Authenticate, Authorise WebApi with HttpClient


Hi all, I said I’d post this because I didn’t manage to find a suitable blog post or documentation indicating how to do this with the HttpClient (beta).  (bleeding edge again ey).

This post outlines how to create a simple test server that has a Json Logon endpoint.
Then it shows how to login with the .net 4.5 HttpClient class. Lots of other post I saw were trying to set Channels on this HttpClient, I’ll have to assume this was from the developer preview or the Wcf predecessor. It appears now the solution comes in the form of a HttpClientHandler!

It’s been a long day, up at 4am for a flight and then a long day at work, so lets cut to the chase…


For setup, create a new MVC4 internet application


Why? because it gives me a AccountController with a JsonLogin action


Add a new ApiController



Add the Authorize attribute


Now we have a simple server setup for testing (no https etc, but lets not overcomplicate this just now).


I just created a WPF client and called the following function on a button click.

private async void Login()
    var handler = new HttpClientHandler();
    CookieContainer cookieContainer = new CookieContainer();
    handler.CookieContainer = cookieContainer;
    var client = new System.Net.Http.HttpClient(handler);
    var content = new FormUrlEncodedContent(new Dictionary<string, string>
        {"UserName", "brianbruff1"},
        {"Password", "password"}
    var response = await client.PostAsync("http://localhost:2122/account/jsonlogin", content);
    var msg = await response.Content.ReadAsStringAsync();
    // just get the default value from the starter project
    response = await client.GetAsync("http://localhost:2122/api/values");
    var list = await response.Content.ReadAsAsync<List<string>>();


That’s it, next steps to clean up this code are all yours,  but hopefully I’ve helped someone out.
Remember to register the user the first time your run your MVC app, or your msg variable will indicate you couldn’t be logged on.

Remember to include Http.Formatters for the ReadAsAsync extension.


Credit to @tomasmcguinness for pointing me in the right direciton (my other approach was to use PKI).
Credit to Microsoft for releasing the source so I could figure this out!

Deserializing Json


With this post I’m back to my lovely OneNote screen clippings, my last few postings were done on Windows8 and I’d no OneNote installed.

So you want to Deserialize Json in .NET! (C#)

How do you go about it?

There are a few approaches, many poeple are familiar with JSon.NET and using it like this




Some people may have done it the hard way


But if you add assembly System.Net.Http.Formatting.dll you’ll get a nice little extension ReadAsAsync<T>



ASP WebApi query single entity


What’s wrong with this?


   1:  public class UsersController : RavenController
   2:  {  
   3:      public User Get(int userId)
   4:      {
   5:          this.AutoSave = false;
   6:          var user = RavenSession.Load<User>(userId);
   7:          if (user == null)
   8:             throw new HttpResponseException("Unable to find user for it " + userId);
   9:          return user;
  10:      }
  12:      // GET /api/values
  13:      public IQueryable<User> GetAll()
  14:      {
  15:          this.AutoSave = false;
  16:          return RavenSession.Query<User>();            
  17:      }        
  18:  }

The problem is the variable name used for getting a single user the function would never be called.

E.g. if we put http://localhost:65487/api/users/1 into our browser what will happen is the GetAll gets called!

What we need to call is

   1:  public class UsersController : RavenController
   2:  {  
   3:      public User Get(int id)
   4:      {
   5:          this.AutoSave = false;
   6:          var user = RavenSession.Load<User>(id);
   7:          if (user == null)
   8:              throw new HttpResponseException("Unable to find user for it " + id);
   9:          return user;
  10:      }
  12:      // GET /api/values
  13:      public IQueryable<User> GetAll()
  14:      {
  15:          this.AutoSave = false;
  16:          return RavenSession.Query<User>();            
  17:      }        
  18:  }

Now you see that the Get takes a variable name of “id” this is key to getting this work.


Note: I’m using IQuerable as this allows me to add some query parameters to my request, e.g.

A Boolean expression for whether a particular entry should be included in the feed, e.g. Categories?$filter=CategoryName eq 'Produce'. The Query Expression section describes OData expressions.

One or more comma-separated expressions with an optional “asc” (the default) or “desc” depending on the order you’d like the values sorted, e.g. Categories?$orderby=CategoryName desc.

Limit the properties on each entry to just those requested, e.g. Categories?$select=CategoryName,Description.

How many entries you’d like to skip, e.g. Categories?$skip=4.

Return entries from the top of the feed, e.g. Categories?$top=4

See MSDN for more options.


-- Updated Post --

Thanks to James Hancock for pointing this one out for me. This post is a little misleading in that the $select is currently not supported. Please see for more information on this. The other query string parameters listed above are supported.

Using RavenDb with Mvc WebApi


I’m starting this post with a disclaimer. I’m not a RavenDb expect, actually far from it, in fact I’ve only started working with it this evening!

I’m working on a pet project and getting the initial building blocks in place. I read about RavenDB in a recent edition of CODE magazine. The same magazine dealt with some other NoSql databases, e.g. Mongo Db, I’ve had a passing interest in NoSql in the last while so I wanted to get me a piece of the pie, and RavenDB jumped out at me for a few reasons.

  • Written in .NET
  • Scalability over RDBMS
  • RestAPI (although i won’t be using it, my app will have its own REST API using RavenDb managed api underneath)
  • .NET API with Linq querying
  • Automatic indexing
  • Scalability

    Create project

    Fire up visual studio and create an new MVC4 project

    Add the RavenDb package,


    Do the very same that is indicated on the Raven website, We need a single Document Store in our application.

     protected void Application_Start()
            private void InitRaven()
                Store = new DocumentStore { ConnectionStringName = "RavenDB" };
                IndexCreation.CreateIndexes(Assembly.GetCallingAssembly(), Store);
            public static DocumentStore Store;

    Create RavenController

    public abstract class RavenController : ApiController
            public RavenController()
                this.AutoSave = true;
                RavenSession = TickTockBaby.Mvc.WebApiApplication.Store.OpenSession();
            public bool AutoSave { get; set; }
            public IDocumentSession RavenSession { get; protected set; }
            protected override void Dispose(bool disposing)
                if (disposing)
                    if (RavenSession != null)
                        using (RavenSession)
                            if (this.AutoSave)
                            RavenSession = null;

    Let me explain what I’ve done here…

    I’ve initialized the session in the constructor, and cleaned it up in dispose, I also SaveChanges by default unless it gets switched off in a derived class.


    Derive from RavenController

    public class UsersController : RavenController
            // GET /api/values
            public IEnumerable<string> Get()
                this.AutoSave = false;
                return RavenSession.Query<User>().Select(u => u.Name);            

    That’s my initial attempt, hope it helps someone out a little.

    I’ll post my final solution possibly using Ninject DI after I’ve used RavenDb for a while and get a better feel for it.

    Raven Studio

    Check results in browser

    Vs11 Xml


    I’m working with an XML document all morning, and for the hell of it I decided to open in VS11.

    Guess what I found, some pretty cool xml/xsd/xslt support



    but the biggest feature I found is the following…

    Paste XML as classes! BOOM!!



    Loving VS11…

    Linq DistinctBy


    Here is an extension method that I just had to share, TBH I’ve forgotten what I robbed the initial idea from, it wasn’t mine, but it’s something I found that I use over and over.

    The problem is I want to use the Distinct() extension method. However the objects I’m creating don’t override the default equality comparer, nor did I want to create a functor and supply to the overload just for this scenario.

    Lets have a look of what I’m dealing with.

    public class Source
        public string Code { get; set; }    
        public string Name { get; set; }        

    Here’s what one would initially try

    // Remove any duplicates
     c.DependingOnSources = c.DependingOnSources.Distinct();

    The problem here is that I don’t use the overload that allows me to specify an equality comparer, and the class itself doesn’t have the default equality comparer.

    So what’s the solution?

    var set = new HashSet<string>();
    c.DependingOnSources = c.DependingOnSources.Where(element => set.Add(element.Name));


    It’s a beauty it’s it, and quite simplistic, what I do is create a HashSet of the keys I want o compare, then I use use the Linq Where statement to select all the elements that I can add to the list. If you’re familiar with HashSet you’ll know that for first time we try add an element it will be not exist in the set and it gets added to the set and returns true, because the set.Add returns true.. we satisfy the Func in the Where clause and it gets added to the items that get returned.


    Simple ey.. yes true, but it gets better, we can make this a little more generic and leverage an extension method to do the lifting for us.


    internal static class LinqExtensions
        public static IEnumerable<TSource> DistinctBy<TSource, TKey>(
                            this IEnumerable<TSource> source, Func<TSource, TKey> selector)
            var set = new HashSet<TKey>();
            return source.Where(element => set.Add(selector(element)));


    So now we can call our method like so

    // Remove any duplicates
    c.DependingOnSources = c.DependingOnSources.DistinctBy(k => k.Name);
    Neat ey! (another common method is to use GroupBy and Select.)

    Uploading a file in MVC4 C#5 .NET 4.5


    Back on the bleeding edge again Hot smile I’m in the early stages of my next killer app and I’m investigating the pros and cons of using the new ASP WebApi.

    One of the features of this so called killer app will be to upload pictures (nothing special I agree). But how would I do this for all the clients I hope to support (WinRT/WP7/Html5/IOS).

    Let me first present the server that will be used for all these clients, I’ll then follow up with what I consider to be the simplest client a html5 browser!


    So I fired up VS11 and created a new MVC4 application using .net 4.5 / C#  and the WebApi template.

    I then added a controller called FileUploadController.cs

       1:  using System.Collections.Generic;
       2:  using System.Linq;
       3:  using System.Net;
       4:  using System.Net.Http;
       5:  using System.Threading.Tasks;
       6:  using System.Web.Http;
       8:  namespace MvcApplication16.Controllers
       9:  {
      10:      public class FileUploadController : ApiController
      11:      {
      12:          public async Task<IEnumerable<string>> PostMultipartStream()
      13:          {
      14:              // Check we're uploading a file
      15:              if (!Request.Content.IsMimeMultipartContent("form-data"))            
      16:                  throw new HttpResponseException(HttpStatusCode.UnsupportedMediaType);
      18:              // Create the stream provider, and tell it sort files in my c:\temp\uploads folder
      19:              var provider = new MultipartFormDataStreamProvider("c:\\temp\\uploads");
      21:              // Read using the stream
      22:              var bodyparts = await Request.Content.ReadAsMultipartAsync(provider);            
      24:              // Create response.
      25:              return provider.BodyPartFileNames.Select(kv => kv.Value);            
      26:          }
      27:      }
      29:  }

    You can see from line 12 that I’ve made this operation async, you’ve really got to admire the simplicity of async/await construct in .net 4.5! In line 22 you can see that the compiler and some state machine magic allow the freeing up of the asp worker thread….. (If you have read my previous posts you may be a little confused now.. didn’t I say that Tasks will use use the same threadpool!?  have a look at this link for someone that pondered the very same concerns )


    HTML5 Client

    The client couldn’t have been easier, fist a look at it in the browser


       1:  <!DOCTYPE html>
       2:  <html lang="en">
       3:  <head>
       4:      <meta charset="utf-8" />
       5:      <title>ASP.NET Web API</title>
       6:      <link href="@Url.Content("~/Content/Site.css")" rel="stylesheet" type="text/css" />
       7:      <meta name="viewport" content="width=device-width" />
       8:  </head>
       9:  <body>
      10:      @using (Html.BeginForm("FileUpload", "api", FormMethod.Post, new { enctype = "multipart/form-data" }))
      11:      { 
      12:          <div>Please select some files</div>
      13:          <input name="data" type="file" multiple>
      14:          <input type="submit" />            
      15:      }
      16:  </body>
      17:  </html>


    The important part above is using the enctype attribute, in fact line 10 loosely translates to

    <form action="~/api/FileUpload" enctype="multipart/form-data" method="POST">

    Don’t believe me? Then try VS11’s awesome new feature – page inspector

    Right click on the html and choose view in page inspector




    and we’re done! Of course in the real world we’ll use ajax with a few trick re sandbox, but here’s the response in the browser with xml.


    I’ll hopefully follow up with the samples for the client list below when I get to the respective development machines.

    • WinRT (c#/xaml)
    • iPhone (objective c)
    • Android (java)