Category: development

Accessing the Http Request’s body from HttpActionExecutedContext

If you have ever tried to directly access the body of a Http request on a POST or PUT in Web Api, you might have run into some roadblocks. Unlike the MVC pipeline, Web Api accesses the request of the body through a stream for performance reasons. Once the stream is read during the model binding phase, the stream is at the end, and if you try to read it at a later time, you might notice the body is just a blank string.

Today I was writing a ExceptionFilter and wanted to log the body on certain error conditions. The HttpActionExecutedContext had the Request object, which had the Content property, but when I tried reading it (using context.Request.ReadAsStringAsync()), the result was the aforementioned blank string. This is because when the stream was read earlier in the process, the stream was left at the end. In order to get the body, you need to reset the position in the stream back to zero and then read it. The following function will return the content of the body as a string that you can use in many of Web Apis filter attributes:

private string GetBodyFromRequest(HttpActionExecutedContext context)
    string data;
    using (var stream = context.Request.Content.ReadAsStreamAsync().Result)
        if (stream.CanSeek)
            stream.Position = 0;
        data = context.Request.Content.ReadAsStringAsync().Result;
    return data;

Authenticating with SharePoint Online in an Ionic/Angular/PhoneGap app

I am working on a side project to update lists in a SharePoint online instance. The project is a hybrid mobile app using PhoneGap and the Ionic framework. I have been playing around with Ionic for a couple of months now, and so far I am really enjoying it. For starters, it uses AngularJS, which is my fav MV* framework of the moment. Also, Ionic provides great tooling to help you build and package up your app. If you haven’t checked it out yet, do so

The first hurdle in the app was that I am no SharePoint expert and I don’t know the first thing about their APIs or how to work with them. I needed to figure out how to actually authenticate with the SharePoint online instance. Doing a Google search returned back so many results and different ways to accomplish authentication in SP that it was very confusing which to try. I tried a few different ways and none of them seemed to work. Then I found this great blog post. It turns out that there appears to be a difference when trying to authenticate with SharePoint Online versus an on-prem SharePoint 2013 instance, and most of the articles I was reading was regarding authenticating with an on-prem instance.

The post details how you need to send a SAML token to the Microsoft ID Service, which is the provider of authentication for nearly every MS property on the web, from Office365 to Xbox. While the post didn’t show exactly how to do this in JavaScript, it was fairly easy to make it work.

Since my Ionic app is just a web app running on a local device, I can take advantage of reusing the cookies that come from authenticating with the Microsoft ID service. The following Angular service does just that. Once you authenticate, you will have two cookies called rtFA and FedAuth. Every request you make into the Sharepoint REST APIs will now have these cookies and you will be authenticated.

The service first constructs a SAML token using a userId, password, and url of the SP Online instance. It then calls into Microsoft’s login service to obtain a authentication token. From that token, you need to extract the Bearer Token, and then pass that into Sharepoints Forms based authentication. Once that is done, you will have the needed cookies to make future API requests.