Jump to content


Clutchplate

Member Since 18 Dec 2018
Offline Last Active Jan 11 2019 07:22 PM
-----

Topics I've Started

Swarm API: C# API access

10 January 2019 - 06:45 PM

I'm trying to read the Swarm API from a C# client app, but am having issues with authentication. I think we use level 3 security (we use p4 login -ap to login to Swarm).

I have it working for a while by additionally adding the web browser cookie to the request. However this is bad, because extracting the web browser cookie is a pain in Windows 10 or non-IE browsers (and is probably a security issue...).

Here's my initial code to check whether the current user can access Swarm:

public async Task<bool> CheckAuthorization()
{
  bool result = false;
  var request = (HttpWebRequest)WebRequest.Create(@"http://p4swarm/files");
  request.UseDefaultCredentials = false;
  request.Credentials = new NetworkCredential() { UserName = "<my ticket number>", Domain = "MYCOMPANY", Password = string.Empty};
  request.MaximumAutomaticRedirections = 4;
  request.MaximumResponseHeadersLength = 4;
  request.AutomaticDecompression = DecompressionMethods.Deflate | DecompressionMethods.GZip;
  // request.CookieContainer = new CookieContainer();
  // request.CookieContainer.Add(new Cookie("SWARM", "<web browser cookie>", "/", "p4swarm"));
  // request.CookieContainer.Add(new Cookie("remember", Environment.UserName, "/", "p4swarm"));
  request.UserAgent = "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2228.0 Safari/537.36";
  request.Accept = "text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8";
  try
  {
	Log.WriteLine($"AUTH: Sending WebRequest with {SwarmrSettings.Instance.SwarmCookie}, awaiting response");
	var p4Response = (HttpWebResponse)await request.GetResponseAsync();
	Log.WriteLine("AUTH: Response obtained. Status:" + p4Response.StatusCode.ToString());
	result = p4Response.StatusCode == HttpStatusCode.OK;
  }
  catch (Exception ex)
  {
	Log.WriteLine("AUTH: Exception caught in WebRequest. " + ex.Message);
	result = false;
  }
  return result;
}

If I run it as above I get a 401 Unauthorized error.

If I leave the commented out lines in the code, it works fine (provided I can find the browser cookie), but eventually the cookie expires, and the user can no longer use the app.

What is the correct way to authenticate from within a client app like this?

- Lutz

Swarm API: Who approved the review

19 December 2018 - 12:00 AM

Apologies if this is not the right forum, I see API questions here, but there is also a general API forum...

Anyway, I'm having difficulty figuring out who approved a review once it is in the "approved" state. The participant votes all just reflect the upvotes. Is this not available in the API?

- Lutz