程序员经验分享-hwhale

RestSharp 身份验证器遵循 302 重定向

2023-11-29

我正在尝试使用 RestSharp 向 API 发出请求。通过将请求重定向到登录服务器、使用基本凭据进行身份验证、获取 cookie,然后重定向回 API 来保护此 API。恐怕我无法控制这个。

所以请求的顺序是:

Request                                            Response
---------------------------------------------------------------------------------
1. GET http api server                             302 Found to login server
2. GET https login server                          401 Unauthorized
3. GET https login server with basic credentials   302 Found to api server with cookies
4. GET http api server with cookies                200 OK

我正在尝试使用 RestSharp 来做到这一点。这是我的代码:

var client = new RestClient("api server")
{
    Authenticator = new HttpBasicAuthenticator("username", "password")
};
var request = new RestRequest("api path", Method.GET);
var result = client.Execute<TResult>(request).Data;

授权标头仅在第一个请求时发送。它不遵循任何重定向。

有没有办法让 RestSharp 仅将凭据发送到登录服务器?


不是总是这样吗。发布到堆栈溢出后即可找到解决方案。

https://github.com/restsharp/RestSharp/issues/414

我必须构建自定义 System.Net.IAuthenticationModule,而不是在 RestClient 上使用 IAuthenticator。这是我的解决方案:

我的 RestSharp 身份验证器

public class MyAuthenticator : IAuthenticator
{
    private readonly CredentialCache _credentials = new CredentialCache();

    public MyAuthenticator(Uri loginServerUrl, string username, string password)
    {
        if (loginServerUrl == null)
        {
            throw new ArgumentNullException("loginServerUrl");
        }

        __registerAuthenticationModule(loginServerUrl);
        _credentials.Add(loginServerUrl, MyAuthenticationModule.TheAuthenticationType, new NetworkCredential(username, password, loginServerUrl.Host));
    }

    private static MyAuthenticationModule __registerAuthenticationModule(Uri loginServerUrl)
    {
        IEnumerator registeredModules = AuthenticationManager.RegisteredModules;
        MyAuthenticationModule authenticationModule;

        while (registeredModules.MoveNext())
        {
            object current = registeredModules.Current;
            if (current is MyAuthenticationModule)
            {
                authenticationModule = (MyAuthenticationModule)current;
                if (authenticationModule.LoginServerUrl.Equals(loginServerUrl))
                {
                    return authenticationModule;
                }
            }
        }

        authenticationModule = new MyAuthenticationModule(loginServerUrl);
        AuthenticationManager.Register(authenticationModule);
        return authenticationModule;
    }

    public void Authenticate(IRestClient client, IRestRequest request)
    {
        request.Credentials = _credentials;
    }
}

我的 .NET 身份验证模块

public class MyAuthenticationModule : IAuthenticationModule
{
    internal const string TheAuthenticationType = "MyAuthentication";

    private readonly CredentialCache _credentialCache = new CredentialCache();
    private readonly Uri _loginServerUrl;

    internal CredentialCache CredentialCache
    {
        get
        {
            return _credentialCache;
        }
    }

    internal Uri LoginServerUrl
    {
        get
        {
            return _loginServerUrl;
        }
    }

    internal MyAuthenticationModule(Uri loginServerurl)
    {
        if (loginServerurl == null)
        {
            throw new ArgumentNullException("loginServerUrl");
        }

        _loginServerUrl = loginServerurl;
    }

    public Authorization Authenticate(string challenge, WebRequest request, ICredentials credentials)
    {
        Authorization result = null;

        if (request == null || credentials == null)
        {
            result = null;
        }

        else
        {
            NetworkCredential creds = credentials.GetCredential(LoginServerUrl, TheAuthenticationType);
            if (creds == null)
            {
                return null;
            }

            ICredentialPolicy policy = AuthenticationManager.CredentialPolicy;
            if (policy != null && !policy.ShouldSendCredential(LoginServerUrl, request, creds, this))
            {
                return null;
            }

            string token = Convert.ToBase64String(Encoding.UTF8.GetBytes(string.Format("{0}:{1}", creds.UserName, creds.Password)));

            result = new Authorization(string.Format("Basic {0}", token));
        }

        return result;
    }

    public string AuthenticationType
    {
        get { return TheAuthenticationType; }
    }

    public bool CanPreAuthenticate
    {
        get { return false; }
    }

    public Authorization PreAuthenticate(WebRequest request, ICredentials credentials)
    {
        return null;
    }
}

像这样添加到 RestSharp 客户端

var client = new RestClient(commonApiUrl)
{
    Authenticator = new MyAuthenticator(loginServerUrl, username, password)
};
本文内容由网友自发贡献,版权归原作者所有,本站不承担相应法律责任。如您发现有涉嫌抄袭侵权的内容,请联系:hwhale#tublm.com(使用前将#替换为@)

c

NET

restsharp

RestSharp 身份验证器遵循 302 重定向 的相关文章

随机推荐

热门标签