RestSharp Authenticator 跟随 302 重定向
RestSharp Authenticator Follow 302 Redirect
我正在尝试使用 RestSharp 向 API 发出请求。 API 通过将请求重定向到登录服务器、使用基本凭据进行身份验证、获取 cookie,然后重定向回 API 来确保安全。恐怕我无法控制这个。
所以请求的顺序是:
Request Response
---------------------------------------------------------------------------------
1. GET http api server 302 Found to login server
2. GET https login server 401 Unauthorized
3. GET https login server with basic credentials 302 Found to api server with cookies
4. GET http api server with cookies 200 OK
我正在尝试使用 RestSharp 执行此操作。这是我的代码:
var client = new RestClient("api server")
{
Authenticator = new HttpBasicAuthenticator("username", "password")
};
var request = new RestRequest("api path", Method.GET);
var result = client.Execute<TResult>(request).Data;
授权 header 仅在第一次请求时发送。它不遵循任何重定向。
有没有办法让 RestSharp 仅将凭据发送到登录服务器?
不是一直都在吗。 post 堆栈溢出后,您会找到解决方案。
https://github.com/restsharp/RestSharp/issues/414
我必须构建自定义 System.Net.IAuthenticationModule,而不是在 RestClient 上使用 IAuthenticator。这是我的解决方案:
我的 RestSharp 身份验证器
public class MyAuthenticator : IAuthenticator
{
private readonly CredentialCache _credentials = new CredentialCache();
public MyAuthenticator(Uri loginServerUrl, string username, string password)
{
if (loginServerUrl == null)
{
throw new ArgumentNullException("loginServerUrl");
}
__registerAuthenticationModule(loginServerUrl);
_credentials.Add(loginServerUrl, MyAuthenticationModule.TheAuthenticationType, new NetworkCredential(username, password, loginServerUrl.Host));
}
private static MyAuthenticationModule __registerAuthenticationModule(Uri loginServerUrl)
{
IEnumerator registeredModules = AuthenticationManager.RegisteredModules;
MyAuthenticationModule authenticationModule;
while (registeredModules.MoveNext())
{
object current = registeredModules.Current;
if (current is MyAuthenticationModule)
{
authenticationModule = (MyAuthenticationModule)current;
if (authenticationModule.LoginServerUrl.Equals(loginServerUrl))
{
return authenticationModule;
}
}
}
authenticationModule = new MyAuthenticationModule(loginServerUrl);
AuthenticationManager.Register(authenticationModule);
return authenticationModule;
}
public void Authenticate(IRestClient client, IRestRequest request)
{
request.Credentials = _credentials;
}
}
我的 .NET 身份验证模块
public class MyAuthenticationModule : IAuthenticationModule
{
internal const string TheAuthenticationType = "MyAuthentication";
private readonly CredentialCache _credentialCache = new CredentialCache();
private readonly Uri _loginServerUrl;
internal CredentialCache CredentialCache
{
get
{
return _credentialCache;
}
}
internal Uri LoginServerUrl
{
get
{
return _loginServerUrl;
}
}
internal MyAuthenticationModule(Uri loginServerurl)
{
if (loginServerurl == null)
{
throw new ArgumentNullException("loginServerUrl");
}
_loginServerUrl = loginServerurl;
}
public Authorization Authenticate(string challenge, WebRequest request, ICredentials credentials)
{
Authorization result = null;
if (request == null || credentials == null)
{
result = null;
}
else
{
NetworkCredential creds = credentials.GetCredential(LoginServerUrl, TheAuthenticationType);
if (creds == null)
{
return null;
}
ICredentialPolicy policy = AuthenticationManager.CredentialPolicy;
if (policy != null && !policy.ShouldSendCredential(LoginServerUrl, request, creds, this))
{
return null;
}
string token = Convert.ToBase64String(Encoding.UTF8.GetBytes(string.Format("{0}:{1}", creds.UserName, creds.Password)));
result = new Authorization(string.Format("Basic {0}", token));
}
return result;
}
public string AuthenticationType
{
get { return TheAuthenticationType; }
}
public bool CanPreAuthenticate
{
get { return false; }
}
public Authorization PreAuthenticate(WebRequest request, ICredentials credentials)
{
return null;
}
}
像这样添加到 RestSharp 客户端
var client = new RestClient(commonApiUrl)
{
Authenticator = new MyAuthenticator(loginServerUrl, username, password)
};
您只需将 CredentialsCache 对象分配给 Authenticate 方法中的请求即可。
将这些凭据传递给请求表明您允许使用它们的请求,即使对于后续请求(重定向)也是如此。
由此 msdn article:
A CredentialCache will not be removed from the Credentials property when redirecting because WebRequest knows where you will allow your credentials sent. You may also reuse your cache by assigning it to subsequent requests.
因此 RestSharp BasicAuthenticator 实现可能如下所示:
public class BasicAuthenticator : IAuthenticator
{
private readonly string _baseUrl;
private readonly string _userName;
private readonly string _password;
private readonly CredentialCache _credentialCache;
public BasicAuthenticator(string baseUrl, string userName, string password)
{
_baseUrl = baseUrl;
_userName = userName;
_password = password;
_credentialCache = new CredentialCache
{
{new Uri(_baseUrl), "Basic", new NetworkCredential(_userName, _password)}
};
}
public void Authenticate(IRestClient client, IRestRequest request)
{
request.Credentials = _credentialCache;
if (request.Parameters.Any(parameter =>
parameter.Name.Equals("Authorization", StringComparison.OrdinalIgnoreCase)))
{
return;
}
request.AddParameter("Authorization", GetBasicAuthHeaderValue(), ParameterType.HttpHeader);
}
private string GetBasicAuthHeaderValue()
{
return string.Format("Basic {0}",
Convert.ToBase64String(Encoding.ASCII.GetBytes(string.Format("{0}:{1}",
_userName, _password))));
}
}
我正在尝试使用 RestSharp 向 API 发出请求。 API 通过将请求重定向到登录服务器、使用基本凭据进行身份验证、获取 cookie,然后重定向回 API 来确保安全。恐怕我无法控制这个。
所以请求的顺序是:
Request Response
---------------------------------------------------------------------------------
1. GET http api server 302 Found to login server
2. GET https login server 401 Unauthorized
3. GET https login server with basic credentials 302 Found to api server with cookies
4. GET http api server with cookies 200 OK
我正在尝试使用 RestSharp 执行此操作。这是我的代码:
var client = new RestClient("api server")
{
Authenticator = new HttpBasicAuthenticator("username", "password")
};
var request = new RestRequest("api path", Method.GET);
var result = client.Execute<TResult>(request).Data;
授权 header 仅在第一次请求时发送。它不遵循任何重定向。
有没有办法让 RestSharp 仅将凭据发送到登录服务器?
不是一直都在吗。 post 堆栈溢出后,您会找到解决方案。
https://github.com/restsharp/RestSharp/issues/414
我必须构建自定义 System.Net.IAuthenticationModule,而不是在 RestClient 上使用 IAuthenticator。这是我的解决方案:
我的 RestSharp 身份验证器
public class MyAuthenticator : IAuthenticator
{
private readonly CredentialCache _credentials = new CredentialCache();
public MyAuthenticator(Uri loginServerUrl, string username, string password)
{
if (loginServerUrl == null)
{
throw new ArgumentNullException("loginServerUrl");
}
__registerAuthenticationModule(loginServerUrl);
_credentials.Add(loginServerUrl, MyAuthenticationModule.TheAuthenticationType, new NetworkCredential(username, password, loginServerUrl.Host));
}
private static MyAuthenticationModule __registerAuthenticationModule(Uri loginServerUrl)
{
IEnumerator registeredModules = AuthenticationManager.RegisteredModules;
MyAuthenticationModule authenticationModule;
while (registeredModules.MoveNext())
{
object current = registeredModules.Current;
if (current is MyAuthenticationModule)
{
authenticationModule = (MyAuthenticationModule)current;
if (authenticationModule.LoginServerUrl.Equals(loginServerUrl))
{
return authenticationModule;
}
}
}
authenticationModule = new MyAuthenticationModule(loginServerUrl);
AuthenticationManager.Register(authenticationModule);
return authenticationModule;
}
public void Authenticate(IRestClient client, IRestRequest request)
{
request.Credentials = _credentials;
}
}
我的 .NET 身份验证模块
public class MyAuthenticationModule : IAuthenticationModule
{
internal const string TheAuthenticationType = "MyAuthentication";
private readonly CredentialCache _credentialCache = new CredentialCache();
private readonly Uri _loginServerUrl;
internal CredentialCache CredentialCache
{
get
{
return _credentialCache;
}
}
internal Uri LoginServerUrl
{
get
{
return _loginServerUrl;
}
}
internal MyAuthenticationModule(Uri loginServerurl)
{
if (loginServerurl == null)
{
throw new ArgumentNullException("loginServerUrl");
}
_loginServerUrl = loginServerurl;
}
public Authorization Authenticate(string challenge, WebRequest request, ICredentials credentials)
{
Authorization result = null;
if (request == null || credentials == null)
{
result = null;
}
else
{
NetworkCredential creds = credentials.GetCredential(LoginServerUrl, TheAuthenticationType);
if (creds == null)
{
return null;
}
ICredentialPolicy policy = AuthenticationManager.CredentialPolicy;
if (policy != null && !policy.ShouldSendCredential(LoginServerUrl, request, creds, this))
{
return null;
}
string token = Convert.ToBase64String(Encoding.UTF8.GetBytes(string.Format("{0}:{1}", creds.UserName, creds.Password)));
result = new Authorization(string.Format("Basic {0}", token));
}
return result;
}
public string AuthenticationType
{
get { return TheAuthenticationType; }
}
public bool CanPreAuthenticate
{
get { return false; }
}
public Authorization PreAuthenticate(WebRequest request, ICredentials credentials)
{
return null;
}
}
像这样添加到 RestSharp 客户端
var client = new RestClient(commonApiUrl)
{
Authenticator = new MyAuthenticator(loginServerUrl, username, password)
};
您只需将 CredentialsCache 对象分配给 Authenticate 方法中的请求即可。 将这些凭据传递给请求表明您允许使用它们的请求,即使对于后续请求(重定向)也是如此。
由此 msdn article:
A CredentialCache will not be removed from the Credentials property when redirecting because WebRequest knows where you will allow your credentials sent. You may also reuse your cache by assigning it to subsequent requests.
因此 RestSharp BasicAuthenticator 实现可能如下所示:
public class BasicAuthenticator : IAuthenticator
{
private readonly string _baseUrl;
private readonly string _userName;
private readonly string _password;
private readonly CredentialCache _credentialCache;
public BasicAuthenticator(string baseUrl, string userName, string password)
{
_baseUrl = baseUrl;
_userName = userName;
_password = password;
_credentialCache = new CredentialCache
{
{new Uri(_baseUrl), "Basic", new NetworkCredential(_userName, _password)}
};
}
public void Authenticate(IRestClient client, IRestRequest request)
{
request.Credentials = _credentialCache;
if (request.Parameters.Any(parameter =>
parameter.Name.Equals("Authorization", StringComparison.OrdinalIgnoreCase)))
{
return;
}
request.AddParameter("Authorization", GetBasicAuthHeaderValue(), ParameterType.HttpHeader);
}
private string GetBasicAuthHeaderValue()
{
return string.Format("Basic {0}",
Convert.ToBase64String(Encoding.ASCII.GetBytes(string.Format("{0}:{1}",
_userName, _password))));
}
}