locked
JSON replacing characters in Token - hence corrupting it RRS feed

  • Question

  • Hi:

    My application is a WCF RestFul Service. First time a user accesses it  a method ..AuthenticateUser is called where his userid and passwd are passed as parameters. The method authenticates the user and retrieved other information about the user and forms a token which is  concatenation of encrypted user information:

    e.g

    <pre>User.TokenString = HttpUtility.UrlEncode(Encrypt(userID), Encoding.UTF8) & "*" & HttpUtility.UrlEncode(Encrypt(userAcctID), Encoding.UTF8) & "*" & HttpUtility.UrlEncode(pt(EncryuserAcctStatus), Encoding.UTF8) & "*"  
    
    
    
    The Encrypt method uses the Base64 internally and encrypts the passed parameters.  The User object is the return type of the AuthenticateUser. The WebGet method has

    ResponseFormat:=WebMessageFormat.Json

    When I call theAuthenticateUser method fromFiddler , I get the output in JSON format. However, for the token adds characters and replaces some characters:

    E.g

    if the userID should have been : IvejqSWrZLDm7VHPjVh/PhzyEwh0oYnhWPi1QYnuZkCYkJ8W3sDwXPXRJv8s4nv2
    JSON output is                      : IvejqSWrZLDm7VHPjVh\/PhzyEwh0oYnhWPi1QYnuZkCYkJ8W3sDwXPXRJv8s4nv2

    Char "/" has been changed to "\/"

    Furthermore

     if the userAcctID should have been : bv/5EHAXP+bb+d/fBYXCew==
    JSON output is                             : bv\/5EHAXP+bb+d\/fBYXCew==

    When I use the JSON token from the Fiddler in my request, I get error while decrypting becuase for Base64 it is no more multiple of 4 as char's have been added.

    How do I get JSON not to place the specail char's in my output, hence not corrupting the token.

    Thursday, March 3, 2011 8:49 PM

Answers

  • In JSON, "/" is equivalent to "\/" (http://json.org/), so any JSON reader should be aware of such escaping and unescape the string prior to using it. If you only need some simple encoded result, you can consider using the raw programming model, with an example shown below (and more information at http://blogs.msdn.com/b/carlosfigueira/archive/2008/04/17/wcf-raw-programming-model-web.aspx).

      public class Post_271a589a_8c19_4ca7_92b3_90bf1b3fb484
      {
        [ServiceContract]
        public interface ITest
        {
          [WebGet(ResponseFormat = WebMessageFormat.Json)]
          string GetAsJson(string userid, string password);
          [WebGet]
          Stream GetAsRaw(string userid, string password);
        }
        public class Service : ITest
        {
          public string GetAsJson(string userid, string password)
          {
            string result = "IvejqSWrZLDm7VHPjVh/PhzyEwh0oYnhWPi1QYnuZkCYkJ8W3sDwXPXRJv8s4nv2";
            return result;
          }
    
          public Stream GetAsRaw(string userid, string password)
          {
            string result = this.GetAsJson(userid, password);
            WebOperationContext.Current.OutgoingResponse.ContentType = "text/plain; charset=utf-8";
            return new MemoryStream(Encoding.UTF8.GetBytes(result));
          }
        }
        public static void Test()
        {
          string baseAddress = "http://" + Environment.MachineName + ":8000/Service";
          WebServiceHost host = new WebServiceHost(typeof(Service), new Uri(baseAddress));
          host.Open();
          Console.WriteLine("Host opened");
    
          WebClient c = new WebClient();
          Console.WriteLine(c.DownloadString(baseAddress + "/GetAsJson"));
          Console.WriteLine(c.DownloadString(baseAddress + "/GetAsRaw"));
        }
      }
    
    
    • Proposed as answer by Carlos Figueira Tuesday, March 8, 2011 7:32 PM
    • Marked as answer by Yi-Lun Luo Thursday, March 10, 2011 9:54 AM
    Friday, March 4, 2011 12:25 AM