如何制作针对 ASP.NET WebAPI 进行身份验证的客户端？

Question

enter image description here我在 ASP.NET 中创建了 REST API，并使用http://server/token 作为 URL。

标题有

content-type: application/x-www-form-urlencode

body有grant_type作为密码，用户名和密码会得到带有token的json数据。

为了进一步的数据访问令牌，可以使用上述方法与邮递员一起使用

我需要在 Android Studio 或 Xamarin 中实现一个客户端。

因为邮递员中的网址是“example.com/token”； ，然后在内容类型的标题键值中为 ("Content-Type:application/x-www-form-urlencoded) 和在正文键值对中为 (grant_type:password, username:email,password:pass) 和发送后响应采用 json 格式如下 { "access_token": "token", "token_type": "bearer", "expires_in": 1209599, "userName": "mail@gmail.com", ".issued": "Fri , 2016 年 12 月 9 日 19:19:18 GMT”，“.expires”：“周五，2016 年 12 月 23 日 19:19:18 GMT”} 这同样需要在 android 中完成

Answer 1

在您的依赖项中包含 System.Net.Http（需要 Xamarin 配置文件 111），然后您可以使用它创建一个 HttpClient 并通过 HTTP POST（类似于您在 Postman 中所做的）请求令牌，如下所示..

_client = new HttpClient();

var uri = new Uri("http://server/token");
var content = new FormUrlEncodedContent(
        new List<KeyValuePair<string, string>> {
            new KeyValuePair<string, string>("username", _username),
            new KeyValuePair<string, string>("password", _password),
            new KeyValuePair<string, string>("grant_type", "password")
        });
HttpResponseMessage response = await _client.PostAsync(uri, content);

其中 _username 和 _password 是字符串。

然后通过将响应转换为字典或任何其他合理的替代方法来解析 JSON 响应来读取响应。

if (response.StatusCode == HttpStatusCode.OK) {
        var jsonContent = await response.Content.ReadAsStringAsync();
        var responseDict = JsonConvert.DeserializeObject<Dictionary<string, string>>(jsonContent);
        if (responseDict.ContainsKey("access_token"))
            _token = responseDict["access_token"];
}

然后，一旦您拥有令牌，您就可以将其作为该 HttpClient 实例中所有标头的默认授权值包含在内！

_client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", _token);

其中 _token 是令牌，因为它是编码字符串，例如"eyJ0eXAiOiJKV1QiLC..."

刚刚实现了这个并验证了它的正确性 - 我在一个生产环境中运行它，我已经设置了使用 JWT 进行验证，它很有效。

Answer 2

这行得通，它看起来很丑，但你可以改变它

    var authCredentials = "grant_type=password&username=" + WebUtility.UrlEncode(LoginBindingModel.Email) + "&password=" + LoginBindingModel.Password;
    string response = await Client.MakePostFormRequest("token", authCredentials);


public static async Task<string> MakePostFormRequest(string url, string data)
    {
        try
        {
            HttpWebRequest request = (HttpWebRequest)WebRequest.Create(BaseUrl + "token");
            // Set the Method property of the request to POST.
            request.Accept = "*/*";
            request.Method = "POST";

            // Create POST data and convert it to a byte array.
            byte[] byteArray = Encoding.UTF8.GetBytes(data);
            // Set the ContentType property of the WebRequest.
            request.ContentType = "application/x-www-form-urlencoded";
            // Set the ContentLength property of the WebRequest.
            //request.ContentLength = byteArray.Length;
            // Get the request stream.
            Stream dataStream = await request.GetRequestStreamAsync().ConfigureAwait(false);
            // Write the data to the request stream.
            dataStream.Write(byteArray, 0, byteArray.Length);
            // Close the Stream object.
            dataStream.Dispose();
            // Get the response.
            WebResponse response = await request.GetResponseAsync().ConfigureAwait(false);
            // Display the status.
            //Console.WriteLine(((HttpWebResponse)response).StatusDescription);
            // Get the stream containing content returned by the server.
            dataStream = response.GetResponseStream();
            // Open the stream using a StreamReader for easy access.
            StreamReader reader = new StreamReader(dataStream);
            // Read the content.

            string responseFromServer = reader.ReadToEnd();
            // Display the content.
            //Console.WriteLine(responseFromServer);
            // Clean up the streams.
            TokenViewModel TokenViewModel = JsonConvert.DeserializeObject<TokenViewModel >(responseFromServer);
            VariablesGlobales.Token = TokenViewModel.access_token;
            VariablesGlobales.LoginStamp = TokenViewModel.LoginStamp;
            reader.Dispose();
            dataStream.Dispose();
            response.Dispose();

            return responseFromServer;
        }
        catch (Exception ex)
        {
            return "";
        }
    }

当你想要验证你的请求时

public static async Task<string> MakePostRequest(string url, string data)
    {
        var result = "";
        try
        {
            var httpWebRequest = (HttpWebRequest)WebRequest.Create(BaseUrl + url);
            httpWebRequest.ContentType = "application/json; charset=utf-8";
            httpWebRequest.Method = "POST";
            if (VariablesGlobales.Token != "")
            {
                httpWebRequest.Headers[HttpRequestHeader.Authorization] = "Bearer " + VariablesGlobales.Token;
            }

            using (var streamWriter = new StreamWriter(await httpWebRequest.GetRequestStreamAsync().ConfigureAwait(false)))
            {
                streamWriter.Write(data);
                streamWriter.Flush();
            }

            var httpResponse = (HttpWebResponse)(await httpWebRequest.GetResponseAsync().ConfigureAwait(false));

            if (httpResponse.StatusCode.ToString() == "OK")
            {
                result = httpResponse.StatusCode.ToString();
            }
            else
            {
                result = "";
            }

        }

        catch (Exception ex)
        {
            result = "";
        }
        return result;
    }
}