如何:C# WebClient 使用 Mutual TLS 访问服务端点(类似 Oauth 2.0 的协议)
How to: C# WebClient to hit service endpoint (Oauth 2.0 like protocol) with Mutual TLS
我需要点击一项服务来获取应用程序票证以针对另一项服务进行身份验证。该解决方案托管在端点上。
我尝试在 google chrome 中使用 POSTMAN 应用程序,它成功了,returns 我得到了 AppID。当我在 POSTMAN 应用程序中提交 (POST) 请求时,它会提示输入证书。当我 select 正确的证书时调用成功。
我需要在 C# 中实现相同的功能(在 Web 应用程序中)
我尝试使用 RestSharp.RestClient 库,但不断收到以下错误:
"Client certificate not found in site certificates".
附上代码供参考。
var client = new RestSharp.RestClient("MyUrl");
var request = new RestSharp.RestRequest("pksecure/oauth20_clientcredentials.srf", RestSharp.Method.POST);
request.AddParameter("grant_type", "client_credentials");
request.AddParameter("param2", "value2");
request.AddParameter("scope", "machinename");
client.ClientCertificates = new System.Security.Cryptography.X509Certificates.X509CertificateCollection();
client.ClientCertificates.Add(new System.Security.Cryptography.X509Certificates.X509Certificate(
@"E:\MyCertificate.pfx"
, "MyPassword"
));
System.Net.ServicePointManager.ServerCertificateValidationCallback +=
delegate(object sender, System.Security.Cryptography.X509Certificates.X509Certificate cert, System.Security.Cryptography.X509Certificates.X509Chain chain, System.Net.Security.SslPolicyErrors sslError)
{
bool validationResult = true;
return validationResult;
};
var response = client.Execute(request);
var content = response.Content; // raw content as string
请问。帮助使用双向 TLS 进行此调用。
TIA,
山姆
我不确定为什么我无法使用 RestSharp 完成它。
但我可以通过使用 HttpWebRequest 来让它工作。
此外,之前我使用的是导致错误的 Certficate.Pfx 文件。使用 Certificate.Cer 文件解决了这个问题。
贴出代码供参考:
var request = (HttpWebRequest)WebRequest.Create("MyURL/oauth20_clientcredentials.srf");
var postData = "grant_type=client_credentials";
postData += "¶m2=value2";
postData += "&scope=" + HttpUtility.UrlEncode("machinename");
var data = Encoding.ASCII.GetBytes(postData);
request.Method = "POST";
request.ContentType = "application/x-www-form-urlencoded";
request.ContentLength = data.Length;
using (var stream = request.GetRequestStream())
{
stream.Write(data, 0, data.Length);
}
request.ClientCertificates.Add(new System.Security.Cryptography.X509Certificates.X509Certificate(@"E:\MyCertificate.cer"));
var response = (HttpWebResponse)request.GetResponse();
var responseString = new StreamReader(response.GetResponseStream()).ReadToEnd();
return appToken;
谢谢,
Sam Jayander Thiagarajan。
我需要点击一项服务来获取应用程序票证以针对另一项服务进行身份验证。该解决方案托管在端点上。
我尝试在 google chrome 中使用 POSTMAN 应用程序,它成功了,returns 我得到了 AppID。当我在 POSTMAN 应用程序中提交 (POST) 请求时,它会提示输入证书。当我 select 正确的证书时调用成功。
我需要在 C# 中实现相同的功能(在 Web 应用程序中)
我尝试使用 RestSharp.RestClient 库,但不断收到以下错误: "Client certificate not found in site certificates".
附上代码供参考。
var client = new RestSharp.RestClient("MyUrl");
var request = new RestSharp.RestRequest("pksecure/oauth20_clientcredentials.srf", RestSharp.Method.POST);
request.AddParameter("grant_type", "client_credentials");
request.AddParameter("param2", "value2");
request.AddParameter("scope", "machinename");
client.ClientCertificates = new System.Security.Cryptography.X509Certificates.X509CertificateCollection();
client.ClientCertificates.Add(new System.Security.Cryptography.X509Certificates.X509Certificate(
@"E:\MyCertificate.pfx"
, "MyPassword"
));
System.Net.ServicePointManager.ServerCertificateValidationCallback +=
delegate(object sender, System.Security.Cryptography.X509Certificates.X509Certificate cert, System.Security.Cryptography.X509Certificates.X509Chain chain, System.Net.Security.SslPolicyErrors sslError)
{
bool validationResult = true;
return validationResult;
};
var response = client.Execute(request);
var content = response.Content; // raw content as string
请问。帮助使用双向 TLS 进行此调用。
TIA, 山姆
我不确定为什么我无法使用 RestSharp 完成它。
但我可以通过使用 HttpWebRequest 来让它工作。
此外,之前我使用的是导致错误的 Certficate.Pfx 文件。使用 Certificate.Cer 文件解决了这个问题。
贴出代码供参考:
var request = (HttpWebRequest)WebRequest.Create("MyURL/oauth20_clientcredentials.srf");
var postData = "grant_type=client_credentials";
postData += "¶m2=value2";
postData += "&scope=" + HttpUtility.UrlEncode("machinename");
var data = Encoding.ASCII.GetBytes(postData);
request.Method = "POST";
request.ContentType = "application/x-www-form-urlencoded";
request.ContentLength = data.Length;
using (var stream = request.GetRequestStream())
{
stream.Write(data, 0, data.Length);
}
request.ClientCertificates.Add(new System.Security.Cryptography.X509Certificates.X509Certificate(@"E:\MyCertificate.cer"));
var response = (HttpWebResponse)request.GetResponse();
var responseString = new StreamReader(response.GetResponseStream()).ReadToEnd();
return appToken;
谢谢,
Sam Jayander Thiagarajan。