LOGIN  |  REGISTER
Smart Living Made Brilliant!
CASTLEOS FORUM

HomeCastleOS API

Information, FAQs, Q&As, and everything else related to the CastleOS API can be found here

WCF Authentication Messages in this topic - RSS

Scott Goffman
Scott Goffman
Posts: 111


12/30/2015
Scott Goffman
Scott Goffman
Posts: 111
Chris,

I tried playing around with the CastleOS API just for fun. I was able to use svcutil.exe to retrieve CastleOSService.cs and the app.config with the ServiceModel data.

I set up a new CastleOSClient instance, and quickly ran into the issue that .ClientCredentials is, for some reason, Read-Only.
Well, no biggie, my good friend Google found me some code for overriding the credentials in the Endpoint, so that's all fine.

But... After opening the connection (using security mode "TransportCredentialOnly", transport clientCredentialType "Basic", as specified in both the client app.config and CastleOSCoreService.exe.config), the server immediately responds with a (403) Forbidden error: "The HTTP request was forbidden with client authentication scheme 'Basic'."

It's not an SSL connection, I can't find any logical reason why it's being denied, so I'm wondering if it's due to this bug in WCF, where WCF is responding to the initial query with a 403 forbidden instead of a 401 unauthorized (which would trigger sending authentication).

If that IS the issue, there are some workarounds posted in that same thread, but they would have to be done on your end.

-Scott
0 link
Chris Cicchitelli
Chris Cicchitelli
Administrator
Posts: 3390


12/30/2015
Chris Cicchitelli
Chris Cicchitelli
Administrator
Posts: 3390
Hey Scott, either it is the bug you are describing (and the credentials are failing), or it's the connection settings.

If you open the folder C:\Program Files (x86)\CastleOS\CastleOS Core Service\WebApp, you'll see a web.config file in there. In that config file, you'll find the correct settings for using the CastleOS WCF service (note for other: it also exposes a REST service). Just copy and paste that to your client app to make sure you're settings are all correct. The relevant section is "system.serviceModel".

In that, you'll notice there are two endpoints, the "unsecured service" and the "secured service". In short, you use the unsecured service to get basic info from the service, as well as to authenticate user credentials. Once authenticated, you can log into the secured service using the binding that uses "TransportCredentialOnly".


The final piece to the puzzle is generating the authentication credentials to use with the secured service, and that is done in C#. I can provide a code sample for that, as well as the encryption key used for the credentials.

Another note is the service has been fully documented (via XML comments) and "organized" (renamed methods, normalized, etc.). So if you are ready to start hacking with the API, let me get the latest internal build to you.

Thanks!!
0 link
Scott Goffman
Scott Goffman
Posts: 111


12/30/2015
Scott Goffman
Scott Goffman
Posts: 111
[edit] Your tip helped, it turned out I had only pulled down the .cs and config for the CastleOSService; I ran svcutil on service2, and now have CastleOSUnsecuredService.cs and the unsecured connection config info.

Would still love to get sample authentication code, though, because I suspect I'm making this unnecessarily complicated...

-Scott
edited by sgoffman on 12/30/2015
0 link
Tommy Long
Tommy Long
Posts: 218


12/30/2015
Tommy Long
Tommy Long
Posts: 218
Yes would be nice to have an example of how to turn on a light bulb!
0 link
Chris Cicchitelli
Chris Cicchitelli
Administrator
Posts: 3390


1/2/2016
Chris Cicchitelli
Chris Cicchitelli
Administrator
Posts: 3390
Will do, I'll try to get it published this coming week, but please bear with me as I'm on travel from now through the end of CES...
0 link
Scott Goffman
Scott Goffman
Posts: 111


1/2/2016
Scott Goffman
Scott Goffman
Posts: 111
Understood, and not a problem. Enjoy the show!
+1 link
Chris Cicchitelli
Chris Cicchitelli
Administrator
Posts: 3390


3/13/2016
Chris Cicchitelli
Chris Cicchitelli
Administrator
Posts: 3390
0 link
Scott Goffman
Scott Goffman
Posts: 111


3/13/2016
Scott Goffman
Scott Goffman
Posts: 111
Thanks Chris. Does the new Beta change the way I should access the API via C#, or is only for REST queries? Either way, I would still like to see sample C# authentication code if you have it.

-Scott
0 link
Chris Cicchitelli
Chris Cicchitelli
Administrator
Posts: 3390


3/13/2016
Chris Cicchitelli
Chris Cicchitelli
Administrator
Posts: 3390
Only REST changed. For the WCF example, go to C:\Program Files (x86)\CastleOS\CastleOS Core Service\WebApp\Web.config and copy the system.serviceModel section to your custom app's config.
0 link
Scott Goffman
Scott Goffman
Posts: 111


3/13/2016
Scott Goffman
Scott Goffman
Posts: 111
Right, I've got that part set up already, but I was never able to get the secured client to accept the credentials. So what I'm still looking for is what you wrote: "The final piece to the puzzle is generating the authentication credentials to use with the secured service, and that is done in C#. I can provide a code sample for that, as well as the encryption key used for the credentials."

-Scott
0 link
Chris Cicchitelli
Chris Cicchitelli
Administrator
Posts: 3390


3/13/2016
Chris Cicchitelli
Chris Cicchitelli
Administrator
Posts: 3390
ooooooooooo right! We DID change that. It should now accept plain text credentials... give it another try with today's beta...
0 link
Scott Goffman
Scott Goffman
Posts: 111


3/13/2016
Scott Goffman
Scott Goffman
Posts: 111
Authentication still fails on today's beta: "The HTTP request was forbidden with client authentication scheme 'Basic'."
0 link
Chris Cicchitelli
Chris Cicchitelli
Administrator
Posts: 3390


3/13/2016
Chris Cicchitelli
Chris Cicchitelli
Administrator
Posts: 3390
Can you send me your sample app? THe whole VS solution...
0 link
Scott Goffman
Scott Goffman
Posts: 111


3/13/2016
Scott Goffman
Scott Goffman
Posts: 111
You would seriously rather debug my cobbled-together test-bed project than post some sample code? Y'know, if you want people to actually use your API you're going to have to post samples at some point...

But if that's really how you want to do this, you can grab it from here: http://goffman.net/downloads/CastleOScmd.zip

-Scott
0 link
Chris Cicchitelli
Chris Cicchitelli
Administrator
Posts: 3390


3/13/2016
Chris Cicchitelli
Chris Cicchitelli
Administrator
Posts: 3390
Alright, so here's what I did. You're the first to get this! Though I'll be publishing it on the upcoming "developers" page too. I just made an API that you can plug directly into any C# project. Included is a sample app. You'll see in the folder is a dll named "CastleOS_API.dll". That is the key piece that allows you to simply call API methods, rather than recreate the wheel. You'll need to add that dll as a reference to any project you want to use it in.

Along with that, you'll system.serviceModel in the app.config. Make sure you copy this section to any app.config you build for custom apps, without it, the DLL won't work.

From there, in program.cs is a very basic example of authentication. It calls one sample method, but you can all any method you'd like from there.

Let me know if you have any questions!
edited by ccicchitelli on 3/13/2016


0 link
Scott Goffman
Scott Goffman
Posts: 111


3/13/2016
Scott Goffman
Scott Goffman
Posts: 111
That's great, I'll take a look at it tonight! Thanks!

-Scott
0 link
Scott Goffman
Scott Goffman
Posts: 111


3/16/2016
Scott Goffman
Scott Goffman
Posts: 111
Chris, just wanted to let you know that the DotNet DLL works great, it's exactly what I was looking for. I used it to write a simple command-line tool that my old Harmony IR remotes now use to send lighting commands to CastleOS. Thanks again!

Oh, one small request: The DLL requires the .net Framework 4.5.2, which in turn requires Windows 7 SP1; I can upgrade my older HTPCs to that, but if you aren't actively using 4.5 features, you might consider building it against 4.0 (or releasing the source so users can compile it with whatever framework they're using).
-Scott
edited by sgoffman on 3/16/2016
0 link
Chris Cicchitelli
Chris Cicchitelli
Administrator
Posts: 3390


3/16/2016
Chris Cicchitelli
Chris Cicchitelli
Administrator
Posts: 3390
Great to hear!!!

We do actively use 4.5 features, so we can't downgrade past that, but was can go to just 4.5 instead of 4.5.2 I think, if that makes a difference...

That said, you probably want to make that upgrade for security reasons anyways...
0 link
Michael Wallace
Michael Wallace
Posts: 52


3/17/2016
Michael Wallace
Michael Wallace
Posts: 52
Chris Cicchitelli wrote:
Alright, so here's what I did. You're the first to get this! Though I'll be publishing it on the upcoming "developers" page too. I just made an API that you can plug directly into any C# project. Included is a sample app. You'll see in the folder is a dll named "CastleOS_API.dll". That is the key piece that allows you to simply call API methods, rather than recreate the wheel. You'll need to add that dll as a reference to any project you want to use it in.

Along with that, you'll system.serviceModel in the app.config. Make sure you copy this section to any app.config you build for custom apps, without it, the DLL won't work.

From there, in program.cs is a very basic example of authentication. It calls one sample method, but you can all any method you'd like from there.

Let me know if you have any questions!
edited by ccicchitelli on 3/13/2016



This is exactly what I have been looking for! Thanks for posting this! One request, can you repackage the dll to support .Net Core for Win 10 apps?

Mike
edited by rpiwally on 3/17/2016
0 link