value).ToArray())) request.Content.Headers.ContentType = New Headers.MediaTypeHeaderValue("application/x-www-form-urlencoded") Dim response As HttpResponseMessage = client.SendAsync(request).Result If response.IsSuccessStatusCode Then Dim result As String = response.Content.ReadAsStringAsync().Result Dim tokenResponse As Dictionary(Of String, String) = Newtonsoft.Json.JsonConvert.DeserializeObject(Of Dictionary(Of String, String))(result) If tokenResponse.ContainsKey("access_token") Then LoggerBase.Log(LogMessage.Types.InfoMessage, Now, 10, "TedasScheduledOutageTask", String.Format("Alınan GetAccessToken : {0}", tokenResponse.ToString())) Return tokenResponse("access_token") End If End If LoggerBase.Log(LogMessage.Types.ErrorMessage, Now, 10, "TedasScheduledOutageTask", "Token alma işlemi başarısız oldu.") Return Nothing Catch ex As Exception LoggerBase.LogUnidentifiedException(ex) Return Nothing End Try End Functionfetchcsrftokenandcookies function:
Private Function fetchcsrftokenandcookies(token As String) As (String, String) Try Dim client As New HttpClient() Dim request As New HttpRequestMessage(HttpMethod.Get, "myurl") request.Headers.Add("x-csrf-token", "fetch") request.Headers.Add("authorization", "Bearer " & token) Dim response As HttpResponseMessage = client.SendAsync(request).Result If Not response.IsSuccessStatusCode Then LoggerBase.Log(LogMessage.Types.ErrorMessage, Now, 10, "task", "csrf token alma işlemi başarısız oldu.") End If Dim cookies As String = String.Join("; ", response.Headers.GetValues("set-cookie").Reverse().Select(Function(c) c.Split(";"c)(0)))'Dim cookies As String = String.Join(";", response.Headers.GetValues("set-cookie").Select(Function(c) c.Split(";")(0))) Return (response.Headers.GetValues("x-csrf-token").FirstOrDefault(), cookies) Catch ex As Exception LoggerBase.LogUnidentifiedException(ex) Return (Nothing, Nothing) End Try End FunctionThis two function works (I think so) and I can see the results.
But
Post Function:
Public Overrides Sub ExecuteExtender() Try Dim token As String = GetAccessToken() If String.IsNullOrEmpty(token) Then LoggerBase.Log(LogMessage.Types.ErrorMessage, Now, 10, "TedasScheduledOutageTask", "Token alınamadı.") Exit Sub End If LoggerBase.Log(LogMessage.Types.InfoMessage, Now, 10, "TedasScheduledOutageTask", String.Format("Alınan Token : {0}", token.ToString()))' CSRF Token Al Dim csrfTokenInfo As (String, String) = fetchcsrftokenandcookies(token) If String.IsNullOrEmpty(csrfTokenInfo.Item1) Then LoggerBase.Log(LogMessage.Types.ErrorMessage, Now, 10, "TedasScheduledOutageTask", "CSRF Token alınamadı.") Exit Sub End If LoggerBase.Log(LogMessage.Types.InfoMessage, Now, 10, "TedasScheduledOutageTask", String.Format("Alınan CSRF Token : {0}", csrfTokenInfo.Item1.ToString())) Dim client As New HttpClient() client.Timeout = TimeSpan.FromMinutes(1) Dim request As New HttpRequestMessage(HttpMethod.Post, "myurl") request.Headers.Add("x-csrf-token", csrfTokenInfo.Item1) request.Headers.Add("Authorization", "Bearer " & token) request.Headers.Add("Cookie", csrfTokenInfo.Item2) Dim json As String = "{" & vbCrLf &" ""date"": ""2024-03-10""" & vbCrLf &"}" Dim content As New StringContent(json, Encoding.UTF8, "application/json") request.Content = content Dim response As HttpResponseMessage = client.SendAsync(request).Result Dim responseContent As String = response.Content.ReadAsStringAsync().Result If response.IsSuccessStatusCode Then Me.ExecutionStatus = String.Format("Başarılı!") LoggerBase.Log(LogMessage.Types.InfoMessage, Now, 10, "TedasScheduledOutageTask", String.Format("ResponseContent : {0}", responseContent.ToString())) Else Me.ExecutionStatus = String.Format("Başarısız!") Dim errorContent As String = response.Content.ReadAsStringAsync().Result LoggerBase.Log(LogMessage.Types.ErrorMessage, Now, 10, "TedasScheduledOutageTask", String.Format("API çağrısı başarısız oldu. StatusCode: {0}, Hata Mesajı: {1}", response.StatusCode, errorContent)) End If Catch ex As Exception End Try End Suband there is a second postdata function I tried before :
Public Overrides Sub ExecuteExtender() Try Dim token As String = GetAccessToken() If String.IsNullOrEmpty(token) Then LoggerBase.Log(LogMessage.Types.ErrorMessage, Now, 10, "TedasScheduledOutageTask", "Token alınamadı.") Exit Sub End If LoggerBase.Log(LogMessage.Types.InfoMessage, Now, 10, "TedasScheduledOutageTask", String.Format("Alınan Token : {0}", token.ToString())) Dim csrfTokenInfo As (String, String) = fetchcsrftokenandcookies(token) If String.IsNullOrEmpty(csrfTokenInfo.Item1) Then LoggerBase.Log(LogMessage.Types.ErrorMessage, Now, 10, "TedasScheduledOutageTask", "CSRF Token alınamadı.") Exit Sub End If LoggerBase.Log(LogMessage.Types.InfoMessage, Now, 10, "TedasScheduledOutageTask", String.Format("Alınan CSRF Token : {0} - Cokiee : {1}", csrfTokenInfo.Item1.ToString(), csrfTokenInfo.Item2.ToString())) Dim today As String = DateTime.Now.ToString("yyyy-MM-dd") Dim requestBody As String = $"{{""date"": ""{today}""}}" Dim client As New HttpClient() Dim request As New HttpRequestMessage(HttpMethod.Post, "myurl") request.Headers.Add("X-CSRF-TOKEN", csrfTokenInfo.Item1) request.Headers.Add("Cookie", csrfTokenInfo.Item2) request.Headers.Add("Authorization", "Bearer " & token) request.Content = New StringContent(requestBody, Encoding.UTF8, "application/json") request.Content.Headers.ContentType = New Headers.MediaTypeHeaderValue("application/json") Dim response As HttpResponseMessage = client.SendAsync(request).Result Dim responseBody As String = response.Content.ReadAsStringAsync().Result If response.IsSuccessStatusCode Then Dim result As String = response.Content.ReadAsStringAsync().Result LoggerBase.Log(LogMessage.Types.InfoMessage, Now, 10, "TedasScheduledOutageTask", String.Format("Alınan RESULT : {0}", result.ToString())) Else Dim errorContent As String = response.Content.ReadAsStringAsync().Result LoggerBase.Log(LogMessage.Types.ErrorMessage, Now, 10, "TedasScheduledOutageTask", String.Format("API çağrısı başarısız oldu. StatusCode: {0}, Hata Mesajı: {1}", response.StatusCode, errorContent)) End If Catch ex As Exception LoggerBase.LogUnidentifiedException(ex) Me.SetStatusText("Görev oluşan hata nedeniyle sona erdi: " & ex.Message) End Try End SubI tried to copy my accesstoken to postman autharization so it's works. But I don't say my csrf token is valid.