3

I have an MVC controller that aims to read the user's info from HTTP header. The header contains user info that returns from a single sign on (SiteMinder). SiteMinder redirects the user to the company login page and returns back to my app along with cookie and HTTP header. The HTTP header contains user's info. My controller is supposed to get those info and display it in the navigation bar.

Here is the controller code:

[HttpGet]
public async Task<IActionResult> GetUser()
{
    var person = Request.Headers["HTTP_JHED_UID"].ToString();
    if (repository.GetJhedUser(person) != null)
    {
        var user = await repository.GetUser(person);
        var userDto = mapper.Map<User, UserForDisplayDto>(user);
        return Ok(userDto);
    }
    else
    {
        return null;
    }

}

And here is my corresponded repository:

public string GetJhedUser(string value)
{
    return context.Users.Where(x => x.JHED_ID == value).ToString();
}

public async Task<User> GetUser(string id, bool includeRelated = true)
{
    if(!includeRelated)
        return await context.Users.FindAsync(id);

    return await context.Users
        .SingleOrDefaultAsync(s => s.JHED_ID == id);
}

I receive 500 server error. I am sure that the header has those values.

EDIT: Here is an image of debugging. Even I tried with "Date" the value is nothing. Please note that I refactored my codes to @Nkosi's code below

enter image description here

How to get those user's info (in this case just username) from header so that I can display in my HTML template?

Improve this question
5
  • have you tried to check - if (Request.Headers["HTTP_JHED_UID"].Count() > 0) ? Commented Apr 2, 2018 at 15:35
  • Yes. I still get 500 server error. Commented Apr 2, 2018 at 16:52
  • 1
    It should be if (Request.Headers["HTTP_JHED_UID"].Any()) , but the main problem is - what exact exception do you get? Syntax error in JSON response means that you got an error html page in response, so what's in there? Commented Apr 2, 2018 at 17:25
  • I refactored my code to @Nkosi 's code below. I am now getting BadRequest. I don't think the issue is on the client side. Somehow the controller doesn't get the header value. Commented Apr 2, 2018 at 17:40
  • At least now you are in a better position to investigate what the true problem is because the action is providing a relevant response. Commented Apr 2, 2018 at 17:41

1 Answer 1

Reset to default
5

Do not return null from a controller action.

Check that the header actually exists before trying to access it.

Refactor the action to be coded a little more defensively.

[HttpGet]
public async Task<IActionResult> GetUser() {
    //was the header provided?
    var headerValue = Request.Headers["HTTP_JHED_UID"];
    if(headerValue.Any() == false) return BadRequest(); //401

    //does the person exist?
    var person = headerValue.ToString();
    if(repository.GetJhedUser(person) == null) return NotFound(); //404

    var user = await repository.GetUser(person);
    var userDto = mapper.Map<User, UserForDisplayDto>(user);
    return Ok(userDto); //200
}

The repository code for GetJhedUser has a problem as well because calling to string on the linq expression is not doing what you think it does.

I would go further to suggest refactoring GetJhedUser to what it is actually checking

public bool JhedUserExists(string value) {
    return context.Users.FirstOrDefault(x => x.JHED_ID == value) != null;
}

this results in the action looking like this

[HttpGet]
public async Task<IActionResult> GetUser() {
    //was the header provided?
    var headerValue = Request.Headers["HTTP_JHED_UID"];
    if(headerValue.Any() == false) return BadRequest(); //401

    //does the person exist?
    var person = headerValue.ToString();
    if(repository.JhedUserExists(person) == false) return NotFound(); //404

    var user = await repository.GetUser(person);
    var userDto = mapper.Map<User, UserForDisplayDto>(user);
    return Ok(userDto); //200
}
Improve this answer
Sign up to request clarification or add additional context in comments.

4 Comments

Nope! Still no luck. I've just added my debug window with Date header.
@FabianEssenberg What headers does the request actually have? check that
Request header has both Date and HTTP_JHED-UID.
Seems like either Request.Headers["Date"] or Request.Headers["HTTP_JHED_ID"] is retrieved. Basically, I am getting nothing from the header. Not even standard ones.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.