如何验证 Prestashop API REST 客户端
How to authenticate Prestashop API REST Client
我使用 Refit 创建了一个调用 Prestashop API 的接口,用于我正在开发的 Bot 应用程序。
为了调用 API,您需要使用我拥有的 Prestashop API 密钥进行身份验证。要使用浏览器查询,我只需要使用以下格式调用 url:
$"https://{ApiKey}@{mypage}.com/api"
并且它使用在 @ 符号之前指定的 Api 密钥进行身份验证。要定义 Refit HttpClient,我在 Startup.cs:
中使用此代码
// This is the ApiUrl from the appsettings.json file
var apiUrl = Configuration.GetSection("PrestashopSettings").GetSection("ApiUrl").Value;
// We add the Api and specify the de/serialization will be XML
services.AddRefitClient<IPrestashopApi>(
new RefitSettings
{
ContentSerializer = new XmlContentSerializer()
})
.ConfigureHttpClient(c => c.BaseAddress = new System.Uri(apiUrl));
然后我将 API 注入我的 类 之一并调用其函数之一。 URL 似乎是正确的,如果我将完整的 URL(基础 + [Get] url)粘贴到浏览器,它会正确地 returns 和 XML。但是当我从应用程序执行它时 returns 一个例外:
Microsoft.Bot.Builder.Integration.AspNet.Core.BotFrameworkHttpAdapter:Error: Exception caught : Refit.ApiException: Response status code does not indicate success: 401 (Unauthorized).
at Refit.RequestBuilderImplementation.<>c__DisplayClass14_0`2.<<BuildCancellableTaskFuncForMethod>b__0>d.MoveNext() in D:\a\s\Refit\RequestBuilderImplementation.cs:line 274
--- End of stack trace from previous location where exception was thrown ---
使用 Refit 的 HttpClient 进行身份验证的正确方法是什么?我做错了什么吗?
更新:
所以我尝试了这个:
public class HttpAuthentication : HttpClientHandler
{
private readonly string Token;
public HttpAuthentication(string token)
{
Token = token ?? throw new ArgumentException(nameof(token));
}
protected override async Task<HttpResponseMessage> SendAsync(HttpRequestMessage request, CancellationToken cancellationToken)
{
var token = Token;
request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", token);
return await base.SendAsync(request, cancellationToken).ConfigureAwait(false);
}
}
我的代码 Startup.cs:
var apiKey = Configuration.GetSection("PrestashopSettings").GetSection("ApiKey").Value;
var storeUrl = Configuration.GetSection("PrestashopSettings").GetSection("StoreUrl").Value;
// We add the Api and specify the de/serialization will be XML, and we specify the Authentication Client.
services.AddRefitClient<IPrestashopApi>(
new RefitSettings
{
ContentSerializer = new XmlContentSerializer()
})
.ConfigureHttpClient((c) => c.BaseAddress = new System.Uri(storeUrl))
.ConfigureHttpMessageHandlerBuilder((c) => new HttpAuthentication(apiKey));
我仍然收到相同的错误消息。
像这样创建 class :
public class AuthenticatedHttp : HttpClientHandler
{
private readonly string Token;
public AuthenticatedHttp(string token)
{
if (token == null)
{
throw new ArgumentNullException(nameof(token));
}
this.Token = token;
}
protected override async Task<HttpResponseMessage> SendAsync(HttpRequestMessage request, CancellationToken cancellationToken)
{
// See if the request has an authorize header
var token = this.Token;
request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", token);
return await base.SendAsync(request, cancellationToken).ConfigureAwait(false);
}
}
并发送令牌给这个 class:
var token = await GetAccessToken();
var RestReq = RestService.For<IPerson>(new HttpClient(new AuthenticatedHttp(token)) { BaseAddress = new Uri(Url) });
好的,我最后想通了。
首先我想指出有两个解决方案。
第一个解决方案
您实际上可以使用您的 API 密钥作为请求参数进行身份验证,它的密钥是 ws_key,因此您可以像这样发送调用:
"https://api.yourapiaddress.com/yourentity?ws_key={API KEY HERE}"
第二种解法
这是我选择的,只是添加了一个Header参数。发现 Prestashop API 1.7 使用带有 API 密钥作为用户名和空白密码的基本授权,所以我在 Startup.cs:
中构建了这样的 header
// Encode your Api Key
String encoded = Convert.ToBase64String(System.Text.Encoding.GetEncoding("ISO-8859-1").GetBytes(apiKey));
// Add the API to DI in Dialog classes
services.AddRefitClient<IPrestashopApi>(
new RefitSettings
{
ContentSerializer = new XmlContentSerializer()
})
.ConfigureHttpClient((c) => c.BaseAddress = new Uri(storeUrl))
.ConfigureHttpClient((c) => c.DefaultRequestHeaders.Add("Authorization", "Basic " + encoded));
我使用了 Retrofit 的 ConfigureHttpClient 功能,但您实际上可以通过创建自己的 HttpClient object 并像这样配置 DefaultRequestHeader 来实现相同的功能。
我使用 Refit 创建了一个调用 Prestashop API 的接口,用于我正在开发的 Bot 应用程序。 为了调用 API,您需要使用我拥有的 Prestashop API 密钥进行身份验证。要使用浏览器查询,我只需要使用以下格式调用 url:
$"https://{ApiKey}@{mypage}.com/api"
并且它使用在 @ 符号之前指定的 Api 密钥进行身份验证。要定义 Refit HttpClient,我在 Startup.cs:
// This is the ApiUrl from the appsettings.json file
var apiUrl = Configuration.GetSection("PrestashopSettings").GetSection("ApiUrl").Value;
// We add the Api and specify the de/serialization will be XML
services.AddRefitClient<IPrestashopApi>(
new RefitSettings
{
ContentSerializer = new XmlContentSerializer()
})
.ConfigureHttpClient(c => c.BaseAddress = new System.Uri(apiUrl));
然后我将 API 注入我的 类 之一并调用其函数之一。 URL 似乎是正确的,如果我将完整的 URL(基础 + [Get] url)粘贴到浏览器,它会正确地 returns 和 XML。但是当我从应用程序执行它时 returns 一个例外:
Microsoft.Bot.Builder.Integration.AspNet.Core.BotFrameworkHttpAdapter:Error: Exception caught : Refit.ApiException: Response status code does not indicate success: 401 (Unauthorized).
at Refit.RequestBuilderImplementation.<>c__DisplayClass14_0`2.<<BuildCancellableTaskFuncForMethod>b__0>d.MoveNext() in D:\a\s\Refit\RequestBuilderImplementation.cs:line 274
--- End of stack trace from previous location where exception was thrown ---
使用 Refit 的 HttpClient 进行身份验证的正确方法是什么?我做错了什么吗?
更新:
所以我尝试了这个:
public class HttpAuthentication : HttpClientHandler
{
private readonly string Token;
public HttpAuthentication(string token)
{
Token = token ?? throw new ArgumentException(nameof(token));
}
protected override async Task<HttpResponseMessage> SendAsync(HttpRequestMessage request, CancellationToken cancellationToken)
{
var token = Token;
request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", token);
return await base.SendAsync(request, cancellationToken).ConfigureAwait(false);
}
}
我的代码 Startup.cs:
var apiKey = Configuration.GetSection("PrestashopSettings").GetSection("ApiKey").Value;
var storeUrl = Configuration.GetSection("PrestashopSettings").GetSection("StoreUrl").Value;
// We add the Api and specify the de/serialization will be XML, and we specify the Authentication Client.
services.AddRefitClient<IPrestashopApi>(
new RefitSettings
{
ContentSerializer = new XmlContentSerializer()
})
.ConfigureHttpClient((c) => c.BaseAddress = new System.Uri(storeUrl))
.ConfigureHttpMessageHandlerBuilder((c) => new HttpAuthentication(apiKey));
我仍然收到相同的错误消息。
像这样创建 class :
public class AuthenticatedHttp : HttpClientHandler
{
private readonly string Token;
public AuthenticatedHttp(string token)
{
if (token == null)
{
throw new ArgumentNullException(nameof(token));
}
this.Token = token;
}
protected override async Task<HttpResponseMessage> SendAsync(HttpRequestMessage request, CancellationToken cancellationToken)
{
// See if the request has an authorize header
var token = this.Token;
request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", token);
return await base.SendAsync(request, cancellationToken).ConfigureAwait(false);
}
}
并发送令牌给这个 class:
var token = await GetAccessToken();
var RestReq = RestService.For<IPerson>(new HttpClient(new AuthenticatedHttp(token)) { BaseAddress = new Uri(Url) });
好的,我最后想通了。 首先我想指出有两个解决方案。
第一个解决方案
您实际上可以使用您的 API 密钥作为请求参数进行身份验证,它的密钥是 ws_key,因此您可以像这样发送调用:
"https://api.yourapiaddress.com/yourentity?ws_key={API KEY HERE}"
第二种解法
这是我选择的,只是添加了一个Header参数。发现 Prestashop API 1.7 使用带有 API 密钥作为用户名和空白密码的基本授权,所以我在 Startup.cs:
// Encode your Api Key
String encoded = Convert.ToBase64String(System.Text.Encoding.GetEncoding("ISO-8859-1").GetBytes(apiKey));
// Add the API to DI in Dialog classes
services.AddRefitClient<IPrestashopApi>(
new RefitSettings
{
ContentSerializer = new XmlContentSerializer()
})
.ConfigureHttpClient((c) => c.BaseAddress = new Uri(storeUrl))
.ConfigureHttpClient((c) => c.DefaultRequestHeaders.Add("Authorization", "Basic " + encoded));
我使用了 Retrofit 的 ConfigureHttpClient 功能,但您实际上可以通过创建自己的 HttpClient object 并像这样配置 DefaultRequestHeader 来实现相同的功能。