C#httpclient Rest服务身份验证与AWS身份验证对于使用WPF应用程序的Rest服务始终显示未经授权
大家好,我正在尝试验证一个托管在Apache服务器上并使用AWS身份验证的Web服务,我可以运行第一个服务,该服务获取访问Id和访问密钥,第二步是使用我们从步骤1收到的访问密钥对URL进行签名,然后发送第二个请求,该请求的授权头由AWS{AcessId}:{SignedSignature}组成 上述方法可在 现在我实际的.net代码如下C#httpclient Rest服务身份验证与AWS身份验证对于使用WPF应用程序的Rest服务始终显示未经授权,c#,amazon-web-services,authentication,dotnet-httpclient,hmacsha1,C#,Amazon Web Services,Authentication,Dotnet Httpclient,Hmacsha1,大家好,我正在尝试验证一个托管在Apache服务器上并使用AWS身份验证的Web服务,我可以运行第一个服务,该服务获取访问Id和访问密钥,第二步是使用我们从步骤1收到的访问密钥对URL进行签名,然后发送第二个请求,该请求的授权头由AWS{AcessId}:{SignedSignature}组成 上述方法可在 现在我实际的.net代码如下 string datatoencrypt = "GET"+Environment.NewLine + Environment.NewLine + Env
string datatoencrypt = "GET"+Environment.NewLine + Environment.NewLine + Environment.NewLine + isoDate + Environment.NewLine+ "alarms?updatedSince=20170501T2359Z&timeout=30";
GetSecondAPI(sessionInfo.accessKey, sessionInfo.id, datatoencrypt);
public static string Encode(string input, byte[] key)
{
HMACSHA1 myhmacsha1 = new HMACSHA1(key);
byte[] byteArray = Encoding.UTF8.GetBytes(input);
MemoryStream stream = new MemoryStream(byteArray);
return myhmacsha1.ComputeHash(stream).Aggregate("", (s, e) => s + String.Format("{0:x2}", e), s => s);
//return myhmacsha1.ComputeHash(byteArray);
}
public static byte[] ConvertFromStringToHex(string inputHex)
{
inputHex = inputHex.Replace("-", "");
byte[] resultantArray = new byte[inputHex.Length / 2];
for (int i = 0; i < resultantArray.Length; i++)
{
resultantArray[i] = Convert.ToByte(inputHex.Substring(i * 2, 2), 16);
}
return resultantArray;
}
private async void GetSecondAPI(string accessKey, string id, string dataencry)
{
byte[] key = Encoding.UTF8.GetBytes(accessKey);
var details = Encode(dataencry, key);
byte[] data = ConvertFromStringToHex(details);
string base64 = Convert.ToBase64String(data);
using (HttpClient client = new HttpClient())
{
client.BaseAddress = new Uri("https://10.25.11.125:443/api/v1/"); // this is local server so cant test it outside the network
client.DefaultRequestHeaders.Date = DateTime.Now;
string authorization = string.Format("AWS {0}:{1}", id, base64);
client.DefaultRequestHeaders.Add("Authorization","AWS " + id + ":" + base64);
ServicePointManager.ServerCertificateValidationCallback = delegate (
Object obj, X509Certificate certificate, X509Chain chain,
SslPolicyErrors errors)
{
return (true);
};
var response = await client.GetAsync(callURL);
var result = response.Content.ReadAsStringAsync().Result;
}
}
string datatoencrypt=“GET”+Environment.NewLine+Environment.NewLine+isoDate+Environment.NewLine+“报警?更新自=20170501T2359Z&timeout=30”;
GetSecondAPI(sessionInfo.accessKey、sessionInfo.id、datatoencrypt);
公共静态字符串编码(字符串输入,字节[]键)
{
HMACSHA1 myhmacsha1=新的HMACSHA1(键);
byte[]byteArray=Encoding.UTF8.GetBytes(输入);
MemoryStream stream=新的MemoryStream(byteArray);
返回myhmacsha1.ComputeHash(stream.Aggregate(“,(s,e)=>s+String.Format(“{0:x2}”,e),s=>s);
//返回myhmacsha1.ComputeHash(byteArray);
}
公共静态字节[]ConvertFromStringToHex(字符串输入权限)
{
inputHex=inputHex.Replace(“-”,”);
字节[]结果数组=新字节[inputex.Length/2];
for(int i=0;i
这段代码运行得很好,但它给出了一个未经授权的401错误,我想引起问题的部分是datatoencrypt,因为我遵循AWS在其文档中提到的方式,第二个问题可能是.net添加了一些在AWS端未通过授权的头
非常感谢您的帮助