Handling webhook calls in ASP.NET MVC application, implementation and testing - asp.net-mvc

I have inherited this old ASP.Net MVC application and now I have to integrate a new Payment Service Provider. This PSP returns the responses to all payment requests via a POST message. The fields of the response are sent as hidden fields. The URL of the webhook must be provided in the request. After reading different SO posts along the same lines, I kinda know, in principle, what I would have to do. The PSP has a test & integration environment so I can send test request from my development environment. The problem I am facing is how to read the response. The URL for the webhook must be public, so me, running my development environment on my localhost, won't help. I can use webhook.site to get the responses, but I would like to get them in my application, so I check that my code behaves correctly and can handle properly the POST message containing all the hidden fields. Did anyone manage to find a possible solution for this problem?
TIA,
Ed

You mention that you want to test if you code behave correctly, I also see tag asp.net mvc in the post. For this requirement I can suggest you to go with azure. Azure have remote debugging feature which can easily help you test your code.
If you don't want to go with Azure, you can use ngrok software to make your localhost url public. This way you can trigger your code and debug it locally like remote debugging in azure.
There is one more way to test this thing very well. Just log the whole body of webhook (in logs or DB) and later execute it yourself through postman. This might doesn't let your webhook endpoint know the result at same time.

Related

How do I view a request coming into my Postman mock server?

My website is making post requests to Postman's mock server. I want to be able to see my request to make sure that it is coming across in the way that I expect. I have tried attaching a monitor but that doesn't show me the request anywhere that I am able to find.
Where in the Postman Windows client can I see a request coming in to my Postman mock server?
I contacted Postman support and they say currently what I want to do is not possible. See this link for information: Postman Support Twitter Response
They did say however that if I wanted to just see the request that I am sending that I can use Postman Echo to see what kind of request I am sending.
It is now possible to view logs for requests made to and responses sent from your Postman mock server.
Mock Call Logs - https://blog.postman.com/introducing-postman-mock-call-logs/
You can see request to your mock end points buy doing the following.
Open postman, in the left most menu/column select mock servers
2)Click on Mock Servers and in the second left most column you should see your mock servers
3)Click on the one you want and in the middle screed you should see the logs
enter image description here
Its very easy, this functionality was added way back in 2020.
Just click on the Mock Server and you should be able to see the logs on the right side.
Isn't interceptor a good decision for it?

.NET MVC Custom Mail Server

I'm in the process of planning the development of a mail-server to hand the sending of email across our multiple websites. Below is a description of what we are planning to implement and I'd like your opinion/suggestions.
We use ASP.NET MVC and have many web-sites hosted on Azure. We currently send mail internally within each of the web applications using SMTPServer.Send(). Obviously this is not the ideal way to send emails when you have a decently busy set of websites because the send mail call is blocking and cannot guarantee mails are sent. With this I'm worried out getting an influx of mail requests when we launch our next website (we think it'll get a decent amount of traffic and lots of emails will be sent).
My plan of action : to build a centralised mail-server that runs in the background (we use azure and this will be simply another web-application). When each one of our web applications wants to send a mail, instead of doing this internally, it'll call a web method on the mail-server called sendMail() this function will accept certain parameters and insert the mail parameters, content etc. into a database. The mail server will then poll the database at fixed time intervals, select a set of unsent emails and attempt to send them using the same SMTPServer.Send() function. If an email fails for some reason we won't flag it as sent and in the next poll interval the email will be selected again and another send attempt will be made. (we will cap the number of send attempts to say 20).
This will allow each of the websites to run smoothly without having loads of blocking send mail calls internally and the mail server will handle all the sending sequentially and in a controlled environment as a separate standalone web-application.
Thanks in advance!
Looks like a good design, Don't know the entire scenario which let to you building something like an email server. The problem has been solved well by using a service that already exist like Office 365.
Your design is good, My suggestions would be the following,
You can use Azure WebJobs to build the polling agent. You can make the web job run as a scheduled web job that does the polling and sending the mail and it can be written very clean as a simple console app.
You can use Azure API App to build the SendMail() call and you can use the Azure AD Auth on the API to authenticate the caller of the API using the Authentication and Authorization feature to easily secure your email server. You can also enable CORS easily as well to make sure you receive requests from other websites and process it.
Some issues I foresee for you,
Volume and Scaling : You can only process so much email between each polling. If you cannot then you will need to create another polling agent which will making things complicated as they need to know they are picking different sets of emails to send. If you volume is going to be low you should be fine.
Challenge : Why can't the websites send the mail them selves ? And then record it on the database for tracking. All you have to do build module or a component that they use on their web page to create and send the mail. Polymer 1.0 works well for this scenario.
Hope this helps to get you started.

Mock API Requests Xcode 7 Swift Automated UI Testing

Is there a way to mock requests when writing automated UI tests in Swift 2.0. As far as I am aware the UI tests should be independent of other functionality. Is there a way to mock the response from server requests in order to test the behaviour of the UI dependant on the response. For example, if the server is down, the UI tests should still run. Quick example, for login, mock if password failed then UI should show alert, however, if the login is successful the next page should be shown.
In its current implementation, this is not directly possible with UI Testing. The only interface the framework has directly to the code is through it's launch arguments/environment.
You can have the app look for a specific key or value in this context and switch up some functionality. For example, if the MOCK_REQUESTS key is set, inject a MockableHTTPClient instead of the real HTTPClient in your networking layer. I wrote about setting the parameters and NSHipster has an article on how to read them.
While not ideal, it is technically possible to accomplish what you are looking for with some legwork.
Here's a tutorial on stubbing network data for UI Testing I put together. It walks you through all of the steps you need to get this up and running.
If you are worried about the idea of mocks making it into a production environment for any reason, you can consider using a 3rd party solution like Charles Proxy.
Using the map local tool you can route calls from a specific endpoint to a local file on your machine. You can past plain text in your local file containing the response you want it to return. Per your example:
Your login hits endpoint yoursite.com/login
in Charles you using the map local tool you can route the calls hitting that endpoint to a file saved on your computer i.e mappedlocal.txt
mappedlocal.txt contains the following text
HTTP/1.1 404 Failed
When Charles is running and you hit this endpoint your response will come back with a 404 error.
You can also use another option in Charles called "map remote" and build an entire mock server which can handle calls and responses as you wish. This may not be exactly what you are looking for, but its an option that may help others, and its one I use myself.

Different error responses when using the JIRA REST API in two instances

We have two jira installations at our company. One that we use for our projects and a second one for testing purposes.
I'm working in a project that needs to use the JIRA REST API. For this purpose I'm connecting to our testing instance.
The problem is that while trying out the REST API, I keep getting 400 errors without a single explanation of what went wrong. I just get an HTML with
Your browser sent a request that this server could not understand
I was a bit desperate and decided to try it into our real JIRA. To my surpirse the same request gave me a different response:
{"errorMessages":[],"errors":{"project":"project is required"}}
In this case, I do get a meaningful error!
I replicated this easily. I would never get a meaningful error from the test instance, but the real one will always give me one.
I cannot keep trying out stuff in our productive JIRA, but I cannot easily continue working without getting meaningful errors. So, what could be wrong in the testing instance? I could not find any configuration about the 'verbosity' of the API responses.
I believe that this error is returned not by JIRA but rather by proxy web server that is part of you production configuration.
I suggest you to compare HTTP headers that are sent with working requests from your browser with headers you pass via curl. Googling for the "Your browser sent a request that this server could not understand" helps too

Problems with MVC4 & External Login with Google

I've an ASP .NET MVC4 application that uses SimpleMembership and allows users to sign in with their google accounts.
In order to do that I configured the application's AuthConfig class by uncommenting the OAuthWebSecurity.RegisterGoogleClient(); line to add google as an external login method. I didn't really change much inside the external login methods that already come with the ASP .NET MVC4 Internet Application template.
Problem:
Everything works fine when I run it locally (IIS express) or when I deploy it to a 'test' server (IIS 6.1, accessible on the intranet only). When I click my "sign in with google" button, I'm sent to google's authentication page, whose url looks something like this:
https://accounts.google.com/ServiceLogin?service=lso&passive=12096...(long url)
Alas, when I deploy it to the 'production' server (internet facing) and try to access it via internet, Google authentication stops working: when I click my "sign in with google" I'm being sent to an url that looks like this:
http://MY_APPLICATION_NAME.MY_DOMAIN.com/accounts/o8/ud?openid.claimed_id=http%3A%2F%2Fspecs.openid...(long url)
This url is wrong not only because it has my domain in it (I believe it should be accounts.google.com?), but also because the rest of it is completely different from the url I get when the authentication works.
What I know and have tried:
If I use fiddler, I can see that the application is behaving differently when I'm accessing the application via internet or intranet.
If I access it from within the network, I see I'm making a request to http://MY_APPLICATION_NAME.MY_DOMAIN.com/account/ExternalLogin?returnUrl= and then "Tunnel to www.google.com:443, Tunnel to accounts.google.com:443". This works ok.
If I access it from the internet I see I'm making a request to http://MY_APPLICATION_NAME.MY_DOMAIN.com/account/ExternalLogin?returnUrl= and then another one to http://MY_APPLICATION_NAME.MY_DOMAIN.com/accounts/o8/ud?openid.claimed_id=http%3A%2F%2Fspecs.openid...(long url). This obviously gives a 404.
I might be wrong but I assume that this url is generated by the OAuthWebSecurity.RequestAuthentication(provider, returnUrl). What puzzles me is that it looks like it is requesting the authenticaton to my server instead of accounts.google.com.
My research so far has only brought to me posts/questions/etc. showing how easy it is to use SimpleMembership for external authentication and I can see everyone does it pretty much the same way.
Conclusion:
I believe this probably has something to do with something I must configure on web.config or IIS. I do know that the requests to my application arrive at my DNS server which does a url rewrite and forwards the request to my web server, although I don't know if this is related to the problem.
Does anyone have any idea of what might be wrong or ever had a similar issue? Any help would be appreciated.
EDIT:
I've looked into OpenAuthSecurityManager.cs's source code and although I can't debug it I see the problem might be related to an incorrect HttpContext inside the RequestAuthentication method, due to my reverse proxy settings on IIS?
I ended up with a request to change the IT infrastructure.
OpenAuthSecurityManager.cs was probably getting a wrong HttpContext instance because of the way the requests were being handled by the previous infrastructure (requests arrived at our DNS server and were forwarded to the web service, on a different server inside our network, with UrlRerwrite rules).
It's working now.

Resources