Asp.net web api 服务器上的Web API身份验证
我正在编写一个Windows应用程序,它将与Web API进行通信。以下是我打电话的方式:Asp.net web api 服务器上的Web API身份验证,asp.net-web-api,Asp.net Web Api,我正在编写一个Windows应用程序,它将与Web API进行通信。以下是我打电话的方式: HttpClient client = null; HttpClientHandler handler = new HttpClientHandler() { PreAuthenticate = true, Credentials = CredentialCache.DefaultCredentials }; client = new HttpClient();
HttpClient client = null;
HttpClientHandler handler = new HttpClientHandler() { PreAuthenticate = true, Credentials = CredentialCache.DefaultCredentials };
client = new HttpClient();
client.BaseAddress = new Uri(apiBaseAddress);
var byteArray = Encoding.ASCII.GetBytes(Environment.UserName);
client.DefaultRequestHeaders.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Basic", Convert.ToBase64String(byteArray));
HttpResponseMessage response = client.GetAsync("api/Tickets/AuthenticateUser").Result;
public class BasicAuthenticationWindowsAppAttribute : System.Web.Http.Filters..AuthorizationFilterAttribute
{
public override void OnAuthorization(System.Web.Http.Controllers.HttpActionContext actionContext)
{
if (actionContext.Request.Headers.Authorization == null)
{
actionContext.Response = new System.Net.Http.HttpResponseMessage(System.Net.HttpStatusCode.Unauthorized);
}
else
{
string authToken = actionContext.Request.Headers.Authorization.Parameter;
string Handle = Encoding.UTF8.GetString(Convert.FromBase64String(authToken));
GenericIdentity gi = new GenericIdentity(Handle);
Thread.CurrentPrincipal = new GenericPrincipal(gi, null);
HttpContext.Current.User = Thread.CurrentPrincipal;
Amo_MasterDataEntities amoMasterDataContext = new Amo_MasterDataEntities();
var query = from a in amoMasterDataContext.allassociatemasters
where a.Handle == Handle
select a;
//If Handle is present in AMOMasterData.AllAssociatemaster table
if (query.Count() > 0)
{
//TicketsController tc = new TicketsController();
string assocId = "", fName ="", lName = "";
bool authenticated = false;
foreach (var item in query)
{
assocId = item.AssociateID;
fName = item.FirstName;
lName = item.LastName;
authenticated = true;
}
AuthInfo info = new AuthInfo();
info.AssociateId = assocId;
info.FirstName = fName;
info.LastName = lName;
info.IsAuthenticated = authenticated;
actionContext.Request.Properties.Add(new KeyValuePair<string, object>("AuthInfo", info));
base.OnAuthorization(actionContext);
}
//else return error
else
actionContext.Response = new System.Net.Http.HttpResponseMessage(System.Net.HttpStatusCode.Unauthorized);
}
}
}
公共类基本身份验证WindowsAppAttribute:System.Web.Http.Filters..AuthorizationFilterAttribute
{
授权时的公共覆盖无效(System.Web.Http.Controllers.HttpActionContext actionContext)
{
if(actionContext.Request.Headers.Authorization==null)
{
actionContext.Response=new System.Net.Http.HttpResponseMessage(System.Net.HttpStatusCode.Unauthorized);
}
其他的
{
字符串authToken=actionContext.Request.Headers.Authorization.Parameter;
字符串句柄=Encoding.UTF8.GetString(Convert.FromBase64String(authToken));
GenericEntity gi=新的GenericEntity(句柄);
Thread.CurrentPrincipal=新的GenericPrincipal(gi,null);
HttpContext.Current.User=Thread.CurrentPrincipal;
Amo_MasterDataEntities Amo MasterDataContext=新Amo_MasterDataEntities();
var query=来自amoMasterDataContext.allassociatemasters中的
其中a.Handle==句柄
选择一个;
//如果AMOMasterData.AllAssociatemaster表中存在句柄
if(query.Count()>0)
{
//TicketController tc=新的TicketController();
字符串assocId=“”,fName=“”,lName=“”;
bool=false;
foreach(查询中的var项)
{
assocId=item.AssociateID;
fName=item.FirstName;
lName=item.LastName;
已验证=真;
}
AuthInfo info=新的AuthInfo();
info.AssociateId=assocId;
info.FirstName=fName;
info.LastName=lName;
info.IsAuthenticated=已验证;
actionContext.Request.Properties.Add(新的KeyValuePair(“AuthInfo”,info));
基于授权(actionContext);
}
//else返回错误
其他的
actionContext.Response=new System.Net.Http.HttpResponseMessage(System.Net.HttpStatusCode.Unauthorized);
}
}
}
client = new HttpClient();
client = new HttpClient(handler);
client = new HttpClient();
client = new HttpClient(handler);
这样愚蠢的错误。很抱歉给您添麻烦。如果您取出
OnAuthorizationOnAuthorization