【问题标题】:HttpClient 401 unauthorized at 1st, 3rd, 5th requests but successful at 2nd, 4th, 6th when calling ASP.NET Web APIHttpClient 401 在第 1、3、5 次请求时未经授权,但在第 2、4、6 次调用 ASP.NET Web API 时成功
【发布时间】:2015-10-29 14:40:48
【问题描述】:

使用 httpclient(控制台程序)调用 web api 时遇到一个问题

  • 请求在 1、3、5 等处失败(401,未经授权) 请求
  • 请求在 2nd、4th、6th 等请求成功

Program.cs

static void Main(string[] args)
{
    var token = GlobalVariables.GetAccessToken();
    Console.WriteLine("================================");
    Console.WriteLine("TOKEN");
    Console.WriteLine($"Token : {token.Token}");
    Console.WriteLine($"Expires : {token.ExpiresIn}");
    Console.WriteLine("================================");
    Console.WriteLine("1");
    Console.WriteLine("================================");
    CallApiEndpoint(ApiUrl, token.Token);
    Console.WriteLine("================================");
    Console.WriteLine("2");
    Console.WriteLine("================================");
    CallApiEndpoint(ApiUrl, token.Token);
    Console.WriteLine("================================");
    Console.WriteLine("3");
    Console.WriteLine("================================");
    CallApiEndpoint(ApiUrl, token.Token);
    Console.WriteLine("================================");
    Console.WriteLine("4");
    Console.WriteLine("================================");
    CallApiEndpoint(ApiUrl, token.Token);
    Console.WriteLine("================================");
    Console.WriteLine("5");
    Console.WriteLine("================================");
    CallApiEndpoint(ApiUrl, token.Token);
    Console.WriteLine("================================");
    Console.WriteLine("6");
    Console.WriteLine("================================");
    CallApiEndpoint(ApiUrl, token.Token);
    Console.WriteLine("================================");

    Console.Read();
}

static void CallApiEndpoint(string url, string token)
{
    using (var httpClient = new HttpClient())
    {
        httpClient.BaseAddress = new Uri(BaseUrl);
        httpClient.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("bearer", token);
        var response = httpClient.GetAsync(url).Result;

        if (response.IsSuccessStatusCode)
        {
            Console.WriteLine("Success");
        }
        else
        {
            Console.WriteLine(response.StatusCode);
        }
    }
}

Startup.cs

public void Configuration(IAppBuilder app)
{
    UserManagerFactory = () => new UserManager<User>();
    PublicClientId = "self";

    OAuthOptions = new OAuthAuthorizationServerOptions
    {
        TokenEndpointPath = new PathString("/Token"),
        Provider = new ApplicationOAuthProvider(PublicClientId, UserManagerFactory),
        AccessTokenExpireTimeSpan = TimeSpan.FromHours(1),
        AllowInsecureHttp = true
    };

    app.UseOAuthBearerTokens(OAuthOptions);
    app.UseOAuthBearerAuthentication(new OAuthBearerAuthenticationOptions());
    app.UseCookieAuthentication(new CookieAuthenticationOptions());
}

回应

提前致谢,

【问题讨论】:

    标签: c# asp.net-web-api oauth-2.0 owin


    【解决方案1】:

    经过数周的调查,我终于发现401 unauthorized 是由于基础架构级别的Load Balancer (IIS)。

    所以我只是将MachineKey 放在 web.config 中

    希望对某人有所帮助。

    【讨论】:

    • exaclty 的原因是什么,您是如何配置machineKey 的?
    • @andreycha:原因是load balancer不断切换端点服务器,服务器正在使用machineKey解密和验证令牌
    猜你喜欢
    • 1970-01-01
    • 1970-01-01
    • 2014-06-29
    • 2021-12-19
    • 1970-01-01
    • 1970-01-01
    • 2017-07-06
    • 1970-01-01
    • 2018-12-31
    相关资源
    最近更新 更多