将当前身份验证凭据从 UWP 应用程序传递到 Web 服务,以使用这些凭据访问服务器上的资源

Passing current authentication credentials from UWP app to web service to access resources on server with these credentials

我的 Windows 10 UWP 应用正在调用我创建的 WebAPI 网络服务。我需要在调用 Web 服务时在客户端传递当前凭据,以便它可以使用这些凭据访问其他资源。

我还需要在不提示用户输入凭据的情况下执行此操作,以便体验无缝。

我可以使用 System.Net.Http 来做到这一点,并成功地将当前凭据传递给服务器以用于访问资源。这将发送请求并在没有任何提示的情况下带回响应。我在 UWP 应用程序上启用了 Enterprise AuthenticationPrivate Networks 功能来完成这项工作。

问题: 这适用于 GET 请求但不适用于对同一服务器的 POST 请求。 POST 请求导致以下错误:

This IRandomAccessStream does not support the GetInputStreamAt method because it requires cloning and this stream does not support cloning.

我了解到这是 link: 上的错误。针对此错误在多个位置提出的解决方法是改用 Windows.Web.Http。但是,如果我这样做,我怎样才能将 default/current 凭据传递给服务器?

这是我使用当前 Windows 凭据在不提示的情况下执行 GET 请求的代码。它完美运行:

System.Net.Http.HttpClientHandler handler = new System.Net.Http.HttpClientHandler
{
    UseDefaultCredentials = true
    // Credentials = (NetworkCredential)System.Net.CredentialCache.DefaultNetworkCredentials
    //using either one of the above enables me to have the web service use the current credentials without prompting
};

string responseContent = string.Empty;

using (System.Net.Http.HttpClient client = new System.Net.Http.HttpClient(handler))
{
    System.Net.Http.HttpRequestMessage requestMessage = new System.Net.Http.HttpRequestMessage();

    requestMessage = new System.Net.Http.HttpRequestMessage
    {
        Method = System.Net.Http.HttpMethod.Get,
        RequestUri = new Uri(strWebServiceURL)

    };

    using (System.Net.Http.HttpResponseMessage response = await client.SendAsync(requestMessage))
    {

        responseContent = await response.Content.ReadAsStringAsync();

    }

    //This also works fine
    using (System.Net.Http.HttpResponseMessage response = await client.GetAsync(strWebServiceURL))
    {

        responseContent = await response.Content.ReadAsStringAsync();

    }

下面是我用来执行 POST 请求的代码,该请求导致 IRandomAccessStream 错误:

System.Net.Http.HttpClientHandler handler = new System.Net.Http.HttpClientHandler
{
    UseDefaultCredentials = true
   // Credentials = (NetworkCredential)System.Net.CredentialCache.DefaultNetworkCredentials
   //using either one of the above enables me to have the web service use the current credentials without prompting
};

string responseContent = string.Empty;

using (System.Net.Http.HttpClient client = new System.Net.Http.HttpClient(handler))
{
    System.Net.Http.HttpRequestMessage requestMessage = new System.Net.Http.HttpRequestMessage();

    requestMessage = new System.Net.Http.HttpRequestMessage
    {
        Content = myMultipartFormDataContent,
        Method = System.Net.Http.HttpMethod.Post,
        RequestUri = new Uri(strWebServiceURL)

    };

    using (System.Net.Http.HttpResponseMessage response = await client.SendAsync(requestMessage))
    {

        responseContent = await response.Content.ReadAsStringAsync();

    }

    //No difference when using it this way as well
    using (System.Net.Http.HttpResponseMessage response = await client.PostAsync(strWebServiceURL, myMultipartFormDataContent))
    {

        responseContent = await response.Content.ReadAsStringAsync();

    } 

我尝试使用 Windows.Web.Http,但我不知道如何让它在没有提示的情况下将 current/default 凭据传递给服务器。

我还将 WebService URL 添加到 IE 本地 Intranet 区域,并将该区域设置为使用当前用户名和密码自动登录:

请帮忙!

有了 UWP 应用中新的 Windows.Web.Http 命名空间,如果您想使用 DefaultCredentials,您只需在清单中打开企业凭据,uwp 应用就会发送它们酌情出。您无需在 HttpClient 上配置任何内容即可使其正常工作。详情请参考this thread.

由于您已经启用了企业凭据功能,因此您可以直接创建 HttpClient 而无需配置。但是为了避免提示用户名和密码,您可能需要禁用UI,例如:

var myFilter = new HttpBaseProtocolFilter();
myFilter.AllowUI = false;
Windows.Web.Http.HttpClient client = new Windows.Web.Http.HttpClient(myFilter);
Windows.Web.Http.HttpResponseMessage result = await client.GetAsync(new Uri("http://localhost:5132/api/values"));