asp.net 不记名令牌身份验证失败
Bearer token authentication failed on asp.net
我正在尝试在网络上发出 GET 请求 api。我建立客户端。问题似乎出在不记名令牌的身份验证上。我已经看过很多帖子,但没有任何效果。
这是我的代码:
using System;
using System.Collections.Generic;
using System.Linq;
using System.Net.Http;
using System.Net.Http.Headers;
using System.Text;
using System.Threading.Tasks;
namespace AuthUsingBearerToken
{
class Program
{
static void Main(string[] args)
{
RunClient();
Console.ReadLine();
}
static void RunClient()
{
using (var client = new HttpClient())
{
client.BaseAddress = new Uri("uri");//address of web api
client.DefaultRequestHeaders.Accept.Clear();//removes all entries from system.net.http.headers...
client.DefaultRequestHeaders.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));//adds an entry to system in json format
//First Method i tried
//client.DefaultRequestHeaders.Accept.Add(new AuthenticationHeaderValue("Bearer ", "token from web api));
//Second method
// var token = "token from web api";
// client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", token);
//Third Method
//client.DefaultRequestHeaders.Add("Authorization", "Bearer " + token);
GetPatient(client, "1").Wait();
}
}
public static async Task GetPatient(HttpClient client, string id)
{
try
{
HttpResponseMessage response = await client.GetAsync(""+id);
response.EnsureSuccessStatusCode();
Patient patient = await response.Content.ReadAsAsync<Patient>();
Console.WriteLine("Id: {0}\tName: {1}", patient.id, patient.patient_name);
}
catch (HttpRequestException e)
{
Console.WriteLine("{0}", e.Message);
throw;
}
}
}
我的问题是:
如何制作一个带有令牌认证的Bearer?
还是我做的不对?
谢谢!
您将需要 POST 对您的网络 api 授权端点(例如“\token”)的有效请求,其中包含以下 http body 键值对:username, password, client_id and grant_type=password。 (确保遵循您请求的 header 中的 Content-Type)
为此使用 await client.PostAsync("token", content);
如果授权成功,您将收到一个回复access_token。您可以使用令牌 object 反序列化为 (ApiToken = await JsonConvert.DeserializeObject<Token>(response.Content.ReadAsStringAsync());
在需要验证的任何后续请求的 header 中添加该令牌:授权:Bearer {acces_token_value}
client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", ApiToken.ToString());
有很多关于该主题的资源,对我来说最有趣的是:
http://bitoftech.net/2014/06/01/token-based-authentication-asp-net-web-api-2-owin-asp-net-identity/
我正在尝试在网络上发出 GET 请求 api。我建立客户端。问题似乎出在不记名令牌的身份验证上。我已经看过很多帖子,但没有任何效果。
这是我的代码:
using System;
using System.Collections.Generic;
using System.Linq;
using System.Net.Http;
using System.Net.Http.Headers;
using System.Text;
using System.Threading.Tasks;
namespace AuthUsingBearerToken
{
class Program
{
static void Main(string[] args)
{
RunClient();
Console.ReadLine();
}
static void RunClient()
{
using (var client = new HttpClient())
{
client.BaseAddress = new Uri("uri");//address of web api
client.DefaultRequestHeaders.Accept.Clear();//removes all entries from system.net.http.headers...
client.DefaultRequestHeaders.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));//adds an entry to system in json format
//First Method i tried
//client.DefaultRequestHeaders.Accept.Add(new AuthenticationHeaderValue("Bearer ", "token from web api));
//Second method
// var token = "token from web api";
// client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", token);
//Third Method
//client.DefaultRequestHeaders.Add("Authorization", "Bearer " + token);
GetPatient(client, "1").Wait();
}
}
public static async Task GetPatient(HttpClient client, string id)
{
try
{
HttpResponseMessage response = await client.GetAsync(""+id);
response.EnsureSuccessStatusCode();
Patient patient = await response.Content.ReadAsAsync<Patient>();
Console.WriteLine("Id: {0}\tName: {1}", patient.id, patient.patient_name);
}
catch (HttpRequestException e)
{
Console.WriteLine("{0}", e.Message);
throw;
}
}
}
我的问题是:
如何制作一个带有令牌认证的Bearer? 还是我做的不对?
谢谢!
您将需要 POST 对您的网络 api 授权端点(例如“\token”)的有效请求,其中包含以下 http body 键值对:username, password, client_id and grant_type=password。 (确保遵循您请求的 header 中的 Content-Type)
为此使用 await client.PostAsync("token", content);
如果授权成功,您将收到一个回复access_token。您可以使用令牌 object 反序列化为 (ApiToken = await JsonConvert.DeserializeObject<Token>(response.Content.ReadAsStringAsync());
在需要验证的任何后续请求的 header 中添加该令牌:授权:Bearer {acces_token_value}
client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", ApiToken.ToString());
有很多关于该主题的资源,对我来说最有趣的是: http://bitoftech.net/2014/06/01/token-based-authentication-asp-net-web-api-2-owin-asp-net-identity/