Friday, 30 March 2018

Unit Testing Web API Using Swagger


In  this post we will use ASP.NET Web API to create a RESTful service and use a NuGet package to create Swagger(Open API) specification.  


What is ASP.NET Web API?
ASP.NET Web API is a framework that makes it easy to build HTTP services that reach a broad range of clients, including browsers and mobile devices. ASP.NET Web API is an ideal platform for building RESTful applications on the .NET Framework.

What is Swagger? 

Swagger is a simple yet powerful representation of your RESTful API. With the largest ecosystem of API tooling on the planet, thousands of developers are supporting Swagger in almost every modern programming language and deployment environment.

Advantages of Swagger

·       It's comprehensible for developers and non-developers. Product managers, partners, and even potential clients can have input into the design of your API, because they can see it clearly mapped out in this friendly UI.
·       It's human readable and machine readable. This means that not only can this be shared with your team internally, but the same documentation can be used to automate API-dependent processes.
·       It's easily adjustable. This makes it great for testing and debugging API problems.

 Using the code

Step 1 Adding Swagger to Web API Project

To add Swagger to Web API, we just need to install an open source project called Swashbuckle via NuGet.

Step 2 .  Install NuGet Packages

Install "Swashbuckle.AspNetCore" NuGet package in the solution. 

After Installation, you can see the swaggerconfig.cs under app_start folder in your project.

Step 3 View the Swaggerconfig.cs 

Step 4 Configure Swagger

At minimum, we need this line to enable Swagger and Swagger UI. 

Step 5 Now, run your API application and Just type swagger after service. You will get the UI of swagger with list API including whatever we wrote in services.


Unit Testing with API

 Click on Try it out button It will send a response for Get and Post Method.

Happy Programming!!

Don’t forget to leave your feedback and comments below!

If you have any query mail me to     

Sujeet Bhujbal

Sunday, 28 January 2018

Web API Token Based Authentication


In this article, I will tell you how to create token based authentication in WEB API using OWIN easily.


Authentication and authorization is very much important in every project. There are so many articles already written for authentication in web apin. Therefore, in this article I will tell you how to create token based authentication in Web Api using OWIN within 10 minutes. 

First I will tell you 

1. What is Token Based Authentication : 

In Token based authentication users allows to enter username and password to obtain a token which allows them to fetch a specific resource without using their username and password. Once their token has been retrieved, the user can offer the token – which offers access to a specific resource for a time period

2. OWIN (Open Web Interface for .NET) :

OWIN defines a standard interface between .NET web servers and web applications. You will get more information from

Advantages of OWIN

1. Scalable: The token itself holds all encrypted user info, so adding more servers to your web farm is an easy task.

2. Mobile Friendly: Comparing with cookies, storing token in native mobile platforms or browsers could be a standard way.

3. Decoupled: Any server providing token Auth service could be an alternative option.You can plug any middlewares (and as many as you want) between the webserver and your application.

4. Safer: CSRF Attack Prevent.

5. Performance: Decoding token to get use info is usually faster than querying DB.

Disadvantages of OWIN

Need additional code to store and send token.

Using the code

1. Create WEB API Application  : 

First we will create empty WEB API application using visual studio 2017

2. Package Installation :

 We will add below package to our solution

Install-Package Microsoft.AspNet.WebApi.Owin -Version 5.2.2
Install-Package Microsoft.Owin.Host.SystemWeb -Version 2.1.0
Install-Package Microsoft.AspNet.Identity.Owin -Version 2.0.1
Install-Package Microsoft.AspNet.Identity.EntityFramework -Version 2.0.1
Install-Package Microsoft.Owin.Security.OAuth -Version 2.1.0
Install-Package Microsoft.Owin.Cors -Version 2.1.0

3. Create below cs files in your project

1.Add below code in WebApiConfig

2. Add below token based configuration in Startup.cs

3 Create new class SimpleAuthorizationServerProvider which will inherit OAuthAuthorizationServerProvider class which has two methods ValidateClientAuthetication and GrantResourceOwnerCredential

4. Add new Web Api controller. Give name as TokenTestController

4.Testing Token based authentication using POSTMAN

1. We will access token using token method

2. Then we will try to access /api/TokenTest/Authorize method directly without token. It will respond 401 as expected.

3. We will again send above request  along with the token from above #1 and we will get respond 200 as expected. As we have implemented token based authentication

Happy Programming!!

Don’t forget to leave your feedback and comments below!

If you have any query mail me to     

Sujeet Bhujbal